Exploit the possiblities
Showing 1 - 16 of 16 RSS Feed

Files Date: 2017-10-17

Afian AB FileRun 2017.03.18 CSRF / Shell Upload / XSS / Redirection
Posted Oct 17, 2017
Authored by Roman Ferdigg | Site sec-consult.com

Afian AB FileRun version 2017.03.18 suffers from cross site request forgery, cross site scripting, open redirection, remote shell upload, and various other vulnerabilities.

tags | exploit, remote, shell, vulnerability, xss, csrf
MD5 | 3ff1edbfd9d2d8fe8f706e14236d4010
Linksys E Series CSRF / XSS / Denial Of Service / Header Injection
Posted Oct 17, 2017
Authored by T. Weber | Site sec-consult.com

Linksys E series devices suffer from cross site request forgery, cross site scripting, header injection, denial of service, and various other vulnerabilities.

tags | exploit, denial of service, vulnerability, xss, csrf
MD5 | 0ce91d638136df599d22cc0f4b0e53b1
Gentoo Linux Security Advisory 201710-20
Posted Oct 17, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201710-20 - Multiple vulnerabilities have been found in Nagios, the worst of which could lead to the remote execution of arbitrary code. Versions prior to 4.3.3 are affected.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2016-9565, CVE-2016-9566, CVE-2017-12847
MD5 | 2b1de88a25ee74ea0964d51d9c494380
Red Hat Security Advisory 2017-2908-01
Posted Oct 17, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-2908-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The following packages have been upgraded to a later upstream version: rh-nodejs6-nodejs. Security Fix: It was found that Node.js was using a non-randomized seed when populating hash tables. An attacker, able to supply a large number of inputs, could send specially crafted entries to the Node.js application, maximizing hash collisions to trigger an excessive amount of CPU usage, resulting in a denial of service.

tags | advisory, denial of service, javascript
systems | linux, redhat
advisories | CVE-2017-11499
MD5 | fcced40d7b65fd2217ee8c1369b9741a
Gentoo Linux Security Advisory 201710-19
Posted Oct 17, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201710-19 - Multiple vulnerabilities have been found in libarchive, the worst of which could lead to a Denial of Service condition. Versions less than 3.3.0 are affected.

tags | advisory, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2016-10349, CVE-2016-10350
MD5 | aff8b7df39a6aa55ec6520d0f3c8340b
Red Hat Security Advisory 2017-2905-01
Posted Oct 17, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-2905-01 - Red Hat Single Sign-On is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.1.3 serves as a replacement for Red Hat Single Sign-On 7.1.2, and includes several bug fixes and enhancements. For further information, refer to the Release Notes linked to in the References section. Multiple security issues have been addressed.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2017-12158, CVE-2017-12159, CVE-2017-12160, CVE-2017-12197
MD5 | 0ce1f71a5e8f87f1fa9ff173bbe2f1af
Gentoo Linux Security Advisory 201710-18
Posted Oct 17, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201710-18 - Multiple vulnerabilities have been found in Ruby, the worst of which could lead to the remote execution of arbitrary code. Versions less than 2.2.8 are affected.

tags | advisory, remote, arbitrary, vulnerability, ruby
systems | linux, gentoo
advisories | CVE-2016-2337, CVE-2017-0898, CVE-2017-10784, CVE-2017-14033, CVE-2017-14064
MD5 | 89d9e24a5dcaa9215ac841ad02d0e501
Red Hat Security Advisory 2017-2907-01
Posted Oct 17, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-2907-01 - The wpa_supplicant packages contain an 802.1X Supplicant with support for WEP, WPA, WPA2, and various EAP authentication methods. They implement key negotiation with a WPA Authenticator for client stations and controls the roaming and IEEE 802.11 authentication and association of the WLAN driver. Security Fix: A new exploitation technique called key reinstallation attacks affecting WPA2 has been discovered. A remote attacker within Wi-Fi range could exploit these attacks to decrypt Wi-Fi traffic or possibly inject forged Wi-Fi packets by manipulating cryptographic handshakes used by the WPA2 protocol.

tags | advisory, remote, protocol
systems | linux, redhat
advisories | CVE-2017-13077, CVE-2017-13078, CVE-2017-13080, CVE-2017-13082, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088
MD5 | edcca40ca45172f5c3615e808a7cde11
Gentoo Linux Security Advisory 201710-17
Posted Oct 17, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201710-17 - Multiple vulnerabilities have been found in Xen, the worst of which may allow local attackers to escalate privileges. Versions less than 4.7.3 are affected.

