all things security
Showing 101 - 125 of 543 RSS Feed

Files Date: 2017-03-01 to 2017-03-31

Linux XFBurn Buffer Overflow
Posted Mar 24, 2017
Authored by Hosein Askari

XFBurn suffers from a stack-based buffer overflow vulnerability that escalate privileges.

tags | advisory, overflow
MD5 | e1f9fa71f9b4e584ce68dede094d1004
NETGEAR WNR2000v5 (Un)authenticated hidden_lang_avi Stack Overflow
Posted Mar 24, 2017
Authored by Pedro Ribeiro | Site metasploit.com

The NETGEAR WNR2000 router has a buffer overflow vulnerability in the hidden_lang_avi parameter. In order to exploit it, it is necessary to guess the value of a certain timestamp which is in the configuration of the router. An authenticated attacker can simply fetch this from a page, but an unauthenticated attacker has to brute force it. Brute-forcing the timestamp token might take a few minutes, a few hours, or days, but it is guaranteed that it can be brute-forced. This Metasploit module implements both modes, and it works very reliably. It has been tested with the WNR2000v5, firmware versions 1.0.0.34 and 1.0.0.18. It should also work with hardware revisions v4 and v3, but this has not been tested - with these routers it might be necessary to adjust the LibcBase variable as well as the gadget addresses.

tags | exploit, overflow
advisories | CVE-2016-10174
MD5 | 620f8fffe7cce1685fc6d76883a8968c
Broadcom Stack Buffer Overflow
Posted Mar 23, 2017
Authored by Google Security Research, laginimaineb

Broadcom suffers from a buffer overflow vulnerability when parsing CCKM re-association responses.

tags | advisory, overflow
advisories | CVE-2017-6957
MD5 | b396a007284a3bec4f0b4311ada8d1f2
LastPass Domain Design Flaw
Posted Mar 23, 2017
Authored by Tavis Ormandy, Google Security Research

The LastPass domain regex does not handle data and other pseudo-url schemes.

tags | exploit
MD5 | 1fe1ae70f7001f2eb8fbec14b1f8b281
LastPass FireFox Content Script Loading
Posted Mar 23, 2017
Authored by Tavis Ormandy, Google Security Research

LastPass had an issue with websiteConnector.js content script allows proxying internal RPC commands. The fix appears to not work on FireFox.

tags | exploit
MD5 | abcd3f3e4f7ccd17975ddc4515a7bac7
Logsign Remote Command Injection
Posted Mar 23, 2017
Authored by Mehmet Ince | Site metasploit.com

This Metasploit module exploits an command injection vulnerability in Logsign. By exploiting this vulnerability, unauthenticated users can execute arbitrary code under the root user. Logsign has a publicly accessible endpoint. That endpoint takes a user input and then use it during operating system command execution without proper validation. This Metasploit module was tested against 4.4.2 and 4.4.137 versions.

tags | exploit, arbitrary, root
MD5 | 30dabe9a85146a69decc9f4f053c65b4
Apple Security Advisory 2017-03-22-1
Posted Mar 23, 2017
Authored by Apple | Site apple.com

Apple Security Advisory 2017-03-22-1 - iTunes for Windows 12.6 is now available and addresses vulnerabilities in expat and SQLite.

tags | advisory, vulnerability
systems | windows, apple
advisories | CVE-2009-3270, CVE-2009-3560, CVE-2009-3720, CVE-2012-1147, CVE-2012-1148, CVE-2012-6702, CVE-2013-7443, CVE-2015-1283, CVE-2015-3414, CVE-2015-3415, CVE-2015-3416, CVE-2015-3717, CVE-2015-6607, CVE-2016-0718, CVE-2016-4472, CVE-2016-5300, CVE-2016-6153
MD5 | 1bcb766e4f3265ba41b97e9177076f73
QNAP QTS Privilege Escalation / Information Disclosure
Posted Mar 23, 2017
Authored by Pasquale Florillo, Guido Oricchio

QNAP QTS versions prior to 4.2.4 suffer from a sensitive data exposure vulnerability that allows for privilege escalation.

tags | exploit
advisories | CVE-2017-5227
MD5 | 280673cc4dfcbf440c9ee247125951e0
Red Hat Security Advisory 2017-0834-01
Posted Mar 23, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0834-01 - The eap7-jboss-ec2-eap package provides scripts for Red Hat JBoss Enterprise Application Platform running on the Amazon Web Services Elastic Compute Cloud. With this update, the eap7-jboss-ec2-eap package has been updated to ensure compatibility with Red Hat JBoss Enterprise Application Platform 7.0.5.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2016-8656, CVE-2016-9589
MD5 | 375ac34156672df7aa25cf9144d5035f
Red Hat Security Advisory 2017-0831-01
Posted Mar 23, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0831-01 - Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. This release of Red Hat JBoss Enterprise Application Platform 7.0.5 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.0.4, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Security Fix: It was discovered that the jboss init script performed unsafe file handling which could result in local privilege escalation.

