what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 18 of 18 RSS Feed

Files Date: 2017-08-08

nZEDb 0.7.3.3 Cross Site Scripting
Posted Aug 8, 2017
Authored by Kushal Jaisingh

nZEDb version 0.7.3.3 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 757d005f6b520fede3eb3727f1000b70a7cba60ba57bf72e6e42c924497fd1a9
Microsoft Security Bulletin CVE Update For August, 2017
Posted Aug 8, 2017
Site microsoft.com

This Microsoft bulletin summary lists multiple CVEs and security bulletins that have undergone a major revision increment.

tags | advisory
advisories | CVE-2017-0071, CVE-2017-0228, CVE-2017-0299
SHA-256 | 161586e64259dc4b705b4ce46b4a0914803be67a146156a1ec784629170dcf5d
Synology Photo Station 6.7.3-3432 / 6.3-2967 Remote Code Execution
Posted Aug 8, 2017
Authored by Kacper Szurek

Synology Photo Station versions 6.7.3-3432 and 6.3-2967 suffer from a code execution vulnerability.

tags | exploit, code execution
advisories | CVE-2017-11151, CVE-2017-11152, CVE-2017-11153, CVE-2017-11154, CVE-2017-11155
SHA-256 | aee069f51577df77fc6d3c899ca3c89aa1f4c3de9f2251ed8ac15f6a9b582141
WildMIDI 0.4.2 Invalid Memory Read
Posted Aug 8, 2017
Authored by qflb.wu

WildMIDI version 0.4.2 suffers from multiple invalid memory read vulnerabilities that can result in a denial of service.

tags | exploit, denial of service, vulnerability
advisories | CVE-2017-11661, CVE-2017-11662, CVE-2017-11663, CVE-2017-11664
SHA-256 | 612fdf77abbe0d5c163e14706f4ce2d0d0d044df31edc4b7ba5f6129a2baafc2
minidjvu 0.8 Invalid Memory Read
Posted Aug 8, 2017
Authored by qflb.wu

minidjvu version 0.8 suffers from multiple invalid memory read vulnerabilities that can result in a denial of service.

tags | exploit, denial of service, vulnerability
advisories | CVE-2017-12441, CVE-2017-12442, CVE-2017-12443, CVE-2017-12444, CVE-2017-12445
SHA-256 | a0f3b6b136bf5a53a4d68b7de9e7314cf7b4d67e1c02588b83b53563379c8b43
Microsoft Security Bulletin Summary For August, 2017
Posted Aug 8, 2017
Site microsoft.com

This Microsoft bulletin lists dozens of updates for August, 2017.

tags | advisory
SHA-256 | b3660056fd3a1e28a4c8696cbe86d46898db7a81d7f714a386e8e033dc64a2fe
Swap Digger 1.0
Posted Aug 8, 2017
Authored by Emeric Nasi

swap_digger is a bash script used to automate Linux swap analysis for post-exploitation or forensics purpose. It automates swap extraction and searches for Linux user credentials, Web form credentials, Web form emails, HTTP basic authentication, WiFi SSID and keys, etc.

tags | tool, web, bash
systems | linux, unix
SHA-256 | 53147e0cf82da4bdc5ee73a8bc75667f3afd51f62351d8d4a1ef19fbcbf6f22f
I2P 0.9.31
Posted Aug 8, 2017
Authored by welterde | Site i2p2.de

I2P is an anonymizing network, offering a simple layer that identity-sensitive applications can use to securely communicate. All data is wrapped with several layers of encryption, and the network is both distributed and dynamic, with no trusted parties. This is the source code release version.

