Twenty Year Anniversary
Showing 1 - 15 of 15 RSS Feed

Files Date: 2018-03-27

Dell EMC ScaleIO Buffer Overflow / Command Injection
Posted Mar 27, 2018
Authored by David Berard | Site emc.com

Dell EMC ScaleIO customers are encouraged to update to ScaleIO version 2.5, which contains fixes for multiple security vulnerabilities in earlier ScaleIO software versions that could potentially be exploited by malicious users to compromise the affected system.

tags | advisory, vulnerability
advisories | CVE-2018-1205, CVE-2018-1237, CVE-2018-1238
MD5 | 05b9fdaed031b81d5c801ba42e2d1c1b
Scapy Packet Manipulation Tool 2.4.0
Posted Mar 27, 2018
Authored by Philippe Biondi | Site secdev.org

Scapy is a powerful interactive packet manipulation tool, packet generator, network scanner, network discovery tool, and packet sniffer. It provides classes to interactively create packets or sets of packets, manipulate them, send them over the wire, sniff other packets from the wire, match answers and replies, and more. Interaction is provided by the Python interpreter, so Python programming structures can be used (such as variables, loops, and functions). Report modules are possible and easy to make. It is intended to do the same things as ttlscan, nmap, hping, queso, p0f, xprobe, arping, arp-sk, arpspoof, firewalk, irpas, tethereal, tcpdump, etc.

Changes: Python3 support added. Pcap/PcapNg improvements added as well as enhanced Windows support. TLS 1.3 supported. Various other updates.
tags | tool, scanner, python
systems | unix
MD5 | 5be9bca4fd894b067edc1a4ad48e92cb
AEF CMS 1.0.9 Cross Site Scripting
Posted Mar 27, 2018
Authored by Benjamin Kunz Mejri | Site vulnerability-lab.com

AEF CMS version 1.0.9 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 92e32ba21aa6bf1715c83865188538d2
Tenda N11 Wireless Router 5.07.43_en_NEX01 Remote DNS Changer
Posted Mar 27, 2018
Authored by Todor Donev

Tenda N11 wireless router version 5.07.43_en_NEX01 cookie session weakness remote dns change proof of concept exploit.

tags | exploit, remote, proof of concept
MD5 | cd4a8237b225bec1f095381ac7b0117d
Slackware Security Advisory - mozilla-firefox Updates
Posted Mar 27, 2018
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New mozilla-firefox packages are available for Slackware 14.2 and -current to fix security issues.

tags | advisory
systems | linux, slackware
MD5 | 54a1c2277c0545524e3c8cd9fbfdb68b
Debian Security Advisory 4151-1
Posted Mar 27, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4151-1 - Bas van Schaik and Kevin Backhouse discovered a stack-based buffer overflow vulnerability in librelp, a library providing reliable event logging over the network, triggered while checking x509 certificates from a peer. A remote attacker able to connect to rsyslog can take advantage of this flaw for remote code execution by sending a specially crafted x509 certificate.

tags | advisory, remote, overflow, code execution
systems | linux, debian
advisories | CVE-2018-1000140
MD5 | 52a24650c3f259d56ee6b6f2a99a993f
Weblication CMS Core And Grid 12.6.24 Cross Site Scripting
Posted Mar 27, 2018
Authored by Benjamin Kunz Mejri | Site vulnerability-lab.com

Weblication CMS Core and Grid version 12.6.24 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 50fe1710e221033670e135e3febacc91
Red Hat Security Advisory 2018-0592-01
Posted Mar 27, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0592-01 - The Simple Logging Facade for Java or is a simple facade for various logging APIs allowing the end-user to plug in the desired implementation at deployment time. SLF4J also allows for a gradual migration path away from Jakarta Commons Logging. Issues addressed include a code execution vulnerability.

tags | advisory, java, code execution
systems | linux, redhat
advisories | CVE-2018-8088
MD5 | 82d022dbe0958505599d8cdce8695e3a
Red Hat Security Advisory 2018-0591-01
Posted Mar 27, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0591-01 - The python-paramiko package provides a Python module that implements the SSH2 protocol for encrypted and authenticated connections to remote machines. Unlike SSL, the SSH2 protocol does not require hierarchical certificates signed by a powerful central authority. The protocol also includes the ability to open arbitrary channels to remote services across an encrypted tunnel. Issues addressed include a bypass vulnerability.

