Twenty Year Anniversary
Showing 1 - 16 of 16 RSS Feed

Files Date: 2018-01-17

Gentoo Linux Security Advisory 201801-18
Posted Jan 17, 2018
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201801-18 - Insufficient input validation in Newsbeuter may allow remote attackers to execute arbitrary shell commands. Versions less than 2.9-r3 are affected.

tags | advisory, remote, arbitrary, shell
systems | linux, gentoo
advisories | CVE-2017-12904
MD5 | 2e41bd1176e5ce1d057f0ab9c5760f96
Gentoo Linux Security Advisory 201801-17
Posted Jan 17, 2018
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201801-17 - Multiple vulnerabilities have been found in Poppler, the worst of which could allow the execution of arbitrary code. Versions less than 0.57.0-r1 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2017-2820, CVE-2017-7511, CVE-2017-9083, CVE-2017-9406, CVE-2017-9408, CVE-2017-9865
MD5 | a4a80d8e3e07078ed1694908e4ef5313
Ubuntu Security Notice USN-3535-1
Posted Jan 17, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3535-1 - Jayachandran Palanisamy discovered that the Bind resolver incorrectly handled fetch cleanup sequencing. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2017-3145
MD5 | dc8c13f698fc3b21ad070a8da1f40f56
Ubuntu Security Notice USN-3534-1
Posted Jan 17, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3534-1 - It was discovered that the GNU C library did not properly handle all of the possible return values from the kernel getcwd syscall. A local attacker could potentially exploit this to execute arbitrary code in setuid programs and gain administrative privileges. A memory leak was discovered in the _dl_init_paths function in the GNU C library dynamic loader. A local attacker could potentially exploit this with a specially crafted value in the LD_HWCAP_MASK environment variable, in combination with CVE-2017-1000409 and another vulnerability on a system with hardlink protections disabled, in order to gain administrative privileges. Various other issues were also addressed.

tags | advisory, arbitrary, kernel, local, memory leak
systems | linux, ubuntu
advisories | CVE-2017-1000408, CVE-2017-1000409, CVE-2017-15670, CVE-2017-15804, CVE-2017-16997, CVE-2017-17426, CVE-2018-1000001
MD5 | 4d8f3d9f108dacae4f21c559451d5fd0
SugarCRM 3.5.1 Cross Site Scripting
Posted Jan 17, 2018
Authored by Guilherme Assmann

SugarCRM version 3.5.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2018-5715
MD5 | 9a54cf199d165391fec684154413be11
Microsoft Edge Chakra Incorrect Scope Handling
Posted Jan 17, 2018
Authored by Google Security Research, lokihardt

Microsoft Edge Chakra suffers from an incorrect scope handling vulnerability.

tags | exploit
advisories | CVE-2018-0774
MD5 | f9aa042a0c635706708db62651d0068a
Microsoft Edge Chakra JavascriptGeneratorFunction::GetPropertyBuiltIns Exposure
Posted Jan 17, 2018
Authored by Google Security Research, lokihardt

Microsoft Edge Chakra suffers from a JavascriptGeneratorFunction::GetPropertyBuiltIns exposure of scriptFunction.

tags | exploit
advisories | CVE-2017-11914
MD5 | e8df0b0b2e1f9ed2b06276033e5b5645
Microsoft Edge Chakra JIT Incorrect Bounds Calculation
Posted Jan 17, 2018
Authored by Google Security Research, lokihardt

Microsoft Edge Chakra JIT suffers from an out-of-bounds write vulnerability.

tags | exploit
advisories | CVE-2018-0769
MD5 | cd3a0e785ae920d4c8bf5b53a4cc3e8f
Gentoo Linux Security Advisory 201801-16
Posted Jan 17, 2018
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201801-16 - Multiple vulnerabilities have been found in rsync, the worst of which could allow remote attackers to bypass access restrictions. Versions less than 3.1.2-r2 are affected.

