Exploit the possiblities
Showing 1 - 15 of 15 RSS Feed

Files Date: 2017-12-14

Red Hat Security Advisory 2017-3470-01
Posted Dec 14, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-3470-01 - KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. Security Fix: An assertion-failure flaw was found in the Network Block Device server's initial connection negotiation, where the I/O coroutine was undefined. This could crash the qemu-nbd server if a client sent unexpected data during connection negotiation. A remote user or process could use this flaw to crash the qemu-nbd server resulting in denial of service.

tags | advisory, remote, denial of service
systems | linux, redhat
advisories | CVE-2017-10664, CVE-2017-11334, CVE-2017-14167, CVE-2017-15289, CVE-2017-7539
MD5 | a3e77be981d017364740e80ed5d2467d
Gentoo Linux Security Advisory 201712-01
Posted Dec 14, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201712-1 - Multiple vulnerabilities have been discovered in WebKitGTK+, the worst of which may lead to arbitrary code execution. Versions less than 2.18.3 are affected.

tags | advisory, arbitrary, vulnerability, code execution
systems | linux, gentoo
advisories | CVE-2017-13783, CVE-2017-13784, CVE-2017-13785, CVE-2017-13788, CVE-2017-13791, CVE-2017-13792, CVE-2017-13793, CVE-2017-13794, CVE-2017-13795, CVE-2017-13796, CVE-2017-13798, CVE-2017-13802, CVE-2017-13803
MD5 | 2bdf84017aa63085601b31a0bfd00845
Red Hat Security Advisory 2017-3463-01
Posted Dec 14, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-3463-01 - Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. Security Fix: An arbitrary command execution flaw was found in the way Go's "go get" command handled the checkout of source code repositories. A remote attacker capable of hosting malicious repositories could potentially use this flaw to cause arbitrary command execution on the client side. It was found that smtp.PlainAuth authentication scheme in Go did not verify the TLS requirement properly. A remote man-in-the-middle attacker could potentially use this flaw to sniff SMTP credentials sent by a Go application.

tags | advisory, remote, arbitrary
systems | linux, redhat
advisories | CVE-2017-15041, CVE-2017-15042
MD5 | 565b46ec35ed4f8b9253642745a167e1
Red Hat Security Advisory 2017-3471-01
Posted Dec 14, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-3471-01 - KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. Security Fix: An assertion-failure flaw was found in the Network Block Device server's initial connection negotiation, where the I/O coroutine was undefined. This could crash the qemu-nbd server if a client sent unexpected data during connection negotiation. A remote user or process could use this flaw to crash the qemu-nbd server resulting in denial of service.

tags | advisory, remote, denial of service
systems | linux, redhat
advisories | CVE-2017-10664, CVE-2017-11334, CVE-2017-14167, CVE-2017-15289, CVE-2017-7539
MD5 | 1af1b4cdf573ac1364295af118e3b1f1
Debian Security Advisory 4064-1
Posted Dec 14, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4064-1 - Several vulnerabilities have been discovered in the chromium web browser.

tags | advisory, web, vulnerability
systems | linux, debian
advisories | CVE-2017-15407, CVE-2017-15408, CVE-2017-15409, CVE-2017-15410, CVE-2017-15411, CVE-2017-15413, CVE-2017-15415, CVE-2017-15416, CVE-2017-15417, CVE-2017-15418, CVE-2017-15419, CVE-2017-15420, CVE-2017-15423, CVE-2017-15424, CVE-2017-15425, CVE-2017-15426, CVE-2017-15427
MD5 | ecced052a6c57978901d768f6347e1ad
Microsoft Office DDE Payload Delivery
Posted Dec 14, 2017
Authored by Mumbai | Site metasploit.com

This Metasploit module generates an DDE command to place within a word document, that when executed, will retrieve a HTA payload via HTTP from an web server.

tags | exploit, web
MD5 | 99526b3ca709bcb05d6b75829aada925
Asterisk Project Security Advisory - AST-2017-012
Posted Dec 14, 2017
Authored by Joshua Colp, Tzafrir Cohen, Vitezslav Novy | Site asterisk.org

Asterisk Project Security Advisory - If a compound RTCP packet is received containing more than one report (for example a Receiver Report and a Sender Report) the RTCP stack will incorrectly store report information outside of allocated memory potentially causing a crash.

tags | advisory
MD5 | d33abf8cba4f7b05dabb7516ee12b675
WordPress WooPay Inicis 1.1.3 Cross Site Scripting
Posted Dec 14, 2017
Authored by Ricardo Sanchez

WordPress WooPay Inicis plugin version 1.1.3 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 32b4477a51f043e97d1f2a9ea2345ddb
WordPress WordApp Mobile 2.0.3 Cross Site Scripting
Posted Dec 14, 2017
Authored by Ricardo Sanchez

WordPress WordApp Mobile App plugin version 2.0.3 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 8739d69174d052be36f4b526e019461b
WordPress Qiniu Cloudtuchuang 1.8 Cross Site Scripting
Posted Dec 14, 2017
Authored by Ricardo Sanchez

Wordpress Qiniu Cloudtuchuang (七牛云图床) plugin version 1.8 is prone to a stored cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data.

