Exploit the possiblities
Showing 1 - 22 of 22 RSS Feed

Files Date: 2017-08-28

NethServer 7.3.1611 CSRF Create User / Enable SSH Access
Posted Aug 28, 2017
Authored by LiquidWorm | Site zeroscience.mk

NethServer version 7.3.1611 suffers from a cross site request forgery vulnerability that allows you to create a user and enable SSH access.

tags | exploit, csrf
MD5 | 30902b438d0c118a9ace27dab197dbe2
NethServer 7.3.1611 Upload.json CSRF Script Insertion
Posted Aug 28, 2017
Authored by LiquidWorm | Site zeroscience.mk

NethServer version 7.3.1611 suffers from a cross site request forgery script insertion vulnerability in Upload.json.

tags | exploit, csrf
MD5 | a9980262ca1346b7e14b6a1188a41a1d
Debian Security Advisory 3956-1
Posted Aug 28, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3956-1 - Security consultants in NRI Secure Technologies discovered a stack overflow vulnerability in ConnMan, a network manager for embedded devices. An attacker with control of the DNS responses to the DNS proxy in ConnMan might crash the service and, in same cases, remotely execute arbitrary commands in the host running the service.

tags | advisory, overflow, arbitrary
systems | linux, debian
advisories | CVE-2017-12865
MD5 | 8118b9dbba4beccdd09c311bdaace319
Debian Security Advisory 3957-1
Posted Aug 28, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3957-1 - Several vulnerabilities have been discovered in FFmpeg, a multimedia player, server and encoder. These issues could lead to Denial-of-Service and, in some situation, the execution of arbitrary code.

tags | advisory, arbitrary, vulnerability
systems | linux, debian
advisories | CVE-2017-11399, CVE-2017-11665, CVE-2017-11719, CVE-2017-9608, CVE-2017-9993
MD5 | e5f35727547fe9b23ecc37c88142fd54
pyClamd 0.4.0
Posted Aug 28, 2017
Authored by Alexandre Norman | Site xael.org

pyClamd is a python interface to Clamd (Clamav daemon). By using pyClamd, you can add virus detection capabilities to your python software in an efficient and easy way. Instead of pyClamav which uses libclamav, pyClamd may be used by a closed source product.

Changes: The API for this new version is now object oriented. Useful classes are ClamdNetworkSocket and ClamdUnixSocket.
tags | tool, virus, python
systems | unix
MD5 | 176b00f50236fa11eaf1eb75ec8055d8
Red Hat Security Advisory 2017-2538-01
Posted Aug 28, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-2538-01 - Nginx is a web server and a reverse proxy server for HTTP, SMTP, POP3 and IMAP protocols, with a strong focus on high concurrency, performance and low memory usage. Security Fix: A flaw within the processing of ranged HTTP requests has been discovered in the range filter module of nginx. A remote attacker could possibly exploit this flaw to disclose parts of the cache file header, or, if used in combination with third party modules, disclose potentially sensitive memory by sending specially crafted HTTP requests.

tags | advisory, remote, web, imap, protocol
systems | linux, redhat
advisories | CVE-2017-7529
MD5 | bda036ceec782c1988229b248613f104
Ubuntu Security Notice USN-3403-1
Posted Aug 28, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3403-1 - Kamil Frankowicz discovered that Ghostscript mishandles references. A remote attacker could use this to cause a denial of service. Kim Gwan Yeong discovered that Ghostscript could allow a heap-based buffer over-read and application crash. A remote attacker could use a crafted document to cause a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2017-11714, CVE-2017-9612, CVE-2017-9726, CVE-2017-9727, CVE-2017-9739, CVE-2017-9835
MD5 | 9208f40dc0fca6b20b8bd44ffe26dae8
HP Security Bulletin HPESBHF03770 1
Posted Aug 28, 2017
Authored by HP | Site hp.com

HP Security Bulletin HPESBHF03770 1 - A potential security vulnerability has been identified in Comware 7 MSR Routers using PHP, Go, Apache Http Server, and Tomcat. The vulnerability known as "httpoxy" could be remotely exploited to execute arbitrary code. Revision 1 of this advisory.

tags | advisory, web, arbitrary, php
advisories | CVE-2016-5385, CVE-2016-5386, CVE-2016-5387, CVE-2016-5388
MD5 | e89a7ac16ee1b5fb1e53d79ab6e79b09
Ubuntu Security Notice USN-3199-3
Posted Aug 28, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3199-3 - USN-3199-1 fixed a vulnerability in Python Crypto. This update provides the corresponding update for Ubuntu 12.04 ESM. A It was discovered that the ALGnew function in block_templace.c in the A Python Cryptography Toolkit contained a heap-based buffer overflow A vulnerability. A remote attacker could use this flaw to execute A arbitrary code by using a crafted initialization vector parameter. Various other issues were also addressed.

tags | advisory, remote, overflow, arbitrary, crypto, python
systems | linux, ubuntu
MD5 | 268bc2efb224a1765a620d2ba927ba05
Flawfinder 2.0.2
Posted Aug 28, 2017
Authored by David A. Wheeler | Site sourceforge.net

Flawfinder searches through source code for potential security flaws, listing potential security flaws sorted by risk, with the most potentially dangerous flaws shown first. This risk level depends not only on the function, but on the values of the parameters of the function.

