Exploit the possiblities
Showing 26 - 50 of 427 RSS Feed

Files Date: 2017-06-01 to 2017-06-30

Debian Security Advisory 3900-1
Posted Jun 28, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3900-1 - Several issues were discovered in openvpn, a virtual private network application.

tags | advisory
systems | linux, debian
advisories | CVE-2017-7479, CVE-2017-7508, CVE-2017-7520, CVE-2017-7521
MD5 | 861615706841885d4df680f3df668402
Debian Security Advisory 3886-2
Posted Jun 28, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3886-2 - The security update announced as DSA-3886-1 caused regressions for some applications using Java - including jsvc, LibreOffice and Scilab - due to the fix for CVE-2017-1000364. Updated packages are now available to correct this issue.

tags | advisory, java
systems | linux, debian
MD5 | 3255a76fe0614a8ebe91cede0fc3a48f
Red Hat Security Advisory 2017-1583-01
Posted Jun 28, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-1583-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Security Fix: A denial of service flaw was found in the way BIND handled responses containing a DNAME answer. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS response.

tags | advisory, remote, denial of service, protocol
systems | linux, redhat
advisories | CVE-2016-8864, CVE-2016-9131, CVE-2016-9147, CVE-2016-9444, CVE-2017-3137
MD5 | b6baca0e394512f1e049726c4466101c
Red Hat Security Advisory 2017-1582-01
Posted Jun 28, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-1582-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Security Fix: A denial of service flaw was found in the way BIND handled a query response containing CNAME or DNAME resource records in an unusual order. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS response.

tags | advisory, remote, denial of service, protocol
systems | linux, redhat
advisories | CVE-2017-3137, CVE-2017-3139
MD5 | a034af8e7121e7333dbff2501e089472
Red Hat Security Advisory 2017-1601-01
Posted Jun 28, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-1601-01 - Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller framework for web application development. Action Pack implements the controller and the view components. rh-ruby23-rubygem-nokogiri provides Nokogiri, which is an HTML, XML, SAX, and Reader parser. Among Nokogiri's many features is the ability to search documents using XPath or CSS3 selectors. rh-ruby23-rubygem-ovirt-engine-sdk4 provides the ruby SDK for the oVirt Engine API.

tags | advisory, web, ruby
systems | linux, redhat
advisories | CVE-2016-4457, CVE-2016-7047, CVE-2017-7497
MD5 | 445fd5cb0824cb408c522dedc70efea6
Red Hat Security Advisory 2017-1615-01
Posted Jun 28, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-1615-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A flaw was found in the way Linux kernel allocates heap memory to build the scattergather list from a fragment list->frag_list) in the socket buffer. The heap overflow occurred if 'MAX_SKB_FRAGS + 1' parameter and 'NETIF_F_FRAGLIST' feature were used together. A remote user or process could use this flaw to potentially escalate their privilege on a system.

tags | advisory, remote, overflow, kernel
systems | linux, redhat
advisories | CVE-2017-2583, CVE-2017-6214, CVE-2017-7477, CVE-2017-7645, CVE-2017-7895
MD5 | 9cfe18ce0b936ec4aede687d0c578c6b
Red Hat Security Advisory 2017-1616-01
Posted Jun 28, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-1616-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix: A flaw was found in the way memory was being allocated on the stack for user space binaries. If heap and stack memory regions were adjacent to each other, an attacker could use this flaw to jump over the stack guard gap, cause controlled memory corruption on process stack or the adjacent memory region, and thus increase their privileges on the system. This is a kernel-side mitigation which increases the stack guard gap size from one page to 1 MiB to make successful exploitation of this issue more difficult.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2017-1000364, CVE-2017-2583, CVE-2017-6214, CVE-2017-7477, CVE-2017-7645, CVE-2017-7895
MD5 | 7931eb75308b0094304dfb562742ac60
Red Hat Security Advisory 2017-1647-01
Posted Jun 28, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-1647-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix: A flaw was found in the way memory was being allocated on the stack for user space binaries. If heap and stack memory regions were adjacent to each other, an attacker could use this flaw to jump over the stack guard gap, cause controlled memory corruption on process stack or the adjacent memory region, and thus increase their privileges on the system. This is a kernel-side mitigation which increases the stack guard gap size from one page to 1 MiB to make successful exploitation of this issue more difficult.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2017-1000364, CVE-2017-6214, CVE-2017-7645, CVE-2017-7895
MD5 | 41824a6599589efdca21090fad590230
Red Hat Security Advisory 2017-1581-01
Posted Jun 28, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-1581-01 - FreeRADIUS is a high-performance and highly configurable free Remote Authentication Dial In User Service server, designed to allow centralized authentication and authorization for a network. Security Fix: An authentication bypass flaw was found in the way the EAP module in FreeRADIUS handled TLS session resumption. A remote unauthenticated attacker could potentially use this flaw to bypass the inner authentication check in FreeRADIUS by resuming an older unauthenticated TLS session.

