exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 15 of 15 RSS Feed

Files Date: 2018-02-13

Ubuntu Security Notice USN-3569-1
Posted Feb 13, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3569-1 - It was discovered that libvorbis incorrectly handled certain sound files. An attacker could possibly use this to execute arbitrary code. It was discovered that libvorbis incorrectly handled certain sound files. An attacker could use this to cause a denial of service.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2017-14632, CVE-2017-14633
SHA-256 | 7637d44087725a3233537de489217a990a2f1060c897ef61c57f51e0fb5a5d60
Microsoft Intune App PIN Bypass
Posted Feb 13, 2018
Authored by Stephan Sekula

Compass Security discovered a design weakness in Microsoft Intune's app protection. This weakness allows a malicious user that gets hold of an employee's iOS device to access company data even without knowing the app PIN.

tags | exploit
systems | cisco, ios
SHA-256 | 9eb901ef1974be004d63aa35bd969efac3bd77a0a761e1cbabb90340bf37e26c
Red Hat Security Advisory 2018-0316-01
Posted Feb 13, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0316-01 - The Apache Portable Runtime is a portability library used by the Apache HTTP Server and other projects. It provides a free library of C data structures and routines. Security Fix: An out-of-bounds array dereference was found in apr_time_exp_get(). An attacker could abuse an unvalidated usage of this function to cause a denial of service or potentially lead to data leak.

tags | advisory, web, denial of service
systems | linux, redhat
advisories | CVE-2017-12613
SHA-256 | e1cc28df9a26e3301163ec3e56fda9d23a4ab581b5e20d04a73374952885c150
Red Hat Security Advisory 2018-0314-01
Posted Feb 13, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0314-01 - OpenStack Compute launches and schedules large networks of virtual machines, creating a redundant and scalable cloud computing platform. Compute provides the software, control panels, and APIs required to orchestrate a cloud, including running virtual machine instances and controlling access through users and projects. Security Fix: By rebuilding an instance using a new image, an authenticated user may be able to circumvent the Filter Scheduler, bypassing imposed filters.

tags | advisory
systems | linux, redhat
advisories | CVE-2017-16239
SHA-256 | d2148ee0af832b65143d3303d49c8448eed122707a31ce971c68a256bc243920
Microsoft Security Bulletin Advisory Update For February, 2018
Posted Feb 13, 2018
Site microsoft.com

This Microsoft bulletin summary holds additional information regarding Microsoft security advisory ADV180002.

tags | advisory
SHA-256 | 795066723e2bd1bf4719632777fd082a7f6f5761ffcf3500d8d52391048e1f9a
Dell EMC VMAX Virtual Appliance (vApp) File Upload / Hardcoded Password
Posted Feb 13, 2018
Authored by Carlos Perez | Site emc.com

Dell EMC VMAX Virtual Appliance (vApp) Manager suffers from file upload and hardcoded password vulnerabilities. Affected includes Dell EMC Unisphere for VMAX Virtual Appliance versions prior to 8.4.0.18, Dell EMC Solutions Enabler Virtual Appliance versions prior to 8.4.0.21, Dell EMC VASA Virtual Appliance versions prior to 8.4.0.514, and Dell EMC VMAX Embedded Management (eManagement) versions prior to and including 1.4 (Enginuity Release 5977.1125.1125 and earlier).

tags | advisory, vulnerability, file upload
advisories | CVE-2018-1215, CVE-2018-1216
SHA-256 | b67e73ba361780e5a95761dac19951d3508d6b73386b185134e50c10e7ed146e
Microsoft Security Bulletin Summary For February, 2018
Posted Feb 13, 2018
Site microsoft.com

This Microsoft bulletin summary holds information regarding Microsoft security updates for February 13, 2018.

tags | advisory
SHA-256 | 26cad5e97d7ec8fb96db990d1fa06d174708753ec5a721ebd79b253c96d08601
Red Hat Security Advisory 2018-0315-01
Posted Feb 13, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0315-01 - openstack-aodh provides the ability to trigger actions based on defined rules against metric or event data collected by OpenStack Telemetry or Time-Series-Database-as-a-Service. openstack-aodh has been rebased to the upstream 4.0.2-3 version. Security Fix: A verification flaw was found in openstack-aodh. As part of an HTTP alarm action, a user could pass in a trust ID. However, the trust could be from anyone because it was not verified. Because the trust was then used by openstack-aodh to obtain a keystone token for the alarm action, a malicious user could pass in another person's trust ID and obtain a keystone token containing the delegated authority of that user.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2017-12440
SHA-256 | 7039101b6915bf3c41b7aeb8cf08eac9bad2aef2238c96db165daf070b84f2fc
Red Hat Security Advisory 2018-0303-01
Posted Feb 13, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0303-01 - Erlang is a general-purpose programming language and runtime environment. Erlang has built-in support for concurrency, distribution and fault tolerance. Security Fix: An erlang TLS server configured with cipher suites using RSA key exchange, may be vulnerable to an Adaptive Chosen Ciphertext attack against RSA. This may result in plain-text recovery of encrypted messages and/or a man-in-the-middle attack, despite the attacker not having gained access to the serveras private key itself.

