what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 151 - 175 of 375 RSS Feed

Files Date: 2016-07-01 to 2016-07-31

Apple Security Advisory 2016-07-18-2
Posted Jul 19, 2016
Authored by Apple | Site apple.com

Apple Security Advisory 2016-07-18-2 - iOS 9.3.3 is now available and addresses denial of service, code execution, and various other vulnerabilities.

tags | advisory, denial of service, vulnerability, code execution
systems | apple
advisories | CVE-2016-1684, CVE-2016-1836, CVE-2016-1863, CVE-2016-1864, CVE-2016-1865, CVE-2016-4447, CVE-2016-4448, CVE-2016-4449, CVE-2016-4483, CVE-2016-4582, CVE-2016-4583, CVE-2016-4584, CVE-2016-4585, CVE-2016-4587, CVE-2016-4589, CVE-2016-4590, CVE-2016-4591, CVE-2016-4592, CVE-2016-4593, CVE-2016-4594, CVE-2016-4603, CVE-2016-4604, CVE-2016-4605, CVE-2016-4607, CVE-2016-4608, CVE-2016-4609, CVE-2016-4610, CVE-2016-4612
SHA-256 | c6de9fc2d249bae04651d8b2646e67da6b9b36ca615e81469850e66356b82bdd
Apple Security Advisory 2016-07-18-1
Posted Jul 19, 2016
Authored by Apple | Site apple.com

Apple Security Advisory 2016-07-18-1 - OS X El Capitan v10.11.6 and Security Update 2016-004 is now available and addresses arbitrary code execution, information disclosure, and various other vulnerabilities.

tags | advisory, arbitrary, vulnerability, code execution, info disclosure
systems | apple, osx
advisories | CVE-2014-9862, CVE-2016-0718, CVE-2016-1684, CVE-2016-1836, CVE-2016-1863, CVE-2016-1864, CVE-2016-1865, CVE-2016-2105, CVE-2016-2106, CVE-2016-2107, CVE-2016-2108, CVE-2016-2109, CVE-2016-2176, CVE-2016-4447, CVE-2016-4448, CVE-2016-4449, CVE-2016-4483, CVE-2016-4582, CVE-2016-4594, CVE-2016-4595, CVE-2016-4596, CVE-2016-4597, CVE-2016-4598, CVE-2016-4599, CVE-2016-4600, CVE-2016-4601, CVE-2016-4602, CVE-2016-4607
SHA-256 | a2d9354c4a7f6ea06efa521cdd6516fbf0a138a5ca0981e16938eab249ee9d7d
Ubuntu Security Notice USN-3039-1
Posted Jul 19, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3039-1 - It was discovered that Django incorrectly handled the admin's add/change related popup. A remote attacker could possibly use this issue to perform a cross-site scripting attack.

tags | advisory, remote, xss
systems | linux, ubuntu
advisories | CVE-2016-6186
SHA-256 | d312deca62b6bc115c201ca36286e9a7ca576fd38cca9f1acd440341e420a96a
Debian Security Advisory 3622-1
Posted Jul 19, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3622-1 - It was discovered that Django, a high-level Python web development framework, is prone to a cross-site scripting vulnerability in the admin's add/change related popup.

tags | advisory, web, xss, python
systems | linux, debian
advisories | CVE-2016-6186
SHA-256 | 9c58635ddf4b881bad27de51794b4f2b9546323a9f77575aa1be164dd5d0741b
Joomla AI Contact Safe 2.0.20 Shell Upload / SQL Injection
Posted Jul 19, 2016
Authored by xBADGIRL21

Joomla AI Contact Safe component version 2.0.20 suffers from remote shell upload and remote SQL injection vulnerabilities.

tags | exploit, remote, shell, vulnerability, sql injection
SHA-256 | c2049eb4e581359332ad485b7117f2e4f2f2b171a2358e6c2fee94769b99b858
PHP Planner 0.4 SQL Injection
Posted Jul 19, 2016
Authored by N_A

PHP Planner versions 0.4 and below suffer from a remote SQL injection vulnerability.

tags | exploit, remote, php, sql injection
SHA-256 | b3c9ad95bd64e3f87af6abac18feb54eaf0483f5417b636e25885836b06e827d
Eclipse DLL Hijacking
Posted Jul 19, 2016
Authored by Stefan Kanthak

