exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 356 RSS Feed

Files Date: 2017-10-01 to 2017-10-31

Lynis Auditing Tool 2.5.7
Posted Oct 30, 2017
Authored by Michael Boelen | Site cisofy.com

Lynis is an auditing tool for Unix (specialists). It scans the system and available software to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated auditing, software patch management, vulnerability and malware scanning of Unix based systems.

Changes: Update of Portuguese translation. Added --silent as alias for --quiet. Reduced screen output when running non-privileged. IsRunning function now allows full name process match.
tags | tool, scanner
systems | unix
SHA-256 | 95a6b8249b729d6c431377015c53724d3d267b74c2c9e5596a4d1c59c15df64c
Microsoft Windows 10 Creators Update 32-bit Ring-0 Code Execution
Posted Oct 30, 2017
Authored by Google Security Research, mjurczyk

Microsoft Windows 10 Creators Update suffers from a 32-bit execution of ring-0 code from NULL page via NtQuerySystemInformation (class 185, Warbird functionality).

tags | advisory
systems | windows
SHA-256 | c9dba87848ba8309e2ef635f11fc4bb02d9040930b2591370ea21e0a1a27b79f
Ubuntu Security Notice USN-3459-2
Posted Oct 30, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3459-2 - USN-3459-1 fixed several vulnerabilities in MySQL. This update provides the corresponding update for Ubuntu 12.04 ESM. A Multiple security issues were discovered in MySQL and this update A includes new upstream MySQL versions to fix these issues. A MySQL has been updated to 5.5.58 in Ubuntu 12.04 ESM. Various other issues were also addressed.

tags | advisory, vulnerability
systems | linux, ubuntu
SHA-256 | 70b7d12d84d4aa5120855332d774f53b647d9460ff4801984bc8ac3daf77b63c
Red Hat Security Advisory 2017-3082-01
Posted Oct 30, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-3082-01 - Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 62.0.3202.75. Security Fix: A flaw was found in the processing of malformed web content. A web page containing malicious content could cause Chromium to crash, execute arbitrary code, or disclose sensitive information when visited by the victim.

tags | advisory, web, arbitrary
systems | linux, redhat
advisories | CVE-2017-15396
SHA-256 | 524807a1eb1bf5c2f6d8bf017f507e705a7e2eb789944a6ac47b26f457f481c4
Ubuntu Security Notice USN-3464-2
Posted Oct 30, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3464-2 - USN-3464-1 fixed several vulnerabilities in Wget. This update provides the corresponding update for Ubuntu 12.04 ESM. A Antti Levomaki, Christian Jalio, and Joonas Pihlaja discovered that Wget incorrectly handled certain HTTP responses. A remote attacker could use this issue to cause Wget to crash, resulting in a denial of A service, or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, remote, web, arbitrary, vulnerability
systems | linux, ubuntu
advisories | CVE-2016-7098, CVE-2017-6508
SHA-256 | 733a73af531d42ae891013006453221a631191deeaaf444b04f58f13f0b49b81
Ubuntu Security Notice USN-3467-1
Posted Oct 30, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3467-1 - It was discovered that Poppler incorrectly handled certain files. If a user or automated system were tricked into opening a crafted PDF file, an attacker could cause a denial of service.

tags | advisory, denial of service
systems | linux, ubuntu
SHA-256 | 1df57a365ac818cf143477b1eb3886c6a673517536df6b6f2e33f24543f43b92
Red Hat Security Advisory 2017-3081-01
Posted Oct 30, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-3081-01 - Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages technologies. Security Fix: A vulnerability was discovered in Tomcat's handling of pipelined requests when "Sendfile" was used. If sendfile processing completed quickly, it was possible for the Processor to be added to the processor cache twice. This could lead to invalid responses or information disclosure. Two vulnerabilities were discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution.

tags | advisory, java, web, vulnerability, code execution, info disclosure
systems | linux, redhat
advisories | CVE-2017-12615, CVE-2017-12617, CVE-2017-5647, CVE-2017-7674
SHA-256 | 5ee983090f72ece9f5cb9792f0c4f5e3483212e72951bcc2f52b90e4f854419f
Red Hat Security Advisory 2017-3080-01
Posted Oct 30, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-3080-01 - Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages technologies. Security Fix: A vulnerability was discovered in Tomcat's handling of pipelined requests when "Sendfile" was used. If sendfile processing completed quickly, it was possible for the Processor to be added to the processor cache twice. This could lead to invalid responses or information disclosure. A vulnerability was discovered in the error page mechanism in Tomcat's DefaultServlet implementation. A crafted HTTP request could cause undesired side effects, possibly including the removal or replacement of the custom error page.

