Exploit the possiblities
Showing 1 - 15 of 15 RSS Feed

Files Date: 2017-11-21

Oracle Outside In 8.5.3.0 Denial Of Service
Posted Nov 21, 2017
Authored by Behzad Najjarpour Jabbari | Site secunia.com

Secunia Research has discovered a vulnerability in Oracle Outside In, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an error within the vstif6.dll, which can be exploited to cause an out-of-bounds write memory access. The vulnerability is confirmed in version 8.5.3.

tags | advisory, denial of service
advisories | CVE-2017-10051
MD5 | bdc22c69b052856b0db167f9e384ee95
Mobius Forensic Toolkit 1.0
Posted Nov 21, 2017
Site savannah.nongnu.org

Mobius Forensic Toolkit is a forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files for easy integration with other tools.

Changes: Tons of changes to the C++ and python APIs. Various other changes.
tags | tool, python, forensics
MD5 | 87c57ac832fccbc31880ac0b718e0b04
Faraday 2.7.1
Posted Nov 21, 2017
Authored by Francisco Amato | Site github.com

Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use the available tools in the community to take advantage of them in a multiuser way.

Changes: Fixed bug with tags in models.
tags | tool, rootkit
systems | unix
MD5 | 57c6f0239b7a75885e0e5aa6653a6106
Microsoft Windows win32k!xxxSendMenuSelect Memory Disclosure
Posted Nov 21, 2017
Authored by Google Security Research, mjurczyk

There is a Microsoft Windows kernel stack memory disclosure vulnerability in win32k!xxxSendMenuSelect via fnHkINLPMSG user-mode callback.

tags | advisory, kernel
systems | windows
advisories | CVE-2017-11853
MD5 | df47cad4c0563e46c4d01e39c825ee89
Microsoft Windows nt!NtQueryDirectoryFile (luafv!LuafvCopyDirectoryEntry) Disclosure
Posted Nov 21, 2017
Authored by Google Security Research, mjurczyk

It was discovered that the nt!NtQueryDirectoryFile system call discloses portions of uninitialized pool memory to user-mode clients on Windows 10, due to uninitialized fields in the output structure being copied to the application.

tags | exploit
systems | windows
advisories | CVE-2017-11831
MD5 | 819fa28825ba821d4b6515b916dd256a
Microsoft Windows CI CiSetFileCache TOCTOU Security Feature Bypass
Posted Nov 21, 2017
Authored by James Forshaw, Google Security Research

It is possible to add a cached signing level to an unsigned file by exploiting a TOCTOU in CI leading to circumvention of Device Guard policies and possibly PPL signing levels.

tags | exploit
advisories | CVE-2017-11830
MD5 | 8ebc146325ec05100a1d36b627380a7b
Microsoft Windows NTFS File System Metadata Disclosures
Posted Nov 21, 2017
Authored by Google Security Research, mjurczyk

The Microsoft Windows Kernel suffers from multiple stack and pool memory disclosures into NTFS file system metadata.

tags | advisory, kernel
systems | windows
advisories | CVE-2017-11880
MD5 | 82f8fc385cb8e1d9907a4dbdb347c2e4
EMC ScaleIO 2.0.1.x DoS / Buffer Overflow / Information Disclosure
Posted Nov 21, 2017
Authored by David Berard | Site emc.com

EMC ScaleIO versions 2.0.1.3, 2.0.1.2, 2.0.1.1, and 2.0.1 suffer from information disclosure, denial of service, and buffer overflow vulnerabilities.

tags | advisory, denial of service, overflow, vulnerability, info disclosure
advisories | CVE-2017-8001, CVE-2017-8019, CVE-2017-8020
MD5 | ac99803ad3a4eadd99ad32cc43d3ac13
RSA Authentication Manager 8.2 SP1 P5 Cross Site Scripting
Posted Nov 21, 2017
Authored by Nirmal Kirubakaran | Site emc.com

RSA Authentication Manager versions 8.2 SP1 P5 and below suffer from a stored cross site scripting vulnerability.

tags | advisory, xss
advisories | CVE-2017-14379
MD5 | 98b56083996dc724062af46fed8262b5
WordPress Emag Marketplace Connector 1.0 Cross Site Scripting
Posted Nov 21, 2017
Authored by Ricardo Sanchez

WordPress Emag Marketplace Connector plugin version 1.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | c8259171cfc851752080208d056d00b0
WordPress Advanced Post Type Ratings 1.1 Cross Site Scripting
Posted Nov 21, 2017
Authored by Ricardo Sanchez

WordPress Advanced Post Type Ratings plugin version 1.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | f0dbb00b1b94e678b485c82e2721d274
Ubuntu Security Notice USN-3486-2
Posted Nov 21, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3486-2 - USN-3486-1 fixed a vulnerability in Samba. This update provides the corresponding update for Ubuntu 12.04 ESM. Volker Lendecke discovered that Samba incorrectly cleared memory when returning data to a client. A remote attacker could possibly use this issue to obtain sensitive information. Various other issues were also addressed.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2017-15275
MD5 | a0f5315cd609a4736f577b649ec1843d
WordPress In Link 1.0 SQL Injection
Posted Nov 21, 2017
Authored by Dimopoulos Elias

WordPress In Link plugin version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 600b52112356168f81ddd51bfa225566
Ubuntu Security Notice USN-3486-1
Posted Nov 21, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3486-1 - Yihan Lian and Zhibin Hu discovered that Samba incorrectly handled memory when processing certain SMB1 requests. A remote attacker could possibly use this issue to execute arbitrary code. Volker Lendecke discovered that Samba incorrectly cleared memory when returning data to a client. A remote attacker could possibly use this issue to obtain sensitive information.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2017-14746, CVE-2017-15275
MD5 | 8fa08470f846483b1b653d87a9ae18e1
Ubuntu Security Notice USN-3483-2
Posted Nov 21, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3483-2 - USN-3483-1 fixed a vulnerability in procmail. This update provides the corresponding update for Ubuntu 12.04 ESM. Jakub Wilk discovered that the formail tool incorrectly handled certain malformed mail messages. An attacker could use this flaw to cause formail to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2017-16844
MD5 | 836e0dd8e3cbe0a7357e84930c695d35
Page 1 of 1
Back1Next

File Archive:

December 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    15 Files
  • 2
    Dec 2nd
    2 Files
  • 3
    Dec 3rd
    1 Files
  • 4
    Dec 4th
    15 Files
  • 5
    Dec 5th
    15 Files
  • 6
    Dec 6th
    18 Files
  • 7
    Dec 7th
    17 Files
  • 8
    Dec 8th
    15 Files
  • 9
    Dec 9th
    13 Files
  • 10
    Dec 10th
    4 Files
  • 11
    Dec 11th
    41 Files
  • 12
    Dec 12th
    44 Files
  • 13
    Dec 13th
    25 Files
  • 14
    Dec 14th
    15 Files
  • 15
    Dec 15th
    28 Files
  • 16
    Dec 16th
    3 Files
  • 17
    Dec 17th
    13 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close