what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 15 of 15 RSS Feed

Files Date: 2017-08-07 to 2017-08-08

WordPress Podlove Podcast Publisher 2.5.3 SQL Injection
Posted Aug 7, 2017
Authored by DefenseCode, Neven Biruski

WordPress Podlove Podcast Publisher plugin versions 2.5.3 and below suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | dc7e4831715fbb93ca6ee18c38fa2fb87560853f28673c4b78848d8a2c9b707e
WordPress PressForward 4.3.0 Cross Site Scripting
Posted Aug 7, 2017
Authored by DefenseCode, Neven Biruski

WordPress PressForward plugin versions 4.3.0 and below suffer from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 9149d5fd6fd493f3e94be2c3cc8a6fe5c63013bed56d64669eb18d0a79c6e30b
WordPress Easy Modal 2.0.17 SQL Injection
Posted Aug 7, 2017
Authored by DefenseCode, Neven Biruski

WordPress Easy Modal plugin versions 2.0.17 and below suffer multiple remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
SHA-256 | 531b64bb4ea2633f1109cd2e973907718935841b00e20a5924166294adf23b0d
Red Hat Security Advisory 2017-2429-01
Posted Aug 7, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-2429-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: The NFSv2 and NFSv3 server implementations in the Linux kernel through 4.10.13 lacked certain checks for the end of a buffer. A remote attacker could trigger a pointer-arithmetic error or possibly cause other unspecified impacts using crafted requests related to fs/nfsd/nfs3xdr.c and fs/nfsd/nfsxdr.c.

tags | advisory, remote, kernel
systems | linux, redhat
advisories | CVE-2017-7895
SHA-256 | 35f09b561cc3a73c346f0cf027292fad0f419e997312ef76f43aa53292831960
Ubuntu Security Notice USN-3381-2
Posted Aug 7, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3381-2 - USN-3381-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 ESM. Peter Pi discovered that the colormap handling for frame buffer devices in the Linux kernel contained an integer overflow. A local attacker could use this to disclose sensitive information. Various other issues were also addressed.

tags | advisory, overflow, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2016-8405, CVE-2017-1000365, CVE-2017-2618, CVE-2017-7482
SHA-256 | 489b6e193ebc3ef47b3f2c9c6ca9f481dfc633a32d41a0677dabd8b8895df88d
Ubuntu Security Notice USN-3381-1
Posted Aug 7, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3381-1 - Peter Pi discovered that the colormap handling for frame buffer devices in the Linux kernel contained an integer overflow. A local attacker could use this to disclose sensitive information. It was discovered that the Linux kernel did not properly restrict RLIMIT_STACK size. A local attacker could use this in conjunction with another vulnerability to possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, overflow, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2016-8405, CVE-2017-1000365, CVE-2017-2618, CVE-2017-7482
SHA-256 | c59a0e7f3fcafa98c5a9b1e95b8d8c5172f2b12fde13c8be4473a277582b448e
Ubuntu Security Notice USN-3380-1
Posted Aug 7, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3380-1 - It was discovered that FreeRDP incorrectly handled certain width and height values. A malicious server could use this issue to cause FreeRDP to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only applied to Ubuntu 14.04 LTS. It was discovered that FreeRDP incorrectly handled certain values in a Scope List. A malicious server could use this issue to cause FreeRDP to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2014-0250, CVE-2014-0791, CVE-2017-2834, CVE-2017-2835, CVE-2017-2836, CVE-2017-2837, CVE-2017-2838, CVE-2017-2839
SHA-256 | 21a7bcf6ea1779f95874edb4e02a17ae58572f33f2ab7e0cfa75d484d24397f2
Red Hat Security Advisory 2017-2428-01
Posted Aug 7, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-2428-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: The NFSv2 and NFSv3 server implementations in the Linux kernel through 4.10.13 lacked certain checks for the end of a buffer. A remote attacker could trigger a pointer-arithmetic error or possibly cause other unspecified impacts using crafted requests related to fs/nfsd/nfs3xdr.c and fs/nfsd/nfsxdr.c.

tags | advisory, remote, kernel
systems | linux, redhat
advisories | CVE-2017-7895
SHA-256 | b24276eaab78eefda1c8a01d0de84da7f77925100ae63c535bc7aa1c40f37577
Debian Security Advisory 3927-1
Posted Aug 7, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3927-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, debian
advisories | CVE-2017-1000365, CVE-2017-10810, CVE-2017-10911, CVE-2017-11176, CVE-2017-7346, CVE-2017-7482, CVE-2017-7533, CVE-2017-7541, CVE-2017-7542, CVE-2017-9605
SHA-256 | 9f9c5bb5b6146a8be5b426602758bdbc89de02e6443b2d13e49692986ac5645e
Red Hat Security Advisory 2017-2423-01
Posted Aug 7, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-2423-01 - Log4j is a tool to help the programmer output log statements to a variety of output targets. Security Fix: It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application.