tags | advisory, remote, vulnerability
systems | linux, gentoo
advisories | CVE-2017-16548, CVE-2017-17433, CVE-2017-17434
MD5 | 8f061cf16bf215663e729d6b3fb1fc22
Belkin N600DB Command Injection / Backdoor
Posted Jan 17, 2018
Authored by Wadeek

Belkin N600DB suffers from password disclosure, a backdoor shell, server-side request forgery, and command injection vulnerabilities.

tags | exploit, shell, vulnerability
MD5 | 546c8e10d2e3c9868c52f837366e622c
Reservo Image Hosting Script 1.5 Cross Site Scripting
Posted Jan 17, 2018
Authored by Dennis Veninga

Reservo Image Hosting Script version 1.5 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2018-5705
MD5 | 933dcde7be6d637295af0d935d8d5593
Red Hat Security Advisory 2018-0093-01
Posted Jan 17, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0093-01 - The microcode_ctl packages provide microcode updates for Intel and AMD processors. This update supersedes microcode provided by Red Hat with the CVE-2017-5715 CPU branch injection vulnerability mitigation. Further testing has uncovered problems with the microcode provided along with the aSpectrea mitigation that could lead to system instabilities. As a result, Red Hat is providing an microcode update that reverts to the last known good microcode version dated before 03 January 2018. Red Hat strongly recommends that customers contact their hardware provider for the latest microcode updates.

tags | advisory
systems | linux, redhat
MD5 | 47a29e1045d4ea81bf0ec7cd51e60768
Red Hat Security Advisory 2018-0094-01
Posted Jan 17, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0094-01 - The linux-firmware packages contain all of the firmware files that are required by various devices to operate. This update supersedes microcode provided by Red Hat with the CVE-2017-5715 CPU branch injection vulnerability mitigation. Further testing has uncovered problems with the microcode provided along with the aSpectrea mitigation that could lead to system instabilities. As a result, Red Hat is providing an microcode update that reverts to the last known good microcode version dated before 03 January 2018. Red Hat strongly recommends that customers contact their hardware provider for the latest microcode updates.

tags | advisory
systems | linux, redhat
MD5 | 4667ef6873076d32db64e8fe1b28191c
Master IP CAM 01 Hardcoded Password / Unauthenticated Access
Posted Jan 17, 2018
Authored by Daniele Linguaglossa, Raffaele Sabato

Master IP CAM version 01 has a hardcoded root password and suffers from multiple unauthenticated access vulnerabilities.

tags | exploit, root, vulnerability, bypass
advisories | CVE-2018-5723, CVE-2018-5724, CVE-2018-5725, CVE-2018-5726
MD5 | 253eee4323841717bf3ffd8d13607ed9
Fundly 1.0.0 Cross Site Scripting
Posted Jan 17, 2018
Authored by indoushka

Fundly version 1.0.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 5869a18724d84d543e50301a2dc2104c
Zomato Clone Script Arbitrary File Upload
Posted Jan 17, 2018
Authored by Tauco

Zomato Clone Script suffers from a remote file upload vulnerability.

tags | exploit, remote, file upload
MD5 | 6e088ca7e54c6a7c80585c24e32dafbf
Page 1 of 1
Back1Next

Want To Donate?


Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

File Archive:

August 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    19 Files
  • 2
    Aug 2nd
    17 Files
  • 3
    Aug 3rd
    16 Files
  • 4
    Aug 4th
    1 Files
  • 5
    Aug 5th
    1 Files
  • 6
    Aug 6th
    19 Files
  • 7
    Aug 7th
    15 Files
  • 8
    Aug 8th
    9 Files
  • 9
    Aug 9th
    7 Files
  • 10
    Aug 10th
    10 Files
  • 11
    Aug 11th
    1 Files
  • 12
    Aug 12th
    0 Files
  • 13
    Aug 13th
    14 Files
  • 14
    Aug 14th
    18 Files
  • 15
    Aug 15th
    38 Files
  • 16
    Aug 16th
    16 Files
  • 17
    Aug 17th
    22 Files
  • 18
    Aug 18th
    3 Files
  • 19
    Aug 19th
    1 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close