Changes: Various updates and bug fixes.
tags | tool
systems | unix
SHA-256 | 94867fc8ac91eb561598736f6d51773375110db546f8b057c29758b0045931d8
Demystifying Windows Kernel Exploitation By Abusing GDI Objects
Posted Aug 8, 2017
Site sensepost.com

Demystifying Windows Kernel Exploitation by Abusing GDI Objects. This has the Windows 7 SP1 x86 exploit demonstrated at Defcon 25.

tags | exploit, x86, kernel
systems | windows
SHA-256 | 6287c58e621193e7199a983298783aa8371bbb55c1eb72e967dedb90de150e9f
Red Hat Security Advisory 2017-2452-01
Posted Aug 8, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-2452-01 - OpenStack Networking is a pluggable, scalable, and API-driven system that provisions networking services to virtual machines. Its main function is to manage connectivity to and from virtual machines. Security Fix: A race-condition flaw was discovered in openstack-neutron where, following a minor overcloud update, neutron security groups were disabled. Specifically, the following were reset to 0: net.bridge.bridge-nf-call-ip6tables and net.bridge.bridge-nf-call-iptables. The race was only triggered by an update, at which point an attacker could access exposed tenant VMs and network resources.

tags | advisory
systems | linux, redhat
advisories | CVE-2017-7543
SHA-256 | e332da797d136dab5f35b8a55aee5d467b8ffc2e646ac39b1bf719a5381fb561
Red Hat Security Advisory 2017-2447-01
Posted Aug 8, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-2447-01 - OpenStack Networking is a pluggable, scalable, and API-driven system that provisions networking services to virtual machines. Its main function is to manage connectivity to and from virtual machines. Security Fix: A race-condition flaw was discovered in openstack-neutron where, following a minor overcloud update, neutron security groups were disabled. Specifically, the following were reset to 0: net.bridge.bridge-nf-call-arptables, net.bridge.bridge-nf-call-ip6tables, and net.bridge.bridge-nf-call-iptables. The race was only triggered by an update, at which point an attacker could access exposed tenant VMs and network resources.

tags | advisory
systems | linux, redhat
advisories | CVE-2017-7543
SHA-256 | 6f49858c20fc978a17ddcb8ce3cd27ecaba0391a568aaed6ff0540f9b8a81821
Red Hat Security Advisory 2017-2449-01
Posted Aug 8, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-2449-01 - OpenStack Networking is a pluggable, scalable, and API-driven system that provisions networking services to virtual machines. Its main function is to manage connectivity to and from virtual machines. Security Fix: A race-condition flaw was discovered in openstack-neutron where, following a minor overcloud update, neutron security groups were disabled. Specifically, the following were reset to 0: net.bridge.bridge-nf-call-ip6tables and net.bridge.bridge-nf-call-iptables. The race was only triggered by an update, at which point an attacker could access exposed tenant VMs and network resources.

tags | advisory
systems | linux, redhat
advisories | CVE-2017-7543
SHA-256 | 8b30f6b05789306a07e613c91c5e2667da08e978fcf6a5de1413a5956ff9591b
Red Hat Security Advisory 2017-2448-01
Posted Aug 8, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-2448-01 - OpenStack Networking is a pluggable, scalable, and API-driven system that provisions networking services to virtual machines. Its main function is to manage connectivity to and from virtual machines. Security Fix: A race-condition flaw was discovered in openstack-neutron where, following a minor overcloud update, neutron security groups were disabled. Specifically, the following were reset to 0: net.bridge.bridge-nf-call-ip6tables and net.bridge.bridge-nf-call-iptables. The race was only triggered by an update, at which point an attacker could access exposed tenant VMs and network resources.

tags | advisory
systems | linux, redhat
advisories | CVE-2017-7543
SHA-256 | 1cbccfb08fa42b0999e1dd879f15005572bfbf3367c6ad68492bbb48d3bf1234
Red Hat Security Advisory 2017-2451-01
Posted Aug 8, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-2451-01 - OpenStack Networking is a pluggable, scalable, and API-driven system that provisions networking services to virtual machines. Its main function is to manage connectivity to and from virtual machines. Security Fix: A race-condition flaw was discovered in openstack-neutron where, following a minor overcloud update, neutron security groups were disabled. Specifically, the following were reset to 0: net.bridge.bridge-nf-call-ip6tables and net.bridge.bridge-nf-call-iptables. The race was only triggered by an update, at which point an attacker could access exposed tenant VMs and network resources.

