Twenty Year Anniversary
Showing 101 - 125 of 25,673 RSS Feed

Remote Files

Ubuntu Security Notice USN-3591-1
Posted Mar 6, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3591-1 - James Davis discovered that Django incorrectly handled certain template filters. A remote attacker could possibly use this issue to cause Django to consume resources, resulting in a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2018-7536, CVE-2018-7537
MD5 | 3b9c5f6dfb0058d9e800a5339c271172
Red Hat Security Advisory 2018-0414-01
Posted Mar 6, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0414-01 - 389 Directory Server is an LDAP version 3 compliant server. The base packages include the Lightweight Directory Access Protocol server and command-line utilities for server administration. Security Fix: 389-ds-base: remote Denial of Service via search filters in SetUnicodeStringFromUTF_8 in collate.c 389-ds-base: Authentication bypass due to lack of size check in slapi_ct_memcmp function in ch_malloc.c.

tags | advisory, remote, denial of service, protocol
systems | linux, redhat
advisories | CVE-2017-15135, CVE-2018-1054
MD5 | 6911139227365a53604641748be0ba4f
Debian Security Advisory 4128-1
Posted Mar 5, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4128-1 - Several vulnerabilities were discovered in Apache Traffic Server, a reverse and forward proxy server. They could lead to the use of an incorrect upstream proxy, or allow a remote attacker to cause a denial-of-service by application crash.

tags | advisory, remote, vulnerability
systems | linux, debian
advisories | CVE-2017-5660, CVE-2017-7671
MD5 | 9f749e62dd2b900735379f6dff507029
Ubuntu Security Notice USN-3588-1
Posted Mar 5, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3588-1 - Daniel Shapira discovered an integer overflow issue in Memcached. A remote attacker could use this to cause a denial of service. It was discovered that Memcached listened to UDP by default. A remote attacker could use this as part of a distributed denial of service attack.

tags | advisory, remote, denial of service, overflow, udp
systems | linux, ubuntu
advisories | CVE-2017-9951, CVE-2018-1000115
MD5 | d801359fde7a431a2661008a3f1439a6
Ubuntu Security Notice USN-3587-1
Posted Mar 5, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3587-1 - It was discovered that Dovecot incorrectly handled parsing certain email addresses. A remote attacker could use this issue to cause Dovecot to crash, resulting in a denial of service, or possibly obtain sensitive information. It was discovered that Dovecot incorrectly handled TLS SNI config lookups. A remote attacker could possibly use this issue to cause Dovecot to crash, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2017-14461, CVE-2017-15130
MD5 | d950c50445bd3f0c41053e96a325ea91
Ubuntu Security Notice USN-3575-2
Posted Mar 5, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3575-2 - USN-3575-1 fixed vulnerabilities in QEMU. The fix for CVE-2017-11334 caused a regression in Xen environments. This update removes the problematic fix pending further investigation. It was discovered that QEMU incorrectly handled guest ram. A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. David Buchanan discovered that QEMU incorrectly handled the VGA device. A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. This issue was only addressed in Ubuntu 17.10. Thomas Garnier discovered that QEMU incorrectly handled multiboot. An attacker could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code on the host. In the default installation, when QEMU is used with libvirt, attackers would be isolated by the libvirt AppArmor profile. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, vulnerability
systems | linux, ubuntu
advisories | CVE-2017-11334, CVE-2017-13672, CVE-2017-14167, CVE-2017-15038, CVE-2017-15118, CVE-2017-15119, CVE-2017-15124, CVE-2017-15268, CVE-2017-15289, CVE-2017-16845, CVE-2017-17381, CVE-2017-18043, CVE-2018-5683
MD5 | 8897bd653068b95fd874eb483496b3a5
CloudMe Sync 1.9.2 Remote Buffer Overflow
Posted Mar 5, 2018
Authored by r00tpgp

CloudMe Sync version 1.9.2 remote buffer overflow exploit. Tested on Win7 32b SP1.

tags | exploit, remote, overflow
advisories | CVE-2018-6892
MD5 | 0aad6d2a48bef8836345a0cdb5dad99c
TOR Virtual Network Tunneling Tool 0.3.2.10
Posted Mar 4, 2018
Authored by Roger Dingledine | Site tor.eff.org

Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).

Changes: Tor 0.3.2.10 is the second stable release in the 0.3.2 series. It backports a number of bugfixes, including important fixes for security issues.
tags | tool, remote, local, peer2peer
systems | unix
MD5 | a8b8b3db93f87a5c061109dbd8cd5309
OTRS Command Injection
Posted Mar 3, 2018
Authored by Ali BawazeEer

OTRS versions 5.0.0 through 5.0.24 and 6.0.0 through 6.0.1 suffer from remote code execution vulnerabilities.

tags | exploit, remote, vulnerability, code execution, file upload
advisories | CVE-2018-7567
MD5 | ac1bc6a06bf339a083573a1b4efc681c
TestLink Open Source Test Management Remote Code Execution
Posted Mar 2, 2018
Authored by Manish Tanwar

TestLink Open Source Test Management versions prior to 1.9.16 suffer from a remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2018-7466
MD5 | 40910cbcf1e8ab75e88a90a24e42fce2
Ubuntu Security Notice USN-3586-1
Posted Mar 1, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3586-1 - Konstantin Orekhov discovered that the DHCP server incorrectly handled a large number of concurrent TCP sessions. A remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. It was discovered that the DHCP server incorrectly handled socket descriptors. A remote attacker could possibly use this issue to cause a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service, tcp
systems | linux, ubuntu
advisories | CVE-2016-2774, CVE-2017-3144, CVE-2018-5732, CVE-2018-5733
MD5 | 08aea38d77f392f613434bd52973ae94
HP Security Bulletin MFSBGN03794 2
Posted Mar 1, 2018
Authored by HP | Site hp.com

