exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 16 of 16 RSS Feed

Files Date: 2017-05-19 to 2017-05-20

Debian Security Advisory 3856-1
Posted May 19, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3856-1 - Two vulnerabilities have been discovered in the web interface of the Deluge BitTorrent client (directory traversal and cross-site request forgery).

tags | advisory, web, vulnerability, csrf
systems | linux, debian
advisories | CVE-2017-7178, CVE-2017-9031
SHA-256 | ffd4b2a7a8f00187b94f35a5055d76e483f4645d61a3bcd2ed54463b4ab27be8
HPE Security Bulletin HPESBGN03748 1
Posted May 19, 2017
Authored by Hewlett Packard Enterprise | Site hpe.com

HPE Security Bulletin HPESBGN03748 1 - A potential security vulnerability has been identified in HPE Cloud Optimizer. The vulnerability could be remotely exploited resulting in disclosure of information. Revision 1 of this advisory.

tags | advisory
advisories | CVE-2017-8944
SHA-256 | 7483e63110b0bf1c8c541a2f924bb2bf09ca0c60d99d6ea43f0e7571351d4d97
Ceragon FibeAir IP-10 7.2.0 Hidden User Backdoor
Posted May 19, 2017
Authored by Ian Ling

Ceragon FibeAir IP-10 versions 7.2.0 and below suffer from a hidden user backdoor vulnerability.

tags | exploit
advisories | CVE-2015-0936
SHA-256 | 19d0253d67bfd5628b69787c405f7a3c2992c6236010db3ca5711b8a3408d169
Western Digital TV Media Player 1.03.07 LFI / CSRF / File Upload
Posted May 19, 2017
Authored by Fikri Fadzil, Wan Ikram | Site sec-consult.com

Western Digital TV Media Player version 1.03.07 suffers from file upload, local file inclusion, cross site request forgery, private key issue, remote SQL injection, and other vulnerabilities.

tags | advisory, remote, local, vulnerability, sql injection, file inclusion, file upload, csrf
SHA-256 | 385687d49d2c40482bc4095866410a41b9a17b1428c065bcb0a4be85c09e9a45
Red Hat Security Advisory 2017-1256-01
Posted May 19, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-1256-01 - Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. This release of Red Hat JBoss Enterprise Application Platform 6.4.15 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.14, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Security Fix: It was discovered that under certain conditions RESTEasy could be forced to parse a request with YamlProvider, resulting in unmarshalling of potentially untrusted data. An attacker could possibly use this flaw execute arbitrary code with the permissions of the application using RESTEasy.

tags | advisory, java, arbitrary
systems | linux, redhat
advisories | CVE-2016-9606
SHA-256 | 66a0b9ebd91f3d58b18c164ce18f959b822d47b029a739de04202319a8322641
Red Hat Security Advisory 2017-1253-01
Posted May 19, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-1253-01 - Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. This release of Red Hat JBoss Enterprise Application Platform 6.4.15 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.14, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Security Fix: It was discovered that under certain conditions RESTEasy could be forced to parse a request with YamlProvider, resulting in unmarshalling of potentially untrusted data. An attacker could possibly use this flaw execute arbitrary code with the permissions of the application using RESTEasy.

tags | advisory, java, arbitrary
systems | linux, redhat
advisories | CVE-2016-9606
SHA-256 | 5a4ec3b1227c9241673259dff46a3a8629ad441ccc88aaeb18290d488426c5d1
Red Hat Security Advisory 2017-1259-01
Posted May 19, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-1259-01 - Spacewalk is an Open Source systems management solution that provides system provisioning, configuration and patching capabilities. Security Fix: It was found that spacewalk-channel can be used by a non-admin user or disabled users to perform administrative tasks due to an incorrect authorization check in backend/server/rhnChannel.py.

tags | advisory
systems | linux, redhat
advisories | CVE-2017-7470
SHA-256 | 42ce9b171df841e7dba3df7165abf9639f62c061e6efdad41a6d0829ddcebc04
Ubuntu Security Notice USN-3275-3
Posted May 19, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3275-3 - USN-3275-2 fixed vulnerabilities in OpenJDK 7. Unfortunately, the update introduced a regression when handling TLS handshakes. This update fixes the problem. It was discovered that OpenJDK improperly re-used cached NTLM connections in some situations. A remote attacker could possibly use this to cause a Java application to perform actions with the credentials of a different user. Various other issues were also addressed.