tags | advisory, remote, arbitrary, protocol, python, bypass
systems | linux, redhat
advisories | CVE-2018-7750
MD5 | e62943698b18c3c06e53e2308f2c25ee
Red Hat Security Advisory 2018-0585-01
Posted Mar 27, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0585-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. The following packages have been upgraded to a later upstream version: rh-ruby23-ruby, rh-ruby23-rubygems, rh-ruby23-rubygem-json, rh-ruby23-rubygem-minitest, rh-ruby23-rubygem-psych. Issues addressed include a code execution vulnerability.

tags | advisory, code execution, ruby
systems | linux, redhat
advisories | CVE-2017-0898, CVE-2017-0899, CVE-2017-0900, CVE-2017-0901, CVE-2017-0902, CVE-2017-0903, CVE-2017-10784, CVE-2017-14033, CVE-2017-14064, CVE-2017-17405, CVE-2017-17790
MD5 | f0e2fe1165cabe24a29facc339a343b4
Red Hat Security Advisory 2018-0586-01
Posted Mar 27, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0586-01 - MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon, mysqld, and many client programs. The following packages have been upgraded to a later upstream version: rh-mysql57-mysql. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2018-2565, CVE-2018-2573, CVE-2018-2576, CVE-2018-2583, CVE-2018-2586, CVE-2018-2590, CVE-2018-2600, CVE-2018-2612, CVE-2018-2622, CVE-2018-2640, CVE-2018-2645, CVE-2018-2646, CVE-2018-2647, CVE-2018-2665, CVE-2018-2667, CVE-2018-2668, CVE-2018-2696, CVE-2018-2703
MD5 | 0e9e918379de74be12a3fdac7142ec1f
Red Hat Security Advisory 2018-0587-01
Posted Mar 27, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0587-01 - MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon, mysqld, and many client programs. The following packages have been upgraded to a later upstream version: rh-mysql56-mysql. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2018-2562, CVE-2018-2573, CVE-2018-2583, CVE-2018-2590, CVE-2018-2591, CVE-2018-2612, CVE-2018-2622, CVE-2018-2640, CVE-2018-2645, CVE-2018-2647, CVE-2018-2665, CVE-2018-2668, CVE-2018-2696, CVE-2018-2703
MD5 | 5585b9f985c2ca3052f6989e1fc95842
Red Hat Security Advisory 2018-0584-01
Posted Mar 27, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0584-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. The following packages have been upgraded to a later upstream version: rh-ruby24-ruby. Issues addressed include a code execution vulnerability.

tags | advisory, code execution, ruby
systems | linux, redhat
advisories | CVE-2017-17405, CVE-2017-17790
MD5 | 21450526fb1cba04008746315895fd07
Red Hat Security Advisory 2018-0583-01
Posted Mar 27, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0583-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. The following packages have been upgraded to a later upstream version: rh-ruby22-ruby, rh-ruby22-rubygems, rh-ruby22-rubygem-psych, rh-ruby22-rubygem-json. Issues addressed include a code execution vulnerability.

tags | advisory, code execution, ruby
systems | linux, redhat
advisories | CVE-2009-5147, CVE-2015-7551, CVE-2017-0898, CVE-2017-0899, CVE-2017-0900, CVE-2017-0901, CVE-2017-0902, CVE-2017-0903, CVE-2017-10784, CVE-2017-14033, CVE-2017-14064, CVE-2017-17405, CVE-2017-17790
MD5 | abe8a58e8df4aee6784a9741e9ce7710
Red Hat Security Advisory 2018-0582-01
Posted Mar 27, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0582-01 - The Simple Logging Facade for Java or is a simple facade for various logging APIs allowing the end-user to plug in the desired implementation at deployment time. SLF4J also allows for a gradual migration path away from Jakarta Commons Logging. Issues addressed include a code execution vulnerability.

tags | advisory, java, code execution
systems | linux, redhat
advisories | CVE-2018-8088
MD5 | c8a62a288fd8b4fe94647c7d15ae6792
Page 1 of 1
Back1Next

File Archive:

November 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    10 Files
  • 2
    Nov 2nd
    15 Files
  • 3
    Nov 3rd
    2 Files
  • 4
    Nov 4th
    2 Files
  • 5
    Nov 5th
    32 Files
  • 6
    Nov 6th
    27 Files
  • 7
    Nov 7th
    8 Files
  • 8
    Nov 8th
    9 Files
  • 9
    Nov 9th
    17 Files
  • 10
    Nov 10th
    2 Files
  • 11
    Nov 11th
    2 Files
  • 12
    Nov 12th
    33 Files
  • 13
    Nov 13th
    29 Files
  • 14
    Nov 14th
    23 Files
  • 15
    Nov 15th
    45 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close