Exploit the possiblities
Showing 1 - 17 of 17 RSS Feed

Files Date: 2017-10-24

Ubuntu Security Notice USN-3454-2
Posted Oct 24, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3454-2 - USN-3454-1 fixed a vulnerability in libffi. This update provides the corresponding update for Ubuntu 12.04 ESM.  It was discovered that libffi incorrectly enforced an executable stack. An attacker could possibly use this issue, in combination with another vulnerability, to facilitate executing arbitrary code.

tags | advisory, arbitrary
systems | linux, ubuntu
MD5 | 4ed75fcd920472183eeaa15c68967066
Ubuntu Security Notice USN-3462-1
Posted Oct 24, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3462-1 - Jan PokornA1/2 and Alain Moulle discovered that Pacemaker incorrectly handled the IPC interface. A local attacker could possibly use this issue to execute arbitrary code with root privileges. Alain Moulle discovered that Pacemaker incorrectly handled authentication. A remote attacker could possibly use this issue to shut down connections, leading to a denial of service. This issue only affected Ubuntu 16.04 LTS. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, local, root
systems | linux, ubuntu
advisories | CVE-2016-7035, CVE-2016-7797
MD5 | a5d252d4d1b9c6e38ac137a0ec0f33a1
Red Hat Security Advisory 2017-3047-01
Posted Oct 24, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-3047-01 - Oracle Java SE version 6 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update upgrades Oracle Java SE 6 to version 6 Update 171. Security Fix: This update fixes multiple vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2016-9840, CVE-2016-9841, CVE-2016-9842, CVE-2016-9843, CVE-2017-10274, CVE-2017-10281, CVE-2017-10285, CVE-2017-10293, CVE-2017-10295, CVE-2017-10345, CVE-2017-10346, CVE-2017-10347, CVE-2017-10348, CVE-2017-10349, CVE-2017-10355, CVE-2017-10356, CVE-2017-10357, CVE-2017-10388
MD5 | 416535023fc568d3159b0effb46e9a17
Red Hat Security Advisory 2017-3046-01
Posted Oct 24, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-3046-01 - Oracle Java SE version 7 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update upgrades Oracle Java SE 7 to version 7 Update 161. Security Fix: This update fixes multiple vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2016-10165, CVE-2016-9840, CVE-2016-9841, CVE-2016-9842, CVE-2016-9843, CVE-2017-10274, CVE-2017-10281, CVE-2017-10285, CVE-2017-10293, CVE-2017-10295, CVE-2017-10345, CVE-2017-10346, CVE-2017-10347, CVE-2017-10348, CVE-2017-10349, CVE-2017-10350, CVE-2017-10355, CVE-2017-10356, CVE-2017-10357, CVE-2017-10388
MD5 | 91f933416d3f5f60db5f53926da9cbc0
Red Hat Security Advisory 2017-3018-01
Posted Oct 24, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-3018-01 - The Apache HTTP Server is a powerful, efficient, and extensible web server. The httpd24 packages provide a recent stable release of version 2.4 of the Apache HTTP Server, along with the mod_auth_kerb module. The following packages have been upgraded to a later upstream version: httpd24-httpd. Security Fix: A use-after-free flaw was found in the way httpd handled invalid and previously unregistered HTTP methods specified in the Limit directive used in an .htaccess file. A remote attacker could possibly use this flaw to disclose portions of the server memory, or cause httpd child process to crash.

tags | advisory, remote, web
systems | linux, redhat
advisories | CVE-2017-9798
MD5 | 50d909e594f282c96c036ba5f8bf4137
HP Security Bulletin HPESBHF03779 1
Posted Oct 24, 2017
Authored by HP | Site hp.com

HP Security Bulletin HPESBHF03779 1 - A remotely exploitable denial of service vulnerability has been identified in HPE Fabric OS (FOS) running OpenSSH. This impacts versions prior to FOS v7.4.2. Revision 1 of this advisory.

tags | advisory, denial of service
advisories | CVE-2016-6515
MD5 | 5670c20018dc87ce4fd0d8b1f48d98a6
FS Indiamart Clone SQL Injection
Posted Oct 24, 2017
Authored by 8bitsec

FS Indiamart Clone suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 7309d51595b5912e1cefb44341f55ccf
FS Groupon Clone SQL Injection
Posted Oct 24, 2017
Authored by 8bitsec

