Exploit the possiblities
Showing 1 - 25 of 12,722 RSS Feed

Local Files

Ubuntu Security Notice USN-3509-3
Posted Dec 15, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3509-3 - USN-3509-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. Unfortunately, it also introduced a regression that prevented the Ceph network filesystem from being used. This update fixes the problem. Mohamed Ghannam discovered that a use-after-free vulnerability existed in the Netlink subsystem in the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2017-1000405, CVE-2017-12193, CVE-2017-16643, CVE-2017-16939
MD5 | 7b0de306b43e15046d1562aa3c463ed8
TeamCity 2017.1.5 Privilege Escalation
Posted Dec 10, 2017
Authored by Heliand Dema

TeamCity version 2017.1.5 suffers from a local privilege escalation vulnerability due to weak file permissions.

tags | exploit, local
MD5 | 22c03cd9c7bec2d6c2dafd0fa29c7ae1
Kernel Live Patch Security Notice LSN-0033-1
Posted Dec 9, 2017
Authored by Benjamin M. Romer

Mohamed Ghannam discovered that a use-after-free vulnerability existed in the Netlink subsystem (XFRM) in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. It was discovered that the Linux kernel did not properly handle copy-on- write of transparent huge pages. A local attacker could use this to cause a denial of service (application crashes) or possibly gain administrative privileges. It was discovered that a race condition existed in the ALSA subsystem of the Linux kernel when creating and deleting a port via ioctl(). A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux
advisories | CVE-2017-1000405, CVE-2017-15265, CVE-2017-16939
MD5 | ca77a2333d4c9ee49fdd8d0056475a48
Ubuntu Security Notice USN-3507-2
Posted Dec 9, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3507-2 - Mohamed Ghannam discovered that a use-after-free vulnerability existed in the Netlink subsystem in the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the Linux kernel did not properly handle copy-on- write of transparent huge pages. A local attacker could use this to cause a denial of service or possibly gain administrative privileges. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2017-1000405, CVE-2017-12193, CVE-2017-15299, CVE-2017-15306, CVE-2017-15951, CVE-2017-16939
MD5 | e4e9ca45d6a9e4cece95a15bfca16c42
Ubuntu Security Notice USN-3511-1
Posted Dec 9, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3511-1 - Mohamed Ghannam discovered that a use-after-free vulnerability existed in the Netlink subsystem in the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the Linux kernel did not properly handle copy-on- write of transparent huge pages. A local attacker could use this to cause a denial of service or possibly gain administrative privileges. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2017-1000405, CVE-2017-16939
MD5 | 9e7a4f198355b4645387c08f75f34134
Ubuntu Security Notice USN-3510-2
Posted Dec 9, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3510-2 - USN-3510-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 ESM. Mohamed Ghannam discovered that a use-after-free vulnerability existed in the Netlink subsystem in the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2017-1000405, CVE-2017-16939
MD5 | a759e1476a777349ca39f619d2d7e469
Ubuntu Security Notice USN-3510-1
Posted Dec 9, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3510-1 - Mohamed Ghannam discovered that a use-after-free vulnerability existed in the Netlink subsystem in the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the Linux kernel did not properly handle copy-on- write of transparent huge pages. A local attacker could use this to cause a denial of service or possibly gain administrative privileges. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2017-1000405, CVE-2017-16939
MD5 | c760dcb9902f64f23bb4e67232a51fbb
Ubuntu Security Notice USN-3509-2
Posted Dec 7, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3509-2 - USN-3509-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. Mohamed Ghannam discovered that a use-after-free vulnerability existed in the Netlink subsystem in the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2017-1000405, CVE-2017-12193, CVE-2017-16643, CVE-2017-16939
MD5 | 9992cce2660b19d70d3414673f02ab80
Ubuntu Security Notice USN-3509-1
Posted Dec 7, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3509-1 - Mohamed Ghannam discovered that a use-after-free vulnerability existed in the Netlink subsystem in the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the Linux kernel did not properly handle copy-on- write of transparent huge pages. A local attacker could use this to cause a denial of service or possibly gain administrative privileges. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2017-1000405, CVE-2017-12193, CVE-2017-16643, CVE-2017-16939
MD5 | ecebac920cb50284c6fd809011424590
Ubuntu Security Notice USN-3508-2
Posted Dec 7, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3508-2 - USN-3508-1 fixed vulnerabilities in the Linux kernel for Ubuntu 17.04. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 17.04 for Ubuntu 16.04 LTS. Mohamed Ghannam discovered that a use-after-free vulnerability existed in the Netlink subsystem in the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2017-1000405, CVE-2017-12146, CVE-2017-16939
MD5 | bc816d54ebe529dd5225953bb2b33b51
Ubuntu Security Notice USN-3508-1
Posted Dec 7, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3508-1 - Mohamed Ghannam discovered that a use-after-free vulnerability existed in the Netlink subsystem in the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the Linux kernel did not properly handle copy-on- write of transparent huge pages. A local attacker could use this to cause a denial of service or possibly gain administrative privileges. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2017-1000405, CVE-2017-12146, CVE-2017-16939
MD5 | 61ffeaad7d5d235842725a3fe5d4f465
Ubuntu Security Notice USN-3507-1
Posted Dec 7, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3507-1 - Mohamed Ghannam discovered that a use-after-free vulnerability existed in the Netlink subsystem in the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the Linux kernel did not properly handle copy-on- write of transparent huge pages. A local attacker could use this to cause a denial of service or possibly gain administrative privileges. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2017-1000405, CVE-2017-12193, CVE-2017-15299, CVE-2017-15306, CVE-2017-15951, CVE-2017-16535, CVE-2017-16643, CVE-2017-16939
MD5 | ee6c4d967ff24654f431006a52b99e57
Apple macOS 10.13.1 High Sierra Cron Privilege Escalation
Posted Dec 7, 2017
Authored by Mark Wadham

