Exploit the possiblities
Showing 101 - 125 of 495 RSS Feed

Files Date: 2017-01-01 to 2017-01-31

HP Security Bulletin HPSBGN03690 1
Posted Jan 24, 2017
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN03690 1 - A security vulnerability in DES/3DES block ciphers used in the TLS protocol, could potentially impact HPE Real User Monitor (RUM) resulting in remote disclosure of information also known as the SWEET32 attack. Revision 1 of this advisory.

tags | advisory, remote, protocol
advisories | CVE-2016-2183
MD5 | aecda959659ee0021fb683ca20b38702
Gentoo Linux Security Advisory 201701-63
Posted Jan 24, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201701-63 - Multiple vulnerabilities have been found in Graphite, the worst of which could lead to the remote execution of arbitrary code. Versions less than 1.3.7 are affected.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2016-1521, CVE-2016-1522, CVE-2016-1523, CVE-2016-1526, CVE-2016-1977, CVE-2016-2790, CVE-2016-2791, CVE-2016-2792, CVE-2016-2793, CVE-2016-2794, CVE-2016-2795, CVE-2016-2796, CVE-2016-2797, CVE-2016-2798, CVE-2016-2799, CVE-2016-2800, CVE-2016-2801, CVE-2016-2802
MD5 | 00e227329d8e92181dad61c5feb7c0c3
Red Hat Security Advisory 2017-0184-01
Posted Jan 24, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0184-01 - MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon and many client programs and libraries. Security Fix: It was discovered that the MySQL logging functionality allowed writing to MySQL configuration files. An administrative database user, or a database user with FILE privileges, could possibly use this flaw to run arbitrary commands with root privileges on the system running the database server.

tags | advisory, arbitrary, root
systems | linux, redhat
advisories | CVE-2016-5616, CVE-2016-6662, CVE-2016-6663
MD5 | 75944cd4df291e1148b0651b151e19f3
Gentoo Linux Security Advisory 201701-62
Posted Jan 24, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201701-62 - Multiple vulnerabilities have been discovered in Firejail, the worst of which may allow privilege escalation. Versions less than 0.9.44.4 are affected.

tags | advisory, vulnerability
systems | linux, gentoo
advisories | CVE-2017-5180, CVE-2017-5206, CVE-2017-5207
MD5 | 602714899541945b0804d1cc769e439d
Gentoo Linux Security Advisory 201701-61
Posted Jan 24, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201701-61 - Multiple vulnerabilities have been discovered in WebP, the worst of which could allow a remote attacker to cause a Denial of Service condition. Versions less than 0.5.2 are affected.

tags | advisory, remote, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2016-9085
MD5 | 52e2e4d9c19f1b1d5d49a5e77653faf6
Red Hat Security Advisory 2017-0183-01
Posted Jan 24, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0183-01 - The squid34 packages provide version 3.4 of Squid, a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. Security Fix: It was found that squid did not properly remove connection specific headers when answering conditional requests using a cached request. A remote attacker could send a specially crafted request to an HTTP server via the squid proxy and steal private data from other connections.

tags | advisory, remote, web
systems | linux, redhat
advisories | CVE-2016-10002
MD5 | d607f86f4e0b853ed08a9d11d0b4610b
Gentoo Linux Security Advisory 201701-60
Posted Jan 24, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201701-60 - Multiple vulnerabilities have been found in LibRaw, the worst of which may allow attackers to execute arbitrary code. Versions less than 0.17.1 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2015-8366, CVE-2015-8367
MD5 | 265b674046e610c756752ffe6a532dfe
Red Hat Security Advisory 2017-0182-01
Posted Jan 24, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0182-01 - Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. Security Fix: It was found that squid did not properly remove connection specific headers when answering conditional requests using a cached request. A remote attacker could send a specially crafted request to an HTTP server via the squid proxy and steal private data from other connections.

tags | advisory, remote, web
systems | linux, redhat
advisories | CVE-2016-10002
MD5 | 341fc86c68310cb71903fce7615b2c74
Gentoo Linux Security Advisory 201701-59
Posted Jan 24, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201701-59 - Multiple vulnerabilities have been found in ADOdb, all of which could allow remote attackers to execute arbitrary code. Versions less than 5.20.9 are affected.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2016-4855, CVE-2016-7405
MD5 | 1701e855e3e69de2116d25bd2a9ecbb1
Gentoo Linux Security Advisory 201701-58
Posted Jan 24, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201701-58 - Multiple vulnerabilities have been found in ICU, the worst of which could cause a Denial of Service condition. Versions less than 58.1 are affected.

tags | advisory, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2015-2632, CVE-2016-6293, CVE-2016-7415
MD5 | 96d878499d19fd9d893f4b0758509bc3
Wireshark Analyzer 2.2.4
Posted Jan 24, 2017
Authored by Gerald Combs | Site wireshark.org

Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers.

