exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 15 of 15 RSS Feed

Files Date: 2017-09-20

Mongoose Embedded Web Server Library 6.8 Buffer Overflow
Posted Sep 20, 2017
Authored by Dobin Rutishauser

Mongoose Embedded Web Server Library versions 6.8 and below suffer from a stack-based buffer overflow vulnerability.

tags | exploit, web, overflow
SHA-256 | 4fb80ad189731d24ec26827f09996fc6817ecce4f5d42ff3a887ceacbec10d9b
Pixie Image Editor 1.7 Server-Side Request Forgery
Posted Sep 20, 2017
Authored by BeiJing Baimaohui Technology Co., LTD.

Pixie Image Editor versions 1.4 and 1.7 suffer from a server-side request forgery vulnerability.

tags | exploit
advisories | CVE-2017-12905
SHA-256 | 4810929f8c991ac10100bb073270d0ab4cae3ded5c49e3be1cd7403684da5f73
Apple Security Advisory 2017-09-20-2
Posted Sep 20, 2017
Authored by Apple | Site apple.com

Apple Security Advisory 2017-09-20-2 - watchOS 4 addresses code execution vulnerabilities.

tags | advisory, vulnerability, code execution
systems | apple
advisories | CVE-2017-7103, CVE-2017-7105, CVE-2017-7108, CVE-2017-7110, CVE-2017-7112, CVE-2017-7116
SHA-256 | f9cdedf252be3c12ad1d0907e2e8a94476a0fcf654d70bf2648b39d50c47b8a3
EMC ViPR SRM for SAS Directory Traversal / Denial Of Service
Posted Sep 20, 2017
Authored by rgod | Site emc.com

EMC ViPR SRM, EMC Storage M and R, EMC VNX M and R, EMC M and R (Watch4Net) for SAS Solution Packs contain directory traversal and denial of service vulnerabilities.

tags | advisory, denial of service, vulnerability
advisories | CVE-2017-8007, CVE-2017-8012
SHA-256 | d8fd541238a290126b690b97c35135c5a00a337a9f9c9294e18f218ff29f8426
Asterisk Project Security Advisory - AST-2017-008
Posted Sep 20, 2017
Authored by Klaus-Peter Junghanns | Site asterisk.org

Asterisk Project Security Advisory - Insufficient RTCP packet validation could allow reading stale buffer contents and when combined with the nat and symmetric_rtp options allow redirecting where Asterisk sends the next RTCP report.

tags | advisory
advisories | CVE-2017-14099
SHA-256 | 313ff9367083c848ad358358e1ef5d2e2cc08ab243a86253a3085a0a2c87e354
Apple Security Advisory 2017-09-20-1
Posted Sep 20, 2017
Authored by Apple | Site apple.com

Apple Security Advisory 2017-09-20-1 - This advisory provides additional information for APPLE-SA-2017-09-19-1 iOS 11.

systems | apple, ios
advisories | CVE-2017-7072, CVE-2017-7085, CVE-2017-7088, CVE-2017-7089, CVE-2017-7097, CVE-2017-7103, CVE-2017-7105, CVE-2017-7106, CVE-2017-7108, CVE-2017-7110, CVE-2017-7112, CVE-2017-7115, CVE-2017-7116, CVE-2017-7118, CVE-2017-7133
SHA-256 | 8aeb5a27b696a6b9371d6de6e28fa2fbc84fc7b2623227bae3da19122efca2d6
Ubuntu Security Notice USN-3414-2
Posted Sep 20, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3414-2 - USN-3414-1 fixed vulnerabilities in QEMU. The patch backport for CVE-2017-9375 was incomplete and caused a regression in the USB xHCI controller emulation support. This update fixes the problem. Leo Gaspard discovered that QEMU incorrectly handled VirtFS access control. A guest attacker could use this issue to elevate privileges inside the guest. Li Qiang discovered that QEMU incorrectly handled VMWare PVSCSI emulation. A privileged attacker inside the guest could use this issue to cause QEMU to consume resources or crash, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, vulnerability
systems | linux, ubuntu
advisories | CVE-2017-10664, CVE-2017-10806, CVE-2017-10911, CVE-2017-11434, CVE-2017-12809, CVE-2017-7493, CVE-2017-8112, CVE-2017-8380, CVE-2017-9060, CVE-2017-9310, CVE-2017-9330, CVE-2017-9373, CVE-2017-9374, CVE-2017-9375, CVE-2017-9503, CVE-2017-9524
SHA-256 | 1d827ba81365c6bdfd6f012da771e75dd4ada8902a22473187bbbf26c49b80d4
Ubuntu Security Notice USN-3425-1
Posted Sep 20, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3425-1 - Hanno Boeck discovered that the Apache HTTP Server incorrectly handled Limit directives in .htaccess files. In certain configurations, a remote attacker could possibly use this issue to read arbitrary server memory, including sensitive information. This issue is known as Optionsbleed.

