Exploit the possiblities
Showing 1 - 17 of 17 RSS Feed

Files Date: 2017-11-14

Debian Security Advisory 4033-1
Posted Nov 14, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4033-1 - Joseph Bisch discovered that Konversation, an user friendly Internet Relay Chat (IRC) client for KDE, could crash when parsing certain IRC color formatting codes.

tags | advisory
systems | linux, debian
advisories | CVE-2017-15923
MD5 | c39ad49801d4e49b33b837ec354bae1c
Scala 2.x Privilege Escalation
Posted Nov 14, 2017
Authored by Jason Zaugg

Scala versions 2.1.6 through 2.10.6, 2.11.0 through 2.11.11, and 2.12.0 through 2.12.3 suffer from a privilege escalation vulnerability.

tags | advisory
advisories | CVE-2017-15288
MD5 | 76648dc777133a9068e3f0996fddebfe
Ubuntu Security Notice USN-3276-3
Posted Nov 14, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3276-3 - USN-3276-1 and USN-3276-2 fixed vulnerabilities in shadow. This update provides the corresponding update for Ubuntu 12.04 ESM. Sebastian Krahmer discovered integer overflows in shadow utilities. A local attacker could possibly cause them to crash or potentially gain privileges via crafted input. Various other issues were also addressed.

tags | advisory, overflow, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2016-6252, CVE-2017-2616
MD5 | b3c44d45c3cf3b56ca446d0bc127ca24
OpenSCAP Libraries 1.2.16
Posted Nov 14, 2017
Site open-scap.org

The openscap project is a set of open source libraries that support the SCAP (Security Content Automation Protocol) set of standards from NIST. It supports CPE, CCE, CVE, CVSS, OVAL, and XCCDF.

Changes: Over 350 commits from 12 distinct persons. 3 new contributors. 66 Github issues fixed, 59 PRs merged. oscap can generate output that is compatible with STIG Viewer. CVRF parsing and export has been implemented. oscap info command has been expanded. The AIX platform is supported. Many documentation improvements. Numerous other improvements of existing features.
tags | protocol, library
systems | unix
MD5 | 38b43ade77b4b3493571ac12f0f4b3a4
Siemens SICAM RTUs SM-2556 COM Modules XSS / Bypass / Code Execution
Posted Nov 14, 2017
Site sec-consult.com

Siemens SICAM RTUs SM-2556 COM modules (firmware variants ENOS00, ERAC00, ETA2, ETLS00, MODi00, and DNPi00) suffer from authentication bypass, code execution, and cross site scripting vulnerabilities.

tags | exploit, vulnerability, code execution, xss
advisories | CVE-2017-12737, CVE-2017-12738, CVE-2017-12739
MD5 | 3283852a55a15196693165f91cac0937
Ubuntu Security Notice USN-3479-1
Posted Nov 14, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3479-1 - David Rowley discovered that PostgreSQL incorrectly handled memory when processing certain JSON functions. A remote attacker could possibly use this issue to obtain sensitive information. Dean Rasheed discovered that PostgreSQL incorrectly enforced SELECT privileges when processing INSERT ... ON CONFLICT DO UPDATE commands. A remote attacker could possibly use this issue to obtain sensitive information. This issue only affected Ubuntu 16.04 LTS, Ubuntu 17.04 and Ubuntu 17.10. Various other issues were also addressed.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2017-15098, CVE-2017-15099
MD5 | e03a34ee46e7e84843da08c0a1c3bbf8
WordPress DFD Reddcoin Tips 1.1.1 Cross Site Scripting
Posted Nov 14, 2017
Authored by Ricardo Sanchez

WordPress DFD Reddcoin Tips plugin version 1.1.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 1b70914b34048eb9b0dc996a52585241
WordPress AMP Toolbox 1.9.4 Cross Site Scripting
Posted Nov 14, 2017
Authored by Ricardo Sanchez

WordPress AMP Toolbox plugin version 1.9.4 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | b6a83e59a1a7fb15d444d25ce7eab902
WordPress Affiliate Ads For Clickbank Products 1.3 XSS
Posted Nov 14, 2017
Authored by Ricardo Sanchez

WordPress Affiliate Ads for Clickbank Products plugin version 1.3 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | da711e4a4333cb8623f2939e09c9f31a
I2P 0.9.32
Posted Nov 14, 2017
Authored by welterde | Site i2p2.de

I2P is an anonymizing network, offering a simple layer that identity-sensitive applications can use to securely communicate. All data is wrapped with several layers of encryption, and the network is both distributed and dynamic, with no trusted parties. This is the source code release version.

