Exploit the possiblities
Showing 1 - 7 of 7 RSS Feed

Files Date: 2017-08-29

Ubuntu Security Notice USN-3406-2
Posted Aug 29, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3406-2 - USN-3406-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 ESM. It was discovered that an out of bounds read vulnerability existed in the associative array implementation in the Linux kernel. A local attacker could use this to cause a denial of service or expose sensitive information. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2016-7914, CVE-2017-7261, CVE-2017-7273, CVE-2017-7487, CVE-2017-7495, CVE-2017-7616
MD5 | bcb9b54a8a5556c6daf2c16f77e97ad7
Red Hat Security Advisory 2017-2546-01
Posted Aug 29, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-2546-01 - Red Hat JBoss BPM Suite is a business rules and processes management system for the management, storage, creation, modification, and deployment of JBoss rules and BPMN2-compliant business processes. This release of Red Hat JBoss BPM Suite 6.4.5 serves as a replacement for Red Hat JBoss BPM Suite 6.4.4, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Multiple security issues have been addressed.

tags | advisory
systems | linux, redhat
advisories | CVE-2014-9970, CVE-2017-5662, CVE-2017-7525
MD5 | 8bf65f572adf4abf39c4230b8a72f0d9
Red Hat Security Advisory 2017-2547-01
Posted Aug 29, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-2547-01 - Red Hat JBoss BRMS is a business rules management system for the management, storage, creation, modification, and deployment of JBoss Rules. This release of Red Hat JBoss BRMS 6.4.5 serves as a replacement for Red Hat JBoss BRMS 6.4.4, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Security Fix: A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper.

tags | advisory, code execution
systems | linux, redhat
advisories | CVE-2014-9970, CVE-2017-5662, CVE-2017-7525
MD5 | 7d85d8c4e4963b184230b5810640cee0
ifchk 1.0.7
Posted Aug 29, 2017
Authored by noorg | Site noorg.org

Ifchk is a network interface promiscuous mode detection tool that reports on the operational state of all configured interfaces present on the system. In addition, it will disable those interfaces found to be promiscuous if told to do so. Per-interface statistics can also be displayed, allowing administrators to perform traffic trend analysis, which could be an aid in the identification of possible inconsistencies or spikes in network traffic volume that may warrant further investigation.

Changes: Various updates.
tags | tool
systems | unix
MD5 | 5a80d94ed0f5a895e8745170175a8a03
The Next Generation Of Genealogy Sitebuilding SQL Injection
Posted Aug 29, 2017
Authored by X-Cisadane

The Next Generation of Genealogy Sitebuilding versions prior to 11.1.1 suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | e3c770602a7524f088a27921dd461267
QNAP Transcode Server Command Execution
Posted Aug 29, 2017
Authored by 0x00string, Zenofex | Site metasploit.com

This Metasploit module exploits an unauthenticated remote command injection vulnerability in QNAP NAS devices. The transcoding server listens on port 9251 by default and is vulnerable to command injection using the 'rmfile' command. This Metasploit module was tested successfully on a QNAP TS-431 with firmware version 4.3.3.0262 (20170727).

tags | exploit, remote
MD5 | c7f6b8e5f963a733cc5d3c513ba79f4e
Microsoft Windows PPL Process Injection Privilege Escalation
Posted Aug 29, 2017
Authored by James Forshaw, Google Security Research

Microsoft Windows suffers from an issue where it is possible to inject code into a PPL protected process by hijacking COM objects leading to accessing PPL processes such as Lsa and AntiMalware from an administrator.

tags | exploit
systems | windows
MD5 | f56afa12662c26fd335723f194b4b1df
Page 1 of 1
Back1Next

File Archive:

November 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    22 Files
  • 2
    Nov 2nd
    28 Files
  • 3
    Nov 3rd
    10 Files
  • 4
    Nov 4th
    1 Files
  • 5
    Nov 5th
    5 Files
  • 6
    Nov 6th
    15 Files
  • 7
    Nov 7th
    15 Files
  • 8
    Nov 8th
    13 Files
  • 9
    Nov 9th
    9 Files
  • 10
    Nov 10th
    9 Files
  • 11
    Nov 11th
    3 Files
  • 12
    Nov 12th
    2 Files
  • 13
    Nov 13th
    15 Files
  • 14
    Nov 14th
    17 Files
  • 15
    Nov 15th
    19 Files
  • 16
    Nov 16th
    15 Files
  • 17
    Nov 17th
    19 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close