what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 15 of 15 RSS Feed

Files Date: 2016-08-24 to 2016-08-25

TOR Virtual Network Tunneling Tool 0.2.8.7
Posted Aug 24, 2016
Authored by Roger Dingledine | Site tor.eff.org

Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).

Changes: Tor 0.2.8.7 fixes an important bug related to the ReachableAddresses option in 0.2.8.6, and replaces a retiring bridge authority. Everyone who sets the ReachableAddresses option, and all bridges, are strongly encouraged to upgrade.
tags | tool, remote, local, peer2peer
systems | unix
SHA-256 | 80a58f02623e95da8689da9538895098353dd070c3236abd99ed9c8a25d8724e
nullcon 8-bit Call For Papers
Posted Aug 24, 2016
Site nullcon.net

nullcon is an annual security conference held in Goa, India. The focus of the conference is to showcase the next generation of offensive and defensive security technology. It will take place March 3rd through the 4th, 2017.

tags | paper, conference
SHA-256 | 7c5ac5df54269c8cfd18f4f4a6005fba665076f31ee54a60e88c251bbc654fcf
Red Hat Security Advisory 2016-1773-01
Posted Aug 24, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1773-01 - OpenShift Enterprise by Red Hat is the company's cloud computing Platform-as-a-Service solution designed for on-premise or private cloud deployments. The Jenkins continuous integration server has been updated to upstream version 1.651.2 LTS that addresses a large number of security issues, including open redirects, a potential denial of service, unsafe handling of user provided environment variables and several instances of sensitive information disclosure.

tags | advisory, denial of service, info disclosure
systems | linux, redhat
advisories | CVE-2014-3577, CVE-2015-7501, CVE-2016-0788, CVE-2016-0789, CVE-2016-0790, CVE-2016-0791, CVE-2016-0792, CVE-2016-3721, CVE-2016-3722, CVE-2016-3723, CVE-2016-3724, CVE-2016-3725, CVE-2016-3726, CVE-2016-3727
SHA-256 | d21a44fcf349a12558e1bf494277c24c60b24dd0894fb71b09edaef3e3d7f9e4
Red Hat Security Advisory 2016-1763-01
Posted Aug 24, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1763-01 - KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm-rhev package provides the user-space component for running virtual machines using KVM in environments managed by Red Hat Enterprise Virtualization Manager. Security Fix: Quick Emulator built with the Block driver for iSCSI images support is vulnerable to a heap-based buffer overflow issue. The flaw could occur while processing iSCSI asynchronous I/O ioctl calls. A user inside a guest could exploit this flaw to crash the QEMU process resulting in denial of service, or potentially leverage it to execute arbitrary code with QEMU-process privileges on the host.

tags | advisory, denial of service, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2016-5126, CVE-2016-5403
SHA-256 | b936c597f2b38222b536ed0b72d6892520736086fdf90ec2bb052711f97d3675
Ubuntu Security Notice USN-3068-1
Posted Aug 24, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3068-1 - Thijs Alkemade, Gustavo Grieco, Daniel Stenberg, and Nikos Mavrogiannopoulos discovered that Libidn incorrectly handled invalid UTF-8 characters. A remote attacker could use this issue to cause Libidn to crash, resulting in a denial of service, or possibly disclose sensitive memory. This issue only applied to Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. Hanno Boeck discovered that Libidn incorrectly handled certain input. A remote attacker could possibly use this issue to cause Libidn to crash, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2015-2059, CVE-2015-8948, CVE-2016-6261, CVE-2016-6262, CVE-2016-6263
SHA-256 | 8fc65e056c00aacb74043701fa23c5a3940d45a27528289ab166ee40c36e2a52
Ubuntu Security Notice USN-3067-1
Posted Aug 24, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3067-1 - Kostya Serebryany discovered that HarfBuzz incorrectly handled memory. A remote attacker could use this issue to cause HarfBuzz to crash, resulting in a denial of service, or possibly execute arbitrary code. It was discovered that HarfBuzz incorrectly handled certain length checks. A remote attacker could use this issue to cause HarfBuzz to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only applied to Ubuntu 16.04 LTS. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2015-8947, CVE-2016-2052
SHA-256 | a4562fc8ba877daedc2e5dd13519fd488619bc5d93df56679621a15de2fa32c7
AlienVault USM/OSSIM 5.2 Cross Site Scripting
Posted Aug 24, 2016
Authored by Julien Ahrens | Site rcesecurity.com

