the original cloud security
Showing 1 - 13 of 13 RSS Feed

Files Date: 2017-08-23

Automated Logic WebCTRL 6.5 Unrestricted File Upload Remote Code Execution
Posted Aug 23, 2017
Authored by LiquidWorm | Site zeroscience.mk

Automated Logic WebCTRL version 6.5 suffers from an unrestricted file upload vulnerability that allows for remote code execution.

tags | exploit, remote, code execution, file upload
advisories | CVE-2017-9650
MD5 | dfbd662ecb79e969664c3cfd3b845d91
Automated Logic WebCTRL 6.1 Path Traversal Arbitrary File Write
Posted Aug 23, 2017
Authored by LiquidWorm | Site zeroscience.mk

Automated Logic WebCTRL version 6.1 suffers from path traversal and arbitrary file write vulnerabilities.

tags | exploit, arbitrary, vulnerability
advisories | CVE-2017-9640
MD5 | ba74d7e72b8d250b3eb5121245e82a5f
Automated Logic WebCTRL 6.5 Insecure File Permissions Privilege Escalation
Posted Aug 23, 2017
Authored by LiquidWorm | Site zeroscience.mk

Automated Logic WebCTRL version 6.5 suffers from an insecure file permission privilege escalation vulnerability.

tags | exploit
advisories | CVE-2017-9644
MD5 | bfe85c9a0561b977ce1f85fffe2a9011
Progress Sitefinity 9.1 XSS / Session Management / Open Redirect
Posted Aug 23, 2017
Authored by Siddhartha Tripathy, Mingshuo Li | Site sec-consult.com

Progress Sitefinity version 9.1 suffers from cross site scripting, broken session management, and open redirection vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 4afe3027dc44e61418fd14ecec494013
WebClientPrint Processor 2.0.15.109 Unauthorized Proxy Modification
Posted Aug 23, 2017
Site redteam-pentesting.de

RedTeam Pentesting discovered that attackers can configure a proxy host and port to be used when fetching print jobs with WebClientPrint Processor (WCPP). This proxy setting may be distributed via specially crafted websites and is set without any user interaction as soon as the website is accessed. Version 2.0.15.109 is affected.

tags | exploit
MD5 | 65bcf60f4004c2179e69c921c1d0d32e
WebClientPrint Processor 2.0.15.109 Updates Remote Code Execution
Posted Aug 23, 2017
Site redteam-pentesting.de

RedTeam Pentesting discovered that rogue updates trigger a remote code execution vulnerability in WebClientPrint Processor (WCPP). These updates may be distributed through specially crafted websites and are processed without any user interaction as soon as the website is accessed. However, the browser must run with administrative privileges. Version 2.0.15.109 is affected.

tags | exploit, remote, code execution
MD5 | 07b4b9ff9c5b4404c6ff6a8c28c57180
WebClientPrint Processor 2.0.15.109 TLS Validation
Posted Aug 23, 2017
Site redteam-pentesting.de

RedTeam Pentesting discovered that WebClientPrint Processor (WCPP) does not validate TLS certificates when initiating HTTPS connections. Thus, a man-in-the-middle attacker may intercept and/or modify HTTPS traffic in transit. This may result in a disclosure of sensitive information and the integrity of printed documents cannot be guaranteed. Version 2.0.15.109 is affected.

tags | exploit, web
MD5 | 2ab94fee77e67ce1fcb57508ff026f8e
WebClientPrint Processor 2.0.15.190 Print Jobs Remote Code Execution
Posted Aug 23, 2017
Site redteam-pentesting.de

WebClientPrint Processor version 2.0.15.109 suffers from a remote code execution vulnerability via print jobs.

tags | exploit, remote, code execution
MD5 | f0de493e09096c617a8989b48f1d528d
Backdrop CMS 1.7.1 Cross Site Scripting
Posted Aug 23, 2017
Authored by Manuel Garcia Cardenas

Backdrop CMS versions 1.7.1 and below suffer from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | 3a5a51d7bbe3c89f83373c95b27188e1
Red Hat Security Advisory 2017-2524-01
Posted Aug 23, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-2524-01 - Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to managed machines automatically. The following packages have been upgraded to a later upstream version: ansible. Multiple security issues have been addressed.

tags | advisory, remote
systems | linux, redhat
advisories | CVE-2017-7481
MD5 | eeb0e43eadcef23b93b4abe97297f528
Ubuntu Security Notice USN-3401-1
Posted Aug 23, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3401-1 - It was discovered that TeX Live incorrectly handled certain system commands. If a user were tricked into processing a specially crafted TeX file, a remote attacker could execute arbitrary code.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2016-10243
MD5 | 973f0d6d63a7108bfbe41b826faa80e8
Debian Security Advisory 3951-1
Posted Aug 23, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3951-1 - Sebastian Krahmer discovered that a programming error in the mount helper binary of the Smb4k Samba network share browser may result in local privilege escalation.

tags | advisory, local
systems | linux, debian
advisories | CVE-2017-8849
MD5 | cd62ea77e544e3c16423e462608118a7
Debian Security Advisory 3950-1
Posted Aug 23, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3950-1 - Hossein Lotfi and Jakub Jirasek from Secunia Research have discovered multiple vulnerabilities in LibRaw, a library for reading RAW images. An attacker could cause a memory corruption leading to a DoS (Denial of Service) with craft KDC or TIFF file.

tags | advisory, denial of service, vulnerability
systems | linux, debian
advisories | CVE-2017-6886, CVE-2017-6887
MD5 | 6b2dcf3f03044b5b372b42ba49189156
Page 1 of 1
Back1Next

File Archive:

August 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    20 Files
  • 2
    Aug 2nd
    30 Files
  • 3
    Aug 3rd
    20 Files
  • 4
    Aug 4th
    17 Files
  • 5
    Aug 5th
    4 Files
  • 6
    Aug 6th
    2 Files
  • 7
    Aug 7th
    15 Files
  • 8
    Aug 8th
    18 Files
  • 9
    Aug 9th
    10 Files
  • 10
    Aug 10th
    24 Files
  • 11
    Aug 11th
    10 Files
  • 12
    Aug 12th
    3 Files
  • 13
    Aug 13th
    3 Files
  • 14
    Aug 14th
    10 Files
  • 15
    Aug 15th
    16 Files
  • 16
    Aug 16th
    18 Files
  • 17
    Aug 17th
    15 Files
  • 18
    Aug 18th
    17 Files
  • 19
    Aug 19th
    15 Files
  • 20
    Aug 20th
    11 Files
  • 21
    Aug 21st
    15 Files
  • 22
    Aug 22nd
    15 Files
  • 23
    Aug 23rd
    13 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close