Exploit the possiblities
Showing 1 - 15 of 15 RSS Feed

Files Date: 2017-12-01

Abyss Web Server Memory Heap Corruption
Posted Dec 1, 2017
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Abyss Web Server versions prior to 2.11.6 suffer from a memory heap corruption vulnerability.

tags | exploit, web
MD5 | 6953589da496e3632818801ecf910fe5
Ubuntu Security Notice USN-3490-1
Posted Dec 1, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3490-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted website in a browsing-like context, an attacker could potentially exploit these to bypass same-origin restrictions, cause a denial of service via application crash, or execute arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2017-7826, CVE-2017-7828, CVE-2017-7830
MD5 | c76bb02f347dde049641240fde17791e
Artica Web Proxy 3.06.112216 Remote Code Execution
Posted Dec 1, 2017
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Artica Web Proxy version 3.06.112216 suffers from a remote code execution vulnerability.

tags | exploit, remote, web, code execution
advisories | CVE-2017-17055
MD5 | 90c89dcf50c8e44aab718305bfd8452f
MistServer 2.12 Cross Site Scripting
Posted Dec 1, 2017
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

MistServer version 2.12 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2017-16884
MD5 | 7b7d57cb59056ac8a438058f6d3380cf
Symantec Encryption Desktop And Endpoint Encryption Local Privilege Escalation
Posted Dec 1, 2017
Authored by Kyriakos Economou

Vulnerabilities in Symantec Encryption Desktop and Endpoint Encryption allow an attacker to attain arbitrary hard disk read and write access at sector level, and subsequently infect the target and gain low level persistence (MBR/VBR). They also allow the attacker to execute code in the context of the built-in SYSTEM user account, without requiring a reboot.

tags | advisory, arbitrary, vulnerability
MD5 | 752b5f20f45e330229cf021d93af510f
SocuSoft Co. Photo 2 Video Converter 8.0.0 Code Execution / DoS
Posted Dec 1, 2017
Authored by ret2eax

SocuSoft Co. Photo 2 Video Converter Free and Pro variants version 8.0.0 suffer from a buffer overflow in the pdmlog.dll library.

tags | exploit, overflow
MD5 | 0606514841e96d1205b7eb9b1c216c23
Axis Communications MPQT/PACS Heap Overflow / Information Leakage
Posted Dec 1, 2017
Authored by bashis

Axis Communications MPQT/PACS suffers from heap overflow and information leakage vulnerabilities.

tags | exploit, overflow, vulnerability
MD5 | 72d64636f194ac1df24d324e64fb3200
NorthSec 2018 Call For Papers
Posted Dec 1, 2017
Site nsec.io

NorthSec 2018 has announced its Call For Papers. It will be held in Montreal, Canada, from May 14th through the 20th, 2018.

tags | paper, conference
MD5 | 527a3ac3e9b1eb677d2d89b3f9fb085c
Apple Security Advisory 2017-11-29-2
Posted Dec 1, 2017
Authored by Apple | Site apple.com

Apple Security Advisory 2017-11-29-2 - An attacker may be able to bypass administrator authentication without supplying the administrator's password Description: A logic error existed in the validation of credentials. This was addressed with improved credential validation.

tags | advisory
systems | apple
advisories | CVE-2017-13872
MD5 | 39aadbeff594b5a027a95a9d47842c1e
Ubuntu Security Notice USN-3477-3
Posted Dec 1, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3477-3 - USN-3477-1 fixed vulnerabilities in Firefox. The update introduced various minor regressions. This update fixes the problems. Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, read uninitialized memory, obtain sensitive information, bypass same-origin restrictions, bypass CSP protections, bypass mixed content blocking, spoof the addressbar, or execute arbitrary code. It was discovered that javascript: URLs pasted in to the addressbar would be executed instead of being blocked in some circumstances. If a user were tricked in to copying a specially crafted URL in to the addressbar, an attacker could potentially exploit this to conduct cross-site scripting attacks. It was discovered that exported bookmarks do not strip script elements from user-supplied tags. If a user were tricked in to adding specially crafted tags to bookmarks, exporting them and then opening the resulting HTML file, an attacker could potentially exploit this to conduct cross-site scripting attacks. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, spoof, javascript, vulnerability, xss
systems | linux, ubuntu
advisories | CVE-2017-7828, CVE-2017-7830, CVE-2017-7831, CVE-2017-7832, CVE-2017-7833, CVE-2017-7834, CVE-2017-7835, CVE-2017-7837, CVE-2017-7838, CVE-2017-7839, CVE-2017-7840, CVE-2017-7842
MD5 | 998ce8623ace567ce271665c533d0819
CEMLink 6 Unrestricted WSDL Service Access / Poor Crypto Implementation
Posted Dec 1, 2017
Authored by Konstantinos Alexiou

CEMLink 6 suffers from having unrestricted WSDL service access and a weak mechanism for password storage.

tags | advisory, bypass
MD5 | 52fe0bdeec2533e61add0b221c0b0bac
Apple Security Advisory 2017-11-29-1
Posted Dec 1, 2017
Authored by Apple | Site apple.com

Apple Security Advisory 2017-11-29-1 - An attacker may be able to bypass administrator authentication without supplying the administrator's password. A logic error existed in the validation of credentials. This was addressed with improved credential validation. suffers from a bypass vulnerability.

tags | advisory, bypass
systems | apple
advisories | CVE-2017-13872
MD5 | a5ad2ec239aa4e0cd5eb27969a213709
aws-cfn-bootstrap Local Code Execution
Posted Dec 1, 2017
Authored by Harry Sintonen

aws-cfn-bootstrap versions prior to 1.4-22.14 suffer from a local code execution vulnerability.

tags | exploit, local, code execution
advisories | CVE-2017-9450
MD5 | 959ceb0942bc38ddb3afd790bfa315c3
Digital Whisper Electronic Magazine #89
Posted Dec 1, 2017
Authored by cp77fk4r, digitalwhisper

Digital Whisper Electronic Magazine issue 89. Written in Hebrew.

tags | magazine
MD5 | 686bd7824e01ef8dd15de361d5c7f50c
Cisco WebEx Network Recording Player DoS / Code Execution
Posted Dec 1, 2017
Authored by Cisco Systems | Site cisco.com

Cisco has released an advisory detailing code execution, out of bounds, and denial of service vulnerabilities in the WebEx Network Recording Player.

tags | advisory, denial of service, vulnerability, code execution
systems | cisco
advisories | CVE-2017-12367, CVE-2017-12368, CVE-2017-12369, CVE-2017-12370, CVE-2017-12371, CVE-2017-12372
MD5 | c233dabd1d7ffe8721215530840fdb53
Page 1 of 1
Back1Next

File Archive:

December 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    15 Files
  • 2
    Dec 2nd
    2 Files
  • 3
    Dec 3rd
    1 Files
  • 4
    Dec 4th
    15 Files
  • 5
    Dec 5th
    15 Files
  • 6
    Dec 6th
    18 Files
  • 7
    Dec 7th
    17 Files
  • 8
    Dec 8th
    15 Files
  • 9
    Dec 9th
    13 Files
  • 10
    Dec 10th
    4 Files
  • 11
    Dec 11th
    41 Files
  • 12
    Dec 12th
    44 Files
  • 13
    Dec 13th
    25 Files
  • 14
    Dec 14th
    15 Files
  • 15
    Dec 15th
    28 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close