what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 15 of 15 RSS Feed

Files Date: 2017-12-05 to 2017-12-06

Ubuntu Security Notice USN-3504-1
Posted Dec 5, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3504-1 - Wei Lei discovered that libxml2 incorrectly handled certain parameter entities. An attacker could use this issue with specially constructed XML data to cause libxml2 to consume resources, leading to a denial of service.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2017-16932
SHA-256 | 2d7133902f073433cd35586f29033e49d7a38a7defd8701eaf17ac23e034f979
Ubuntu Security Notice USN-3504-2
Posted Dec 5, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3504-2 - USN-3504-1 fixed a vulnerability in libxml2. This update provides the corresponding update for Ubuntu 12.04 ESM. Wei Lei discovered that libxml2 incorrecty handled certain parameter entities. An attacker could use this issue with specially constructed XML data to cause libxml2 to consume resources, leading to a denial of service. Various other issues were also addressed.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2017-16932
SHA-256 | 550891e209d1dfc899c955eda46fc3dcf88795f550d0ab9e7aba26c3842b2c2d
Red Hat Security Advisory 2017-3384-01
Posted Dec 5, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-3384-01 - Liblouis is an open source braille translator and back-translator named in honor of Louis Braille. It features support for computer and literary braille, supports contracted and uncontracted translation for many languages and has support for hyphenation. New languages can easily be added through tables that support a rule or dictionary based approach. Liblouis also supports math braille. Security Fix: A missing fix for one stack-based buffer overflow in findTable() for CVE-2014-8184 was discovered. An attacker could cause denial of service or potentially allow arbitrary code execution.

tags | advisory, denial of service, overflow, arbitrary, code execution
systems | linux, redhat
advisories | CVE-2017-15101
SHA-256 | 1a0bf6f98741008508a385c3309778f12866e75fa61c2f513f8dc753f48b212a
WordPress Smart Marketing SMS And Newsletters Forms 1.1.1 XSS
Posted Dec 5, 2017
Authored by Ricardo Sanchez

WordPress Smart Marketing SMS and Newsletters Forms plugin version 1.1.1 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | a05b059e1de95d32d822c5f6bc6f1883f623d572f53d12dac27bca4c0cea3a39
VirtualBox Man-In-The-Middle
Posted Dec 5, 2017
Authored by Mark Wadham

VirtualBox suffers from a remote code execution vulnerability due to downloading updates over HTTP.

tags | exploit, remote, web, code execution
SHA-256 | dc6c5ec2366eb6166eb7b5ba27a41e8273d90373aa4c3f39b97e8ab9e3cbe815
Claymore's Dual Miner 10.1 Stack Buffer Overflow
Posted Dec 5, 2017
Authored by tintinweb

Claymore's Dual ETH + DCR/SC/LBC/PASC GPU Miner versions 10.1 and below suffer from a stack buffer overflow vulnerability.

tags | exploit, overflow
advisories | CVE-2017-16929, CVE-2017-16930
SHA-256 | a59d636515be6ca89561ff29721505d9bf3a28ea5e4eba109fda29df19bd00e5
WordPress WP Mailster 1.5.4.0 Cross Site Scripting
Posted Dec 5, 2017
Authored by Ricardo Sanchez

WordPress WP Mailster plugin version 1.5.4.0 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 37fa64bfee610bf9b21e5b9f49bb10c5b002d32d4802946a042e53f6bb33e301
BSides SF 2018 Call For Papers
Posted Dec 5, 2017
Site bsidessf.org

BSides SF is soliciting papers and presentations for the 2018 annual BSidesSF conference. It will be located at City View at the Metreon in downtown San Francisco April 15th through the 16th, 2018.

tags | paper, conference
SHA-256 | 3309bfd7427077510f3a8daea523b692cd1993d1c7857abb7c2cd0eecefe4fb4
WordPress Z-URL Preview 1.6.1 Cross Site Scripting
Posted Dec 5, 2017
Authored by Ricardo Sanchez

WordPress Z-URL Preview plugin version 1.6.1 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | f085060078b1cd385017021bff5914dfed6f195967a9ca5d623b710fde2558a8
WordPress Super Simple Custom CSS 1.2 Cross Site Scripting
Posted Dec 5, 2017
Authored by Ricardo Sanchez

WordPress Super Simple Custom CSS plugin version 1.2 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | b18fda0d1738e55af004cf075d75ccc6cfcc510a0ea9658ca2a4c9ca0e6e854a
WordPress 3rd-Party Inject Results 0.2 Cross Site Scripting
Posted Dec 5, 2017
Authored by Ricardo Sanchez

WordPress 3rd-Party Inject Results plugin version 0.2 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 89409319c0ee73580c4df3126a2c104b6729c995fbe75a9c71fa8917a8a6ef66
Chakra CFG Bypass By Overwriting JavaScript Bytecode
Posted Dec 5, 2017
Authored by Ivan Fratric, Google Security Research

Chakra suffers from a CFG bypass by overwriting JavaScript bytecode.

tags | advisory, javascript
SHA-256 | daeedb6b41591772a884afa12e566a242f6e1b0d3ee1312f4e2dfdeff93e89eb
Chakra CFG Bypass Due To Bug In ServerFreeAllocation
Posted Dec 5, 2017
Authored by Ivan Fratric, Google Security Research

Charka suffers from a CFG bypass due to a bug in ServerFreeAllocation.

tags | advisory
advisories | CVE-2017-11874
SHA-256 | 3d19e7cbedb472d2428edd6222fbd45a4c7b0fc67382167d792c513a4d2719d5
Chakra CFG Bypass With leafInterpreterFrame
Posted Dec 5, 2017
Authored by Ivan Fratric, Google Security Research

Chakra suffers from a CFG bypass with leafInterpreterFrame. Every JavaScript variable in Chakra (except a tagged int) is a pointer. From this pointer, using an arbitrary read, it is possible to follow a chain of pointers and end up with a pointer to the native stack. This allows disclosing the stack location and subsequently overwriting a return address on the stack leading to CFG bypass.

tags | advisory, arbitrary, javascript
SHA-256 | e0fbcd6d6c6068eeac50241aac0d32bd46ce7a53f66113cb469ea260e17d8537
Arq Backup 5.9.7 Local Root Privilege Escalation
Posted Dec 5, 2017
Authored by Mark Wadham

Arq Backup versions 5.9.7 and below suffer from a local root privilege escalation vulnerability.

tags | exploit, local, root
advisories | CVE-2017-16895
SHA-256 | 0e161c5efdf746f9724868c34a011bbcdcfdd5de616bd01f8cdaf98ec4ded091
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close