Changes: Various updates.
tags | tool, sniffer, protocol
systems | windows, unix
MD5 | 6d0878ba931ea379f6e675d4cba6536b
TOR Virtual Network Tunneling Tool 0.2.9.9
Posted Jan 24, 2017
Authored by Roger Dingledine | Site tor.eff.org

Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).

Changes: Tor 0.2.9.9 fixes a denial-of-service bug where an attacker could cause relays and clients to crash, even if they were not built with the --enable-expensive-hardening option. This bug affects all 0.2.9.x versions, and also affects 0.3.0.1-alpha: all relays running an affected version should upgrade. This release also resolves a client-side onion service reachability bug, and resolves a pair of small portability issues.
tags | tool, remote, local, peer2peer
systems | unix
MD5 | d9d8a2d1f65c151eb2b448f6a93fc326
Firefox nsSMILTimeContainer::NotifyTimeChange() Remote Code Execution
Posted Jan 24, 2017
Authored by Anonymous Gaijin | Site metasploit.com

This Metasploit module exploits an out-of-bounds indexing/use-after-free condition present in nsSMILTimeContainer::NotifyTimeChange() across numerous versions of Mozilla Firefox on Microsoft Windows.

tags | exploit
systems | windows
advisories | CVE-2016-9079
MD5 | 77d27dce95315732a67e02fbeffa113b
RSA Security Analytics Cross Site Scripting
Posted Jan 24, 2017
Site emc.com

RSA Security Analytics versions prior to 10.6.2 suffers from a cross site scripting vulnerability.

tags | advisory, xss
advisories | CVE-2016-8215
MD5 | 290379489b418e99a39818ba233041e5
Gentoo Linux Security Advisory 201701-57
Posted Jan 24, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201701-57 - Multiple vulnerabilities have been discovered in T1Lib, the worst of which could lead to remote execution of arbitrary code. Versions less than 5.1.2-r1 are affected.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2010-2642, CVE-2011-0433, CVE-2011-0764, CVE-2011-1552, CVE-2011-1553, CVE-2011-1554, CVE-2011-5244
MD5 | 6cf8f48d7a9513a799a3571f648d0ebf
Ubuntu Security Notice USN-3176-1
Posted Jan 24, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3176-1 - Peter Wu discovered that the PC/SC service did not correctly handle certain resources. A local attacker could use this issue to cause PC/SC to crash, resulting in a denial of service, or possibly execute arbitrary code with root privileges.

tags | advisory, denial of service, arbitrary, local, root
systems | linux, ubuntu
advisories | CVE-2016-10109
MD5 | 4258bf968551173387728b8ff1f84ece
Ubuntu Security Notice USN-3177-1
Posted Jan 24, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3177-1 - It was discovered that the Tomcat realm implementations incorrectly handled passwords when a username didn't exist. A remote attacker could possibly use this issue to enumerate usernames. This issue only applied to Ubuntu 12.04 LTS, Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. Alvaro Munoz and Alexander Mirosh discovered that Tomcat incorrectly limited use of a certain utility method. A malicious application could possibly use this to bypass Security Manager restrictions. This issue only applied to Ubuntu 12.04 LTS, Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. Various other issues were also addressed.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2016-0762, CVE-2016-5018, CVE-2016-5388, CVE-2016-6794, CVE-2016-6796, CVE-2016-6797, CVE-2016-6816, CVE-2016-8735, CVE-2016-8745, CVE-2016-9774, CVE-2016-9775
MD5 | 5d508723e0a0c4bb457b9e1eca24e638
Apple Security Advisory 2017-01-23-6
Posted Jan 24, 2017
Authored by Apple | Site apple.com

Apple Security Advisory 2017-01-23-6 - iCloud for Windows 6.1.1 is now available and addresses multiple code execution issues.

tags | advisory, code execution
systems | windows, apple
advisories | CVE-2017-2354, CVE-2017-2355, CVE-2017-2356, CVE-2017-2366
MD5 | 77d16fc47a26233cb1ee344394d9a8bb
Apple Security Advisory 2017-01-23-5
Posted Jan 24, 2017
Authored by Apple | Site apple.com

Apple Security Advisory 2017-01-23-5 - Safari 10.0.3 is now available and addresses spoofing, data exfiltration, and various other security vulnerabilities.

tags | advisory, spoof, vulnerability
systems | apple
advisories | CVE-2017-2350, CVE-2017-2354, CVE-2017-2355, CVE-2017-2356, CVE-2017-2359, CVE-2017-2362, CVE-2017-2363, CVE-2017-2364, CVE-2017-2365, CVE-2017-2366, CVE-2017-2369, CVE-2017-2373
MD5 | 58964cb15d232b6dae7d125e1ec15f40
Apple Security Advisory 2017-01-23-4
Posted Jan 24, 2017
Authored by Apple | Site apple.com

