Twenty Year Anniversary
Showing 1 - 18 of 18 RSS Feed

Files Date: 2018-03-15

MikroTik RouterOS SMB Buffer Overflow
Posted Mar 15, 2018
Authored by Core Security Technologies, Juan Caillava, Maximiliano Vidal | Site coresecurity.com

A buffer overflow was found in the MikroTik RouterOS SMB service when processing NetBIOS session request messages. Remote attackers with access to the service can exploit this vulnerability and gain code execution on the system. The overflow occurs before authentication takes place, so it is possible for an unauthenticated remote attacker to exploit it.

tags | exploit, remote, overflow, code execution
advisories | CVE-2018-7445
MD5 | b7e22648d2a91d8ab369593f7eabdb11
Spring Data REST PATCH Request Remote Code Execution
Posted Mar 15, 2018
Authored by Antonio Francesco Sardella

Spring Data REST versions prior to 2.6.9 (Ingalls SR9) and 3.0.1 (Kay SR1) suffer from a PATCH request remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2017-8046
MD5 | 21e574fce288f467dc83368b9d083a45
APT2 - An Automated Penetration Testing Toolkit 1.0
Posted Mar 15, 2018
Authored by MooseDojo | Site github.com

This tool will perform an NMap scan, or import the results of a scan from Nexpose, Nessus, or NMap. The processed results will be used to launch exploit and enumeration modules according to the configurable Safe Level and enumerated service information. All module results are stored on localhost and are part of APT2's Knowledge Base (KB). The KB is accessible from within the application and allows the user to view the harvested results of an exploit module.

Changes: BlackHatAsia release.
tags | tool
systems | unix
MD5 | d093eab397b0ff080de84f149ce70319
Ubuntu Security Notice USN-3598-1
Posted Mar 15, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3598-1 - Phan Thanh discovered that curl incorrectly handled certain FTP paths. An attacker could use this to cause a denial of service or possibly execute arbitrary code. Dario Weisser discovered that curl incorrectly handled certain LDAP URLs. An attacker could possibly use this issue to cause a denial of service. Max Dymond discovered that curl incorrectly handled certain RTSP data. An attacker could possibly use this to cause a denial of service or even to get access to sensitive data. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2018-1000120, CVE-2018-1000121, CVE-2018-1000122
MD5 | 991b132a54cad14aa4100381b63d7a38
Red Hat Security Advisory 2018-0528-01
Posted Mar 15, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0528-01 - Erlang is a general-purpose programming language and runtime environment. Erlang has built-in support for concurrency, distribution and fault tolerance. Issues addressed include a man-in-the-middle vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2017-1000385
MD5 | 0b6d3bde42eef7e14e9135eafbb31ceb
Red Hat Security Advisory 2018-0527-01
Posted Mar 15, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0527-01 - Mozilla Firefox is an open source web browser. This update upgrades Firefox to version 52.7.0 ESR. Issues addressed include a buffer overflow vulnerability.

tags | advisory, web, overflow
systems | linux, redhat
advisories | CVE-2018-5125, CVE-2018-5127, CVE-2018-5129, CVE-2018-5130, CVE-2018-5131, CVE-2018-5144, CVE-2018-5145
MD5 | 78b747f7a33e150da6441abde2e1e8a7
Debian Security Advisory 4138-1
Posted Mar 15, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4138-1 - Several vulnerabilities were discovered in mbed TLS, a lightweight crypto and SSL/TLS library, that allowed a remote attacker to either cause a denial-of-service by application crash, or execute arbitrary code.

tags | advisory, remote, arbitrary, crypto, vulnerability
systems | linux, debian
advisories | CVE-2017-18187, CVE-2018-0487, CVE-2018-0488
MD5 | d5d19957a8a5081f78111a7aa8f37028
Red Hat Security Advisory 2018-0526-01
Posted Mar 15, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0526-01 - Mozilla Firefox is an open source web browser. This update upgrades Firefox to version 52.7.0 ESR. Issues addressed include a buffer overflow vulnerability.

tags | advisory, web, overflow
systems | linux, redhat
advisories | CVE-2018-5125, CVE-2018-5127, CVE-2018-5129, CVE-2018-5130, CVE-2018-5131, CVE-2018-5144, CVE-2018-5145
MD5 | 53613eb28011966d701a092535919936
Ubuntu Security Notice USN-3597-2
Posted Mar 15, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3597-2 - USN-3597-1 fixed vulnerabilities in the Linux kernel for Ubuntu 17.10. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 17.10 for Ubuntu 16.04 LTS. USNS 3541-2 and 3523-2 provided mitigations for Spectre and Meltdown for the i386, amd64, and ppc64el architectures for Ubuntu 16.04 LTS. This update provides the corresponding mitigations for the arm64 architecture. Various other issues were also addressed.

