accept no compromises
Showing 1 - 17 of 17 RSS Feed

Files Date: 2017-08-04

Microsoft Security Bulletin CVE Update For August, 2017
Posted Aug 4, 2017
Site microsoft.com

This Microsoft bulletin summary lists one CVE that has undergone a major revision increment.

tags | advisory
advisories | CVE-2017-8518
MD5 | 5d39dedd2929b15c5fddc290456c367c
Linux Kernel 4.12 Race Condition
Posted Aug 4, 2017
Authored by Shixiong Zhao, Fan Wu

A race condition was found in the Linux kernel versions 3.14-rc1 through 4.12. The race happens between threads of inotify_handle_event() and vfs_rename() while running the rename operation against the same file. The next slab data or the slab's free list pointer can be corrupted with attacker-controlled data as a result of the race.

tags | advisory, kernel
systems | linux
MD5 | d3c514577c869fcd2c3f13e0f2db0986
Format Factory 4.1.0 DLL Hijacking
Posted Aug 4, 2017
Authored by Kyaw Thiha

Format Factory version 4.1.0 suffers from a dll hijacking vulnerability.

tags | advisory
systems | windows
MD5 | 2f6a638827053943fd37ecf80b624a93
Packet Storm New Exploits For July, 2017
Posted Aug 4, 2017
Authored by Todd J. | Site packetstormsecurity.com

This archive contains all of the 169 exploits added to Packet Storm in July, 2017.

tags | exploit
MD5 | 0dbbad2a57a214ee9f4f09321681a99b
Kernel Live Patch Security Notice LSN-0027-1
Posted Aug 4, 2017
Authored by Benjamin M. Romer

Fan Wu and Shixiong Zhao discovered a race condition between inotify events and vfs rename operations in the Linux kernel. An unprivileged local attacker could use this to cause a denial of service (system crash) or execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux
advisories | CVE-2017-7533
MD5 | 2c08f5ef5e1bba5027586f30d1c6777f
Axis 2100 Network Camera 2.43 Cross Site Scripting
Posted Aug 4, 2017
Authored by Nassim Asrir

Axis 2100 Network Camera version 2.43 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2017-12413
MD5 | ece4df6e4c1f4cd6a9cfc25c4e346144
VirtualBox Windows Process DLL UNC Path Signature Bypass Privilege Escalation
Posted Aug 4, 2017
Authored by James Forshaw, Google Security Research

VirtualBox suffers from a privilege escalation vulnerability due to a windows process DLL UNC path signature bypass vulnerability.

tags | exploit, bypass
systems | windows
advisories | CVE-2017-10129
MD5 | b7b24727a13df6c61f230dfaf8caa4b7
VirtualBox indows Process DLL Signature Bypass Privilege Escalation
Posted Aug 4, 2017
Authored by James Forshaw, Google Security Research

VirtualBox suffers from a privilege escalation vulnerability due to a windows process DLL signature bypass vulnerability.

tags | exploit, bypass
systems | windows
advisories | CVE-2017-10204
MD5 | e1476610f1872866ca63ea58ddd4a886
DNSTracer 1.9 Buffer Overflow
Posted Aug 4, 2017
Authored by j0lama

DNSTracer version 1.9 suffers from a buffer overflow vulnerability.

tags | exploit, overflow
advisories | CVE-2017-9430
MD5 | 2e16347220a1cfdb358f075642a51b5a
Premium Servers List Tracker 1.0 SQL Injection
Posted Aug 4, 2017
Authored by Kaan KAMIS

Premium Servers List Tracker version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 0309c850437fbb50c544f416771cb8a4
EDUMOD Pro 1.3 SQL Injection
Posted Aug 4, 2017
Authored by Kaan KAMIS

EDUMOD Pro version 1.3 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | f46e8beda775ea98ff9dc7d2b03635e7
Muviko 1.0 SQL Injection
Posted Aug 4, 2017
Authored by Kaan KAMIS

