what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 20 of 20 RSS Feed

Files Date: 2016-11-11 to 2016-11-12

MikroTik RouterOS 6.36.2 Cross Site Scripting
Posted Nov 11, 2016
Authored by Nassim Asrir

MikroTik RouterOS version 6.36.2 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 574ec10eda68efe29907bd928181fa09546feacfc51f2df9f2838424e1afe544
Intel Identity Protection Technology Host Interface Service 1.2.22.0 Privilege Escalation
Posted Nov 11, 2016
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Intel Identity Protection Technology Host Interface Service jhi_service.exe version 1.2.22.0 suffers from a privilege escalation vulnerability.

tags | exploit
SHA-256 | 14832098b81d64e739a2fecd4bd6aa5e7c3384ed340e5a3e844ad6a1d4673d0c
Intel Management And Security LMS.exe 7.1.13.1088 Privilege Escalation
Posted Nov 11, 2016
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Intel Management and Security Application Local Management Service LMS.exe version 7.1.13.1088 suffers from a privilege escalation vulnerability.

tags | exploit, local
SHA-256 | 382a8b25308c8217a4f9289b263a8803fac71994659b7704e71bf558774d4e01
WordPress W3 Total Cache 0.9.4.1 Cross Site Scripting
Posted Nov 11, 2016
Authored by Securify B.V., Sipke Mellema

WordPress W3 Total Cache plugin version 0.9.4.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | dad348fbfcafead56be5e0cbe894d149a654cc0e0a985c5d4ecbd785eae06fff
WordPress W3 Total Cache 0.9.4.1 Race Condition
Posted Nov 11, 2016
Authored by Securify B.V., Sipke Mellema

An information disclosure vulnerability was found in the W3 Total Cache plugin. This issue allows an attacker to hijack sensitive information, such as the administrator's session cookie. Exploiting the vulnerability is possible during a short period of time when an administrator submits the support form. Version 0.9.4.1 is affected.

tags | exploit, info disclosure
SHA-256 | 7a6aaf418ea8e714659aa334b04274d3631ce06a115fe6141fe555d1aa58a51d
WordPress Google Maps 6.3.14 Cross Site Request Forgery
Posted Nov 11, 2016
Authored by Securify B.V., Sipke Mellema

WordPress Google Maps plugin version 6.3.14 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | f561f52225402b48f3f253963d3a14e7732f445a9eb81cedba6aa67394d63d00
Teradata Virtual Machine Community Edition 15.10 Insecure File Permission
Posted Nov 11, 2016
Authored by Larry W. Cashdollar

Teradata Virtual Machine Community Edition version 15.10 suffers from an insecure file permission vulnerability.

tags | exploit
advisories | CVE-2016-7488
SHA-256 | 12ab3c47e222e2424905eb04541b8502f7178bbf5977133e83cb3a134c9d7aa0
Observium Remote Command Execution
Posted Nov 11, 2016
Site computest.nl

During a recent penetration test Computest found and exploited various issues in Observium, going from unauthenticated user to full shell access as root.

tags | advisory, shell, root
SHA-256 | 4041a850a24306c4f6f7dc1fc7c8b76067ff726516808322d468925aa4244a4f
Ubuntu Security Notice USN-3129-2
Posted Nov 11, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3129-2 - Ondrej Kozina discovered that the keyring interface in the Linux kernel contained a buffer overflow when displaying timeout events via the /proc/keys interface. A local attacker could use this to cause a denial of service.

tags | advisory, denial of service, overflow, kernel, local
systems | linux, ubuntu
advisories | CVE-2016-7042
SHA-256 | a29f0d3e3e2ebd12adeba1d4689ca7d3c299aeea87e2ec97e3512daef8e67939
Ubuntu Security Notice USN-3128-2
Posted Nov 11, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3128-2 - USN-3128-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. Ondrej Kozina discovered that the keyring interface in the Linux kernel contained a buffer overflow when displaying timeout events via the /proc/keys interface. A local attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, overflow, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2016-7042
SHA-256 | bb5f7821787ec046a4f18c437fee1c4babaada3a07138c01ab7433aba49a6459
Ubuntu Security Notice USN-3127-1
Posted Nov 11, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3127-1 - It was discovered that the compression handling code in the Advanced Linux Sound Architecture subsystem in the Linux kernel did not properly check for an integer overflow. A local attacker could use this to cause a denial of service. Kirill A. Shutemov discovered that memory manager in the Linux kernel did not properly handle anonymous pages. A local attacker could use this to cause a denial of service or possibly gain administrative privileges. Various other issues were also addressed.

tags | advisory, denial of service, overflow, kernel, local
systems | linux, ubuntu
advisories | CVE-2014-9904, CVE-2015-3288, CVE-2016-3961, CVE-2016-7042
SHA-256 | 01cea1fce1227c7940b3e746c63d4a2d4b996f91e65b161b9da444fd843eb62d
Ubuntu Security Notice USN-3129-1
Posted Nov 11, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3129-1 - Ondrej Kozina discovered that the keyring interface in the Linux kernel contained a buffer overflow when displaying timeout events via the /proc/keys interface. A local attacker could use this to cause a denial of service.

tags | advisory, denial of service, overflow, kernel, local
systems | linux, ubuntu
advisories | CVE-2016-7042
SHA-256 | dd14ea01c353f7c9b48c2adcbf07fa50f6b0a15a6a46ca85b0d9700963342534
Ubuntu Security Notice USN-3128-3
Posted Nov 11, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3128-3 - Ondrej Kozina discovered that the keyring interface in the Linux kernel contained a buffer overflow when displaying timeout events via the /proc/keys interface. A local attacker could use this to cause a denial of service.