Apple macOS version 10.13.1 (High Sierra) suffers from a cron related local privilege escalation vulnerability that allows you to gain root privileges.

tags | exploit, local, root
systems | apple
MD5 | 9473afa208319a6ea6560b35916c5529
Hashicorp vagrant-vmware-fusion 5.0.0 Local Privilege Escalation
Posted Dec 6, 2017
Authored by Mark Wadham

Hashicorp vagrant-vmware-fusion version 5.0.0 suffers from a local privilege escalation vulnerability.

tags | exploit, local
advisories | CVE-2017-15884
MD5 | 67c32f8adbb3c77173ea935bc333bec2
Proxifier For Mac 2.19 Local Privilege Escalation
Posted Dec 6, 2017
Authored by Mark Wadham

Proxifier for Mac version 2.19 suffers from a local privilege escalation vulnerability.

tags | exploit, local
advisories | CVE-2017-7690
MD5 | d0c62a83cfc1993b3ac6b5c70fa0d116
Murus 1.4.11 Local Privilege Escalation
Posted Dec 6, 2017
Authored by Mark Wadham

Murus version 1.4.11 suffers from a local privilege escalation vulnerability.

tags | exploit, local
MD5 | d389d0f0661a3286a1adb58fb2b586f0
Hashicorp vagrant-vmware-fusion 5.0.3 Local Privilege Escalation
Posted Dec 6, 2017
Authored by Mark Wadham

Hashicorp vagrant-vmware-fusion version 5.0.3 suffers from a local privilege escalation vulnerability.

tags | exploit, local
advisories | CVE-2017-16777
MD5 | 63d517b9db2db0473cf43010c6e7d629
Hashicorp vagrant-vmware-fusion 5.0.1 Local Privilege Escalation
Posted Dec 6, 2017
Authored by Mark Wadham

Hashicorp vagrant-vmware-fusion version 5.0.1 suffers from a local privilege escalation vulnerability.