tags | advisory, local, vulnerability
systems | linux, gentoo
advisories | CVE-2017-10912, CVE-2017-10913, CVE-2017-10914, CVE-2017-10915, CVE-2017-10918, CVE-2017-10920, CVE-2017-10921, CVE-2017-10922
MD5 | 63531e2c2da18568085bb8fc3ea2d365
HP Security Bulletin HPESBHF03789 2
Posted Oct 17, 2017
Authored by HP | Site hp.com

HP Security Bulletin HPESBHF03789 2 - A potential security vulnerability has been identified in the "HP Trusted Platform Module 2.0 Option" kit. This optional kit is available for HPE Gen9 systems with firmware version 5.51. The vulnerability in TPM firmware 5.51 is that new mathematical methods exist such that RSA keys generated by the TPM 2.0 with firmware 5.51 are cryptographically weakened. This vulnerability could lead to local and remote unauthorized access to data. Revision 2 of this advisory.

tags | advisory, remote, local
advisories | CVE-2017-15361
MD5 | 6cc8c26e097ef2b276493dd3f2b13fbc
Ubuntu Security Notice USN-3456-1
Posted Oct 17, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3456-1 - It was discovered that the X.Org X server incorrectly handled certain lengths. An attacker able to connect to an X server, either locally or remotely, could use these issues to crash the server, or possibly execute arbitrary code.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2017-12176, CVE-2017-12177, CVE-2017-12178, CVE-2017-12179, CVE-2017-12180, CVE-2017-12181, CVE-2017-12182, CVE-2017-12183, CVE-2017-12184, CVE-2017-12185, CVE-2017-12186, CVE-2017-12187
MD5 | 403867f137e0eb5c84d32de98e4769a2
Webtrekk Pixel Tracking Cross Site Scripting
Posted Oct 17, 2017
Authored by Malte Batram | Site sec-consult.com

Webtrekk Pixel Track versions 3.24 to 3.40, 4.00 to 4.40, and 5.00 to 5.04 suffer from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | b3b27563cb47af66f17f10561156cccc
Red Hat Security Advisory 2017-2899-01
Posted Oct 17, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-2899-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update upgrades Flash Player to version 27.0.0.170. Security Fix: This update fixes one vulnerability in Adobe Flash Player. This vulnerability, detailed in the Adobe Security Bulletin listed in the References section, could allow an attacker to create a specially crafted SWF file that would cause flash-plugin to crash, execute arbitrary code, or disclose sensitive information when the victim loaded a page containing the malicious SWF content.

tags | advisory, web, arbitrary
systems | linux, redhat
advisories | CVE-2017-11292
MD5 | 02ed4445c47e4397935369732ee381d4
Red Hat Security Advisory 2017-2904-01
Posted Oct 17, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-2904-01 - Red Hat Single Sign-On is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.1.3 serves as a replacement for Red Hat Single Sign-On 7.1.2, and includes several bug fixes and enhancements. For further information, refer to the Release Notes linked to in the References section. Multiple security issues have been addressed.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2017-12158, CVE-2017-12159, CVE-2017-12160, CVE-2017-12197
MD5 | 2ebc502ff20b3b7a01bc99ea1dbd4320
Interspire Email Marketer Authentication Bypass
Posted Oct 17, 2017
Authored by Hakan Kusne

Interspire Email Marketer versions prior to 6.1.6 suffered from an administrative authentication bypass vulnerability.

tags | advisory, bypass
advisories | CVE-2017-14322
MD5 | d16b312e6faf1afda94639ee5d1222ef
Red Hat Security Advisory 2017-2906-01
Posted Oct 17, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-2906-01 - Red Hat Single Sign-On 7.1 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. The Node.js adapter provides a simple module for authentication and authorization in Node.js applications. This release of Red Hat Single Sign-On 7.1.3 serves as a replacement for Red Hat Single Sign-On 7.1.2, and includes several bug fixes and enhancements. For further information, refer to the Release Notes linked to in the References section.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2017-12158, CVE-2017-12159, CVE-2017-12160, CVE-2017-12197
MD5 | 95a32325af4c7e800d6d722a26eb8460
Page 1 of 1
Back1Next

File Archive:

December 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    15 Files
  • 2
    Dec 2nd
    2 Files
  • 3
    Dec 3rd
    1 Files
  • 4
    Dec 4th
    15 Files
  • 5
    Dec 5th
    15 Files
  • 6
    Dec 6th
    18 Files
  • 7
    Dec 7th
    17 Files
  • 8
    Dec 8th
    15 Files
  • 9
    Dec 9th
    13 Files
  • 10
    Dec 10th
    4 Files
  • 11
    Dec 11th
    41 Files
  • 12
    Dec 12th
    44 Files
  • 13
    Dec 13th
    25 Files
  • 14
    Dec 14th
    15 Files
  • 15
    Dec 15th
    28 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close