Exploit the possiblities
Showing 51 - 75 of 339 RSS Feed

Files Date: 2016-12-01 to 2016-12-31

Falco 0.5.0
Posted Dec 22, 2016
Authored by Sysdig | Site sysdig.org

Sysdig falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco will notify you when these rules are violated. You can think about falco as a mix between snort, ossec and strace.

Changes: Added cache event formatting objects so they are not re-created for every falco notification. Falco notifications are now throttled by a token bucket, preventing a flood of notifications when many events match a rule. Various other fixes and changes.
tags | tool, intrusion detection
systems | unix
MD5 | b75188e8500778059382e033a42c5772
Vesta Control Panel 0.9.8-16 Local Privilege Escalation
Posted Dec 22, 2016
Authored by Luka Pusic, Jaka Hudoklin

Vesta Control Panel versions 0.9.7 through 0.9.8-16 suffer from a local privilege escalation vulnerability.

tags | exploit, local
MD5 | 0f50bd0209f7fae9393b4e086b2cbf55
Google Chrome Privilege Escalation
Posted Dec 22, 2016
Authored by Jann Horn, Google Security Research

Google Chrome suffers from a renderer->extension privilege escalation vulnerability via sync.

tags | advisory
MD5 | 34af5609484d280241a49041f9bb0f64
IBM AIX 6.1 / 7.1 / 7.2 Bellmail Privilege Escalation
Posted Dec 22, 2016
Authored by Hector X. Monsegur

IBM AIX versions 6.1, 7.1, and 7.2 suffer from a Bellmail privilege escalation vulnerability.

tags | exploit
systems | aix
advisories | CVE-2016-8972
MD5 | 05dd43af666f2ed46734a7dfb17a2f37
Mac OS IOKit Registry Code Execution
Posted Dec 22, 2016
Authored by Google Security Research, ianbeer

Mac OS suffers from a kernel code execution vulnerability due to writable privileged IOKit registry properties.

tags | exploit, kernel, registry, code execution
advisories | CVE-2016-7617
MD5 | ecbd7adf845d4a2d59727883b5a96837
Microsoft Edge Internationalization Type Confusion
Posted Dec 22, 2016
Authored by Google Security Research, natashenka

Microsoft Edge suffers from a type confusion vulnerability in internationalization initialization.

tags | exploit
advisories | CVE-2016-7287
MD5 | 855338264629052a02a9a6c6ec90b205
Mac OS / iOS syslogd Arbitrary Port Replacement
Posted Dec 22, 2016
Authored by Google Security Research, ianbeer

syslogd on Mac OS and iOS suffers from an arbitrary port replacement vulnerability.

tags | exploit, kernel
systems | apple, osx, ios
advisories | CVE-2016-7660
MD5 | 8eb7916a048ecdbb23dee2bb2a35b379
Android WifiNative::setHotlist Stack Overflow
Posted Dec 22, 2016
Authored by Google Security Research, Mark Brand

Android suffers from a stack overflow vulnerability in WifiNative::setHotlist.

tags | exploit, overflow
advisories | CVE-2016-6772
MD5 | b761c3665f954faf1df05f42e3ddf58a
Microsoft Edge SIMD.toLocaleString Uninitialized Memory
Posted Dec 22, 2016
Authored by Google Security Research, natashenka

Microsoft Edge suffers from an uninitialized memory vulnerability in SIMD.toLocaleString.

tags | exploit
advisories | CVE-2016-7286
MD5 | 0f4c8902225cd8feb03565170123124a
Mac OS / iOS powerd Arbitrary Port Replacement
Posted Dec 22, 2016
Authored by Google Security Research, ianbeer

powerd on Mac OS and iOS suffers from an arbitrary port replacement vulnerability.

tags | exploit, arbitrary
systems | cisco, ios
advisories | CVE-2016-7661
MD5 | edcb171bc5f607aa80424d72f1cf092c
MacOS Sierra 10.12 16A323 Double vm_deallocate Use-After-Free
Posted Dec 22, 2016
Authored by Google Security Research, ianbeer