Apple Security Advisory 2017-01-23-4 - tvOS 10.1.1 is now available and addresses buffer overflow, code execution, and various other security vulnerabilities.

tags | advisory, overflow, vulnerability, code execution
systems | apple
advisories | CVE-2016-8687, CVE-2017-2350, CVE-2017-2354, CVE-2017-2355, CVE-2017-2356, CVE-2017-2360, CVE-2017-2362, CVE-2017-2363, CVE-2017-2365, CVE-2017-2369, CVE-2017-2370, CVE-2017-2373
MD5 | d68bded87dd2fc62b71356d9867bfeed
Apple Security Advisory 2017-01-23-3
Posted Jan 24, 2017
Authored by Apple | Site apple.com

Apple Security Advisory 2017-01-23-3 - watchOS 3.1.3 is now available and addresses memory corruption and various other security vulnerabilities.

tags | advisory, vulnerability
systems | apple
advisories | CVE-2016-4688, CVE-2016-4691, CVE-2016-4693, CVE-2016-7588, CVE-2016-7589, CVE-2016-7591, CVE-2016-7594, CVE-2016-7595, CVE-2016-7606, CVE-2016-7607, CVE-2016-7612, CVE-2016-7615, CVE-2016-7616, CVE-2016-7619, CVE-2016-7621, CVE-2016-7626, CVE-2016-7627, CVE-2016-7636, CVE-2016-7637, CVE-2016-7643, CVE-2016-7644, CVE-2016-7651, CVE-2016-7657, CVE-2016-7658, CVE-2016-7659, CVE-2016-7660, CVE-2016-7662, CVE-2016-7663
MD5 | e6beae0b82c12eb31c99b1540bc75c92
Apple Security Advisory 2017-01-23-2
Posted Jan 24, 2017
Authored by Apple | Site apple.com

Apple Security Advisory 2017-01-23-2 - macOS 10.12.3 is now available and addresses suffers from code execution and various other security vulnerabilities.

tags | advisory, vulnerability, code execution
systems | apple
advisories | CVE-2016-1248, CVE-2016-8670, CVE-2016-8687, CVE-2016-9933, CVE-2016-9934, CVE-2017-2353, CVE-2017-2357, CVE-2017-2358, CVE-2017-2360, CVE-2017-2361, CVE-2017-2370, CVE-2017-2371
MD5 | b5a063deb6aab4481ae0ec601523b934
Apple Security Advisory 2017-01-23-1
Posted Jan 24, 2017
Authored by Apple | Site apple.com

Apple Security Advisory 2017-01-23-1 - iOS 10.2.1 is now available and addresses logic issues, code execution, and multiple other security vulnerabilities.

tags | advisory, vulnerability, code execution
systems | cisco, apple, ios
advisories | CVE-2016-8687, CVE-2017-2350, CVE-2017-2351, CVE-2017-2352, CVE-2017-2354, CVE-2017-2355, CVE-2017-2356, CVE-2017-2360, CVE-2017-2362, CVE-2017-2363, CVE-2017-2364, CVE-2017-2365, CVE-2017-2366, CVE-2017-2368, CVE-2017-2369, CVE-2017-2370, CVE-2017-2371, CVE-2017-2373
MD5 | 91abec6cacc16073d459630329e9945b
Cisco Magic WebEx URL Remote Command Execution
Posted Jan 24, 2017
Authored by Tavis Ormandy, Google Security Research

Cisco's WebEx extension has a URL that allows for arbitrary remote command execution.

tags | exploit, remote, arbitrary
systems | cisco
MD5 | 6d8494bf209f0415ffc09615875ad72e
CUPS DNS Rebinding Via Incorrect Whitelist
Posted Jan 24, 2017
Authored by Google Security Research, jannh

CUPS suffers from an incorrect whitelist that permits DNS rebinding attacks.

tags | exploit
MD5 | 7df1d32ba8bccdc7acdb30f1aa7cd60d
Page 5 of 20
Back34567Next

File Archive:

November 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    22 Files
  • 2
    Nov 2nd
    28 Files
  • 3
    Nov 3rd
    10 Files
  • 4
    Nov 4th
    1 Files
  • 5
    Nov 5th
    5 Files
  • 6
    Nov 6th
    15 Files
  • 7
    Nov 7th
    15 Files
  • 8
    Nov 8th
    13 Files
  • 9
    Nov 9th
    9 Files
  • 10
    Nov 10th
    9 Files
  • 11
    Nov 11th
    3 Files
  • 12
    Nov 12th
    2 Files
  • 13
    Nov 13th
    15 Files
  • 14
    Nov 14th
    17 Files
  • 15
    Nov 15th
    19 Files
  • 16
    Nov 16th
    15 Files
  • 17
    Nov 17th
    19 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close