Changes: Flawfinder can now run on either Python 2.7 or 3. Added more tests. Implemented additional code cleanups recommended by Pylint. Modified documentation in various ways to clarify things.
tags | tool
systems | unix
MD5 | c9ce3115093bc3b8754b82603c8b2848
MISP 2.4.79 Cross Site Scripting
Posted Aug 28, 2017
Authored by Cedric van Bockhaven, Jurgen Jans

MISP (Malware Information Sharing Platform and Threat Sharing) versions 2.4.79 and below suffer from a cross site scripting vulnerability.

tags | advisory, xss
advisories | CVE-2017-13671
MD5 | 48c1325c037dabcc6976b7e66d262524
Ubuntu Security Notice USN-3406-1
Posted Aug 28, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3406-1 - It was discovered that an out of bounds read vulnerability existed in the associative array implementation in the Linux kernel. A local attacker could use this to cause a denial of service or expose sensitive information. It was discovered that a NULL pointer dereference existed in the Direct Rendering Manager driver for VMWare devices in the Linux kernel. A local attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2016-7914, CVE-2017-7261, CVE-2017-7273, CVE-2017-7487, CVE-2017-7495, CVE-2017-7616
MD5 | ab3d93c5b082693198c7dd03e2550762
Ubuntu Security Notice USN-3405-2
Posted Aug 28, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3405-2 - USN-3405-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. It was discovered that a use-after-free vulnerability existed in the POSIX message queue implementation in the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local, vulnerability
systems | linux, osx, ubuntu
advisories | CVE-2015-7837, CVE-2017-11176, CVE-2017-7495, CVE-2017-7541
MD5 | be8ba4251d1774d576a5d0cbdadc62c4
Ubuntu Security Notice USN-3405-1
Posted Aug 28, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3405-1 - It was discovered that a use-after-free vulnerability existed in the POSIX message queue implementation in the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Huang Weller discovered that the ext4 filesystem implementation in the Linux kernel mishandled a needs-flushing-before-commit list. A local attacker could use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, osx, ubuntu
advisories | CVE-2015-7837, CVE-2017-11176, CVE-2017-7495, CVE-2017-7541
MD5 | 179b8f597770848ddee280743b07f0a7
Ubuntu Security Notice USN-3404-2
Posted Aug 28, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3404-2 - USN-3404-1 fixed a vulnerability in the Linux kernel for Ubuntu 17.04. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 17.04 for Ubuntu 16.04 LTS. A reference count bug was discovered in the Linux kernel ipx protocol stack. A local attacker could exploit this flaw to cause a denial of service or possibly other unspecified problems.

tags | advisory, denial of service, kernel, local, protocol
systems | linux, ubuntu
advisories | CVE-2017-7487
MD5 | a970f8e5eb195519cf353a052dfb1002
Ubuntu Security Notice USN-3404-1
Posted Aug 28, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3404-1 - A reference count bug was discovered in the Linux kernel ipx protocol stack. A local attacker could exploit this flaw to cause a denial of service or possibly other unspecified problems.

tags | advisory, denial of service, kernel, local, protocol
systems | linux, ubuntu
advisories | CVE-2017-7487
MD5 | 0c10766d1d75847f4d3bc58da124b0a0
Matrimony 2.7 Cross Site Request Forgery
Posted Aug 28, 2017
Authored by Ali BawazeEer

Matrimony version 2.7 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | 739ff1451258b5d5a264b09d0b92a4b1
Offensive And Defensive PowerShell
Posted Aug 28, 2017
Authored by Halil Dalabasmaz

Whitepaper called Offensive and Defensive PowerShell. Written in Turkish.

tags | paper
MD5 | 7be9cc28ce3b4845f5306c8fc586420d
Easy RM RMVB To DVD Burner 1.8.11 Buffer Overflow
Posted Aug 28, 2017
Authored by Touhid M.Shaikh

Easy RM RMVB to DVD Burner version 18.11 buffer overflow exploit.

tags | exploit, overflow
MD5 | 51faa8b8c28c6583e8a4c83d92d9b2dd
Posty 1.0 SQL Injection
Posted Aug 28, 2017
Authored by Ali BawazeEer

Posty version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
MD5 | db0f72a6622942ad9f7581d8e6777385
Easy WMV/ASF/ASX To DVD Burner 2.3.11 Buffer Overflow
Posted Aug 28, 2017
Authored by Touhid M.Shaikh

Easy WMV/ASF/ASX to DVD Burner version 2.3.11 buffer overflow exploit.

tags | exploit, overflow
MD5 | f29118120d3fd9918ec8e9645151d130
VX Search Enterprise 10.0.14 Buffer Overflow
Posted Aug 28, 2017
Authored by Nipun Jaswal, Anurag Srivastava

VX Search Enterprise version 10.0.14 remote buffer overflow exploit.

tags | exploit, remote, overflow
advisories | CVE-2017-13708
MD5 | c8f09635695ec66379ee35d50d113636
Page 1 of 1
Back1Next

File Archive:

November 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    22 Files
  • 2
    Nov 2nd
    28 Files
  • 3
    Nov 3rd
    10 Files
  • 4
    Nov 4th
    1 Files
  • 5
    Nov 5th
    5 Files
  • 6
    Nov 6th
    15 Files
  • 7
    Nov 7th
    15 Files
  • 8
    Nov 8th
    13 Files
  • 9
    Nov 9th
    9 Files
  • 10
    Nov 10th
    9 Files
  • 11
    Nov 11th
    3 Files
  • 12
    Nov 12th
    2 Files
  • 13
    Nov 13th
    15 Files
  • 14
    Nov 14th
    17 Files
  • 15
    Nov 15th
    19 Files
  • 16
    Nov 16th
    15 Files
  • 17
    Nov 17th
    19 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close