tags | advisory, java, web, info disclosure
systems | linux, redhat
advisories | CVE-2017-12615, CVE-2017-12617, CVE-2017-5647, CVE-2017-5664
SHA-256 | 72e971421dc578d94992998ea2583fa3d26096b02f8d1943c478536a76eccf76
Gentoo Linux Security Advisory 201710-32
Posted Oct 30, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201710-32 - Multiple vulnerabilities have been found in Apache, the worst of which may result in the loss of secrets. Versions less than 2.4.27-r1 are affected.

tags | advisory, vulnerability
systems | linux, gentoo
advisories | CVE-2017-3167, CVE-2017-3169, CVE-2017-7659, CVE-2017-7668, CVE-2017-7679, CVE-2017-9788, CVE-2017-9789
SHA-256 | c4f07281c74492eeee76e5aa05668d9989fff715e4d08bed6c25d2d75755726c
Gentoo Linux Security Advisory 201710-31
Posted Oct 30, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201710-31 - Multiple vulnerabilities have been found in Oracle's JDK and JRE software suites, the worst of which can be remotely exploited without authentication. Versions less than 1.8.0.152-r1 are affected.

tags | advisory, vulnerability
systems | linux, gentoo
advisories | CVE-2017-10274, CVE-2017-10281, CVE-2017-10285, CVE-2017-10293, CVE-2017-10295, CVE-2017-10309, CVE-2017-10345, CVE-2017-10346, CVE-2017-10347, CVE-2017-10348, CVE-2017-10349, CVE-2017-10350, CVE-2017-10355, CVE-2017-10356, CVE-2017-10357, CVE-2017-10388
SHA-256 | 2cf0328599c61e8d96a0c7644ff739c1e26ca5c16e25a38caa81567f6536847e
Gentoo Linux Security Advisory 201710-30
Posted Oct 30, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201710-30 - Multiple vulnerabilities have been found in X.Org Server the worst of which could allow a local attacker to replace shared memory segments. Versions less than 1.19.4 are affected.

tags | advisory, local, vulnerability
systems | linux, gentoo
advisories | CVE-2013-6424, CVE-2017-13721, CVE-2017-13723, CVE-2017-2624
SHA-256 | 63eddffde35de0427f38fd9d9a39600951883ee472d11a47f0c8ae006c4c1d75
Website Broker Script SQL Injection
Posted Oct 30, 2017
Authored by Ihsan Sencan

Website Broker Script suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2017-15992
SHA-256 | 1008f023d20735133678ce895414aae02d18601422947f0bd145a264938f8899
Vastal I-Tech Agent Zone SQL Injection
Posted Oct 30, 2017
Authored by Ihsan Sencan

Vastal I-Tech Agent Zone suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2017-15991
SHA-256 | 3f5b7a2b9b7f01a7cadcc612a82bc00cb35adf711c3131624b53f1d516e5d380
Zomato Clone Script SQL Injection
Posted Oct 30, 2017
Authored by Ihsan Sencan

Zomato Clone Script suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2017-15993
SHA-256 | 751c6587f5acca8dc49e0427d6b5ba66ba13c03b4b77bfaaa4b322146d479027
PHP Inventory Arbitrary File Upload
Posted Oct 30, 2017
Authored by Ihsan Sencan

PHP Inventory suffers from an arbitrary file upload vulnerability.

tags | exploit, arbitrary, php, file upload
advisories | CVE-2017-15990
SHA-256 | 5cb053d150b5b12b4075097eb79ac29ed2b5c952892181b4110e7fc3c1835fa2
Online Exam Test Application SQL Injection
Posted Oct 30, 2017
Authored by Ihsan Sencan

Online Exam Test Application suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2017-15989
SHA-256 | d1e63c11a3df12015c68150cccfa68f6dbbc1e95760ad97160f791dcd93899cb
WordPress Ultimate Product Catalog 4.2.24 PHP Object Injection
Posted Oct 30, 2017
Authored by tomplixsee

WordPress Ultimate Product Catalog plugin versions 4.2.24 and below suffer from a PHP object injection vulnerability.

tags | exploit, php
SHA-256 | 3a32c416cc40f0d2746a5880bfd6ee9b498b22a31a88ccef544429ac5814521e
Gentoo Linux Security Advisory 201710-29
Posted Oct 29, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201710-29 - Multiple vulnerabilities have been found in Asterisk, the worst of which allows remote execution of arbitrary shell commands. Versions less than 11.25.3 are affected.