Various Eclipse installers suffer from a dll hijacking vulnerability.

tags | exploit
systems | windows
SHA-256 | 84b5c68827c357cd3a4657dba69c010f190130548f9e8a0dd72d6263002c004d
Django 3.3.0 Script Insertion
Posted Jul 19, 2016
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

Django version 3.3.0 suffers from a malicious client-side script insertion vulnerability.

tags | exploit
advisories | CVE-2016-6186
SHA-256 | 1f58284db9e8efd2a244e0272399d1285a2bfa2dba0aa1453cc6653a18df215e
Hashcat Advanced Password Recovery 3.00 Source Code
Posted Jul 18, 2016
Authored by Kartan | Site hashcat.net

hashcat is an advanced GPU hash cracking utility that includes the World's fastest md5crypt, phpass, mscash2 and WPA / WPA2 cracker. It also has the first and only GPGPU-based rule engine, focuses on highly iterated modern hashes, single dictionary-based attacks, and more. This is the source code release.

Changes: Various updates.
tags | cracker
systems | unix
SHA-256 | 0283791b91db9dd7ee7431d8975c63419c73232945b76eedcefbe12becfa19c4
Hashcat Advanced Password Recovery 3.00 Binary Release
Posted Jul 18, 2016
Authored by Kartan | Site hashcat.net

hashcat is an advanced GPU hash cracking utility that includes the World's fastest md5crypt, phpass, mscash2 and WPA / WPA2 cracker. It also has the first and only GPGPU-based rule engine, focuses on highly iterated modern hashes, single dictionary-based attacks, and more. This is the binary release.

Changes: Various updates.
tags | tool, cracker
SHA-256 | 54fe501ecc7b5246aaf92eef3f6afc23f985f721ef8d53e5ce5fda7d680f46a2
Red Hat Security Advisory 2016-1435-01
Posted Jul 18, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1435-01 - Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. This release of Red Hat JBoss Enterprise Application Platform 6.4.9 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.8, and includes bug fixes and enhancements. Documentation for these changes will be available shortly from the Red Hat JBoss Enterprise Application Platform 6.4.9 Release Notes, linked to in the References. Multiple security issues have been addressed.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2015-5174, CVE-2016-2141
SHA-256 | dec36409f1db8464a059ab01e8ba22bb42c5d3313fb7fb064859dda6b2cd0963
Red Hat Security Advisory 2016-1434-01
Posted Jul 18, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1434-01 - Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. This release of Red Hat JBoss Enterprise Application Platform 6.4.9 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.8, and includes bug fixes and enhancements, which are documented in the Release Notes documented linked to in the References. Security Fix: It was found that JGroups did not require necessary headers for encrypt and auth protocols from new nodes joining the cluster. An attacker could use this flaw to bypass security restrictions, and use this vulnerability to send and receive messages within the cluster, leading to information disclosure, message spoofing, or further possible attacks.

tags | advisory, java, spoof, protocol, info disclosure
systems | linux, redhat
advisories | CVE-2015-5174, CVE-2016-2141
SHA-256 | 9a8e4409727b247a7ebae466821413f642efde07ee3e7723a5c7ce8f773ea250
Red Hat Security Advisory 2016-1433-01
Posted Jul 18, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1433-01 - Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. This release of Red Hat JBoss Enterprise Application Platform 6.4.9 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.8, and includes bug fixes and enhancements, which are documented in the Release Notes documented linked to in the References. Security Fix: It was found that JGroups did not require necessary headers for encrypt and auth protocols from new nodes joining the cluster. An attacker could use this flaw to bypass security restrictions, and use this vulnerability to send and receive messages within the cluster, leading to information disclosure, message spoofing, or further possible attacks.

tags | advisory, java, spoof, protocol, info disclosure
systems | linux, redhat
advisories | CVE-2015-5174, CVE-2016-2141
SHA-256 | 35bd8a4148689c1a27929208cf6843e664a746e2a01785a0dec3a04ff5e0c5f2
Red Hat Security Advisory 2016-1432-01
Posted Jul 18, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1432-01 - Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. The jboss-ec2-eap packages provide scripts for Red Hat JBoss Enterprise Application Platform running on the Amazon Web Services Elastic Compute Cloud. With this update, the packages have been updated to ensure compatibility with Red Hat JBoss Enterprise Application Platform 6.4.9. Multiple security issues have been addressed.