MacOS Sierra version 10.12 16A323 allows a double vm_deallocate in userspace MIG code that can lead to a use-after-free vulnerability in mach services.

tags | exploit
advisories | CVE-2016-7633
MD5 | 61a1a140ee2c80cb167f2ec5bc4d3f0d
Mac OS X / iOS Missing Error Check Use-After-Free
Posted Dec 22, 2016
Authored by Google Security Research, ianbeer

A lack of error checking leads to a reference count leak and OS X / iOS kernel use-after-free vulnerability in _kernelrpc_mach_port_insert_right_trap.

tags | exploit, kernel
systems | apple, osx, ios
advisories | CVE-2016-7621
MD5 | 2dfcf68cd51acc4fa50dafc6d021feb4
Mac OS / iOS Privileged Port Name Replacement
Posted Dec 22, 2016
Authored by Google Security Research, ianbeer

A broken kernel mach port name uref handling on iOS and Mac OS can lead to privileged port name replacement in other processes.

tags | exploit, kernel
systems | apple, osx, ios
advisories | CVE-2016-7637
MD5 | 3a001d596093a86e7bb1c9f6ff060a77
at(1) Persistence Module
Posted Dec 22, 2016
Authored by Jon Hart | Site metasploit.com

This Metasploit module achieves persistence by executing payloads via at(1).

tags | exploit
MD5 | 048cca3a85238fd43232c9ab2c6fa3ea
Mac OS X / iOS ipc_port_t Reference Count Leak / Use-After-Free
Posted Dec 22, 2016
Authored by Google Security Research, ianbeer

There is an ipc_port_t reference count leak due to incorrect externalMethod overrides that lead to a Mac OS X / iOS kernel use-after-free vulnerability.

tags | exploit, kernel
systems | apple, osx, ios
advisories | CVE-2016-7612
MD5 | c1a88972c2e7188bba733c5fcecbbb8b
FreeBSD Security Advisory - FreeBSD-SA-16.39.ntp
Posted Dec 21, 2016
Authored by Network Time Foundation | Site security.freebsd.org

FreeBSD Security Advisory - Multiple vulnerabilities have been discovered in the NTP suite.

tags | advisory, vulnerability
systems | freebsd, bsd
advisories | CVE-2016-7426, CVE-2016-7427, CVE-2016-7428, CVE-2016-7431
MD5 | 758701c6c332f8937e8764717b895f4a
Netgear WNR2000 Remote Code Execution
Posted Dec 21, 2016
Authored by Pedro Ribeiro

Netgear WNR2000 suffers from a remote code execution vulnerability and various other security issues.

tags | exploit, remote, code execution
advisories | CVE-2016-10175, CVE-2016-10176, CVE-2016-10174
MD5 | c796a4c7e2b080855fb0e6456b4b3a6c
WordPress Copy-Me 1.0.0 Cross Site Request Forgery
Posted Dec 21, 2016
Authored by Tom Adams

WordPress Copy-Me plugin version 1.0.0 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | b694d0e13652bb2a6b06002166d591a0
Microsoft Internet Explorer 11 MSHTML CPasteCommand::ConvertBitmaptoPng Buffer Overflow
Posted Dec 21, 2016
Authored by SkyLined

Microsoft Internet Explorer version 11 suffers from an MSHTML CPasteCommand::ConvertBitmaptoPng heap-based buffer overflow vulnerability.

tags | advisory, overflow
advisories | CVE-2014-4138
MD5 | cc6c137463ead069198238ae61374033
Nmap Port Scanner 7.40
Posted Dec 21, 2016
Authored by Fyodor | Site insecure.org