tags | advisory, java, local
systems | linux, redhat
advisories | CVE-2016-8656, CVE-2016-9589
MD5 | 66f67574033cbae059476954f74ef062
Red Hat Security Advisory 2017-0828-01
Posted Mar 23, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0828-01 - Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. This release of Red Hat JBoss Enterprise Application Platform 6.4.14 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.13, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Security Fix: It was discovered that EAP packages in certain versions of Red Hat Enterprise Linux use incorrect permissions for /etc/sysconfig/jbossas configuration files. The file is writable to jboss group. On systems using classic /etc/init.d init scripts, the file is sourced by the jboss init script and its content executed with root privileges when jboss service is started, stopped, or restarted.

tags | advisory, java, root
systems | linux, redhat
advisories | CVE-2016-6346, CVE-2016-8657, CVE-2017-6056
MD5 | 3e40bec85188c85df789135696804d68
Red Hat Security Advisory 2017-0829-01
Posted Mar 23, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0829-01 - The jboss-ec2-eap packages provide scripts for Red Hat JBoss Enterprise Application Platform running on the Amazon Web Services Elastic Compute Cloud. With this update, the jboss-ec2-eap package has been updated to ensure compatibility with Red Hat JBoss Enterprise Application Platform 6.4.14. Security Fix: It was discovered that EAP packages in certain versions of Red Hat Enterprise Linux use incorrect permissions for /etc/sysconfig/jbossas configuration files. The file is writable to jboss group. On systems using classic /etc/init.d init scripts, the file is sourced by the jboss init script and its content executed with root privileges when jboss service is started, stopped, or restarted.

tags | advisory, web, root
systems | linux, redhat
advisories | CVE-2016-6346, CVE-2016-8657, CVE-2017-6056
MD5 | a137d31543caa82f433b8f837722a0a7
Red Hat Security Advisory 2017-0826-01
Posted Mar 23, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0826-01 - Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. This release of Red Hat JBoss Enterprise Application Platform 6.4.14 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.13, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Security Fix: It was discovered that EAP packages in certain versions of Red Hat Enterprise Linux use incorrect permissions for /etc/sysconfig/jbossas configuration files. The file is writable to jboss group. On systems using classic /etc/init.d init scripts, the file is sourced by the jboss init script and its content executed with root privileges when jboss service is started, stopped, or restarted.

tags | advisory, java, root
systems | linux, redhat
advisories | CVE-2016-6346, CVE-2016-8657, CVE-2017-6056
MD5 | aaab8b7598169d922d129fae3907a471
Red Hat Security Advisory 2017-0827-01
Posted Mar 23, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0827-01 - Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. This release of Red Hat JBoss Enterprise Application Platform 6.4.14 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.13, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Security Fix: It was discovered that EAP packages in certain versions of Red Hat Enterprise Linux use incorrect permissions for /etc/sysconfig/jbossas configuration files. The file is writable to jboss group. On systems using classic /etc/init.d init scripts, the file is sourced by the jboss init script and its content executed with root privileges when jboss service is started, stopped, or restarted.

tags | advisory, java, root
systems | linux, redhat
advisories | CVE-2016-6346, CVE-2016-8657, CVE-2017-6056
MD5 | d8ac7b01f69e0963ec65da56acc19fb9
Ubuntu Security Notice USN-3243-1
Posted Mar 23, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3243-1 - It was discovered that Git incorrectly sanitized branch names in the PS1 variable when configured to display the repository status in the shell prompt. If a user were tricked into exploring a malicious repository, a remote attacker could use this issue to execute arbitrary code.

tags | advisory, remote, arbitrary, shell
systems | linux, ubuntu
advisories | CVE-2014-9938
MD5 | 5e9ec3e012f77c65ec3aeea783f3c8b8
Ubuntu Security Notice USN-3242-1
Posted Mar 23, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3242-1 - Jann Horn discovered that Samba incorrectly handled symlinks. An authenticated remote attacker could use this issue to access files on the server outside of the exported directories.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2017-2619
MD5 | d940e44716ee24ba24a3670752585fcc
Debian Security Advisory 3816-1
Posted Mar 23, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3816-1 - Jann Horn of Google discovered a time-of-check, time-of-use race condition in Samba, a SMB/CIFS file, print, and login server for Unix. A malicious client can take advantage of this flaw by exploiting a symlink race to access areas of the server file system not exported under a share definition.

tags | advisory
systems | linux, unix, debian
advisories | CVE-2017-2619
MD5 | 3fe3acbad5b20184c59b50c18e61f4bc
Red Hat Security Advisory 2017-0486-01
Posted Mar 23, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0486-01 - Red Hat Gluster Storage is a software only scale-out storage solution that provides flexible and affordable unstructured data storage. It unifies data storage and infrastructure, increases performance, and improves availability and manageability to meet enterprise-level storage challenges. The following packages have been upgraded to a later upstream version: glusterfs, redhat-storage-server, vdsm. Multiple security issues have been addressed.

