Twenty Year Anniversary
Showing 1 - 8 of 8 RSS Feed

Files Date: 2017-10-20

ZKTime Web Software 2.0 Insecure Direct Object Reference
Posted Oct 20, 2017
Authored by Arvind V

ZKTime Web Software version 2.0 suffers from an insecure direct object reference vulnerability.

tags | exploit, web
advisories | CVE-2017-14680
MD5 | b777dd4813f975f9032626bc736f801a
ZKTime Web Software 2.0 Cross Site Request Forgery
Posted Oct 20, 2017
Authored by Arvind V

ZKTime Web Software version 2.0 suffers from a cross site request forgery vulnerability.

tags | exploit, web, csrf
advisories | CVE-2017-13129
MD5 | f8c4d4b15229d25be5aec0554197f32d
Red Hat Security Advisory 2017-2998-01
Posted Oct 20, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-2998-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix: Multiple flaws were discovered in the RMI and Hotspot components in OpenJDK. An untrusted Java application or applet could use these flaws to completely bypass Java sandbox restrictions. It was discovered that the Kerberos client implementation in the Libraries component of OpenJDK used the sname field from the plain text part rather than encrypted part of the KDC reply message. A man-in-the-middle attacker could possibly use this flaw to impersonate Kerberos services to Java applications acting as Kerberos clients.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2017-10274, CVE-2017-10281, CVE-2017-10285, CVE-2017-10295, CVE-2017-10345, CVE-2017-10346, CVE-2017-10347, CVE-2017-10348, CVE-2017-10349, CVE-2017-10350, CVE-2017-10355, CVE-2017-10356, CVE-2017-10357, CVE-2017-10388
MD5 | 9b1e84c860529e0f38c32ad7686287f4
Red Hat Security Advisory 2017-2997-01
Posted Oct 20, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-2997-01 - Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 62.0.3202.62. Security Fix: Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Chromium to crash, execute arbitrary code, or disclose sensitive information when visited by the victim.

tags | advisory, web, arbitrary
systems | linux, redhat
advisories | CVE-2017-15386, CVE-2017-15387, CVE-2017-15388, CVE-2017-15389, CVE-2017-15390, CVE-2017-15391, CVE-2017-15392, CVE-2017-15393, CVE-2017-15394, CVE-2017-15395, CVE-2017-5124, CVE-2017-5125, CVE-2017-5126, CVE-2017-5127, CVE-2017-5128, CVE-2017-5129, CVE-2017-5130, CVE-2017-5131, CVE-2017-5132, CVE-2017-5133
MD5 | b2470576425eef21d5ed10492bfe0a9c
Debian Security Advisory 4003-1
Posted Oct 20, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4003-1 - Daniel P. Berrange reported that Libvirt, a virtualisation abstraction library, does not properly handle the default_tls_x509_verify (and related) parameters in qemu.conf when setting up TLS clients and servers in QEMU, resulting in TLS clients for character devices and disk devices having verification turned off and ignoring any errors while validating the server certificate.

tags | advisory
systems | linux, debian
advisories | CVE-2017-1000256
MD5 | 69848289fe0c4ca73f392494649ad6a5
Debian Security Advisory 4002-1
Posted Oct 20, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4002-1 - Several issues have been discovered in the MySQL database server. The vulnerabilities are addressed by upgrading MySQL to the new upstream version 5.5.58, which includes additional changes, such as performance improvements, bug fixes, new features, and possibly incompatible changes. Please see the MySQL 5.5 Release Notes and Oracle's Critical Patch Update advisory for further details.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2017-10268, CVE-2017-10378, CVE-2017-10379, CVE-2017-10384
MD5 | f2c725729bb0242ef87846c5c977af61
Tenshi Log Monitoring Program 0.17
Posted Oct 20, 2017
Authored by Andrea Barisani | Site dev.inversepath.com

tenshi is a log monitoring program, designed to watch one or more log files for lines matching user defined regular expressions and report on the matches. The regular expressions are assigned to queues which have an alert interval and a list of mail recipients. Queues can be set to send a notification as soon as there is a log line assigned to it, or to send periodic reports.

Changes: Improved logic for dropping privileges to ensure coverage for tail process.
tags | tool, system logging
systems | unix
MD5 | 5ff83250bd5dd8eaf01714e8318ddde8
Mozilla Firefox Username Denial Of Service
Posted Oct 20, 2017
Authored by Amit Sangra

Mozilla Firefox versions prior to 55 suffer from a long username denial of service vulnerability.

tags | exploit, denial of service
advisories | CVE-2017-7783
MD5 | d045383f0ddfecdc908bd3897dc709ce
Page 1 of 1
Back1Next

Want To Donate?


Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

File Archive:

July 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    1 Files
  • 2
    Jul 2nd
    26 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    11 Files
  • 5
    Jul 5th
    13 Files
  • 6
    Jul 6th
    4 Files
  • 7
    Jul 7th
    4 Files
  • 8
    Jul 8th
    1 Files
  • 9
    Jul 9th
    16 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    32 Files
  • 12
    Jul 12th
    22 Files
  • 13
    Jul 13th
    15 Files
  • 14
    Jul 14th
    1 Files
  • 15
    Jul 15th
    1 Files
  • 16
    Jul 16th
    21 Files
  • 17
    Jul 17th
    15 Files
  • 18
    Jul 18th
    15 Files
  • 19
    Jul 19th
    17 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close