tags | advisory, remote
systems | linux, redhat
advisories | CVE-2017-9148
MD5 | 73f346b254b774ec52dc57d67159881f
Bro Network Security Monitor 2.5.1
Posted Jun 27, 2017
Authored by Robin Sommer, Vern Paxson | Site bro.org

Bro is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Bro provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Bro has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber-infrastructure. Bro's user community includes major universities, research labs, supercomputing centers, and open-science communities.

Changes: Multiple additions and improvements.
tags | tool, intrusion detection
systems | unix
MD5 | ab72dfae355629352b3cb67a849651f7
FASM 1.7.21 Buffer Overflow
Posted Jun 27, 2017
Authored by Juan Sacco

FASM (Flat Assembler) versions 1.7.21 and below suffer from a buffer overflow vulnerability.

tags | exploit, overflow
MD5 | 7c1545562143b51d0bc05b2a8fb262b9
Ubuntu Security Notice USN-3341-1
Posted Jun 27, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3341-1 - An out-of-bounds write was discovered in systemd-resolved when handling specially crafted DNS responses. A remote attacker could potentially exploit this to cause a denial of service or execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2017-9445
MD5 | 1fbc147fc434485d00a156223ee7e70d
Microsoft Word MTA Handler Remote Code Execution
Posted Jun 27, 2017
Authored by Juan Sacco

This exploit leverages an MTA handler remote code execution vulnerability in Microsoft Word.

tags | exploit, remote, code execution
advisories | CVE-2017-0199
MD5 | 85fe06cb7ff43ba872bc7b0a4c7dd68f
WordPress Ultimate Product Catalogue 4.2.2 SQL Injection
Posted Jun 27, 2017
Authored by Lenon Leite

WordPress Ultimate Product Catalogue plugin version 4.2.2 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 0b8f89a4cec8f5c5303d80a98a2d4d79
Freeware Advanced Audio Decoder 2 (FAAD2) Denial Of Service
Posted Jun 27, 2017
Authored by qflb.wu

The mp4ff_read_stsd function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 (FAAD2) version 2.7 can cause a denial of service (invalid memory read and application crash) via a crafted mp4 file.

tags | exploit, denial of service
advisories | CVE-2017-9218, CVE-2017-9219, CVE-2017-9220, CVE-2017-9221, CVE-2017-9222, CVE-2017-9223, CVE-2017-9253, CVE-2017-9254, CVE-2017-9255, CVE-2017-9256, CVE-2017-9257
MD5 | 5cb0d8a678da95d4731bc02abbaca1f7
Debian Security Advisory 3899-1
Posted Jun 27, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3899-1 - Several vulnerabilities have been found in VLC, the VideoLAN project's media player. Processing malformed subtitles or movie files could lead to denial of service and potentially the execution of arbitrary code.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, debian
advisories | CVE-2017-8310, CVE-2017-8311, CVE-2017-8312, CVE-2017-8313
MD5 | a1d34c086e8bc1a03303567e05276337
Gentoo Linux Security Advisory 201706-29
Posted Jun 27, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201706-29 - A vulnerability in KAuth and KDELibs allows local users to gain root privileges. Versions less than 5.29.0-r1 are affected.

tags | advisory, local, root
systems | linux, gentoo
advisories | CVE-2017-8422
MD5 | 2e1adf52af34eb87ae2a65436a78b1ea
Gentoo Linux Security Advisory 201706-28
Posted Jun 27, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201706-28 - Multiple vulnerabilities have been found in LibreOffice, the worst of which allows for the remote execution of arbitrary code. Versions less than 5.2.7.2 are affected.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2016-10327, CVE-2017-7870
MD5 | f11759f05f81c9d7d5ec8ca48cedfe85
Gentoo Linux Security Advisory 201706-27
Posted Jun 27, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201706-27 - A vulnerability in FreeRADIUS might allow remote attackers to bypass authentication. Versions less than 3.0.14 are affected.