tags | advisory, java, remote, vulnerability
systems | linux, ubuntu
advisories | CVE-2017-3509, CVE-2017-3511, CVE-2017-3526, CVE-2017-3533, CVE-2017-3539, CVE-2017-3544
SHA-256 | b6267488b59a31e9e6e0acbee223e59d7a111c146fc457952a554fc22c390435
Ubuntu Security Notice USN-3295-1
Posted May 19, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3295-1 - It was discovered that JasPer incorrectly handled certain malformed JPEG-2000 image files. If a user or automated system using JasPer were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service or possibly execute code with the privileges of the user invoking the program.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2016-10249, CVE-2016-10251, CVE-2016-1867, CVE-2016-2089, CVE-2016-8654, CVE-2016-8691, CVE-2016-8692, CVE-2016-8693, CVE-2016-8882, CVE-2016-9560, CVE-2016-9591
SHA-256 | b62194c8b668f64ae29e7257348391b5c012a8addd0decc9b4f7c298876675a3
Red Hat Security Advisory 2017-1255-01
Posted May 19, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-1255-01 - Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. This release of Red Hat JBoss Enterprise Application Platform 6.4.15 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.14, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Security Fix: It was discovered that under certain conditions RESTEasy could be forced to parse a request with YamlProvider, resulting in unmarshalling of potentially untrusted data. An attacker could possibly use this flaw execute arbitrary code with the permissions of the application using RESTEasy.

tags | advisory, java, arbitrary
systems | linux, redhat
advisories | CVE-2016-9606
SHA-256 | 908877da3f1cfc9dfca69965316818a94445a7d83eafed2908514e284a7b6ae4
Red Hat Security Advisory 2017-1260-01
Posted May 19, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-1260-01 - The jboss-ec2-eap packages provide scripts for Red Hat JBoss Enterprise Application Platform running on the Amazon Web Services Elastic Compute Cloud. With this update, the jboss-ec2-eap package has been updated to ensure compatibility with Red Hat JBoss Enterprise Application Platform 6.4.15. Security Fix: It was discovered that under certain conditions RESTEasy could be forced to parse a request with YamlProvider, resulting in unmarshalling of potentially untrusted data. An attacker could possibly use this flaw execute arbitrary code with the permissions of the application using RESTEasy.

tags | advisory, web, arbitrary
systems | linux, redhat
advisories | CVE-2016-9606
SHA-256 | f8dede59460b3e91131da210ce201d95cfb51359708c5aedfa61beace085aa8c
Red Hat Security Advisory 2017-1254-01
Posted May 19, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-1254-01 - Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. This release of Red Hat JBoss Enterprise Application Platform 6.4.15 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.14, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Security Fix: It was discovered that under certain conditions RESTEasy could be forced to parse a request with YamlProvider, resulting in unmarshalling of potentially untrusted data. An attacker could possibly use this flaw execute arbitrary code with the permissions of the application using RESTEasy.

tags | advisory, java, arbitrary
systems | linux, redhat
advisories | CVE-2016-9606
SHA-256 | 4a6d3b6826b17d73c6e89756d374ffc7b8d743c626ed1841cace3e0cb5b75665
Kodak InSite 8.0 Cross Site Scripting
Posted May 19, 2017
Authored by Ricardo Sanchez

Kodak InSite versions 6.5. through 8.0 suffer from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | edfdb5072d2100ae5816327aa1047bf156b40a14eb41a16b1e0dfe93a6055864
Nixauditor CIS Script 1.1
Posted May 19, 2017
Authored by Alfie | Site the-infosec.com

Nixauditor is a script to audit linux and unix distributions based mainly on the CIS standards and universal linux hardening guidelines.

Changes: Audit script enabling user to audit Kernel info, Kernel versions, Specific release information, Current user/group info, Users that have previously logged onto the system, All users and uid/gid info. General CIS Checks (over 100 security checks).
tags | tool
systems | linux, unix
SHA-256 | c895b4f499689b377e4a2360b02832996b972639b6e2ed8b1a1c145eefa9cfa1
WhatsApp Failure To Delete
Posted May 19, 2017
Authored by Yakov Shafranovich | Site wwws.nightwatchcybersecurity.com

WhatsApp Messenger for Android does not delete sent and received files from the SD card on the device when chats are cleared, deleted or the application is uninstalled from the device. Additionally, the application stores sent and received files in the SD card without encryption where they are accessible to any applications with storage permissions.

tags | advisory
advisories | CVE-2017-8769
SHA-256 | 33e5802bd2f7506103d2ccc503733ef058009d057af1f25c56e0615d0d99772f
Belden GarrettCom 6K / 10KT Bypass / Disclosure / Buffer Overflow
Posted May 19, 2017
Authored by David Tomaschik

Belden GarrettCom 6K and 10KT series suffer from suffers from buffer overflow, authentication bypass, information disclosure, and other vulnerabilities.

tags | exploit, overflow, vulnerability, info disclosure
SHA-256 | 49d1717295169be58fe33b4c7d8306f29f0d9e8f045dbaf9cda485d36d3f2e48
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close