Twenty Year Anniversary
Showing 1 - 17 of 17 RSS Feed

Files Date: 2018-02-12

Red Hat Security Advisory 2018-0296-01
Posted Feb 12, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0296-01 - Red Hat JBoss Data Virtualization is a lean data integration solution that provides easy, real-time, and unified data access across disparate sources to multiple applications and users. JBoss Data Virtualization makes data spread across physically distinct systems - such as multiple databases, XML files, and even Hadoop systems - appear as a set of tables in a local database. This release of Red Hat JBoss Data Virtualization 6.4 serves as a replacement for Red Hat JBoss Data Virtualization 6.3.8, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.

tags | advisory, local
systems | linux, redhat
advisories | CVE-2016-6343, CVE-2016-7034
MD5 | 8124c0f727e49cbe0c38bedea85ef7d0
Debian Security Advisory 4111-2
Posted Feb 12, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4111-2 - Mikhail Klementev, Ronnie Goodrich and Andrew Krasichkov discovered that missing restrictions in the implementation of the WEBSERVICE function in LibreOffice could result in the disclosure of arbitrary files readable by the user who opens a malformed document.

tags | advisory, arbitrary
systems | linux, debian
advisories | CVE-2018-6871
MD5 | df5fa3515315ff3ab6f16abf80984634
Ubuntu Security Notice USN-3568-1
Posted Feb 12, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3568-1 - Hanno Böck discovered that WavPack incorrectly handled certain WV files. An attacker could possibly use this to cause a denial of service. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. Joonun Jang discovered that WavPack incorrectly handled certain RF64 files. An attacker could possibly use this to cause a denial of service. This issue only affected Ubuntu 17.10. Various other issues were also addressed.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2016-10169, CVE-2018-6767
MD5 | 341a15c1a6a19b3ca70bc42de7d56e27
HP Security Bulletin HPESBHF03819 1
Posted Feb 12, 2018
Authored by HP | Site hp.com

HP Security Bulletin HPESBHF03819 1 - HPE XP Storage using Hitachi Global Link Manager (HGLM) has a local authenticated information disclosure vulnerability in HGLM version HGLM 6.3.0-00 to 8.5.2-00. Revision 1 of this advisory.

tags | advisory, local, info disclosure
advisories | CVE-2017-8985
MD5 | 7f6bf87505659d18cc0a886ec11946d1
Red Hat Security Advisory 2018-0294-01
Posted Feb 12, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0294-01 - Red Hat JBoss Data Grid is a distributed in-memory data grid, based on Infinispan. This release of Red Hat JBoss Data Grid 7.1.2 serves as a replacement for Red Hat JBoss Data Grid 7.1.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Security Fix: A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper.

tags | advisory, code execution
systems | linux, redhat
advisories | CVE-2014-9970, CVE-2017-15089, CVE-2017-7525
MD5 | 9dde4661f9f6e3785fd5b9f5cc17a6e9
Ubuntu Security Notice USN-3567-1
Posted Feb 12, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3567-1 - It was discovered that Puppet incorrectly handled permissions when unpacking certain tarballs. A local user could possibly use this issue to execute arbitrary code.

tags | advisory, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2017-10689
MD5 | ad1019de06fee1430c20c24f057820db
Ubuntu Security Notice USN-3566-1
Posted Feb 12, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3566-1 - It was discovered that PHP incorrectly handled the PHAR 404 error page. A remote attacker could possibly use this issue to conduct cross-site scripting attacks. It was discovered that PHP incorrectly handled memory when unserializing certain data. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, php, xss
systems | linux, ubuntu
advisories | CVE-2017-12933, CVE-2017-16642, CVE-2018-5712
MD5 | 0b5c9a022daec85647b0067cd2617764
CloudMe Sync 1.10.9 Remote Buffer Overflow
Posted Feb 12, 2018
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

CloudMe Sync versions 1.10.9 and below suffer from an unauthenticated remote buffer overflow vulnerability.

tags | exploit, remote, overflow
advisories | CVE-2018-6892
MD5 | e6cc573f3f01ea0671021866a42d3b05
LogicalDOC Enterprise 7.7.4 Post-Auth Command Execution
Posted Feb 12, 2018
Authored by LiquidWorm | Site zeroscience.mk