tags | exploit, xss
MD5 | d0e40413cd197dcbb38eecae13507c06
Red Hat Security Advisory 2017-3458-01
Posted Dec 14, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-3458-01 - The eap7-jboss-ec2-eap packages provide scripts for Red Hat JBoss Enterprise Application Platform running on the Amazon Web Services Elastic Compute Cloud. With this update, the eap7-jboss-ec2-eap package has been updated to ensure compatibility with Red Hat JBoss Enterprise Application Platform 7.1.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2016-4978, CVE-2016-4993, CVE-2016-5406, CVE-2016-6311, CVE-2016-7046, CVE-2016-7061, CVE-2016-8627, CVE-2016-8656, CVE-2016-9589, CVE-2017-12165, CVE-2017-12167, CVE-2017-2595, CVE-2017-2666, CVE-2017-2670, CVE-2017-7525, CVE-2017-7536, CVE-2017-7559
MD5 | b78d311c3eb1ec944dd47e7e55319d01
Red Hat Security Advisory 2017-3455-01
Posted Dec 14, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-3455-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This release of Red Hat JBoss Enterprise Application Platform 7.1.0 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.0.0, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Security Fix: A Denial of Service can be caused when a long request is sent to EAP 7.

tags | advisory, java, denial of service
systems | linux, redhat
advisories | CVE-2016-4978, CVE-2016-4993, CVE-2016-5406, CVE-2016-6311, CVE-2016-7046, CVE-2016-7061, CVE-2016-8627, CVE-2016-8656, CVE-2016-9589, CVE-2017-12165, CVE-2017-12167, CVE-2017-2595, CVE-2017-2666, CVE-2017-2670, CVE-2017-7525, CVE-2017-7536, CVE-2017-7559
MD5 | 57e31c3929466e78ef378e3089df11be
Red Hat Security Advisory 2017-3454-01
Posted Dec 14, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-3454-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This release of Red Hat JBoss Enterprise Application Platform 7.1.0 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.0.0, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Security Fix: A Denial of Service can be caused when a long request is sent to EAP 7.

tags | advisory, java, denial of service
systems | linux, redhat
advisories | CVE-2016-4978, CVE-2016-4993, CVE-2016-5406, CVE-2016-6311, CVE-2016-7046, CVE-2016-7061, CVE-2016-8627, CVE-2016-8656, CVE-2016-9589, CVE-2017-12165, CVE-2017-12167, CVE-2017-2595, CVE-2017-2666, CVE-2017-2670, CVE-2017-7525, CVE-2017-7536, CVE-2017-7559
MD5 | f03da4a736aab37fcedf48e81807fd71
Red Hat Security Advisory 2017-3456-01
Posted Dec 14, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-3456-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This release of Red Hat JBoss Enterprise Application Platform 7.1.0 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.0.0, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Security Fix: A Denial of Service can be caused when a long request is sent to EAP 7.

tags | advisory, java, denial of service
systems | linux, redhat
advisories | CVE-2016-4978, CVE-2016-4993, CVE-2016-5406, CVE-2016-6311, CVE-2016-7046, CVE-2016-7061, CVE-2016-7066, CVE-2016-8627, CVE-2016-9589, CVE-2017-12165, CVE-2017-12167, CVE-2017-2595, CVE-2017-2666, CVE-2017-2670, CVE-2017-7525, CVE-2017-7536, CVE-2017-7559
MD5 | 90eac440b3c1cf02ee6406070cf03964
Red Hat Security Advisory 2017-3453-01
Posted Dec 14, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-3453-01 - IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR5-FP5. Security Fix: This update fixes multiple vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2016-10165, CVE-2016-9840, CVE-2016-9841, CVE-2016-9842, CVE-2016-9843, CVE-2017-10053, CVE-2017-10067, CVE-2017-10078, CVE-2017-10087, CVE-2017-10089, CVE-2017-10090, CVE-2017-10096, CVE-2017-10101, CVE-2017-10102, CVE-2017-10105, CVE-2017-10107, CVE-2017-10108, CVE-2017-10109, CVE-2017-10110, CVE-2017-10115, CVE-2017-10116, CVE-2017-10243, CVE-2017-10281, CVE-2017-10285, CVE-2017-10295, CVE-2017-10309, CVE-2017-10345
MD5 | 80ac4101114629370ea9a7f8dc4ad6b8
Page 1 of 1
Back1Next

File Archive:

December 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    15 Files
  • 2
    Dec 2nd
    2 Files
  • 3
    Dec 3rd
    1 Files
  • 4
    Dec 4th
    15 Files
  • 5
    Dec 5th
    15 Files
  • 6
    Dec 6th
    18 Files
  • 7
    Dec 7th
    17 Files
  • 8
    Dec 8th
    15 Files
  • 9
    Dec 9th
    13 Files
  • 10
    Dec 10th
    4 Files
  • 11
    Dec 11th
    41 Files
  • 12
    Dec 12th
    44 Files
  • 13
    Dec 13th
    25 Files
  • 14
    Dec 14th
    15 Files
  • 15
    Dec 15th
    28 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close