what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 16 of 16 RSS Feed

Files Date: 2018-02-26

Red Hat Security Advisory 2018-0349-01
Posted Feb 26, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0349-01 - The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. Security Fix: A flaw was found in the AWT component of OpenJDK. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox restrictions. It was discovered that the LDAPCertStore class in the JNDI component of OpenJDK failed to securely handle LDAP referrals. An attacker could possibly use this flaw to make it fetch attacker controlled certificate data.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2018-2579, CVE-2018-2588, CVE-2018-2599, CVE-2018-2602, CVE-2018-2603, CVE-2018-2618, CVE-2018-2629, CVE-2018-2633, CVE-2018-2634, CVE-2018-2637, CVE-2018-2641, CVE-2018-2663, CVE-2018-2677, CVE-2018-2678
SHA-256 | a5193bcd01498012225250e8c493b1011be7f27b55df40690e4a03b7aac1fecd
Red Hat Security Advisory 2018-0352-01
Posted Feb 26, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0352-01 - IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR5-FP10. Security Fix: This update fixes multiple vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2018-2579, CVE-2018-2582, CVE-2018-2588, CVE-2018-2599, CVE-2018-2602, CVE-2018-2603, CVE-2018-2618, CVE-2018-2633, CVE-2018-2634, CVE-2018-2637, CVE-2018-2638, CVE-2018-2639, CVE-2018-2641, CVE-2018-2663, CVE-2018-2677, CVE-2018-2678
SHA-256 | 0747b311eba7722f568906e172a0f201037893e0f8ddd8b951ef3a339b7dd292
Asterisk 15.2.0 chan_pjsip INVITE Denial Of Service
Posted Feb 26, 2018
Authored by Sandro Gauci, Alfred Farrugia

Asterisk running chan_pjsip suffers from an INVITE message denial of service vulnerability. Versions affected include Versions affected include 15.2.0, 15.1.0, 15.0.0, 13.19.0, 13.11.2, and 14.7.5.

tags | exploit, denial of service
advisories | CVE-2018-7286
SHA-256 | f1253625e46f227de8752682b32d8862adf05b987de5b3ce80dd452d37d33ce3
Asterisk 15.2.0 chan_pjsip SDP Media Format Denial Of Service
Posted Feb 26, 2018
Authored by Sandro Gauci, Alfred Farrugia

Asterisk running chan_pjsip suffers from an SDP message related denial of service vulnerability. Versions affected include 13.10.0, 15.1.3, 15.1.4, 15.1.5, and 15.2.0.

tags | exploit, denial of service
SHA-256 | dcd272d0bdc191e8821a8ff0875bcb1f860b59d55a4d240aea12f18340ff7f74
Ubuntu Security Notice USN-3584-1
Posted Feb 26, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3584-1 - Gabriel Corona discovered that sensible-utils incorrectly validated strings when launcher a browser with the sensible-browser tool. A remote attacker could possibly use this issue with a specially crafted URL to conduct an argument injection attack and execute arbitrary code.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2017-17512
SHA-256 | c5f78e5a05cab518c15e4395053c786bc2d75b96e73fc9c6895d5cd6283525fd
Red Hat Security Advisory 2018-0351-01
Posted Feb 26, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0351-01 - IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR5-FP10. Security Fix: This update fixes multiple vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2018-2579, CVE-2018-2582, CVE-2018-2588, CVE-2018-2599, CVE-2018-2602, CVE-2018-2603, CVE-2018-2618, CVE-2018-2633, CVE-2018-2634, CVE-2018-2637, CVE-2018-2638, CVE-2018-2639, CVE-2018-2641, CVE-2018-2663, CVE-2018-2677, CVE-2018-2678
SHA-256 | af327ee7be945314f6bdd71373f6b237240539412ecb3a9c8b991c77002eea53
Red Hat Security Advisory 2018-0350-01
Posted Feb 26, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0350-01 - The gcab package contains a utility for managing the Cabinet archives. It can list, extract, and create Microsoft cabinet files. Security Fix: gcab: Extracting malformed .cab files causes stack smashing potentially leading to arbitrary code execution.

