exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 23 of 23 RSS Feed

Files Date: 2016-09-19 to 2016-09-20

ZineBasic 1.1 Remote File Disclosure
Posted Sep 19, 2016
Authored by bd0rk

ZineBasic version 1.1 suffers from a file disclosure vulnerability.

tags | exploit, info disclosure
SHA-256 | 06b86484883fae23c8361309d9226646bad9cb8fbabb56cbe1ca5a708ff912f7
EMC VNX2 / VNX1 / VNXe / Celerra Weak Nonce
Posted Sep 19, 2016
Site emc.com

SMB implementations in EMC Celerra, VNX1, VNX2 and VNXe are affected by an NTLM authentication weak nonce vulnerability that could potentially be exploited by malicious users to compromise the affected system. EMC VNX2 File OE versions prior to 8.1.9.155, EMC VNX1 File OE versions prior to 7.1.80.3, and all supported versions of EMC VNXe and EMC Celerra are affected.

tags | advisory
advisories | CVE-2016-0917
SHA-256 | 08ed8e4a761485bceed652d21bc81e6e6db8c003e56286859791cdecfbecddeb
Ubuntu Security Notice USN-3084-4
Posted Sep 19, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3084-4 - Pengfei Wang discovered a race condition in the audit subsystem in the Linux kernel. A local attacker could use this to corrupt audit logs or disrupt system-call auditing. It was discovered that the powerpc and powerpc64 hypervisor-mode KVM implementation in the Linux kernel for did not properly maintain state about transactional memory. An unprivileged attacker in a guest could cause a denial of service in the host OS. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2016-5412, CVE-2016-6136, CVE-2016-6156
SHA-256 | 3c2fbb7ec5c9ed6f368b4db7d0df2b27e18e1ee5e86cfdd96175561cf787c59c
Ubuntu Security Notice USN-3084-3
Posted Sep 19, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3084-3 - Pengfei Wang discovered a race condition in the audit subsystem in the Linux kernel. A local attacker could use this to corrupt audit logs or disrupt system-call auditing. It was discovered that the powerpc and powerpc64 hypervisor-mode KVM implementation in the Linux kernel for did not properly maintain state about transactional memory. An unprivileged attacker in a guest could cause a denial of service in the host OS. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2016-5412, CVE-2016-6136, CVE-2016-6156
SHA-256 | b1527fd478908508ae69451d220c65cad25079f213acdfc0704d763143b2bf13
Ubuntu Security Notice USN-3084-2
Posted Sep 19, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3084-2 - USN-3084-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. Pengfei Wang discovered a race condition in the audit subsystem in the Linux kernel. A local attacker could use this to corrupt audit logs or disrupt system-call auditing. Various other issues were also addressed.

tags | advisory, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2016-5412, CVE-2016-6136, CVE-2016-6156
SHA-256 | d6dd8214eb90ce6f3ecb544516d1c2c9da3a9a47fcaecf9f470de1dad4cd6f92
Ubuntu Security Notice USN-3084-1
Posted Sep 19, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3084-1 - Pengfei Wang discovered a race condition in the audit subsystem in the Linux kernel. A local attacker could use this to corrupt audit logs or disrupt system-call auditing. It was discovered that the powerpc and powerpc64 hypervisor-mode KVM implementation in the Linux kernel for did not properly maintain state about transactional memory. An unprivileged attacker in a guest could cause a denial of service in the host OS. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2016-5412, CVE-2016-6136, CVE-2016-6156
SHA-256 | 041db440f69287cf86d0d560304f9cc2ad2db1bde818b1fd1fe14913043891c1
Ubuntu Security Notice USN-3083-1
Posted Sep 19, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3083-1 - Dmitry Vyukov discovered that the IPv6 implementation in the Linux kernel did not properly handle options data, including a use-after-free. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that a race condition existed when handling heartbeat- timeout events in the SCTP implementation of the Linux kernel. A remote attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2015-8767, CVE-2016-3841
SHA-256 | 52eab0418053602603e73f209e3485a85f8d0aa24f7c884e3f1b8270ed05f0b4
Ubuntu Security Notice USN-3082-1
Posted Sep 19, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3082-1 - Chiachih Wu, Yuan-Tsung Lo, and Xuxian Jiang discovered that the legacy ABI for ARM had incomplete access checks for epoll_wait and semtimedop. A local attacker could use this to possibly execute arbitrary code.

tags | advisory, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2016-3857
SHA-256 | 78480af0d32b0fa86f7245b2313c33bd6ea5a6d3271d63257a89bde3551eeab7
Ubuntu Security Notice USN-3083-2
Posted Sep 19, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3083-2 - USN-3083-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 LTS. Dmitry Vyukov discovered that the IPv6 implementation in the Linux kernel did not properly handle options data, including a use-after-free. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2015-8767, CVE-2016-3841
SHA-256 | 652cd80153f903b94a35a79406720a21993e90e76a9a9d24eecb192b752aa471
Ubuntu Security Notice USN-3082-2
Posted Sep 19, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3082-2 - Chiachih Wu, Yuan-Tsung Lo, and Xuxian Jiang discovered that the legacy ABI for ARM had incomplete access checks for epoll_wait and semtimedop. A local attacker could use this to possibly execute arbitrary code.

tags | advisory, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2016-3857
SHA-256 | f1feea8469491b747927e478e26065a5bed1b7be3659ba44a7b964e4ea9682da
Ubuntu Security Notice USN-3081-1
Posted Sep 19, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3081-1 - Dawid Golunski discovered that the Tomcat init script incorrectly handled creating log files. A remote attacker could possibly use this issue to obtain root privileges. This update also reverts a change in behavior introduced in USN-3024-1 by setting mapperContextRootRedirectEnabled to True by default.