tags | advisory, remote, arbitrary, udp, tcp
systems | linux, redhat
advisories | CVE-2017-5645
SHA-256 | 84382255e826dea01a925431a5a2c76c94c7e4af2c60c0fdce397f830546649a
Red Hat Security Advisory 2017-2425-01
Posted Aug 7, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-2425-01 - PostgreSQL is an advanced object-relational database management system. The following packages have been upgraded to a later upstream version: rh-postgresql95-postgresql. Security Fix: A flaw was found in the way PostgreSQL server handled certain SQL statements containing CASE/WHEN commands. A remote, authenticated attacker could use a specially crafted SQL statement to cause PostgreSQL to crash or disclose a few bytes of server memory or possibly execute arbitrary code.

tags | advisory, remote, arbitrary
systems | linux, redhat
advisories | CVE-2016-5423, CVE-2016-5424, CVE-2017-7484, CVE-2017-7485, CVE-2017-7486
SHA-256 | ca8ad47d3f723a61273cac1700b53c8711537097c80d0745760b2136039712be
Ubuntu Security Notice USN-3379-1
Posted Aug 7, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3379-1 - It was discovered that Shotwell is vulnerable to an information disclosure in the web publishing plugins resulting in potential password and oauth token plaintext transmission.

tags | advisory, web, info disclosure
systems | linux, ubuntu
SHA-256 | 4fb37cfe2d2d21f94a8c8c8411163380d8b6a86ca72a5b7c899747bc6b5cd93d
Red Hat Security Advisory 2017-2424-01
Posted Aug 7, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-2424-01 - The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. Security Fix: It was discovered that the DCG implementation in the RMI component of OpenJDK failed to correctly handle references. A remote attacker could possibly use this flaw to execute arbitrary code with the privileges of RMI registry or a Java RMI application. Multiple flaws were discovered in the RMI, JAXP, ImageIO, Libraries, AWT, Hotspot, and Security components in OpenJDK. An untrusted Java application or applet could use these flaws to completely bypass Java sandbox restrictions.

tags | advisory, java, remote, arbitrary, registry
systems | linux, redhat
advisories | CVE-2017-10053, CVE-2017-10067, CVE-2017-10074, CVE-2017-10081, CVE-2017-10087, CVE-2017-10089, CVE-2017-10090, CVE-2017-10096, CVE-2017-10101, CVE-2017-10102, CVE-2017-10107, CVE-2017-10108, CVE-2017-10109, CVE-2017-10110, CVE-2017-10115, CVE-2017-10116, CVE-2017-10135, CVE-2017-10243
SHA-256 | 324dc935f9f63578837b9393e96e87eaa7c0668e94af4e508c55421246d2aa72
Ubuntu Security Notice USN-3339-2
Posted Aug 7, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3339-2 - USN-3339-1 fixed several issues in OpenVPN. This update provides the corresponding update for Ubuntu 12.04 ESM. A Guido Vranken discovered that OpenVPN incorrectly handled an HTTP A proxy with NTLM authentication. A remote attacker could use this issue A to cause OpenVPN clients to crash, resulting in a denial of service, A or possibly expose sensitive memory contents. Various other issues were also addressed.

tags | advisory, remote, web, denial of service
systems | linux, ubuntu
advisories | CVE-2017-7520
SHA-256 | 641ac152ac3ba505d9a7362ea8e3560555245dddfbb68bb739fa139421132dbf
Ubuntu Security Notice USN-3212-4
Posted Aug 7, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3212-4 - USN-3212-1 fixed several issues in LibTIFF. This update provides a subset of corresponding update for Ubuntu 12.04 ESM. Mei Wang discovered a multiple integer overflows in LibTIFF which allows remote attackers to cause a denial of service or execute arbitrary code via a crafted TIFF image, which triggers an out-of-bounds write. It was discovered that LibTIFF is vulnerable to a heap buffer overflow in the resulting in DoS or code execution via a crafted BitsPerSample value. Various other issues were also addressed.

tags | advisory, remote, denial of service, overflow, arbitrary, code execution
systems | linux, ubuntu
advisories | CVE-2016-3945, CVE-2017-5225
SHA-256 | 625841e6e136c10df9842e2ab1d565a61bef90e5e8d2f253eb6dd50f01f6ddc9
Page 1 of 1
Back1Next

File Archive:

September 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    23 Files
  • 2
    Sep 2nd
    12 Files
  • 3
    Sep 3rd
    0 Files
  • 4
    Sep 4th
    0 Files
  • 5
    Sep 5th
    10 Files
  • 6
    Sep 6th
    8 Files
  • 7
    Sep 7th
    30 Files
  • 8
    Sep 8th
    14 Files
  • 9
    Sep 9th
    26 Files
  • 10
    Sep 10th
    0 Files
  • 11
    Sep 11th
    0 Files
  • 12
    Sep 12th
    5 Files
  • 13
    Sep 13th
    28 Files
  • 14
    Sep 14th
    15 Files
  • 15
    Sep 15th
    17 Files
  • 16
    Sep 16th
    9 Files
  • 17
    Sep 17th
    0 Files
  • 18
    Sep 18th
    0 Files
  • 19
    Sep 19th
    12 Files
  • 20
    Sep 20th
    15 Files
  • 21
    Sep 21st
    20 Files
  • 22
    Sep 22nd
    13 Files
  • 23
    Sep 23rd
    12 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    30 Files
  • 27
    Sep 27th
    27 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close