tags | advisory, denial of service, overflow, kernel, local
systems | linux, ubuntu
advisories | CVE-2016-7042
SHA-256 | 913ba46b3ae9d9c566f6d8b725cbdaf54e98cc4d79e03714bb9f79f51f89d7ab
Ubuntu Security Notice USN-3126-1
Posted Nov 11, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3126-1 - Ondrej Kozina discovered that the keyring interface in the Linux kernel contained a buffer overflow when displaying timeout events via the /proc/keys interface. A local attacker could use this to cause a denial of service. Dmitry Vyukov discovered a use-after-free vulnerability during error processing in the recvmmsg implementation in the Linux kernel. A remote attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, remote, denial of service, overflow, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2016-7042, CVE-2016-7117
SHA-256 | 4bbf1d4ea527ad684dcc5fc5db86dbe5395379408e2920a2bad340c35edb6728
Ubuntu Security Notice USN-3128-1
Posted Nov 11, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3128-1 - Ondrej Kozina discovered that the keyring interface in the Linux kernel contained a buffer overflow when displaying timeout events via the /proc/keys interface. A local attacker could use this to cause a denial of service.

tags | advisory, denial of service, overflow, kernel, local
systems | linux, ubuntu
advisories | CVE-2016-7042
SHA-256 | fa0fb5c655ad6f62fb22e8029251c9321a38dba3f9f91c5f204325d1b11eb9d1
Ubuntu Security Notice USN-3127-2
Posted Nov 11, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3127-2 - USN-3127-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 LTS. It was discovered that the compression handling code in the Advanced Linux Sound Architecture subsystem in the Linux kernel did not properly check for an integer overflow. A local attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, overflow, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2014-9904, CVE-2015-3288, CVE-2016-3961, CVE-2016-7042
SHA-256 | 7ef8e046784e759daa37ac14a887334035715f84aedb6b85a0db639ce1c7fa5e
Ubuntu Security Notice USN-3126-2
Posted Nov 11, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3126-2 - Ondrej Kozina discovered that the keyring interface in the Linux kernel contained a buffer overflow when displaying timeout events via the /proc/keys interface. A local attacker could use this to cause a denial of service. Dmitry Vyukov discovered a use-after-free vulnerability during error processing in the recvmmsg implementation in the Linux kernel. A remote attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, remote, denial of service, overflow, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2016-7042, CVE-2016-7117
SHA-256 | 4ccc284737a64c8c3f06bc96c110403bf3c05592a73bbe558b184db66d8d1d08
WordPress W3 Total Cache Amazon SNS Push Messages Weak Validation
Posted Nov 11, 2016
Authored by Securify B.V., Sipke Mellema

A vulnerability in the validation of Amazon SNS messages was found in the W3 Total Cache plugin. This issue allows an attacker to perform a variety of actions concerning the server's cache, which may result in a denial of service attack. Version 0.9.4.1 is affected.

tags | exploit, denial of service
SHA-256 | 59cce5048bc779a87a1b48d11a7eaae8585ecf4fcf88a05433fae03944d7dfd8
Shellcode Compiler
Posted Nov 11, 2016
Authored by Ionut Popescu

Shellcode Compiler is a program that compiles C/C++ style code into a small, position-independent and NULL-free shellcode for Windows. It is possible to call any Windows API function in a user-friendly way. Shellcode Compiler takes as input a source file and it uses it's own compiler to interpret the code and generate an assembly file which is assembled with NASM. Shellcode compiler was released at DefCamp security conference in Romania, November 2016.

tags | tool, shellcode
systems | windows, unix
SHA-256 | 55cc199ca20c621cb3d3d2444ac5f6f9f88eafbc79dc2fa9711f8cf538b5d486
vBulletin 4.2.3 SQL Injection
Posted Nov 11, 2016
Authored by Manish Tanwar

vBulletin versions 4.2.3 and below suffer from a remote SQL injection vulnerability in the forumrunner add-on.

tags | exploit, remote, sql injection
SHA-256 | c52ff5beedbd614d5ea96f159e21d95f2550dcd2a7551bccca3ddefeb3ca20a7
Page 1 of 1
Back1Next

File Archive:

June 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    19 Files
  • 2
    Jun 2nd
    16 Files
  • 3
    Jun 3rd
    28 Files
  • 4
    Jun 4th
    0 Files
  • 5
    Jun 5th
    0 Files
  • 6
    Jun 6th
    19 Files
  • 7
    Jun 7th
    23 Files
  • 8
    Jun 8th
    11 Files
  • 9
    Jun 9th
    10 Files
  • 10
    Jun 10th
    4 Files
  • 11
    Jun 11th
    0 Files
  • 12
    Jun 12th
    0 Files
  • 13
    Jun 13th
    0 Files
  • 14
    Jun 14th
    0 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    0 Files
  • 18
    Jun 18th
    0 Files
  • 19
    Jun 19th
    27 Files
  • 20
    Jun 20th
    65 Files
  • 21
    Jun 21st
    10 Files
  • 22
    Jun 22nd
    8 Files
  • 23
    Jun 23rd
    6 Files
  • 24
    Jun 24th
    6 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    15 Files
  • 28
    Jun 28th
    14 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close