tags | exploit, local
advisories | CVE-2017-16001
MD5 | c82574786dcb632ff529eddda6528803
Arq Backup 5.9.7 Local Root Privilege Escalation
Posted Dec 5, 2017
Authored by Mark Wadham

Arq Backup versions 5.9.7 and below suffer from a local root privilege escalation vulnerability.

tags | exploit, local, root
advisories | CVE-2017-16895
MD5 | 6e034780e44ad140d984b98d2baff8d8
Arq Backup 5.9.6 Local Root Privilege Escalation
Posted Dec 4, 2017
Authored by Mark Wadham

Arq Backup versions 5.9.6 and below suffer from a local root privilege escalation vulnerability.

tags | exploit, local, root
advisories | CVE-2017-15357
MD5 | 2cf34b399d49d64d0321379e8239a52e
Red Hat Security Advisory 2017-3379-01
Posted Dec 4, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-3379-01 - The System Security Services Daemon service provides a set of daemons to manage access to remote directories and authentication mechanisms. It also provides the Name Service Switch and the Pluggable Authentication Modules interfaces toward the system, and a pluggable back-end system to connect to multiple different account sources. Security Fix: It was found that sssd's sysdb_search_user_by_upn_res() function did not sanitize requests when querying its local cache and was vulnerable to injection. In a centralized login environment, if a password hash was locally cached for a given user, an authenticated attacker could use this flaw to retrieve it.

tags | advisory, remote, local
systems | linux, redhat
advisories | CVE-2017-12173
MD5 | 7f4b313a6c09b1de5b59cb9a844524f0
TOR Virtual Network Tunneling Tool 0.3.1.9
Posted Dec 4, 2017
Authored by Roger Dingledine | Site tor.eff.org

Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).

Changes: Tor 0.3.1.9 backports important security and stability fixes from the 0.3.2 development series.
tags | tool, remote, local, peer2peer
systems | unix
MD5 | 585e62d086ae7df7cd873f735d726118
WinduCMS 3.1 Local File Disclosure
Posted Dec 3, 2017
Authored by Maciej Krupa

WinduCMS versions 3.1 and below suffer from a local file disclosure vulnerability.

tags | exploit, local, info disclosure
MD5 | 844f1243f111209eb9021ad59ea37669
aws-cfn-bootstrap Local Code Execution
Posted Dec 1, 2017
Authored by Harry Sintonen

aws-cfn-bootstrap versions prior to 1.4-22.14 suffer from a local code execution vulnerability.

tags | exploit, local, code execution
advisories | CVE-2017-9450
MD5 | 959ceb0942bc38ddb3afd790bfa315c3
Red Hat Security Advisory 2017-3295-01
Posted Nov 30, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-3295-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix: It was found that the timer functionality in the Linux kernel ALSA subsystem is prone to a race condition between read and ioctl system call handlers, resulting in an uninitialized memory disclosure to user space. A local user could use this flaw to read information belonging to other users.

tags | advisory, kernel, local
systems | linux, redhat
advisories | CVE-2017-1000380
MD5 | 337af38a963b49cab2ac004afdca7cc8
Page 1 of 509
Back12345Next

File Archive:

December 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    15 Files
  • 2
    Dec 2nd
    2 Files
  • 3
    Dec 3rd
    1 Files
  • 4
    Dec 4th
    15 Files
  • 5
    Dec 5th
    15 Files
  • 6
    Dec 6th
    18 Files
  • 7
    Dec 7th
    17 Files
  • 8
    Dec 8th
    15 Files
  • 9
    Dec 9th
    13 Files
  • 10
    Dec 10th
    4 Files
  • 11
    Dec 11th
    41 Files
  • 12
    Dec 12th
    44 Files
  • 13
    Dec 13th
    25 Files
  • 14
    Dec 14th
    15 Files
  • 15
    Dec 15th
    28 Files
  • 16
    Dec 16th
    3 Files
  • 17
    Dec 17th
    13 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close