tags | advisory
systems | linux, redhat
advisories | CVE-2017-7543
SHA-256 | 0fd69ae991c87f5efd6f8613d49aa915ec40d810af6cc0f1ce47d023553feff2
Red Hat Security Advisory 2017-2450-01
Posted Aug 8, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-2450-01 - OpenStack Networking is a pluggable, scalable, and API-driven system that provisions networking services to virtual machines. Its main function is to manage connectivity to and from virtual machines. Security Fix: A race-condition flaw was discovered in openstack-neutron where, following a minor overcloud update, neutron security groups were disabled. Specifically, the following were reset to 0: net.bridge.bridge-nf-call-ip6tables and net.bridge.bridge-nf-call-iptables. The race was only triggered by an update, at which point an attacker could access exposed tenant VMs and network resources.

tags | advisory
systems | linux, redhat
advisories | CVE-2017-7543
SHA-256 | 623056c231c64973bc7222d56464222367014397b0645b32a0f17c0e8317270e
Red Hat Security Advisory 2017-2445-01
Posted Aug 8, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-2445-01 - Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm package provides the user-space component for running virtual machines that use KVM. Security Fix: Quick Emulator built with the Network Block Device Server support is vulnerable to a crash via a SIGPIPE signal. The crash can occur if a client aborts a connection due to any failure during negotiation or read operation. A remote user/process could use this flaw to crash the qemu-nbd server resulting in a DoS.

tags | advisory, remote, kernel
systems | linux, redhat
advisories | CVE-2017-10664
SHA-256 | 564a8bd494449c806fc2eeae091b4c27627588bc4d2d063bec0ad1ed101993af
Red Hat Security Advisory 2017-2444-01
Posted Aug 8, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-2444-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix: A use-after-free flaw was found in the Linux kernel which enables a race condition in the L2TPv3 IP Encapsulation feature. A local user could use this flaw to escalate their privileges or crash the system. A flaw was found that can be triggered in keyring_search_iterator in keyring.c if type->match is NULL. A local user could use this flaw to crash the system or, potentially, escalate their privileges.

tags | advisory, kernel, local
systems | linux, redhat
advisories | CVE-2015-8970, CVE-2016-10200, CVE-2017-2647
SHA-256 | 1fb9ce595e7c80e760f459ffa8a8b09a3a16c5f8891d2ff710a4383d51d5b053
Red Hat Security Advisory 2017-2437-01
Posted Aug 8, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-2437-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A use-after-free flaw was found in the Linux kernel which enables a race condition in the L2TPv3 IP Encapsulation feature. A local user could use this flaw to escalate their privileges or crash the system. A flaw was found that can be triggered in keyring_search_iterator in keyring.c if type->match is NULL. A local user could use this flaw to crash the system or, potentially, escalate their privileges.

tags | advisory, kernel, local
systems | linux, redhat
advisories | CVE-2015-8970, CVE-2016-10200, CVE-2017-2647, CVE-2017-8797
SHA-256 | 8bf76b236d5b2df60d52f09cd101ddac0fadabb550736b9a086a865e6826e552
Page 1 of 1
Back1Next

File Archive:

September 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    23 Files
  • 2
    Sep 2nd
    12 Files
  • 3
    Sep 3rd
    0 Files
  • 4
    Sep 4th
    0 Files
  • 5
    Sep 5th
    10 Files
  • 6
    Sep 6th
    8 Files
  • 7
    Sep 7th
    30 Files
  • 8
    Sep 8th
    14 Files
  • 9
    Sep 9th
    26 Files
  • 10
    Sep 10th
    0 Files
  • 11
    Sep 11th
    0 Files
  • 12
    Sep 12th
    5 Files
  • 13
    Sep 13th
    28 Files
  • 14
    Sep 14th
    15 Files
  • 15
    Sep 15th
    17 Files
  • 16
    Sep 16th
    9 Files
  • 17
    Sep 17th
    0 Files
  • 18
    Sep 18th
    0 Files
  • 19
    Sep 19th
    12 Files
  • 20
    Sep 20th
    15 Files
  • 21
    Sep 21st
    20 Files
  • 22
    Sep 22nd
    13 Files
  • 23
    Sep 23rd
    12 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close