Muviko version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | a2f470f94db29897030641d4eb497903
Ubuntu Security Notice USN-3378-2
Posted Aug 4, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3378-2 - USN-3378-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. Fan Wu and Shixiong Zhao discovered a race condition between inotify events and vfs rename operations in the Linux kernel. An unprivileged local attacker could use this to cause a denial of service or execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2017-1000365, CVE-2017-10810, CVE-2017-7482, CVE-2017-7533
MD5 | 83be044752437775050f88aee02fa689
Ubuntu Security Notice USN-3378-1
Posted Aug 4, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3378-1 - Fan Wu and Shixiong Zhao discovered a race condition between inotify events and vfs rename operations in the Linux kernel. An unprivileged local attacker could use this to cause a denial of service or execute arbitrary code. It was discovered that the Linux kernel did not properly restrict RLIMIT_STACK size. A local attacker could use this in conjunction with another vulnerability to possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2017-1000365, CVE-2017-10810, CVE-2017-7482, CVE-2017-7533
MD5 | 9db31ba17dfb34a4396c9ced31bc3759
Ubuntu Security Notice USN-3377-2
Posted Aug 4, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3377-2 - USN-3377-1 fixed vulnerabilities in the Linux kernel for Ubuntu 17.04. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 17.04 for Ubuntu 16.04 LTS. Fan Wu and Shixiong Zhao discovered a race condition between inotify events and vfs rename operations in the Linux kernel. An unprivileged local attacker could use this to cause a denial of service or execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2017-1000365, CVE-2017-10810, CVE-2017-7482, CVE-2017-7533
MD5 | 7252455e3ef2d532a9738ece9b403104
Ubuntu Security Notice USN-3377-1
Posted Aug 4, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3377-1 - Fan Wu and Shixiong Zhao discovered a race condition between inotify events and vfs rename operations in the Linux kernel. An unprivileged local attacker could use this to cause a denial of service or execute arbitrary code. It was discovered that the Linux kernel did not properly restrict RLIMIT_STACK size. A local attacker could use this in conjunction with another vulnerability to possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2017-1000365, CVE-2017-10810, CVE-2017-7482, CVE-2017-7533
MD5 | 9534dcc0dfba019b004a4abde6d30b5f
Red Hat Security Advisory 2017-2418-01
Posted Aug 4, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-2418-01 - Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic. The following packages have been upgraded to a later upstream version: openvswitch. Security Fix: An unsigned int wrap around leading to a buffer over-read was found when parsing OFPT_QUEUE_GET_CONFIG_REPLY messages in Open vSwitch. An attacker could use this flaw to cause a remote DoS.

tags | advisory, remote, protocol
systems | linux, redhat
advisories | CVE-2017-9214, CVE-2017-9263, CVE-2017-9264, CVE-2017-9265
MD5 | e5fa7cc9b84728344ca7051c4b544620
Page 1 of 1
Back1Next

File Archive:

August 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    20 Files
  • 2
    Aug 2nd
    30 Files
  • 3
    Aug 3rd
    20 Files
  • 4
    Aug 4th
    17 Files
  • 5
    Aug 5th
    4 Files
  • 6
    Aug 6th
    2 Files
  • 7
    Aug 7th
    15 Files
  • 8
    Aug 8th
    18 Files
  • 9
    Aug 9th
    10 Files
  • 10
    Aug 10th
    24 Files
  • 11
    Aug 11th
    10 Files
  • 12
    Aug 12th
    3 Files
  • 13
    Aug 13th
    3 Files
  • 14
    Aug 14th
    10 Files
  • 15
    Aug 15th
    16 Files
  • 16
    Aug 16th
    18 Files
  • 17
    Aug 17th
    15 Files
  • 18
    Aug 18th
    17 Files
  • 19
    Aug 19th
    15 Files
  • 20
    Aug 20th
    11 Files
  • 21
    Aug 21st
    15 Files
  • 22
    Aug 22nd
    15 Files
  • 23
    Aug 23rd
    13 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close