Changes: This release contains a number of fixes in the router console and associated webapps (addressbook, i2psnark, and susimail). Various updates and bug fixes.
tags | tool
systems | unix
MD5 | d11d9f9cc9927dddc9d2089a1aaaeb80
D-Link DIR-850L Unauthenticated Command Execution
Posted Nov 14, 2017
Authored by Mumbai, Zdenda | Site metasploit.com

This Metasploit module leverages an unauthenticated credential disclosure vulnerability to execute arbitrary commands on DIR-850L routers as an authenticated user.

tags | exploit, arbitrary
MD5 | 670314dfdf489f27ab72b01f00cd4dc6
Debian Security Advisory 4032-1
Posted Nov 14, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4032-1 - Various memory handling problems and cases of missing or incomplete input sanitising may result in denial of service, memory disclosure or the execution of arbitrary code if malformed GIF, TTF, SVG, TIFF, PCX, JPG or SFW files are processed.

tags | advisory, denial of service, arbitrary
systems | linux, debian
advisories | CVE-2017-12983, CVE-2017-13134, CVE-2017-13758, CVE-2017-13769, CVE-2017-14224, CVE-2017-14607, CVE-2017-14682, CVE-2017-14989, CVE-2017-15277
MD5 | ed2abc741b4d032c65907e0275aa7e20
Debian Security Advisory 4031-1
Posted Nov 14, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4031-1 - Several vulnerabilities have been discovered in the interpreter for the Ruby language.

tags | advisory, vulnerability, ruby
systems | linux, debian
advisories | CVE-2017-0898, CVE-2017-0903, CVE-2017-10784, CVE-2017-14033
MD5 | 972ec8e478a4d320e8e4ad4533c5b816
Ubuntu Security Notice USN-3478-2
Posted Nov 14, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3478-2 - USN-3478-1 fixed two vulnerabilities in Perl. This update provides the corresponding update for Ubuntu 12.04 ESM. Jakub Wilk discovered that Perl incorrectly handled certain regular expressions. An attacker could use this issue to cause Perl to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, perl, vulnerability
systems | linux, ubuntu
advisories | CVE-2017-12883
MD5 | 6fc7e5e039d31a5a2672a0fdaf7f7380
Red Hat Security Advisory 2017-3195-01
Posted Nov 14, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-3195-01 - The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fix: It was discovered that the httpd's mod_auth_digest module did not properly initialize memory before using it when processing certain headers related to digest authentication. A remote attacker could possibly use this flaw to disclose potentially sensitive information or cause httpd child process to crash by sending specially crafted requests to a server.

tags | advisory, remote, web
systems | linux, redhat
advisories | CVE-2017-3167, CVE-2017-3169, CVE-2017-7679, CVE-2017-9788, CVE-2017-9798
MD5 | 157337568df9416d2ea4f3d3ef8840b7
Red Hat Security Advisory 2017-3194-01
Posted Nov 14, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-3194-01 - The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fix: It was discovered that the httpd's mod_auth_digest module did not properly initialize memory before using it when processing certain headers related to digest authentication. A remote attacker could possibly use this flaw to disclose potentially sensitive information or cause httpd child process to crash by sending specially crafted requests to a server.

tags | advisory, remote, web
systems | linux, redhat
advisories | CVE-2017-3167, CVE-2017-3169, CVE-2017-7668, CVE-2017-7679, CVE-2017-9788, CVE-2017-9798
MD5 | 72bfa46236aff8767f6d5fb2bcb685bc
Ubuntu Security Notice USN-3478-1
Posted Nov 14, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3478-1 - Jakub Wilk discovered that Perl incorrectly handled certain regular expressions. An attacker could use this issue to cause Perl to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, perl
systems | linux, ubuntu
advisories | CVE-2017-12837, CVE-2017-12883
MD5 | 972077314df82317d1a943797ea753ea
Page 1 of 1
Back1Next

File Archive:

November 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    22 Files
  • 2
    Nov 2nd
    28 Files
  • 3
    Nov 3rd
    10 Files
  • 4
    Nov 4th
    1 Files
  • 5
    Nov 5th
    5 Files
  • 6
    Nov 6th
    15 Files
  • 7
    Nov 7th
    15 Files
  • 8
    Nov 8th
    13 Files
  • 9
    Nov 9th
    9 Files
  • 10
    Nov 10th
    9 Files
  • 11
    Nov 11th
    3 Files
  • 12
    Nov 12th
    2 Files
  • 13
    Nov 13th
    15 Files
  • 14
    Nov 14th
    17 Files
  • 15
    Nov 15th
    19 Files
  • 16
    Nov 16th
    15 Files
  • 17
    Nov 17th
    19 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close