what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 24 of 24 RSS Feed

Files Date: 2015-09-23 to 2015-09-24

Windows Kernel BGetRealizedBrush Use-After-Free
Posted Sep 23, 2015
Authored by Nils, Google Security Research

The Microsoft Windows kernel suffers from a use-after-free vulnerability in BGetRealizedBrush.

tags | exploit, kernel
systems | linux, windows
advisories | CVE-2015-2518
SHA-256 | 9748fca6fbb5ef34f232cdeeda20cce0f47e4feea1fa4c9a9f7b321d183c13cb
iTop 2.1.0-2127 Cross Site Scripting
Posted Sep 23, 2015
Authored by High-Tech Bridge SA | Site htbridge.com

iTop version 2.1.0-2127 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2015-6544
SHA-256 | f4b6534491d5293f2fea76c29c6b8aadee6b449a909842e6180df88d6e311a00
Open-Xchange Server 6 / OX AppSuite Cross Site Scripting
Posted Sep 23, 2015
Authored by Martin Heiland

Open-Xchange Server 6 version 6.22.9 and AppSuite versions 7.6.2 and below suffer from a cross site scripting vulnerability.

tags | advisory, xss
advisories | CVE-2015-5375
SHA-256 | c9c4d8ccdad8eb8bf72cebfe60896e103804e4d5ce9efd53ba50b89a83af98c9
w3tw0rk / Pitbul IRC Bot Remote Code Execution
Posted Sep 23, 2015
Authored by Jay Turla | Site metasploit.com

This Metasploit module allows remote command execution on the w3tw0rk / Pitbul IRC Bot.

tags | exploit, remote
SHA-256 | a66d2214cda0b74148ccafd0385d0e911312b00a6a8e83f79d778d3df8c97ac7
Guard 2.0.0-rev7 SQL Injection
Posted Sep 23, 2015
Authored by Martin Heiland

Guard versions 2.0.0-rev7 and below suffer from a remote SQL injection vulnerability.

tags | advisory, remote, sql injection
advisories | CVE-2015-5703
SHA-256 | 3c809640481eb4fdb7281fa918f2ac3bef55825d59b63af8b4673e6934d06de1
Slackware Security Advisory - mozilla-firefox Updates
Posted Sep 23, 2015
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New mozilla-firefox packages are available for Slackware 14.1, and -current to fix security issues.

tags | advisory
systems | linux, slackware
SHA-256 | ebc5258643f93251773ac8fc97ebdb8aac0a82b9421ca55faf925ae4415070e9
Ubuntu Security Notice USN-2743-2
Posted Sep 23, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2743-2 - USN-2743-1 fixed vulnerabilities in Firefox. This update provides the corresponding update for Ubufox. Andrew Osmond, Olli Pettay, Andrew Sutherland, Christian Holler, David Major, Andrew McCreight, Cameron McCormack, Bob Clary and Randell Jesup discovered multiple memory safety issues in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Firefox. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, ubuntu
advisories | CVE-2015-4502, CVE-2015-4504, CVE-2015-4506, CVE-2015-4507, CVE-2015-4508, CVE-2015-4509, CVE-2015-4510, CVE-2015-4512, CVE-2015-4516, CVE-2015-4519, CVE-2015-4520, CVE-2015-7175, CVE-2015-7176, CVE-2015-7177, CVE-2015-7180
SHA-256 | 986b83654da1e91607d0d1a9f51b803b6779ff1380d7d14bd5db7bbf5cc5c08b
Windows Kernel FlashWindowEx Memory Corruption
Posted Sep 23, 2015
Authored by Nils, Google Security Research

The Microsoft Windows kernel suffers from a FlashWindowEx related memory corruption vulnerability.

tags | exploit, kernel
systems | linux, windows
advisories | CVE-2015-2511
SHA-256 | aa59811bd905801dec0d9cc27fe51730ae27b8776b206fdd60d6a08739d77ef3
Ubuntu Security Notice USN-2743-1
Posted Sep 23, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2743-1 - Andrew Osmond, Olli Pettay, Andrew Sutherland, Christian Holler, David Major, Andrew McCreight, Cameron McCormack, Bob Clary and Randell Jesup discovered multiple memory safety issues in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Firefox. Various other issues were also addressed.