LogicalDOC Enterprise version 7.7.4 suffers from a post-authentication command execution vulnerability via binary path manipulation.

tags | exploit
MD5 | e3fe47ad35b3d7c50efc277593f5c2e8
LogicalDOC Enterprise 7.7.4 Username Enumeration Weakness
Posted Feb 12, 2018
Authored by LiquidWorm | Site zeroscience.mk

LogicalDOC Enterprise version 7.7.4 suffers from a username enumeration weakness vulnerability.

tags | exploit
MD5 | 7eb4ae7f1eb49cf2bba6c2410c67f20e
LogicalDOC Enterprise 7.7.4 Directory Traversal
Posted Feb 12, 2018
Authored by LiquidWorm | Site zeroscience.mk

LogicalDOC Enterprise version 7.7.4 suffers from directory traversal vulnerabilities.

tags | exploit, vulnerability
MD5 | 9ee220e0a17d5ba3310790d0d9187453
LogicalDOC Enterprise 7.7.4 Reflected Cross Site Scripting
Posted Feb 12, 2018
Authored by LiquidWorm | Site zeroscience.mk

LogicalDOC Enterprise version 7.7.4 suffers from reflected cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 86803762f6ec08d63b2138780616ee41
Ubuntu Security Notice USN-3565-1
Posted Feb 12, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3565-1 - Meh Chang discovered that Exim incorrectly handled memory in certain decoding operations. A remote attacker could use this issue to cause Exim to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2018-6789
MD5 | a5e7763e74dc8b6d7403bba290d678e9
Gentoo Linux Security Advisory 201802-01
Posted Feb 12, 2018
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201802-1 - Multiple vulnerabilities have been found in VirtualBox, the worst of which could allow an attacker to take control of VirtualBox. Versions prior to 5.1.32 are affected.

tags | advisory, vulnerability
systems | linux, gentoo
advisories | CVE-2018-2676, CVE-2018-2685, CVE-2018-2686, CVE-2018-2687, CVE-2018-2688, CVE-2018-2689, CVE-2018-2690, CVE-2018-2693, CVE-2018-2694, CVE-2018-2698
MD5 | 62b6a20b89766e4f29e9774d5687b60a
TCP Starvation
Posted Feb 12, 2018
Authored by Eplox

Whitepaper called TCP Starvation. It discusses a new variant of a denial of service attack.

tags | paper, denial of service, tcp
MD5 | c256b298d0c5d0f7869895857dde6836
Ciesto Solutions ERP System SQL Injection
Posted Feb 12, 2018
Authored by Faraday_U_24B6

Ciesto Solutions ERP System suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
MD5 | df9732f40887a3359179b387e26f8539
Advantech WebAccess Node 8.3.0 DLL Hijacking
Posted Feb 12, 2018
Authored by Nassim Asrir

Advantech WebAccess Node version 8.3.0 suffers from an AspVBObj.dll code execution dll hijacking vulnerability.

tags | exploit, code execution
systems | windows
advisories | CVE-2018-6911
MD5 | d399329ffa7fecc776e24fe1316f6ea9
Page 1 of 1
Back1Next

File Archive:

October 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    26 Files
  • 2
    Oct 2nd
    15 Files
  • 3
    Oct 3rd
    15 Files
  • 4
    Oct 4th
    15 Files
  • 5
    Oct 5th
    15 Files
  • 6
    Oct 6th
    2 Files
  • 7
    Oct 7th
    3 Files
  • 8
    Oct 8th
    23 Files
  • 9
    Oct 9th
    16 Files
  • 10
    Oct 10th
    15 Files
  • 11
    Oct 11th
    19 Files
  • 12
    Oct 12th
    16 Files
  • 13
    Oct 13th
    2 Files
  • 14
    Oct 14th
    2 Files
  • 15
    Oct 15th
    15 Files
  • 16
    Oct 16th
    20 Files
  • 17
    Oct 17th
    19 Files
  • 18
    Oct 18th
    10 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close