tags | advisory
systems | linux, redhat
advisories | CVE-2015-1795
MD5 | f4748b7efffc2b2422ae3828a68abb6c
Red Hat Security Advisory 2017-0484-01
Posted Mar 23, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0484-01 - Red Hat Gluster Storage is a software only scale-out storage solution that provides flexible and affordable unstructured data storage. It unifies data storage and infrastructure, increases performance, and improves availability and manageability to meet enterprise-level storage challenges. The following packages have been upgraded to a later upstream version: glusterfs, redhat-storage-server. Security Fix: It was found that glusterfs-server RPM package would write file with predictable name into world readable /tmp directory. A local attacker could potentially use this flaw to escalate their privileges to root by modifying the shell script during the installation of the glusterfs-server package.

tags | advisory, shell, local, root
systems | linux, redhat
advisories | CVE-2015-1795
MD5 | 03a5e8f2c644d94a4094c59e0ad9b4d9
Red Hat Security Advisory 2017-0495-01
Posted Mar 23, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0495-01 - Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information. The following packages have been upgraded to a later upstream version: samba. Security Fix: It was found that Samba always requested forwardable tickets when using Kerberos authentication. A service to which Samba authenticated using Kerberos could subsequently use the ticket to impersonate Samba to other services or domain users.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2016-2125, CVE-2016-2126
MD5 | a92ca8c369436738d7ff6119aab4bdb2
Red Hat Security Advisory 2017-0494-01
Posted Mar 23, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0494-01 - Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information. The following packages have been upgraded to a later upstream version: samba. Security Fix: It was found that Samba always requested forwardable tickets when using Kerberos authentication. A service to which Samba authenticated using Kerberos could subsequently use the ticket to impersonate Samba to other services or domain users.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2016-2125, CVE-2016-2126
MD5 | 236f7b2a05808040d39ca086d1d6ca6a
Red Hat Security Advisory 2017-0838-01
Posted Mar 23, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0838-01 - OpenJPEG is an open source library for reading and writing image files in JPEG2000 format. Security Fix: Multiple integer overflow flaws, leading to heap-based buffer overflows, were found in OpenJPEG. A specially crafted JPEG2000 image could cause an application using OpenJPEG to crash or, potentially, execute arbitrary code. An out-of-bounds read vulnerability was found in OpenJPEG, in the j2k_to_image tool. Converting a specially crafted JPEG2000 file to another format could cause the application to crash or, potentially, disclose some data from the heap.

tags | advisory, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2016-5139, CVE-2016-5158, CVE-2016-5159, CVE-2016-7163, CVE-2016-9573, CVE-2016-9675
MD5 | c90462b18dcf65f5562ce78297c0bac2
Red Hat Security Advisory 2017-0837-01
Posted Mar 23, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0837-01 - The icoutils are a set of programs for extracting and converting images in Microsoft Windows icon and cursor files. These files usually have the extension .ico or .cur, but they can also be embedded in executables or libraries. Security Fix: Multiple vulnerabilities were found in icoutils, in the wrestool program. An attacker could create a crafted executable that, when read by wrestool, could result in memory corruption leading to a crash or potential code execution.

tags | advisory, vulnerability, code execution
systems | linux, redhat, windows
advisories | CVE-2017-5208, CVE-2017-5332, CVE-2017-5333, CVE-2017-6009, CVE-2017-6010, CVE-2017-6011
MD5 | 9ae26a5f0de12baafe740afbafa04442
Red Hat Security Advisory 2017-0832-01
Posted Mar 23, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0832-01 - Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. This release of Red Hat JBoss Enterprise Application Platform 7.0.5 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.0.4, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Security Fix: It was discovered that the jboss init script performed unsafe file handling which could result in local privilege escalation.

tags | advisory, java, local
systems | linux, redhat
advisories | CVE-2016-8656, CVE-2016-9589
MD5 | 975fee01969467fa9e452e52b0f446ba
Red Hat Security Advisory 2017-0830-01
Posted Mar 23, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0830-01 - Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. This release of Red Hat JBoss Enterprise Application Platform 7.0.5 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.0.4, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Security Fix: It was found that JBoss EAP 7 Header Cache was inefficient. An attacker could use this flaw to cause a denial of service attack.

tags | advisory, java, denial of service
systems | linux, redhat
advisories | CVE-2016-9589
MD5 | b234b5c4d223bbd820602b57b3c1c789
Page 5 of 22
Back34567Next

File Archive:

October 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    15 Files
  • 2
    Oct 2nd
    16 Files
  • 3
    Oct 3rd
    15 Files
  • 4
    Oct 4th
    15 Files
  • 5
    Oct 5th
    11 Files
  • 6
    Oct 6th
    6 Files
  • 7
    Oct 7th
    2 Files
  • 8
    Oct 8th
    1 Files
  • 9
    Oct 9th
    13 Files
  • 10
    Oct 10th
    16 Files
  • 11
    Oct 11th
    15 Files
  • 12
    Oct 12th
    23 Files
  • 13
    Oct 13th
    13 Files
  • 14
    Oct 14th
    12 Files
  • 15
    Oct 15th
    2 Files
  • 16
    Oct 16th
    16 Files
  • 17
    Oct 17th
    16 Files
  • 18
    Oct 18th
    15 Files
  • 19
    Oct 19th
    10 Files
  • 20
    Oct 20th
    7 Files
  • 21
    Oct 21st
    4 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close