tags | advisory, remote, web, arbitrary
systems | linux, ubuntu
advisories | CVE-2017-9798
SHA-256 | a1a39c1915ac88f760d98cc7fd6c63b884d3ccb7402a2440e1864e64c6cc73fa
Red Hat Security Advisory 2017-2771-01
Posted Sep 20, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-2771-01 - GNU Emacs is a powerful, customizable, self-documenting text editor. It provides special code editing features, a scripting language, and the capability to read e-mail and news. Security Fix: A command injection flaw within the Emacs "enriched mode" handling has been discovered. By tricking an unsuspecting user into opening a specially crafted file using Emacs, a remote attacker could exploit this flaw to execute arbitrary commands with the privileges of the Emacs user.

tags | advisory, remote, arbitrary
systems | linux, redhat
advisories | CVE-2017-14482
SHA-256 | 28bd09fac5e30458608e8154c11408ed75f185f0abee5e8ea7f00a64c4edf902
Red Hat Security Advisory 2017-2770-01
Posted Sep 20, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-2770-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A race condition was found in the Linux kernel, present since v3.14-rc1 through v4.12. The race happens between threads of inotify_handle_event() and vfs_rename() while running the rename operation against the same file. As a result of the race the next slab data or the slab's free list pointer can be corrupted with attacker-controlled data, which may lead to the privilege escalation.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2017-7533
SHA-256 | 8ce1e8eda24ca99789ffae91e998f600aa35c54fea94475650ac19fd442faa90
WordPress 2kb Amazon Affiliates Store 2.1.0 Cross Site Scripting
Posted Sep 20, 2017
Authored by Ricardo Sanchez

WordPress 2kb Amazon Affiliates Store plugin versions 2.1.0 and below suffer from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 3ae51e465aa8a2ee5523c26071aa889af6b47942e855e9e601be39a1530278ee
Apple Security Advisory 2017-09-19-3
Posted Sep 20, 2017
Authored by Apple | Site apple.com

Apple Security Advisory 2017-09-19-3 - Xcode 9 is now available and addresses code execution and various other vulnerabilities.

tags | advisory, vulnerability, code execution
systems | apple
advisories | CVE-2017-1000117, CVE-2017-7076, CVE-2017-7134, CVE-2017-7135, CVE-2017-7136, CVE-2017-7137, CVE-2017-9800
SHA-256 | b323f39eaec8eb4fc3557dbe54e6dc9f0deb4ab6e1e1465cd32b69c5e7ba3a49
Apple Security Advisory 2017-09-19-2
Posted Sep 20, 2017
Authored by Apple | Site apple.com

Apple Security Advisory 2017-09-19-2 - Safari 11 is now available and addresses address bar spoofing and other vulnerabilities.

tags | advisory, spoof, vulnerability
systems | apple
advisories | CVE-2017-7085, CVE-2017-7089, CVE-2017-7106
SHA-256 | 646b56a1d048967dab28769f1aaf50de1bdc5527808800579ae3d7c67b9fe324
Apple Security Advisory 2017-09-19-1
Posted Sep 20, 2017
Authored by Apple | Site apple.com

Apple Security Advisory 2017-09-19-1 - iOS 11 is now available and addresses cross site scripting, denial of service, and various other vulnerabilities.

tags | advisory, denial of service, vulnerability, xss
systems | cisco, apple, ios
advisories | CVE-2017-7072, CVE-2017-7085, CVE-2017-7088, CVE-2017-7089, CVE-2017-7097, CVE-2017-7106, CVE-2017-7118, CVE-2017-7133
SHA-256 | 865ddf6e4616468e824f454d3cd875358dafbfd0bc8839b6bdf8c0c9a75125c5
Microsoft Security Bulletin Defense In Depth Update For September, 2017
Posted Sep 20, 2017
Site microsoft.com

This Microsoft bulletin summary notes that the ADV170015 Defense in Depth Update has undergone a major revision increment.

tags | advisory
SHA-256 | 0a31b8b3975bdc82af9108af71693dd319cb56d6daf751d66384208beeb54a14
Page 1 of 1
Back1Next

File Archive:

April 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    10 Files
  • 2
    Apr 2nd
    26 Files
  • 3
    Apr 3rd
    40 Files
  • 4
    Apr 4th
    6 Files
  • 5
    Apr 5th
    26 Files
  • 6
    Apr 6th
    0 Files
  • 7
    Apr 7th
    0 Files
  • 8
    Apr 8th
    22 Files
  • 9
    Apr 9th
    14 Files
  • 10
    Apr 10th
    10 Files
  • 11
    Apr 11th
    13 Files
  • 12
    Apr 12th
    14 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    0 Files
  • 16
    Apr 16th
    0 Files
  • 17
    Apr 17th
    0 Files
  • 18
    Apr 18th
    0 Files
  • 19
    Apr 19th
    0 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close