tags | advisory, java, web
systems | linux, redhat
advisories | CVE-2015-5174, CVE-2016-2141
SHA-256 | 6f3886566e926a59135b67d8dd635deae1b47778fd8b00f54cfa44a2c8520776
Meinberg NTP Time Server ELX800/GPS M4x 5.30p Command Execution
Posted Jul 18, 2016
Authored by b0yd

Meinberg NTP Time Server ELX800/GPS M4x version 5.30p suffers from remote command execution and privilege escalation vulnerabilities.

tags | exploit, remote, vulnerability
advisories | CVE-2016-3962
SHA-256 | 6f1633ae04e491afc092bd0cc7bf524f422ae1a8b4cace3c75f7cbe230c2861a
OpenSSHD 7.2p2 User Enumeration
Posted Jul 18, 2016
Authored by Eddie Harari

OpenSSHD versions 7.2p2 and below user enumeration exploit.

tags | exploit
advisories | CVE-2016-6210
SHA-256 | b69a28b747a4fe5a117cdc11aded97dd15df51cde6788bd96001aa8f57bc36a6
Axis Communications MPQT/PACS SSI Remote Format String / Code Execution
Posted Jul 18, 2016
Authored by bashis

Axis Communications MPQT/PACS Server Side Include (SSI) remote format string exploit that provides a connect-back root shell.

tags | exploit, remote, shell, root
SHA-256 | 581d58f31b42ec0fd4f623e4f07fe9d1a20069ed433eac4bbf372d1675a12c75
Red Hat Security Advisory 2016-1420-01
Posted Jul 18, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1420-01 - The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fix: It was discovered that httpd used the value of the Proxy header from HTTP requests to initialize the HTTP_PROXY environment variable for CGI scripts, which in turn was incorrectly used by certain HTTP client implementations to configure the proxy for outgoing HTTP requests. A remote attacker could possibly use this flaw to redirect HTTP requests performed by a CGI script to an attacker-controlled proxy via a malicious HTTP request.

tags | advisory, remote, web, cgi
systems | linux, redhat
advisories | CVE-2016-4979, CVE-2016-5387
SHA-256 | 7cede861a05dabf8a87aa3760a62b71b991e7fc3605adcc358f10a01192a48e5
Ubuntu Security Notice USN-3023-1
Posted Jul 18, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3023-1 - It was discovered that NSPR incorrectly handled memory allocation. If a user were tricked in to opening a specially crafted message, an attacker could potentially exploit this to cause a denial of service via application crash, or execute arbitrary code. Christian Holler, Gary Kwong, Jesse Ruderman, Tyson Smith, Timothy Nikkel, Sylvestre Ledru, Julian Seward, Olli Pettay, and Karl Tomlinson, discovered multiple memory safety issues in Thunderbird. If a user were tricked in to opening a specially crafted message, an attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2016-1951, CVE-2016-2818
SHA-256 | 3fe98ccb366eec5429c1c3e2cb265917ff74bc9ce1c34996d652c69f97e7db00
Ubuntu Security Notice USN-3038-1
Posted Jul 18, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3038-1 - It was discovered that the Apache HTTP Server would set the HTTP_PROXY environment variable based on the contents of the Proxy header from HTTP requests. A remote attacker could possibly use this issue in combination with CGI scripts that honour the HTTP_PROXY variable to redirect outgoing HTTP requests.

tags | advisory, remote, web, cgi
systems | linux, ubuntu
advisories | CVE-2016-5387
SHA-256 | 74e95b5addef4fc8153088ab09870ab4f82e6df17b22f4b1bc874aa554309f32
Red Hat Security Advisory 2016-1421-01
Posted Jul 18, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1421-01 - The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fix: It was discovered that httpd used the value of the Proxy header from HTTP requests to initialize the HTTP_PROXY environment variable for CGI scripts, which in turn was incorrectly used by certain HTTP client implementations to configure the proxy for outgoing HTTP requests. A remote attacker could possibly use this flaw to redirect HTTP requests performed by a CGI script to an attacker-controlled proxy via a malicious HTTP request.

