exploit the possibilities
Showing 1 - 8 of 8 RSS Feed

Files Date: 2017-10-20

ZKTime Web Software 2.0 Insecure Direct Object Reference
Posted Oct 20, 2017
Authored by Arvind V

ZKTime Web Software version 2.0 suffers from an insecure direct object reference vulnerability.

tags | exploit, web
advisories | CVE-2017-14680
MD5 | b777dd4813f975f9032626bc736f801a
ZKTime Web Software 2.0 Cross Site Request Forgery
Posted Oct 20, 2017
Authored by Arvind V

ZKTime Web Software version 2.0 suffers from a cross site request forgery vulnerability.

tags | exploit, web, csrf
advisories | CVE-2017-13129
MD5 | f8c4d4b15229d25be5aec0554197f32d
Red Hat Security Advisory 2017-2998-01
Posted Oct 20, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-2998-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix: Multiple flaws were discovered in the RMI and Hotspot components in OpenJDK. An untrusted Java application or applet could use these flaws to completely bypass Java sandbox restrictions. It was discovered that the Kerberos client implementation in the Libraries component of OpenJDK used the sname field from the plain text part rather than encrypted part of the KDC reply message. A man-in-the-middle attacker could possibly use this flaw to impersonate Kerberos services to Java applications acting as Kerberos clients.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2017-10274, CVE-2017-10281, CVE-2017-10285, CVE-2017-10295, CVE-2017-10345, CVE-2017-10346, CVE-2017-10347, CVE-2017-10348, CVE-2017-10349, CVE-2017-10350, CVE-2017-10355, CVE-2017-10356, CVE-2017-10357, CVE-2017-10388
MD5 | 9b1e84c860529e0f38c32ad7686287f4
Red Hat Security Advisory 2017-2997-01
Posted Oct 20, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-2997-01 - Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 62.0.3202.62. Security Fix: Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Chromium to crash, execute arbitrary code, or disclose sensitive information when visited by the victim.

tags | advisory, web, arbitrary
systems | linux, redhat
advisories | CVE-2017-15386, CVE-2017-15387, CVE-2017-15388, CVE-2017-15389, CVE-2017-15390, CVE-2017-15391, CVE-2017-15392, CVE-2017-15393, CVE-2017-15394, CVE-2017-15395, CVE-2017-5124, CVE-2017-5125, CVE-2017-5126, CVE-2017-5127, CVE-2017-5128, CVE-2017-5129, CVE-2017-5130, CVE-2017-5131, CVE-2017-5132, CVE-2017-5133
MD5 | b2470576425eef21d5ed10492bfe0a9c
Debian Security Advisory 4003-1
Posted Oct 20, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4003-1 - Daniel P. Berrange reported that Libvirt, a virtualisation abstraction library, does not properly handle the default_tls_x509_verify (and related) parameters in qemu.conf when setting up TLS clients and servers in QEMU, resulting in TLS clients for character devices and disk devices having verification turned off and ignoring any errors while validating the server certificate.

tags | advisory
systems | linux, debian
advisories | CVE-2017-1000256
MD5 | 69848289fe0c4ca73f392494649ad6a5
Debian Security Advisory 4002-1
Posted Oct 20, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4002-1 - Several issues have been discovered in the MySQL database server. The vulnerabilities are addressed by upgrading MySQL to the new upstream version 5.5.58, which includes additional changes, such as performance improvements, bug fixes, new features, and possibly incompatible changes. Please see the MySQL 5.5 Release Notes and Oracle's Critical Patch Update advisory for further details.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2017-10268, CVE-2017-10378, CVE-2017-10379, CVE-2017-10384
MD5 | f2c725729bb0242ef87846c5c977af61
Tenshi Log Monitoring Program 0.17
Posted Oct 20, 2017
Authored by Andrea Barisani | Site dev.inversepath.com

tenshi is a log monitoring program, designed to watch one or more log files for lines matching user defined regular expressions and report on the matches. The regular expressions are assigned to queues which have an alert interval and a list of mail recipients. Queues can be set to send a notification as soon as there is a log line assigned to it, or to send periodic reports.

Changes: Improved logic for dropping privileges to ensure coverage for tail process.
tags | tool, system logging
systems | unix
MD5 | 5ff83250bd5dd8eaf01714e8318ddde8
Mozilla Firefox Username Denial Of Service
Posted Oct 20, 2017
Authored by Amit Sangra

Mozilla Firefox versions prior to 55 suffer from a long username denial of service vulnerability.

tags | exploit, denial of service
advisories | CVE-2017-7783
MD5 | d045383f0ddfecdc908bd3897dc709ce
Page 1 of 1

File Archive:

September 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    14 Files
  • 2
    Sep 2nd
    19 Files
  • 3
    Sep 3rd
    9 Files
  • 4
    Sep 4th
    1 Files
  • 5
    Sep 5th
    2 Files
  • 6
    Sep 6th
    3 Files
  • 7
    Sep 7th
    12 Files
  • 8
    Sep 8th
    22 Files
  • 9
    Sep 9th
    17 Files
  • 10
    Sep 10th
    19 Files
  • 11
    Sep 11th
    3 Files
  • 12
    Sep 12th
    2 Files
  • 13
    Sep 13th
    15 Files
  • 14
    Sep 14th
    16 Files
  • 15
    Sep 15th
    15 Files
  • 16
    Sep 16th
    7 Files
  • 17
    Sep 17th
    13 Files
  • 18
    Sep 18th
    2 Files
  • 19
    Sep 19th
    2 Files
  • 20
    Sep 20th
    14 Files
  • 21
    Sep 21st
    20 Files
  • 22
    Sep 22nd
    28 Files
  • 23
    Sep 23rd
    13 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2020 Packet Storm. All rights reserved.

Security Services
Hosting By