tags | advisory, web, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2015-4500, CVE-2015-4501, CVE-2015-4502, CVE-2015-4504, CVE-2015-4506, CVE-2015-4507, CVE-2015-4508, CVE-2015-4509, CVE-2015-4510, CVE-2015-4512, CVE-2015-4516, CVE-2015-4517, CVE-2015-4519, CVE-2015-4520, CVE-2015-4521, CVE-2015-4522, CVE-2015-7174, CVE-2015-7175, CVE-2015-7176, CVE-2015-7177, CVE-2015-7180
SHA-256 | 8d33a81f77c730f95dd16f3bab40f85d87cd0c537040f9d23f930b588ce628df
SAP Business Objects Memory Corruption
Posted Sep 23, 2015
Authored by Will Vandevanter | Site onapsis.com

Onapsis Security Advisory - SAP Business Objects suffers from a memory corruption vulnerability. By exploiting this vulnerability an unauthenticated attacker could read or write any business-relevant information from the Business Intelligence Platform and also render the system unavailable to other users.

tags | advisory
SHA-256 | 38f5d4c8882c9a29b1c46ec18ce9b8b283de108c7ffe457c455f9e65e781276c
HP Security Bulletin HPSBGN03391 1
Posted Sep 23, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN03391 1 - A potential security vulnerability has been identified with HP Universal CMDB Foundation, HP Universal Discovery, HP Universal CMDB Configuration Manager, and HP Universal CMDB Browser. This is the SSLv3 vulnerability known as "Padding Oracle on Downgraded Legacy Encryption" or "POODLE", which could be exploited remotely to allow disclosure of information. Revision 1 of this advisory.

tags | advisory
advisories | CVE-2014-3566
SHA-256 | 2bf9e9c2b9e092721af653a4f13005c47bad6c8605a730281997473046c6220b
HPE Security Bulletin HPSBUX03511 SSRT102248 1
Posted Sep 23, 2015
Authored by Hewlett Packard Enterprise | Site hpe.com

HPE Security Bulletin HPSBUX03511 SSRT102248 1 - A potential security vulnerability has been identified in the HP-UX BIND service running named. This vulnerability could be exploited remotely to create a Denial of Service (DoS). Revision 1 of this advisory.

tags | advisory, denial of service
systems | hpux
advisories | CVE-2015-5477, CVE-2015-5722
SHA-256 | f0f4a425f26cfc537edf32966bbe5b3a92ba5abc570439e968df19dcaebde252
Red Hat Security Advisory 2015-1814-01
Posted Sep 23, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1814-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update fixes multiple vulnerabilities in Adobe Flash Player. These vulnerabilities, detailed in the Adobe Security Bulletin APSB15-23 listed in the References section, could allow an attacker to create a specially crafted SWF file that would cause flash-plugin to crash, execute arbitrary code, or disclose sensitive information when the victim loaded a page containing the malicious SWF content.

tags | advisory, web, arbitrary, vulnerability
systems | linux, redhat
advisories | CVE-2015-5567, CVE-2015-5568, CVE-2015-5570, CVE-2015-5571, CVE-2015-5572, CVE-2015-5573, CVE-2015-5574, CVE-2015-5575, CVE-2015-5576, CVE-2015-5577, CVE-2015-5578, CVE-2015-5579, CVE-2015-5580, CVE-2015-5581, CVE-2015-5582, CVE-2015-5584, CVE-2015-5587, CVE-2015-5588, CVE-2015-6676, CVE-2015-6677, CVE-2015-6678, CVE-2015-6679, CVE-2015-6682
SHA-256 | 04645ca6049eed8e86e1550e5b314b7363f20c40256c27ff7eeadf40c1b033a8
Debian Security Advisory 3364-1
Posted Sep 23, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3364-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation or denial of service.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, debian
advisories | CVE-2015-0272, CVE-2015-2925, CVE-2015-5156, CVE-2015-6252, CVE-2015-6937
SHA-256 | 8bf9da5be4e19bd80a46b0d6dca4e33f958d1700f95fd2553a38de299594cc34
Red Hat Security Advisory 2015-1834-01
Posted Sep 23, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1834-01 - Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox.

