Twenty Year Anniversary
Showing 1 - 15 of 15 RSS Feed

Files Date: 2018-02-06

Slackware Security Advisory - Slackware 14.2 kernel Updates
Posted Feb 6, 2018
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New kernel packages are available for Slackware 14.2 to mitigate the speculative side channel attack known as Spectre variant 2.

tags | advisory, kernel
systems | linux, slackware
advisories | CVE-2017-5715
MD5 | a2f7f31b04b7a4504cf6f62ee6bd733e
Kaspersky Secure Mail Gateway 1.1.0.379 CSRF / Code Execution
Posted Feb 6, 2018
Authored by Core Security Technologies, Leandro Barragan | Site coresecurity.com

Kaspersky Secure Mail Gateway version 1.1.0.379 suffers from code execution and cross site request forgery vulnerabilities.

tags | exploit, vulnerability, code execution, csrf
MD5 | 04398c48a2c352c40a07dcb4a1897e4f
WINCVS 2009R2 DLL Hijacking
Posted Feb 6, 2018
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

WINCVS 2009R2 suffers from a dll hijacking vulnerability.

tags | exploit
advisories | CVE-2018-6461
MD5 | 23a65c64af1bf05b3c7e8655d9e0b8ee
Android KeyStore Permission Bypass
Posted Feb 6, 2018
Authored by Google Security Research, laginimaineb

The keystore binder service ("android.security.IKeystoreService") allows users to issue several commands related to key management, including adding, removing, exporting and generating cryptographic keys. The service is accessible to many SELinux contexts, including application contexts, but also unprivileged daemons such as "media.codec". A permission bypass vulnerability exists in the KeyStore service due to getpidcon.

tags | exploit, bypass
advisories | CVE-2017-13236
MD5 | 6217b7e5a6f72a1a4284d0fb186f9daf
Ubuntu Security Notice USN-3558-1
Posted Feb 6, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3558-1 - Karim Hossen and Thomas Imbert and Nelson William Gamazo Sanchez independently discovered that systemd-resolved incorrectly handled certain DNS responses. A remote attacker could possibly use this issue to cause systemd to temporarily stop responding, resulting in a denial of service. This issue only affected Ubuntu 16.04 LTS. It was discovered that systemd incorrectly handled automounted volumes. A local attacker could possibly use this issue to cause applications to hang, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service, local
systems | linux, ubuntu
advisories | CVE-2017-15908, CVE-2018-1049
MD5 | 7581b4ef340da5d924ce969867315c2b
Ubuntu Security Notice USN-3550-2
Posted Feb 6, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3550-2 - USN-3550-1 fixed several vulnerabilities in ClamAV. This update provides the corresponding update for Ubuntu 12.04 ESM. It was discovered that ClamAV incorrectly handled parsing certain mail messages. A remote attacker could use this issue to cause ClamAV to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, vulnerability
systems | linux, ubuntu
advisories | CVE-2017-12374, CVE-2017-12375, CVE-2017-12376, CVE-2017-12377, CVE-2017-12378, CVE-2017-12379, CVE-2017-12380
MD5 | b65cdfc25e9e64d2f2b057e5a293426c
Red Hat Security Advisory 2018-0279-01
Posted Feb 6, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0279-01 - MariaDB is a multi-user, multi-threaded SQL database server. For all practical purposes, MariaDB is binary-compatible with MySQL. The following packages have been upgraded to a later upstream version: rh-mariadb100-mariadb. Security Fix: A flaw was found in the way the mysqld_safe script handled creation of error log file. The mysql operating system user could use this flaw to escalate their privileges to root.

tags | advisory, root
systems | linux, redhat
advisories | CVE-2016-5617, CVE-2016-6664, CVE-2017-10268, CVE-2017-10286, CVE-2017-10378, CVE-2017-10379, CVE-2017-10384, CVE-2017-3238, CVE-2017-3243, CVE-2017-3244, CVE-2017-3257, CVE-2017-3258, CVE-2017-3265, CVE-2017-3291, CVE-2017-3302, CVE-2017-3308, CVE-2017-3309, CVE-2017-3312, CVE-2017-3313, CVE-2017-3317, CVE-2017-3318, CVE-2017-3453, CVE-2017-3456, CVE-2017-3464, CVE-2017-3636, CVE-2017-3641, CVE-2017-3653
MD5 | 981dd38ef3b1b163a94f4468e2251e6a
Grammarly Auth Token Exposure
Posted Feb 6, 2018
Authored by Tavis Ormandy, Google Security Research