Nmap is a utility for port scanning large networks, although it works fine for single hosts. Sometimes you need speed, other times you may need stealth. In some cases, bypassing firewalls may be required. Not to mention the fact that you may want to scan different protocols (UDP, TCP, ICMP, etc.). Nmap supports Vanilla TCP connect() scanning, TCP SYN (half open) scanning, TCP FIN, Xmas, or NULL (stealth) scanning, TCP ftp proxy (bounce attack) scanning, SYN/FIN scanning using IP fragments (bypasses some packet filters), TCP ACK and Window scanning, UDP raw ICMP port unreachable scanning, ICMP scanning (ping-sweep), TCP Ping scanning, Direct (non portmapper) RPC scanning, Remote OS Identification by TCP/IP Fingerprinting, and Reverse-ident scanning. Nmap also supports a number of performance and reliability features such as dynamic delay time calculations, packet timeout and retransmission, parallel port scanning, detection of down hosts via parallel pings.

Changes: Updated the bundled Npcap from 0.10r9 to 0.78r5. Integrated 568 IPv4 OS fingerprint submissions. Integrated 779 service/version fingerprints. Various other updates and features.
tags | tool, remote, udp, tcp, protocol, nmap
systems | unix
MD5 | 1c300c247558e9cf7612e585cf2edfa0
SAP Solman 7.31 Information Disclosure
Posted Dec 21, 2016
Authored by Roman Bezhan

SAP Solman versions 7.1 through 7.31 suffer from an information disclosure vulnerability.

tags | exploit, info disclosure
advisories | CVE-2016-10005
MD5 | d898a12c27cec090345a83cb63a05285
Red Hat Security Advisory 2016-2975-01
Posted Dec 21, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2975-01 - GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer-plugins-good packages contain a collection of well-supported plug-ins of good quality and under the LGPL license. Security Fix: Multiple flaws were discovered in GStreamer's FLC/FLI/FLX media file format decoding plug-in. A remote attacker could use these flaws to cause an application using GStreamer to crash or, potentially, execute arbitrary code with the privileges of the user running the application.

tags | advisory, remote, arbitrary
systems | linux, redhat
advisories | CVE-2016-9634, CVE-2016-9635, CVE-2016-9636, CVE-2016-9807, CVE-2016-9808
MD5 | bc683d35890ebe8d80e1943e4b332150
Red Hat Security Advisory 2016-2974-01
Posted Dec 21, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2974-01 - GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer-plugins-bad-free package contains a collection of plug-ins for GStreamer. Security Fix: An integer overflow flaw, leading to a heap-based buffer overflow, was found in GStreamer's VMware VMnc video file format decoding plug-in. A remote attacker could use this flaw to cause an application using GStreamer to crash or, potentially, execute arbitrary code with the privileges of the user running the application.

tags | advisory, remote, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2016-9445, CVE-2016-9447
MD5 | cc72e1beb4733b874b6d0a623b436a84
Debian Security Advisory 3732-2
Posted Dec 21, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3732-2 - The update for php5 issued as DSA-3732-1 caused segfaults in php-ssh2. Updated packages are now available to correct this issue.

tags | advisory, php
systems | linux, debian
MD5 | 642a44328ef63252d1cc3f928d768e0e
Red Hat Security Advisory 2016-2973-01
Posted Dec 21, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2973-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 45.6.0. Security Fix: Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird.

tags | advisory, web, arbitrary
systems | linux, redhat
advisories | CVE-2016-9893, CVE-2016-9895, CVE-2016-9899, CVE-2016-9900, CVE-2016-9901, CVE-2016-9902, CVE-2016-9905
MD5 | f4f37d8ae7297880b356ca3ee5b49358
Page 3 of 14
Back12345Next

File Archive:

December 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    15 Files
  • 2
    Dec 2nd
    2 Files
  • 3
    Dec 3rd
    1 Files
  • 4
    Dec 4th
    15 Files
  • 5
    Dec 5th
    15 Files
  • 6
    Dec 6th
    18 Files
  • 7
    Dec 7th
    17 Files
  • 8
    Dec 8th
    15 Files
  • 9
    Dec 9th
    13 Files
  • 10
    Dec 10th
    1 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close