FS Groupon Clone suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 799d7b9fe831afaef3ae70d55bfbc30e
Cisco Umbrella Virtual Appliance 2.0.3 Undocumented Support Tunnel
Posted Oct 24, 2017
Authored by David Coomber

Cisco Umbrella Virtual Appliance versions 2.0.3 and below contain an undocumented, auto-initiated reverse SSH tunnel which allows the Cisco Umbrella support team to have persistent and unrestricted access to the virtual appliance.

tags | advisory
systems | cisco
advisories | CVE-2017-6679
MD5 | b176f5aecc3e42a73c69376a8d0395b6
Apple Support iOS Application 1.1.1 Unencrypted Third Party Analytics
Posted Oct 24, 2017
Authored by David Coomber

Apple Support iOS application versions 1.1.1 and below send potentially sensitive information such as mobile carrier, install date and time, number of app launches, device model, iOS version and screen resolution, unencrypted to a third party site (Adobe Marketing Cloud).

tags | advisory
systems | apple, ios
advisories | CVE-2017-7147
MD5 | 228b93dcbffcf65f58e7495bb25a4bb0
FS Lynda Clone SQL Injection
Posted Oct 24, 2017
Authored by 8bitsec

FS Lynda Clone suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 614653fa9bf8cd5478764f0b0e9cab6f
Tuleap 9.6 Second-Order PHP Object Injection
Posted Oct 24, 2017
Authored by EgiX | Site karmainsecurity.com

Tuleap versions 9.6 and below suffer from a second order PHP object injection vulnerability.

tags | advisory, php
advisories | CVE-2017-7411
MD5 | 2a4b257f70f6f54a3226a84d41b3ca08
Mikogo 5.4.1.160608 Local Credentials Disclosure
Posted Oct 24, 2017
Authored by LiquidWorm | Site zeroscience.mk

Mikogo version 5.4.1.160608 is vulnerable to local credential disclosure. The supplied password is stored as a MD5 hash format in memory. A potential attacker could reveal the supplied password hash and re-use it or store it via the configuration file in order to gain access to the account.

tags | exploit, local
MD5 | 419a8443310d3d0785a7ddbe412a4f5d
Red Hat Security Advisory 2017-3005-01
Posted Oct 24, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-3005-01 - Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller framework for web application development. Action Pack implements the controller and the view components. The following packages have been upgraded to a later upstream version: ansible-tower, cfme, cfme-appliance, cfme-gemset, rabbitmq-server, rh-ruby23-rubygem-nokogiri, supervisor.

tags | advisory, web, ruby
systems | linux, redhat
advisories | CVE-2017-11610, CVE-2017-12148
MD5 | c576c19eef4d1a1880fd3f33169b8b2c
Ubuntu Security Notice USN-3434-2
Posted Oct 24, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3434-2 - USN-3434-1 fixed a vulnerability inA A Libidn. This update provides the corresponding update for Ubuntu 12.04 ESM. A It was discovered that Libidn incorrectly handled decoding certain A digits. A remote attacker could use this issue to cause Libidn to A crash, resulting in a denial of service, or possibly execute arbitrary A code. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
MD5 | 7223865ac706e78e879919d526ab403c
FS Car Rental Script SQL Injection
Posted Oct 24, 2017
Authored by 8bitsec

FS Car Rental Script suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 58b18127aa79877f98554756befcfbab
FS Expedia Clone SQL Injection
Posted Oct 24, 2017
Authored by 8bitsec

FS Expedia Clone suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | f63b2ff8cc62729e51cedf4306e0b4c6
Page 1 of 1
Back1Next

File Archive:

December 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    15 Files
  • 2
    Dec 2nd
    2 Files
  • 3
    Dec 3rd
    1 Files
  • 4
    Dec 4th
    15 Files
  • 5
    Dec 5th
    15 Files
  • 6
    Dec 6th
    18 Files
  • 7
    Dec 7th
    17 Files
  • 8
    Dec 8th
    15 Files
  • 9
    Dec 9th
    13 Files
  • 10
    Dec 10th
    4 Files
  • 11
    Dec 11th
    41 Files
  • 12
    Dec 12th
    44 Files
  • 13
    Dec 13th
    25 Files
  • 14
    Dec 14th
    15 Files
  • 15
    Dec 15th
    28 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close