exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 16 of 16 RSS Feed

Files Date: 2018-03-27

Dell EMC ScaleIO Buffer Overflow / Command Injection
Posted Mar 27, 2018
Authored by David Berard | Site emc.com

Dell EMC ScaleIO customers are encouraged to update to ScaleIO version 2.5, which contains fixes for multiple security vulnerabilities in earlier ScaleIO software versions that could potentially be exploited by malicious users to compromise the affected system.

tags | advisory, vulnerability
advisories | CVE-2018-1205, CVE-2018-1237, CVE-2018-1238
SHA-256 | 3507cdff27820aa937d3111f0f6bd571ce359e4860750499ab690e86563a2437
Scapy Packet Manipulation Tool 2.4.0
Posted Mar 27, 2018
Authored by Philippe Biondi | Site secdev.org

Scapy is a powerful interactive packet manipulation tool, packet generator, network scanner, network discovery tool, and packet sniffer. It provides classes to interactively create packets or sets of packets, manipulate them, send them over the wire, sniff other packets from the wire, match answers and replies, and more. Interaction is provided by the Python interpreter, so Python programming structures can be used (such as variables, loops, and functions). Report modules are possible and easy to make. It is intended to do the same things as ttlscan, nmap, hping, queso, p0f, xprobe, arping, arp-sk, arpspoof, firewalk, irpas, tethereal, tcpdump, etc.

Changes: Python3 support added. Pcap/PcapNg improvements added as well as enhanced Windows support. TLS 1.3 supported. Various other updates.
tags | tool, scanner, python
systems | unix
SHA-256 | c3410d57e3a76cbe1bdfb3b36e321cab36c61de9cf16b9301782de853e40fbe9
AEF CMS 1.0.9 Cross Site Scripting
Posted Mar 27, 2018
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

AEF CMS version 1.0.9 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 739ebadac904c2e0ecabc85ae1478c4d95070c0f3f8ca05379bf94f63fb19574
Tenda N11 Wireless Router 5.07.43_en_NEX01 Remote DNS Changer
Posted Mar 27, 2018
Authored by Todor Donev

Tenda N11 wireless router version 5.07.43_en_NEX01 cookie session weakness remote dns change proof of concept exploit.

tags | exploit, remote, proof of concept
SHA-256 | 7769592903cc52121c247391cc124a5d6218695a72a935e2c8c9d86e2641f44b
Slackware Security Advisory - mozilla-firefox Updates
Posted Mar 27, 2018
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New mozilla-firefox packages are available for Slackware 14.2 and -current to fix security issues.

tags | advisory
systems | linux, slackware
SHA-256 | df0aa4b0965da4bab70883e78846c348756967b65497f753bb791225f409c94a
Debian Security Advisory 4151-1
Posted Mar 27, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4151-1 - Bas van Schaik and Kevin Backhouse discovered a stack-based buffer overflow vulnerability in librelp, a library providing reliable event logging over the network, triggered while checking x509 certificates from a peer. A remote attacker able to connect to rsyslog can take advantage of this flaw for remote code execution by sending a specially crafted x509 certificate.

tags | advisory, remote, overflow, code execution
systems | linux, debian
advisories | CVE-2018-1000140
SHA-256 | 03bef87016943cf8c000ab439d8a73f722b0b3f8eb4dde15fbdd9741af026bfa
OpenSSL Security Advisory 20180327
Posted Mar 27, 2018
Site openssl.org

OpenSSL Security Advisory 20180327 - Constructed ASN.1 types with a recursive definition (such as can be found in PKCS7) could eventually exceed the stack given malicious input with excessive recursion. This could result in a Denial Of Service attack. There are no such structures used within SSL/TLS that come from untrusted sources so this is considered safe. Other issues were also addressed.

tags | advisory, denial of service
advisories | CVE-2015-3193, CVE-2016-0701, CVE-2017-3732, CVE-2017-3736, CVE-2017-3738, CVE-2018-0733, CVE-2018-0739
SHA-256 | 06f896618c972892739490677cca48ef1283e588c8790590bbec26307dcc26b6
Weblication CMS Core And Grid 12.6.24 Cross Site Scripting
Posted Mar 27, 2018
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

Weblication CMS Core and Grid version 12.6.24 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | d1f28592e1cc5ef115207e3e9b1b508f788fba37af1f62e9ce8f2fb27537bc28
Red Hat Security Advisory 2018-0592-01
Posted Mar 27, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0592-01 - The Simple Logging Facade for Java or is a simple facade for various logging APIs allowing the end-user to plug in the desired implementation at deployment time. SLF4J also allows for a gradual migration path away from Jakarta Commons Logging. Issues addressed include a code execution vulnerability.