tags | advisory, remote, web, cgi
systems | linux, redhat
advisories | CVE-2016-5387
SHA-256 | 436fc4e839cc2887a759542674a0dc2989aec34c7b74fe6ed4b9921e48d2096d
Red Hat Security Advisory 2016-1422-01
Posted Jul 18, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1422-01 - The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fix: It was discovered that httpd used the value of the Proxy header from HTTP requests to initialize the HTTP_PROXY environment variable for CGI scripts, which in turn was incorrectly used by certain HTTP client implementations to configure the proxy for outgoing HTTP requests. A remote attacker could possibly use this flaw to redirect HTTP requests performed by a CGI script to an attacker-controlled proxy via a malicious HTTP request.

tags | advisory, remote, web, cgi
systems | linux, redhat
advisories | CVE-2016-5387
SHA-256 | 87acaf1ab290cbcda124e1031ca7e28dc94b6eaedf153777e3ce2d06a749ae8b
Debian Security Advisory 3621-1
Posted Jul 18, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3621-1 - A vulnerability was discovered in mysql-connector-java, a Java database (JDBC) driver for MySQL, which may result in unauthorized update, insert or delete access to some MySQL Connectors accessible data as well as read access to a subset of MySQL Connectors accessible data. The vulnerability was addressed by upgrading mysql-connector-java to the new upstream version 5.1.39, which includes additional changes, such as bug fixes, new features, and possibly incompatible changes.

tags | advisory, java
systems | linux, debian
advisories | CVE-2015-2575
SHA-256 | 50e10d38c3a83eef01688935a8575bd4219f7fbd2d682f2937b749a2ed5fba3e
Red Hat Security Advisory 2016-1430-01
Posted Jul 18, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1430-01 - IBM Java SE version 7 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 7 to versions 7 SR9-FP40 and 7R1 SR3-FP40. Security Fix: This update fixes multiple vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2015-4734, CVE-2015-4803, CVE-2015-4805, CVE-2015-4806, CVE-2015-4810, CVE-2015-4835, CVE-2015-4840, CVE-2015-4842, CVE-2015-4843, CVE-2015-4844, CVE-2015-4860, CVE-2015-4871, CVE-2015-4872, CVE-2015-4882, CVE-2015-4883, CVE-2015-4893, CVE-2015-4902, CVE-2015-4903, CVE-2015-5006, CVE-2015-5041, CVE-2015-7575, CVE-2015-7981, CVE-2015-8126, CVE-2015-8472, CVE-2015-8540, CVE-2016-0264, CVE-2016-0363, CVE-2016-0376
SHA-256 | 2e0dead1b133f8a72d51a82a75b7622573a3e29ce6a7ae5ab0f9a63e34cd23a3
Debian Security Advisory 3620-1
Posted Jul 18, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3620-1 - Yves Younan of Cisco Talos discovered several vulnerabilities in the MXit protocol support in pidgin, a multi-protocol instant messaging client. A remote attacker can take advantage of these flaws to cause a denial of service (application crash), overwrite files, information disclosure, or potentially to execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary, vulnerability, protocol, info disclosure
systems | cisco, linux, debian
advisories | CVE-2016-2365, CVE-2016-2366, CVE-2016-2367, CVE-2016-2368, CVE-2016-2369, CVE-2016-2370, CVE-2016-2371, CVE-2016-2372, CVE-2016-2373, CVE-2016-2374, CVE-2016-2375, CVE-2016-2376, CVE-2016-2377, CVE-2016-2378, CVE-2016-2380, CVE-2016-4323
SHA-256 | d90effb448b50288f53be7ccd3c3b9c1a05aba6fa608eaa71df88a26c8d7a457
Page 7 of 15
Back56789Next

File Archive:

October 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    39 Files
  • 2
    Oct 2nd
    23 Files
  • 3
    Oct 3rd
    18 Files
  • 4
    Oct 4th
    20 Files
  • 5
    Oct 5th
    0 Files
  • 6
    Oct 6th
    0 Files
  • 7
    Oct 7th
    17 Files
  • 8
    Oct 8th
    66 Files
  • 9
    Oct 9th
    25 Files
  • 10
    Oct 10th
    20 Files
  • 11
    Oct 11th
    21 Files
  • 12
    Oct 12th
    0 Files
  • 13
    Oct 13th
    0 Files
  • 14
    Oct 14th
    0 Files
  • 15
    Oct 15th
    0 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close