tags | advisory, web, arbitrary
systems | linux, redhat
advisories | CVE-2015-4500, CVE-2015-4509, CVE-2015-4510
SHA-256 | fbc7cfc2cae262eb85335aecf1f1df1702139190a5fa7f1496fa9aa39509c7aa
Red Hat Security Advisory 2015-1833-01
Posted Sep 23, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1833-01 - KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm package provides the user-space component for running virtual machines using KVM. An information leak flaw was found in the way QEMU's RTL8139 emulation implementation processed network packets under RTL8139 controller's C+ mode of operation. An unprivileged guest user could use this flaw to read up to 65 KB of uninitialized QEMU heap memory.

tags | advisory
systems | linux, redhat
advisories | CVE-2015-5165
SHA-256 | 1b9f9de6a561d36e27be6a6d8acd7ecf6adbb0c10073d9c0d28688c297cba284
Windows Kernel DeferWindowPos Use-After-Free
Posted Sep 23, 2015
Authored by Nils, Google Security Research

The Microsoft Windows kernel suffers from a use-after-free vulnerability related to DeferWindowPos.

tags | exploit, kernel
systems | linux, windows
advisories | CVE-2015-2366
SHA-256 | 9efdbf279fadc7781fc05c4c484e7fa55163ee3b825c2a7de5f5e364ae5d2187
Cisco AnyConnect DLL Side Loading Privilege Escalation
Posted Sep 23, 2015
Authored by Yorick Koster, Securify B.V.

Cisco AnyConnect Secure Mobility Client for Windows is affected by an vulnerability that allows local attackers to execute arbitrary DLL files with elevated privilege. By exploiting this vulnerability is is possible for the attacker to gain SYSTEM privileges.

tags | exploit, arbitrary, local
systems | cisco, linux, windows
advisories | CVE-2015-6305
SHA-256 | 6e297eee712fe356db2c53d7b036bfdab4084dfcf2f39784ebf1a1798f5494f2
Cryptokiller Tool 1.0
Posted Sep 23, 2015
Authored by Mert SARICA

Cryptokiller is a proof of concept tool designed to detect and stop the infection of Cryptolocker malware. It requires installation prior to infection.

tags | tool, proof of concept
SHA-256 | ccf0eca33cb503b5c3c04d4ead32b3c49028a654e96b844df2574eb5e76f49aa
OS X Regex Engine Integer Signedness / Overflow
Posted Sep 23, 2015
Authored by Google Security Research, Ian Beer

OS X Regex Engine (TRE) suffers from integer signedness and overflow issues.

tags | exploit, overflow
systems | linux, apple, osx
advisories | CVE-2015-3798
SHA-256 | c4c0f4887f90a7b044ece2c30e99c3551cdccd98d07ef1bb542fc7bca4fc060e
Windows Kernel Printer Device Contexts Use-After-Free
Posted Sep 23, 2015
Authored by Nils, Google Security Research

The Microsoft Windows kernel suffers from a use-after-free vulnerability in printer device contexts.

tags | exploit, kernel
systems | linux, windows
advisories | CVE-2015-2507
SHA-256 | a07b9af66e76968a00a50316dfce34128aec9040ef04506e03d9536f8f6a3dfe
Windows Kernel Cursor Object Use-After-Free
Posted Sep 23, 2015
Authored by Nils, Google Security Research

The Microsoft Windows kernel suffers from a use-after-free vulnerability in the cursor object.

tags | exploit, kernel
systems | linux, windows
advisories | CVE-2015-2517
SHA-256 | 95d27966a74a174f8e04f20a3a1138c7d875365b2e9461676084a3fa4f84f1a6
OS X Regex Engine Stack Buffer Overflow
Posted Sep 23, 2015
Authored by Google Security Research, Ian Beer

OS X Regex Engine (TRE) suffers from a stack buffer overflow vulnerability.

tags | advisory, overflow
systems | linux, apple, osx
advisories | CVE-2015-3796
SHA-256 | 5ad1dbca55084a0bde0fa1fbe2614f5806fada2f7a3afbc24bc91426dba68011
Windows Kernel NtGdiStretchBlt Pool Buffer Overflow
Posted Sep 23, 2015
Authored by Nils, Google Security Research

The Microsoft Windows kernel suffers from a pool buffer overflow in NtGdiStretchBlt.

tags | exploit, overflow, kernel
systems | linux, windows
advisories | CVE-2015-2512
SHA-256 | cec5a4d82cefd5f7408a48e23c6eaff40a66ebae181a5611b5534e09b970f5cc
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close