tags | advisory, remote, arbitrary, shell, vulnerability
systems | linux, gentoo
advisories | CVE-2017-14098, CVE-2017-14099, CVE-2017-14100, CVE-2017-14603
SHA-256 | bbd17aa1a4e50cba5a594dc6393c36347884676996c12b476c34adadfbd094f3
Gentoo Linux Security Advisory 201710-28
Posted Oct 29, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201710-28 - A vulnerability in Jython may lead to arbitrary code execution. Versions less than 2.7.0-r2 are affected.

tags | advisory, arbitrary, code execution
systems | linux, gentoo
SHA-256 | e334f40f5c60cd790418f9ac411648e3d33dc30481b9cbeb569a87b82da458d7
MitraStar DSL-100HN-T1/GPT-2541GNAC Privilege Escalation
Posted Oct 28, 2017
Authored by j0lama

MitraStar DSL-100HN-T1 and GPT-2541GNAC routers suffer from a privilege escalation vulnerability.

tags | exploit
SHA-256 | 5426db97308973a77a4108df438988e172dce98e20172ca1738636474257ce4d
Lynis Auditing Tool 2.5.6
Posted Oct 27, 2017
Authored by Michael Boelen | Site cisofy.com

Lynis is an auditing tool for Unix (specialists). It scans the system and available software to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated auditing, software patch management, vulnerability and malware scanning of Unix based systems.

Changes: Added additional keywords for banners. DirectAdmin extensions. Enhancements to process detection. Spanish translation extended. Extended HP-UX support. Only show relevant messages in report.
tags | tool, scanner
systems | unix
SHA-256 | 3eb0a3b43a90df850a2d6b8f0e3c633ae8995181e44f7e9ced5dff29c5f74c40
Hashcat Advanced Password Recovery 4.0.0 Source Code
Posted Oct 27, 2017
Authored by Kartan | Site hashcat.net

Hashcat is an advanced GPU hash cracking utility that includes the World's fastest md5crypt, phpass, mscash2 and WPA / WPA2 cracker. It also has the first and only GPGPU-based rule engine, focuses on highly iterated modern hashes, single dictionary-based attacks, and more. This is the source code release.

Changes: Added support to crack passwords and salts up to length 256. Added option --optimized-kernel-enable to use faster kernels but limit the maximum supported password- and salt-length. Added self-test functionality to detect broken OpenCL runtimes on startup. Various other additions.
tags | tool, cracker
systems | unix
SHA-256 | 9e8cb81bf26024eca2e117ddf8fd16316af3dd337ecf4e9917acbb1720c13b50
Hashcat Advanced Password Recovery 4.0.0 Binary Release
Posted Oct 27, 2017
Authored by Kartan | Site hashcat.net

Hashcat is an advanced GPU hash cracking utility that includes the World's fastest md5crypt, phpass, mscash2 and WPA / WPA2 cracker. It also has the first and only GPGPU-based rule engine, focuses on highly iterated modern hashes, single dictionary-based attacks, and more. This is the binary release..

Changes: Added support to crack passwords and salts up to length 256. Added option --optimized-kernel-enable to use faster kernels but limit the maximum supported password- and salt-length. Added self-test functionality to detect broken OpenCL runtimes on startup. Various other additions.
tags | tool, cracker
SHA-256 | 4717ee088a07e72857db1f9099cfe1ac72de4222e38b4a635e32a38b60fa6d93
PHP 4.2.0 / 4.2.1 Remote Compromise / Denial Of Service
Posted Oct 27, 2017
Authored by Stefan Esser

PHP versions 4.2.0 and 4.2.1 suffer from an issue where depending on the processor architecture it may be possible for a remote attacker to either crash or compromise the web server.

tags | advisory, remote, web, denial of service, php
SHA-256 | a79bf56468ece73d79827db39c362a796db5dc8b60b2c782645b659672ab1f6b
RSA Authentication Manager 8.2 SP1 P4 Cross Site Scripting
Posted Oct 27, 2017
Site emc.com

RSA Authentication Manager version 8.2 SP1 Patch 5 contains a fix for a reflected cross site scripting vulnerability that could potentially be exploited by malicious users to compromise the affected system.

tags | advisory, xss
advisories | CVE-2017-14373
SHA-256 | 5b5645bda0f2b625a651131b4ff3abe2b01954d607cc2e4a1dd37367741a4bb6
Page 1 of 15
Back12345Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close