tags | advisory, java, code execution
systems | linux, redhat
advisories | CVE-2018-8088
SHA-256 | 44499719d5db1934cda9adadcdd61989c34d033f0f25bd30b92ee6bf7ee05054
Red Hat Security Advisory 2018-0591-01
Posted Mar 27, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0591-01 - The python-paramiko package provides a Python module that implements the SSH2 protocol for encrypted and authenticated connections to remote machines. Unlike SSL, the SSH2 protocol does not require hierarchical certificates signed by a powerful central authority. The protocol also includes the ability to open arbitrary channels to remote services across an encrypted tunnel. Issues addressed include a bypass vulnerability.

tags | advisory, remote, arbitrary, protocol, python, bypass
systems | linux, redhat
advisories | CVE-2018-7750
SHA-256 | 9466c7fad42a7b2db119a2fd8ed5038da83e1f2e069300c3ca745f69d0391801
Red Hat Security Advisory 2018-0585-01
Posted Mar 27, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0585-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. The following packages have been upgraded to a later upstream version: rh-ruby23-ruby, rh-ruby23-rubygems, rh-ruby23-rubygem-json, rh-ruby23-rubygem-minitest, rh-ruby23-rubygem-psych. Issues addressed include a code execution vulnerability.

tags | advisory, code execution, ruby
systems | linux, redhat
advisories | CVE-2017-0898, CVE-2017-0899, CVE-2017-0900, CVE-2017-0901, CVE-2017-0902, CVE-2017-0903, CVE-2017-10784, CVE-2017-14033, CVE-2017-14064, CVE-2017-17405, CVE-2017-17790
SHA-256 | 32edc7a8e98876134eade824682c38c4747c8ccb99d1f61ad5768f31b8e2a899
Red Hat Security Advisory 2018-0586-01
Posted Mar 27, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0586-01 - MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon, mysqld, and many client programs. The following packages have been upgraded to a later upstream version: rh-mysql57-mysql. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2018-2565, CVE-2018-2573, CVE-2018-2576, CVE-2018-2583, CVE-2018-2586, CVE-2018-2590, CVE-2018-2600, CVE-2018-2612, CVE-2018-2622, CVE-2018-2640, CVE-2018-2645, CVE-2018-2646, CVE-2018-2647, CVE-2018-2665, CVE-2018-2667, CVE-2018-2668, CVE-2018-2696, CVE-2018-2703
SHA-256 | 6a0383465921e6d276a3e32b78a816be133e7c7ef37a0d4a42126f41f8f52513
Red Hat Security Advisory 2018-0587-01
Posted Mar 27, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0587-01 - MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon, mysqld, and many client programs. The following packages have been upgraded to a later upstream version: rh-mysql56-mysql. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2018-2562, CVE-2018-2573, CVE-2018-2583, CVE-2018-2590, CVE-2018-2591, CVE-2018-2612, CVE-2018-2622, CVE-2018-2640, CVE-2018-2645, CVE-2018-2647, CVE-2018-2665, CVE-2018-2668, CVE-2018-2696, CVE-2018-2703
SHA-256 | 2d69f3d47bf717cae435ed725d94feb898f884b9e386ab1041bbdd5a42395bc1
Red Hat Security Advisory 2018-0584-01
Posted Mar 27, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0584-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. The following packages have been upgraded to a later upstream version: rh-ruby24-ruby. Issues addressed include a code execution vulnerability.

tags | advisory, code execution, ruby
systems | linux, redhat
advisories | CVE-2017-17405, CVE-2017-17790
SHA-256 | dea992b54e8cfb1c73003fbf6fcaec90a98151343a4ac0cbbb910ca2378daf62
Red Hat Security Advisory 2018-0583-01
Posted Mar 27, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0583-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. The following packages have been upgraded to a later upstream version: rh-ruby22-ruby, rh-ruby22-rubygems, rh-ruby22-rubygem-psych, rh-ruby22-rubygem-json. Issues addressed include a code execution vulnerability.

tags | advisory, code execution, ruby
systems | linux, redhat
advisories | CVE-2009-5147, CVE-2015-7551, CVE-2017-0898, CVE-2017-0899, CVE-2017-0900, CVE-2017-0901, CVE-2017-0902, CVE-2017-0903, CVE-2017-10784, CVE-2017-14033, CVE-2017-14064, CVE-2017-17405, CVE-2017-17790
SHA-256 | d58b91f41c3af49c25194b7dd7e8e121612b8c39301ad79038c25380fc087b1d
Red Hat Security Advisory 2018-0582-01
Posted Mar 27, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0582-01 - The Simple Logging Facade for Java or is a simple facade for various logging APIs allowing the end-user to plug in the desired implementation at deployment time. SLF4J also allows for a gradual migration path away from Jakarta Commons Logging. Issues addressed include a code execution vulnerability.

tags | advisory, java, code execution
systems | linux, redhat
advisories | CVE-2018-8088
SHA-256 | d4f27dc616cfbe1e5b22b462e975bb1d773dd59515f721c6edbe9dbc9fb92817
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close