tags | advisory
systems | linux, redhat
advisories | CVE-2017-1000385
SHA-256 | bf64648688c5cc77e5c976bff6f7a5dc3e51d89818d6d8d52670e04aaeba0d0a
Micro Focus Security Bulletin MFSBGN03800 1
Posted Feb 13, 2018
Authored by Micro Focus | Site microfocus.com

Micro Focus Security Bulletin MFSBGN03800 1 - A potential vulnerability has been identified in Micro Focus Performance Center. The vulnerability could be exploited to Remote Arbitrary File Modification or Remote Arbitrary Code Execution. Revision 1 of this advisory.

tags | advisory, remote, arbitrary, code execution
advisories | CVE-2017-11357
SHA-256 | 99104f1ddfae6234ae0e977e713869ea89100014039bd064e82cabb131d1784c
Red Hat Security Advisory 2018-0299-01
Posted Feb 13, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0299-01 - collectd is a small C-language daemon, which reads various system metrics periodically and updates RRD files. Because the daemon does not start up each time it updates files, it has a low system footprint. Security Fix: A double-free vulnerability was found in the csnmp_read_table function in the SNMP plugin of collectd. A network-based attacker could exploit this by sending malformed data, causing collectd to crash or possibly other impact.

tags | advisory
systems | linux, redhat
advisories | CVE-2017-16820
SHA-256 | c0229ddfb0d3bf536f8958e1b3158596e4ca0a34bd41110811624e39a6f6fa64
From APK To Golden Ticket
Posted Feb 13, 2018
Authored by Giuseppe Trotta, Andrea Pierini

Whitepaper called From APK to Golden Ticket.

tags | paper
SHA-256 | a1249e0b74a266b510254ebea110ed1332a92f740722f6a7a1e7057ebe872032
TypeSetter CMS 5.1 Host Header Injection
Posted Feb 13, 2018
Authored by Navina Asrani

TypeSetter CMS version 5.1 suffers from a host header injection vulnerability.

tags | exploit
advisories | CVE-2018-6889
SHA-256 | 5ddf7bb4059237ee85076bdaa41db7a28052f263b065e894cd031ed97d137a23
News Website Script 2.0.4 SQL Injection
Posted Feb 13, 2018
Authored by Varun Bagaria

News Website Script version 2.0.4 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 92af168d259661fb20c9fcf1c6b53349bce0aea3a8f3be7c394bb588e10317b3
dotCMS SQL Injection
Posted Feb 13, 2018
Authored by Elar Lang

dotCMS versions prior to 4.1.1 suffer from remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
advisories | CVE-2016-10007, CVE-2016-10008
SHA-256 | 2ef6211acd43254ff086ea4b5c0fc2e1e58d4c393813f4848d7027c88d8aaacd
Page 1 of 1
Back1Next

File Archive:

September 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    23 Files
  • 2
    Sep 2nd
    12 Files
  • 3
    Sep 3rd
    0 Files
  • 4
    Sep 4th
    0 Files
  • 5
    Sep 5th
    10 Files
  • 6
    Sep 6th
    8 Files
  • 7
    Sep 7th
    30 Files
  • 8
    Sep 8th
    14 Files
  • 9
    Sep 9th
    26 Files
  • 10
    Sep 10th
    0 Files
  • 11
    Sep 11th
    0 Files
  • 12
    Sep 12th
    5 Files
  • 13
    Sep 13th
    28 Files
  • 14
    Sep 14th
    15 Files
  • 15
    Sep 15th
    17 Files
  • 16
    Sep 16th
    9 Files
  • 17
    Sep 17th
    0 Files
  • 18
    Sep 18th
    0 Files
  • 19
    Sep 19th
    12 Files
  • 20
    Sep 20th
    15 Files
  • 21
    Sep 21st
    20 Files
  • 22
    Sep 22nd
    13 Files
  • 23
    Sep 23rd
    12 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    30 Files
  • 27
    Sep 27th
    27 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close