exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 15 of 15 RSS Feed

Files Date: 2017-11-21

Oracle Outside In 8.5.3.0 Denial Of Service
Posted Nov 21, 2017
Authored by Behzad Najjarpour Jabbari | Site secunia.com

Secunia Research has discovered a vulnerability in Oracle Outside In, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an error within the vstif6.dll, which can be exploited to cause an out-of-bounds write memory access. The vulnerability is confirmed in version 8.5.3.

tags | advisory, denial of service
advisories | CVE-2017-10051
SHA-256 | 0bb128f0ffb554a5ec684f320f0107962750c13a805e277aeb88e4558151e774
Mobius Forensic Toolkit 1.0
Posted Nov 21, 2017
Site savannah.nongnu.org

Mobius Forensic Toolkit is a forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files for easy integration with other tools.

Changes: Tons of changes to the C++ and python APIs. Various other changes.
tags | tool, python, forensics
SHA-256 | 38f7cf697ca5101a3413425d16fa5fe912cf9e1f061103f0b7138fd96d40b92e
Faraday 2.7.1
Posted Nov 21, 2017
Authored by Francisco Amato | Site github.com

Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use the available tools in the community to take advantage of them in a multiuser way.

Changes: Fixed bug with tags in models.
tags | tool, rootkit
systems | unix
SHA-256 | 24253d9cafafa96ad86f65701c10afb41ec515d3e8136d465b38dc04fdfb2363
Microsoft Windows win32k!xxxSendMenuSelect Memory Disclosure
Posted Nov 21, 2017
Authored by Google Security Research, mjurczyk

There is a Microsoft Windows kernel stack memory disclosure vulnerability in win32k!xxxSendMenuSelect via fnHkINLPMSG user-mode callback.

tags | advisory, kernel
systems | windows
advisories | CVE-2017-11853
SHA-256 | 29ecb93fa8a796617a90f59536bcfb9ac394c28a5e7d91ca72284eb636894416
Microsoft Windows nt!NtQueryDirectoryFile (luafv!LuafvCopyDirectoryEntry) Disclosure
Posted Nov 21, 2017
Authored by Google Security Research, mjurczyk

It was discovered that the nt!NtQueryDirectoryFile system call discloses portions of uninitialized pool memory to user-mode clients on Windows 10, due to uninitialized fields in the output structure being copied to the application.

tags | exploit
systems | windows
advisories | CVE-2017-11831
SHA-256 | 26b521138b8cf592b692e063a57e00a17c82cb345e491baf906a7173cc27e0ce
Microsoft Windows CI CiSetFileCache TOCTOU Security Feature Bypass
Posted Nov 21, 2017
Authored by James Forshaw, Google Security Research

It is possible to add a cached signing level to an unsigned file by exploiting a TOCTOU in CI leading to circumvention of Device Guard policies and possibly PPL signing levels.

tags | exploit
advisories | CVE-2017-11830
SHA-256 | 10740234534d576953b78d366019b0eaed2b7e2f77b447ea307edd5c886a5515
Microsoft Windows NTFS File System Metadata Disclosures
Posted Nov 21, 2017
Authored by Google Security Research, mjurczyk

The Microsoft Windows Kernel suffers from multiple stack and pool memory disclosures into NTFS file system metadata.

tags | advisory, kernel
systems | windows
advisories | CVE-2017-11880
SHA-256 | 9bb7494ef313febec2f8ee393749b8c35f9776237506d2a47110240296b5f9a0
EMC ScaleIO 2.0.1.x DoS / Buffer Overflow / Information Disclosure
Posted Nov 21, 2017
Authored by David Berard | Site emc.com

EMC ScaleIO versions 2.0.1.3, 2.0.1.2, 2.0.1.1, and 2.0.1 suffer from information disclosure, denial of service, and buffer overflow vulnerabilities.

tags | advisory, denial of service, overflow, vulnerability, info disclosure
advisories | CVE-2017-8001, CVE-2017-8019, CVE-2017-8020
SHA-256 | be050ea74ac79527efbffae6b80e7c3d92d2412e2430c1bda95de7bb39910b78
RSA Authentication Manager 8.2 SP1 P5 Cross Site Scripting
Posted Nov 21, 2017
Authored by Nirmal Kirubakaran | Site emc.com

RSA Authentication Manager versions 8.2 SP1 P5 and below suffer from a stored cross site scripting vulnerability.

tags | advisory, xss
advisories | CVE-2017-14379
SHA-256 | 58d2e95c51a90da59323f5fa851a0ada801c5abcbbd070c9a5b6cf35aceee55d
WordPress Emag Marketplace Connector 1.0 Cross Site Scripting
Posted Nov 21, 2017
Authored by Ricardo Sanchez

WordPress Emag Marketplace Connector plugin version 1.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 5c2ed09784b0611ab8f180cde78430c53f7a6a7b35ad7af2805e86fb40925f3b
WordPress Advanced Post Type Ratings 1.1 Cross Site Scripting
Posted Nov 21, 2017
Authored by Ricardo Sanchez

WordPress Advanced Post Type Ratings plugin version 1.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | f007dd5ad24b38f1874e624e486c48bf1b5ab7db53fc6fb5ea34e51cbfc86e0f
Ubuntu Security Notice USN-3486-2
Posted Nov 21, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3486-2 - USN-3486-1 fixed a vulnerability in Samba. This update provides the corresponding update for Ubuntu 12.04 ESM. Volker Lendecke discovered that Samba incorrectly cleared memory when returning data to a client. A remote attacker could possibly use this issue to obtain sensitive information. Various other issues were also addressed.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2017-15275
SHA-256 | f8ab6fcd5389ee55153023608bb2f0fda540959c098b863139a4d29f84f470f3
WordPress In Link 1.0 SQL Injection
Posted Nov 21, 2017
Authored by Dimopoulos Elias

WordPress In Link plugin version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 954fddf0317fd8286ef8f1e93464d17bc04fc89aabf6582716320bdae4b93c6b
Ubuntu Security Notice USN-3486-1
Posted Nov 21, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3486-1 - Yihan Lian and Zhibin Hu discovered that Samba incorrectly handled memory when processing certain SMB1 requests. A remote attacker could possibly use this issue to execute arbitrary code. Volker Lendecke discovered that Samba incorrectly cleared memory when returning data to a client. A remote attacker could possibly use this issue to obtain sensitive information.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2017-14746, CVE-2017-15275
SHA-256 | 469f99a0aadb2f94e8f7029a33d5d8daffe10b3eee426deea59e5b3f7f44d93a
Ubuntu Security Notice USN-3483-2
Posted Nov 21, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3483-2 - USN-3483-1 fixed a vulnerability in procmail. This update provides the corresponding update for Ubuntu 12.04 ESM. Jakub Wilk discovered that the formail tool incorrectly handled certain malformed mail messages. An attacker could use this flaw to cause formail to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2017-16844
SHA-256 | 241e560ad1546a686673831611b4fc82a69546ecb78985b2954d9c0b78483fec
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close