tags | advisory, kernel, vulnerability
systems | linux, ubuntu
advisories | CVE-2017-5715, CVE-2017-5753, CVE-2017-5754
MD5 | fd7462c0473a39758790170c8a75e177
Ubuntu Security Notice USN-3597-1
Posted Mar 15, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3597-1 - USNS 3541-1 and 3523-1 provided mitigations for Spectre and Meltdown for the i386, amd64, and ppc64el architectures in Ubuntu 17.10. This update provides the corresponding mitigations for the arm64 architecture. Jann Horn discovered that microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized memory reads via sidechannel attacks. This flaw is known as Meltdown. A local attacker could use this to expose sensitive information, including kernel memory. Various other issues were also addressed.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2017-5715, CVE-2017-5753, CVE-2017-5754
MD5 | e93918164a75a0ef395ad162f045c54e
Red Hat Security Advisory 2018-0522-01
Posted Mar 15, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0522-01 - .NET Core is a managed software framework. It implements a subset of the .NET framework APIs and includes a CLR implementation. New versions of .NET Core that address several security vulnerabilities are now available. The updated versions are .NET Core 1.0.10, 1.1.7, and 2.0.6. These correspond to the March 2018 security release by .NET Core upstream projects. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2018-0875
MD5 | f89423ce6fefea78257fa0e8dede21d0
Red Hat Security Advisory 2018-0521-01
Posted Mar 15, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0521-01 - IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 7 to version 7R1 SR4-FP20. Issues addressed include insecure handling, randomization, and use-after-free vulnerabilities.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2018-2579, CVE-2018-2582, CVE-2018-2588, CVE-2018-2599, CVE-2018-2602, CVE-2018-2603, CVE-2018-2618, CVE-2018-2633, CVE-2018-2634, CVE-2018-2637, CVE-2018-2641, CVE-2018-2657, CVE-2018-2663, CVE-2018-2677, CVE-2018-2678
MD5 | 7d31782590243a4bd9357e1cd95d7b9e
Red Hat Security Advisory 2018-0520-01
Posted Mar 15, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0520-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update upgrades Flash Player to version 29.0.0.113. Issues addressed include a code execution vulnerability.

tags | advisory, web, code execution
systems | linux, redhat
advisories | CVE-2018-4919, CVE-2018-4920
MD5 | 059f6df1b249d3bc26549f2138892d96
Slackware Security Advisory - curl Updates
Posted Mar 15, 2018
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New curl packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues.

tags | advisory
systems | linux, slackware
advisories | CVE-2018-1000120, CVE-2018-1000121, CVE-2018-1000122
MD5 | 3fc45c96122e7797f10e4474454ddbf1
Debian Security Advisory 4139-1
Posted Mar 15, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4139-1 - Several security issues have been found in the Mozilla Firefox web may lead to the execution of arbitrary code, denial of service or information disclosure.

tags | advisory, web, denial of service, arbitrary, info disclosure
systems | linux, debian
advisories | CVE-2018-5125, CVE-2018-5127, CVE-2018-5129, CVE-2018-5130, CVE-2018-5131, CVE-2018-5144, CVE-2018-5145
MD5 | 02a6bee2e23b8b2564802558f1123689
VMware Security Advisory 2018-0008
Posted Mar 15, 2018
Authored by VMware | Site vmware.com

VMware Security Advisory 2018-0008 - Workstation and Fusion updates address a denial-of-service vulnerability.

tags | advisory
advisories | CVE-2018-6957
MD5 | 6335920e71317006bb860ca0531a4c04
Android DRM Services Buffer Overflow
Posted Mar 15, 2018
Authored by Tamir Zahavi-Brunner

Android DRM services suffers from a buffer overflow vulnerability.

tags | exploit, overflow
advisories | CVE-2017-13253
MD5 | 320d60ab8f3a3b67a369f945566f96cf
WordPress Duplicator 1.2.32 Cross Site Scripting
Posted Mar 15, 2018
Authored by Stefan Broeder

WordPress Duplicator plugin version 1.2.32 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2018-7543
MD5 | 45d2ac744bd3dd655b1d3cdb8ca1d9c2
Page 1 of 1
Back1Next

Want To Donate?


Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

File Archive:

July 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    1 Files
  • 2
    Jul 2nd
    26 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    11 Files
  • 5
    Jul 5th
    13 Files
  • 6
    Jul 6th
    4 Files
  • 7
    Jul 7th
    4 Files
  • 8
    Jul 8th
    1 Files
  • 9
    Jul 9th
    16 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    32 Files
  • 12
    Jul 12th
    22 Files
  • 13
    Jul 13th
    15 Files
  • 14
    Jul 14th
    1 Files
  • 15
    Jul 15th
    1 Files
  • 16
    Jul 16th
    21 Files
  • 17
    Jul 17th
    10 Files
  • 18
    Jul 18th
    0 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close