tags | advisory, arbitrary, code execution
systems | linux, redhat
advisories | CVE-2018-5345
SHA-256 | 8f5c047a0dadbbe6391693ce574c81f5df12b643260849f79b81ba79213ad986
Asterisk 15.2.0 chan_pjsip SDP fmtp Denial Of Service
Posted Feb 26, 2018
Authored by Sandro Gauci, Alfred Farrugia

Asterisk version 15.2.0 running chan_pjsip suffers from an SDP message related denial of service vulnerability.

tags | exploit, denial of service
SHA-256 | bb991ba13071f908ba4e3a364bc5fd50ffb86a758000294812e5c584d0d94d00
Asterisk 15.2.0 chan_pjsip SUBSCRIBE Stack Corruption
Posted Feb 26, 2018
Authored by Sandro Gauci, Alfred Farrugia

Asterisk running chan_pjsip suffers from a SUBSCRIBE message stack corruption vulnerability. Vulnerable versions include 15.2.0, 13.19.0, 14.7.5, and 13.11.2.

tags | exploit
advisories | CVE-2018-7284
SHA-256 | 7ce6eb5d2b74840cec684d30e389db8a84881dd35088091f86c3e601f3984460
Transmission Torrent Parsing Integer Overflows
Posted Feb 26, 2018
Authored by Tavis Ormandy, Google Security Research

Torrent file parsing in libtransmission suffers from overflow vulnerabilities.

tags | exploit, overflow, vulnerability
SHA-256 | 54ad18d8336156df7524e96c3d9da8e72a4e6da0788daef159edd65d3ca2b6b4
Chrome V8 PropertyArray Integer Overflow
Posted Feb 26, 2018
Authored by Google Security Research, lokihardt

Chrome V8 suffers from an integer overflow vulnerability with PropertyArray.

tags | exploit, overflow
SHA-256 | 78544b73868b4a617f838b6eedac6007779756c897dfb03b1166522de63fa42c
Chrome V8 TranslatedState::MaterializeCapturedObjectAt Caching Bug
Posted Feb 26, 2018
Authored by Google Security Research, lokihardt

Chrome V8 suffers from a TranslatedState::MaterializeCapturedObjectAt caching bug.

tags | exploit
SHA-256 | c58dbf70a613c66bda60e5bdc9cedbc4e6777ffa60ce1c11ea4b8bd448b8f253
Stegano 0.8.3
Posted Feb 26, 2018
Authored by Cedric Bonhomme | Site github.com

Stegano is a basic Python Steganography module. Stegano implements two methods of hiding: using the red portion of a pixel to hide ASCII messages, and using the Least Significant Bit (LSB) technique. It is possible to use a more advanced LSB method based on integers sets. The sets (Sieve of Eratosthenes, Fermat, Carmichael numbers, etc.) are used to select the pixels used to hide the information.

Changes: The recommended way to install Stegano is now to use pipenv.
tags | tool, encryption, steganography, python
systems | unix
SHA-256 | d6f7b3191669a5642be277c9d85c1f4392168f0f907fb0ec525acce0b7bd2ee1
Wireshark Analyzer 2.4.5
Posted Feb 26, 2018
Authored by Gerald Combs | Site wireshark.org

Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers.

Changes: Various updates.
tags | tool, sniffer, protocol
systems | windows, unix
SHA-256 | b3b2ec29fba0f4a3a590438abe4054e56f19108d440fc2d61492db9d8ff16fd7
CMS Made Simple 2.1.6 Remote Code Execution
Posted Feb 26, 2018
Authored by Keerati T.

CMS Made Simple version 2.1.6 suffers from a remote code execution vulnerability during install time.

tags | exploit, remote, code execution
advisories | CVE-2018-7448
SHA-256 | 5ee860225d19ea3519646adc2baa5fdf983dff08dc45cb7a9c96ed42a5740114
Microsoft Edge Chakra JIT CallRegExSymbolFunction Return Check Fail
Posted Feb 26, 2018
Authored by Google Security Research, lokihardt

Microsoft Edge Chakra JIT fails to check the return type in CallRegExSymbolFunction.

tags | exploit
SHA-256 | 67802618169608e3a9e35257ed4d818c3a6a18aa296e1e9e8d75ffa718a13eb3
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close