tags | advisory, remote
systems | linux, gentoo
advisories | CVE-2017-9148
MD5 | ae9728b882a22e6bb4f83750ae90f32b
Red Hat Security Advisory 2017-1576-01
Posted Jun 27, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-1576-01 - Mercurial is a fast, lightweight source control management system designed for efficient handling of very large distributed projects. Security Fix: A flaw was found in the way "hg serve --stdio" command in Mercurial handled command-line options. A remote, authenticated attacker could use this flaw to execute arbitrary code on the Mercurial server by using specially crafted command-line options.

tags | advisory, remote, arbitrary
systems | linux, redhat
advisories | CVE-2017-9462
MD5 | 1056bd2f8fbd1fed5f01f207691ee545
Slackware Security Advisory - kernel Updates
Posted Jun 27, 2017
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New kernel packages are available for Slackware 14.2 and -current to fix security issues.

tags | advisory, kernel
systems | linux, slackware
advisories | CVE-2017-1000364, CVE-2017-1000365
MD5 | f766e50991a89ab3dca3597c9c697e30
Microsoft Security Bulletin CVE Update For June, 2017
Posted Jun 27, 2017
Site microsoft.com

This Microsoft bulletin summary lists many CVEs that have undergone a major revision increment.

tags | advisory
advisories | CVE-2017-0173, CVE-2017-0193, CVE-2017-0215, CVE-2017-0216, CVE-2017-0218, CVE-2017-0219, CVE-2017-0282, CVE-2017-0283, CVE-2017-0284, CVE-2017-0285, CVE-2017-0286, CVE-2017-0287, CVE-2017-0288, CVE-2017-0289, CVE-2017-0291, CVE-2017-0292, CVE-2017-0294, CVE-2017-0295, CVE-2017-0296, CVE-2017-0297, CVE-2017-0298, CVE-2017-0299, CVE-2017-0300, CVE-2017-8460, CVE-2017-8462, CVE-2017-8464, CVE-2017-8465, CVE-2017-8466
MD5 | 93a88df7749e25498fd64e1f56eeb861
GLPI 0.90.4 SQL Injection
Posted Jun 27, 2017
Authored by Eric Carter

GLPI version 0.90.4 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2016-7508
MD5 | c69a23b9f7146e1db3b123582497e405
Easy File Sharing Web Server 7.2 Buffer Overflow
Posted Jun 27, 2017
Authored by clubjk

Easy File Sharing Web Server version 7.2 GET HTTP request buffer overflow exploit.

tags | exploit, web, overflow
MD5 | 8f01d366a360414c32e90e350d821ce1
Ubuntu Security Notice USN-3340-1
Posted Jun 26, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3340-1 - Emmanuel Dreyfus discovered that third-party modules using the ap_get_basic_auth_pw function outside of the authentication phase may lead to authentication requirements being bypassed. This update adds a new ap_get_basic_auth_components function for use by third-party modules. Vasileios Panopoulos discovered that the Apache mod_ssl module may crash when third-party modules call ap_hook_process_connection during an HTTP request to an HTTPS port. Various other issues were also addressed.

tags | advisory, web
systems | linux, ubuntu
advisories | CVE-2017-3167, CVE-2017-3169, CVE-2017-7668, CVE-2017-7679
MD5 | e9929f4f48d68556f27b3ffbbdf309c5
Page 2 of 18
Back12345Next

File Archive:

November 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    22 Files
  • 2
    Nov 2nd
    28 Files
  • 3
    Nov 3rd
    10 Files
  • 4
    Nov 4th
    1 Files
  • 5
    Nov 5th
    5 Files
  • 6
    Nov 6th
    15 Files
  • 7
    Nov 7th
    15 Files
  • 8
    Nov 8th
    13 Files
  • 9
    Nov 9th
    9 Files
  • 10
    Nov 10th
    9 Files
  • 11
    Nov 11th
    3 Files
  • 12
    Nov 12th
    2 Files
  • 13
    Nov 13th
    15 Files
  • 14
    Nov 14th
    17 Files
  • 15
    Nov 15th
    19 Files
  • 16
    Nov 16th
    15 Files
  • 17
    Nov 17th
    19 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close