accept no compromises
Showing 26 - 37 of 37 RSS Feed

Files Date: 2016-03-22 to 2016-03-23

Adobe Flash Negative Table Indexing Out-Of-Bounds Crash
Posted Mar 22, 2016
Authored by Chris Evans, Google Security Research

Adobe Flash suffers from an out-of-bounds crash due to a negative table indexing error loading an 8-byte wide value.

tags | exploit
systems | linux
advisories | CVE-2015-5578
MD5 | 4ee4ee091b092e9ea0e972e6f8dffb06
Adobe Flash Corrupt Stack Crash
Posted Mar 22, 2016
Authored by Chris Evans, Google Security Research

Adobe Flash has an issue where a corrupt stack leads to misaligned XMM instruction decoding h.264.

tags | exploit
systems | linux
advisories | CVE-2015-5579
MD5 | 643aad0ddef85b6fcf98a1e8a5e08bf0
Adobe Flash Wild Pointer Crash
Posted Mar 22, 2016
Authored by Chris Evans, Google Security Research

Adobe Flash suffers from a crash due to a wild pointer 0x1808121a502959a4 decoding h.264.

tags | exploit
systems | linux
advisories | CVE-2015-5580
MD5 | 3fbfcc03c8b7af8cf191f0344a22cbcd
Adobe Flash Use-After-Free
Posted Mar 22, 2016
Authored by Chris Evans, Google Security Research

There is an apparent use-after-free in Adobe Flash video decoding, which can be manifesting by running a specific SWF file.

tags | advisory
systems | linux
advisories | CVE-2015-5584
MD5 | 3efa6eb6fabbdbef9f913fe3a9146888
Red Hat Security Advisory 2016-0466-01
Posted Mar 22, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0466-01 - OpenSSH is OpenBSD's SSH protocol implementation. These packages include the core files necessary for both the OpenSSH client and server. It was discovered that the OpenSSH server did not sanitize data received in requests to enable X11 forwarding. An authenticated client with restricted SSH access could possibly use this flaw to bypass intended restrictions. It was discovered that the OpenSSH sshd daemon did not check the list of keyboard-interactive authentication methods for duplicates. A remote attacker could use this flaw to bypass the MaxAuthTries limit, making it easier to perform password guessing attacks.

tags | advisory, remote, protocol
systems | linux, redhat, openbsd
advisories | CVE-2015-5600, CVE-2016-3115
MD5 | e44b5828174b738b958cd4b364fac26f
Red Hat Security Advisory 2016-0465-01
Posted Mar 22, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0465-01 - OpenSSH is OpenBSD's SSH protocol implementation. These packages include the core files necessary for both the OpenSSH client and server. It was discovered that the OpenSSH server did not sanitize data received in requests to enable X11 forwarding. An authenticated client with restricted SSH access could possibly use this flaw to bypass intended restrictions. An access flaw was discovered in OpenSSH; the OpenSSH client did not correctly handle failures to generate authentication cookies for untrusted X11 forwarding. A malicious or compromised remote X application could possibly use this flaw to establish a trusted connection to the local X server, even if only untrusted X11 forwarding was requested.

tags | advisory, remote, local, protocol
systems | linux, redhat, openbsd
advisories | CVE-2016-1908, CVE-2016-3115
MD5 | 758ad6357c15b1959d34616f06b740c8
Ubuntu Security Notice USN-2938-1
Posted Mar 22, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2938-1 - Lael Cellier discovered that Git incorrectly handled path strings in crafted Git repositories. A remote attacker could use this issue to cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking Git.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2016-2315, CVE-2016-2324
MD5 | 4c2e26796cc1b9c1454b24fe9741d74a
HP Security Bulletin HPSBMU03562 1
Posted Mar 22, 2016
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU03562 1 - A vulnerability in Apache Commons Collections for handling Java object deserialization was addressed by HPE Service Manager. The vulnerability could be exploited remotely to allow code execution. Revision 1 of this advisory.

tags | advisory, java, code execution
advisories | CVE-2016-1998
MD5 | dfe415fb7e4d595487bab490151fbfe0
Ubuntu Security Notice USN-2937-1
Posted Mar 22, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2937-1 - A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.

tags | advisory, remote, web, denial of service, arbitrary, javascript, code execution, xss
systems | linux, ubuntu
advisories | CVE-2014-1748, CVE-2015-1071, CVE-2015-1076, CVE-2015-1081, CVE-2015-1083, CVE-2015-1120, CVE-2015-1122, CVE-2015-1127, CVE-2015-1153, CVE-2015-1155, CVE-2015-3658, CVE-2015-3659, CVE-2015-3727, CVE-2015-3731, CVE-2015-3741, CVE-2015-3743, CVE-2015-3745, CVE-2015-3747, CVE-2015-3748, CVE-2015-3749, CVE-2015-3752, CVE-2015-5788, CVE-2015-5794, CVE-2015-5801, CVE-2015-5809, CVE-2015-5822, CVE-2015-5928
MD5 | bd9d769cef0feca2c7e0181ec45e72a0
HP Security Bulletin HPSBGN03560 1
Posted Mar 22, 2016
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN03560 1 - A vulnerability in Apache Commons Collections (ACC) for handling Java object deserialization was addressed by HP Operations Orchestration. The vulnerability could be exploited remotely to allow remote code execution. Revision 1 of this advisory.

tags | advisory, java, remote, code execution
advisories | CVE-2016-1997
MD5 | 587fb69ec8ad12963698dc36b65d0a24
HP Security Bulletin HPSBGN03551 1
Posted Mar 22, 2016
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN03551 1 - HPE Helion Development Platform has addressed stack based buffer overflows in glibc's implementation of getaddrinfo(). These vulnerabilities could be remotely exploited to cause a Denial of Service (DoS) or allow execution of arbitrary code on the host with the permissions of a user running glibc library. Revision 1 of this advisory.

tags | advisory, denial of service, overflow, arbitrary, vulnerability
advisories | CVE-2015-7547
MD5 | bc49ed6628e0543fd9fa4e00345df6b9
Achievo 1.4.5 Cross Site Scripting
Posted Mar 22, 2016
Authored by SECUPENT

Achievo version 1.4.5 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 6270c92c3c7c88b5f41fc2c9e39f352d
Page 2 of 2
Back12Next

File Archive:

October 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    15 Files
  • 2
    Oct 2nd
    16 Files
  • 3
    Oct 3rd
    15 Files
  • 4
    Oct 4th
    15 Files
  • 5
    Oct 5th
    11 Files
  • 6
    Oct 6th
    6 Files
  • 7
    Oct 7th
    2 Files
  • 8
    Oct 8th
    1 Files
  • 9
    Oct 9th
    13 Files
  • 10
    Oct 10th
    16 Files
  • 11
    Oct 11th
    15 Files
  • 12
    Oct 12th
    23 Files
  • 13
    Oct 13th
    13 Files
  • 14
    Oct 14th
    12 Files
  • 15
    Oct 15th
    2 Files
  • 16
    Oct 16th
    16 Files
  • 17
    Oct 17th
    16 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close