tags | advisory, remote, root
systems | linux, ubuntu
advisories | CVE-2016-1240
SHA-256 | 675f6057a1c1f0a39c448e746d1b909c252d28c8cb0a684b52fd7a96408910f7
WordPress Neosense Theme 1.7 Shell Upload
Posted Sep 19, 2016
Authored by Walter Hop

WordPress Neosense theme version 1.7 suffers from a remote shell upload vulnerability.

tags | advisory, remote, shell
SHA-256 | 483336d59b67f8d8d195f34a5ff3040d94a360e52713228620ce4ef924c1d190
EMC Avamar Data Store / Virtual Edition Command Injection
Posted Sep 19, 2016
Site emc.com

EMC Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) 7.3 contain fixes for multiple vulnerabilities. These vulnerabilities may expose the Avamar clients and servers to potentially be compromised by malicious users. They include improper authentication, improper encryption, privilege escalation, and command injection vulnerabilities.

tags | advisory, vulnerability
advisories | CVE-2016-0903, CVE-2016-0904, CVE-2016-0905, CVE-2016-0920, CVE-2016-0921
SHA-256 | 5a4bc9d5cbfb3e7fe1be98e04086dfe29c1b721203749f2c75bd95a4099bc49e
ShoreTel Connect ONSITE Blind SQL Injection
Posted Sep 19, 2016
Authored by Iraklis Mathiopoulos

ShoreTel Connect ONSITE versions 20.xx.xxxx.x and 21.xx.xxxx.x up to 21.79.4311.0 suffer from an unauthenticated remote blind SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 5fe02891997443ded0a53a2ce816960a4a202cd2c141c914b517d4e640ef0545
EKG Gadu 1.9~pre+r2855-3+b1 Local Buffer Overflow
Posted Sep 19, 2016
Authored by Juan Sacco

EKG Gadu versions 1 through 1.9~pre+r2855-3+b1 suffer from a local buffer overflow vulnerability.

tags | exploit, overflow, local
SHA-256 | aff59676a07ff154fa771cc294cbe56e8183978dc06b3dd5415de1f85a85f11e
MetInfo 3.0 SQL Injection
Posted Sep 19, 2016
Authored by indoushka

MetInfo version 3.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 80cb6eb5667364f3286bbb37f303a6416c133be7473e6f3e36d2d33b71b91b40
CodeCanyon iBilling 2.4 Cross Site Scripting
Posted Sep 19, 2016
Authored by indoushka

CodeCanyon iBilling version 2.4 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | d41d9e15c4377e6843aa40aa225587fee960487ca541dcbc3aa1522e730879d7
ECShop 2.7.2 Open Redirect
Posted Sep 19, 2016
Authored by indoushka

ECShop version 2.7.2 suffers from an open redirection vulnerability.

tags | exploit
SHA-256 | e2a2b9bda2e63613dc12ca1dac19cb1a78d027e42940469e7b036872f2a9c921
Coupon CMS 5.00 Open Redirect
Posted Sep 19, 2016
Authored by indoushka

Coupon CMS version 5.00 suffers from an open redirection vulnerability.

tags | exploit
SHA-256 | 5599af4764b8c21fc79507d31150a23d50bc62d02d88da4c361685c6f38e5470
VMWare Workstation vprintproxy.exe JPEG2000 Handling Memory Corruption
Posted Sep 19, 2016
Authored by Google Security Research, mjurczyk

VMWare Workstation vprintproxy.exe suffers from multiple memory corruption and other crashes in the handling of JPEG2000 images.

tags | exploit
advisories | CVE-2016-7084
SHA-256 | edd5397d8b520f00253f4f9311dff71b9765d0e2c44fa145e57518fe92c73758
VMWare Workstation vprintproxy.exe EMF Double-Free
Posted Sep 19, 2016
Authored by Google Security Research, mjurczyk

VMWare Workstation vprintproxy.exe suffers from a double-free in the handling of EMF (EMR_SMALLTEXTOUT record).

tags | advisory
advisories | CVE-2016-7082
SHA-256 | e6eac7c024a8a3b3788360713d4b8f38aa43580e461b5cbd18a110c2d2f297c5
VMWare Workstation vprintproxy.exe TrueType NAME Heap Buffer Overflow
Posted Sep 19, 2016
Authored by Google Security Research, mjurczyk

VMWare Workstation vprintproxy.exe suffers from a heap buffer overflow vulnerability in the handling of TrueType NAME tables.

tags | exploit, overflow
advisories | CVE-2016-7083
SHA-256 | 1d5414c24aa6efa04b7bd1a2dd19dca752085107658d72d462362ffb0de5eceb
ComActivity 2.14.35 Cross Site Scripting
Posted Sep 19, 2016
Authored by indoushka

ComActivity version 2.14.35 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 811f05821587559d1d5b5dfda3115d93ba677e4524b0e3cfec7d39332bac3a40
Page 1 of 1
Back1Next

File Archive:

October 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    39 Files
  • 2
    Oct 2nd
    23 Files
  • 3
    Oct 3rd
    18 Files
  • 4
    Oct 4th
    20 Files
  • 5
    Oct 5th
    0 Files
  • 6
    Oct 6th
    0 Files
  • 7
    Oct 7th
    0 Files
  • 8
    Oct 8th
    0 Files
  • 9
    Oct 9th
    0 Files
  • 10
    Oct 10th
    0 Files
  • 11
    Oct 11th
    0 Files
  • 12
    Oct 12th
    0 Files
  • 13
    Oct 13th
    0 Files
  • 14
    Oct 14th
    0 Files
  • 15
    Oct 15th
    0 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close