The Grammarly chrome extension (approximately ~20M users) exposes it's auth tokens to all websites, therefore any website can login to grammarly.com as you and access all your documents, history, logs, and all other data.

tags | advisory
MD5 | f106da528a9f256ae05df2217aee22c3
Joomla! Zh GoogleMap 8.4.0.0 SQL Injection
Posted Feb 6, 2018
Authored by Ihsan Sencan

Joomla! Zh GoogleMap component version 8.4.0.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2018-6582
MD5 | 2792ddc43310d99349c4a23240c1e7dc
Joomla! Zh YandexMap 6.2.1.0 SQL Injection
Posted Feb 6, 2018
Authored by Ihsan Sencan

Joomla! Zh YandexMap component version 6.2.1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2018-6604
MD5 | b0d4639a36b7151020c12650ce288dd4
Joomla! Zh BaiduMap 3.0.0.1 SQL Injection
Posted Feb 6, 2018
Authored by Ihsan Sencan

Joomla! Zh BaiduMap component version 3.0.0.1 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2018-6605
MD5 | 558def6cb86067be3c322a8dfae79e26
Joomla! JSP Tickets 1.1 SQL Injection
Posted Feb 6, 2018
Authored by Ihsan Sencan

Joomla! JSP Tickets component version 1.1 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2018-6609
MD5 | 4797a573f5ddd485758629b4d72b1fcb
WordPress Core Denial Of Service
Posted Feb 6, 2018
Authored by Ali Razmjoo

WordPress load-scripts.php denial of service exploit.

tags | exploit, denial of service, php
advisories | CVE-2018-6389
MD5 | c5199aa5847b27d9f9ce21b843ab9fee
Wall Of Sheep 2018 Call For Presentations
Posted Feb 6, 2018
Authored by Ming

The Wall of Sheep would like to announce a call for presentations at DEF CON 26 at the Caesars Palace in Las Vegas, NV from Thursday, August 9th to Sunday, August 12th, 2018.

tags | paper, conference
MD5 | dcf6869e335041ab1bb309a0ddffda41
EuskalHack Security Congress III Call For Papers
Posted Feb 6, 2018
Site euskalhack.org

EuskalHack Security Congress Third Edition is a new proposal from the EuskalHack Computer Security Association, with the aim to promote the community growth and the culture in the digital security field. As usual, in this new edition proximity to our public and technical quality will be our hallmarks. This exclusive conference is shaping up as the most relevant in Basque Country, with an estimated 180 attendees for this third edition. The participants include specialized companies, state security organizations, professionals, hobbyists and students in the area of security and Information Technology. This conference will be held June 22nd and 23rd, 2018 in Donostia, San Sebastian.

tags | paper, conference
MD5 | d6870ffadf0efdda0b3b020d6a295e54
Page 1 of 1
Back1Next

Want To Donate?


Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

File Archive:

June 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    14 Files
  • 2
    Jun 2nd
    1 Files
  • 3
    Jun 3rd
    3 Files
  • 4
    Jun 4th
    18 Files
  • 5
    Jun 5th
    21 Files
  • 6
    Jun 6th
    8 Files
  • 7
    Jun 7th
    16 Files
  • 8
    Jun 8th
    18 Files
  • 9
    Jun 9th
    5 Files
  • 10
    Jun 10th
    2 Files
  • 11
    Jun 11th
    21 Files
  • 12
    Jun 12th
    32 Files
  • 13
    Jun 13th
    15 Files
  • 14
    Jun 14th
    16 Files
  • 15
    Jun 15th
    4 Files
  • 16
    Jun 16th
    1 Files
  • 17
    Jun 17th
    2 Files
  • 18
    Jun 18th
    15 Files
  • 19
    Jun 19th
    15 Files
  • 20
    Jun 20th
    15 Files
  • 21
    Jun 21st
    15 Files
  • 22
    Jun 22nd
    7 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close