AlienVault USM/OSSIM version 5.2 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2016-6913
SHA-256 | 52d6e5998255d0e9741227d3f9f592c61f60e95789c4df2d2c3f1ba5af0dbda1
Red Hat Security Advisory 2016-1756-01
Posted Aug 24, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1756-01 - KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm-rhev package provides the user-space component for running virtual machines using KVM in environments managed by Red Hat Enterprise Virtualization Manager. Security Fix: Quick Emulator built with the Block driver for iSCSI images support is vulnerable to a heap-based buffer overflow issue. The flaw could occur while processing iSCSI asynchronous I/O ioctl calls. A user inside a guest could exploit this flaw to crash the QEMU process resulting in denial of service, or potentially leverage it to execute arbitrary code with QEMU-process privileges on the host.

tags | advisory, denial of service, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2016-5126, CVE-2016-5403
SHA-256 | ee2a907a02311463c8bfdc49dca292045a8a802656502a0b7229331d7c4a4137
Slackware Security Advisory - gnupg Updates
Posted Aug 24, 2016
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New gnupg packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, 14.2, and -current to fix a security issue.

tags | advisory
systems | linux, slackware
advisories | CVE-2016-6313
SHA-256 | 81c47dd800315bdd57989d4822cd2882054bbb17120a80fbc0602fb991db554e
chatNow 0.0.0 Cross Site Request Forgery
Posted Aug 24, 2016
Authored by HaHwul

chatNow version 0.0.0 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | e5a220b856eb02e0a3d9bf17f7278383790b12d4c7e7b57f62066c00691e886d
chatNow 0.0.0 Cross Site Scripting
Posted Aug 24, 2016
Authored by HaHwul

chatNow version 0.0.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 395b0c15770e24ecb0b7fe0896debf9177d1d4c9c933901913b627c48de11fab
SimplePHPQuiz Blind SQL Injection
Posted Aug 24, 2016
Authored by HaHwul

SimplePHPQuiz suffers from a remote blind SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | cf0515d4feeb9e73981e68b0f36f7a9643ae21e7ee948896683bff58c5703ee3
VMware Security Advisory 2016-0013
Posted Aug 24, 2016
Authored by VMware | Site vmware.com

VMware Security Advisory 2016-0013 - VMware Identity Manager and vRealize Automation updates address multiple security issues.

tags | advisory
advisories | CVE-2016-5335, CVE-2016-5336
SHA-256 | 10ce356485ee77b9cf3bc4ec235b364612bdc4d6ed152da245e7a1e17db10900
Red Hat Security Advisory 2016-1664-01
Posted Aug 24, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1664-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: It was found that the RFC 5961 challenge ACK rate limiting as implemented in the Linux kernel's networking subsystem allowed an off-path attacker to leak certain information about a given connection by creating congestion on the global challenge ACK rate limit counter and then measuring the changes by probing packets. An off-path attacker could use this flaw to either terminate TCP connection and/or inject payload into non-secured TCP connection between two endpoints on the network.

tags | advisory, kernel, tcp
systems | linux, redhat
advisories | CVE-2016-5696
SHA-256 | b542c16421a0053cf74470ceee19661e1c59fcea30d437e8dabde33c44a48c25
Red Hat Security Advisory 2016-1657-01
Posted Aug 24, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1657-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A flaw was found in the Linux kernel's keyring handling code, where in key_reject_and_link() an uninitialised variable would eventually lead to arbitrary free address which could allow attacker to use a use-after-free style attack. A flaw was found in the way certain interfaces of the Linux kernel's Infiniband subsystem used write() as bi-directional ioctl() replacement, which could lead to insufficient memory security checks when being invoked using the splice() system call. A local unprivileged user on a system with either Infiniband hardware present or RDMA Userspace Connection Manager Access module explicitly loaded, could use this flaw to escalate their privileges on the system.

tags | advisory, arbitrary, kernel, local
systems | linux, redhat
advisories | CVE-2016-4470, CVE-2016-4565, CVE-2016-5696
SHA-256 | 4043f793bb96834574d7f4614976b19cff587e4500e977d8646b0c4f8fcb4824
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close