HP Security Bulletin MFSBGN03794 2 - A potential security vulnerabilities has been identified in Micro Focus Operations Agent. The vulnerabilities could be remotely exploited to Remote Disclosure of Information. At this time Micro Focus Alarm Manager uses a vulnerable encryption infrastructure. Revision 2 of this advisory.

tags | advisory, remote, vulnerability
advisories | CVE-2016-6329
MD5 | afc9e132384c032fbf6de68ca14bef89
Red Hat Security Advisory 2018-0378-01
Posted Feb 28, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0378-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Security Fix: It was discovered that the Net::FTP module did not properly process filenames in combination with certain operations. A remote attacker could exploit this flaw to execute arbitrary commands by setting up a malicious FTP server and tricking a user or Ruby application into downloading files with specially crafted names using the Net::FTP module.

tags | advisory, remote, arbitrary, ruby
systems | linux, redhat
advisories | CVE-2017-0898, CVE-2017-0899, CVE-2017-0900, CVE-2017-0901, CVE-2017-0902, CVE-2017-0903, CVE-2017-10784, CVE-2017-14033, CVE-2017-14064, CVE-2017-17405, CVE-2017-17790
MD5 | 91a96a35a620b9a34ddbe39a2533462c
Red Hat Security Advisory 2018-0374-01
Posted Feb 28, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0374-01 - Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to managed machines automatically. Ansible Tower helps you scale IT automation, manage complex deployments and speed productivity. Centralize and control your IT infrastructure with a visual dashboard, role-based access control, job scheduling, integrated notifications and graphical inventory management. And Ansible Tower's REST API and CLI make it easy to embed Ansible Tower into existing tools and processes.

tags | advisory, remote
systems | linux, redhat
advisories | CVE-2017-12191
MD5 | 79b810e5c79927718ca56efc4f153d5e
ClipBucket SQL Injection / Command Injection / File Upload
Posted Feb 27, 2018
Authored by Fikri Fadzil, Wan Ikram, Jasveer Singh, Ahmad Ramadhan Amizudin | Site sec-consult.com

ClipBucket versions prior to 4.0.0 Release 4902 suffer from OS command injection, arbitrary file upload, and remote SQL injection vulnerabilities.

tags | exploit, remote, arbitrary, vulnerability, sql injection, file upload
MD5 | 5f01efc19d73b84eb391886d4efcadc7
HP Security Bulletin HPESBHF03826 1
Posted Feb 27, 2018
Authored by HP | Site hp.com

HP Security Bulletin HPESBHF03826 1 - A security vulnerability in HPE Integrated Lights-Out 3 (iLO 3) allows remote Denial of Service (DoS). Revision 1 of this advisory.

tags | advisory, remote, denial of service
advisories | CVE-2017-8987
MD5 | c56a899cce863475c8fa1639c39cb897
School Management Script 3.0.4 SQL Injection
Posted Feb 27, 2018
Authored by Samiran Santra

School Management Script version 3.0.4 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
advisories | CVE-2018-7477
MD5 | d390ad349e460d35d8493fd77e7a9e2d
Schools Alert Management Script 2.0.2 SQL Injection
Posted Feb 27, 2018
Authored by Prasenjit Kanti Paul

Schools Alert Management Script version 2.0.2 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
advisories | CVE-2018-6859
MD5 | 5561cbf81e24d93f4a84037f9c7eb310
Ubuntu Security Notice USN-3584-1
Posted Feb 26, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3584-1 - Gabriel Corona discovered that sensible-utils incorrectly validated strings when launcher a browser with the sensible-browser tool. A remote attacker could possibly use this issue with a specially crafted URL to conduct an argument injection attack and execute arbitrary code.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2017-17512
MD5 | 0a5ec8a052d4762e3e8d7d30c9d77f5c
CMS Made Simple 2.1.6 Remote Code Execution
Posted Feb 26, 2018
Authored by Keerati T.

CMS Made Simple version 2.1.6 suffers from a remote code execution vulnerability during install time.

tags | exploit, remote, code execution
advisories | CVE-2018-7448
MD5 | 374dbe5800d06fa2269f4be2af82aedb
Mandos Encrypted File System Unattended Reboot Utility 1.7.19
Posted Feb 23, 2018
Authored by Teddy | Site fukt.bsnet.se

The Mandos system allows computers to have encrypted root file systems and at the same time be capable of remote or unattended reboots. The computers run a small client program in the initial RAM disk environment which will communicate with a server over a network. All network communication is encrypted using TLS. The clients are identified by the server using an OpenPGP key that is unique to each client. The server sends the clients an encrypted password. The encrypted password is decrypted by the clients using the same OpenPGP key, and the password is then used to unlock the root file system.

Changes: Various updates.
tags | tool, remote, root
systems | linux, unix
MD5 | 9073336d6b6993677a5214631dc914ed
Joomla! OS Property Real Estate 3.12.7 SQL Injection
Posted Feb 23, 2018
Authored by Ihsan Sencan

Joomla! OS Property Real Estate component version 3.12.7 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2018-7319
MD5 | 10c1e12862bd58e0615a8e888d05f32d
Joomla! Proclaim 9.1.1 Shell Upload
Posted Feb 23, 2018
Authored by Ihsan Sencan

Joomla! Proclaim component version 9.1.1 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell, file upload
advisories | CVE-2018-7316
MD5 | e4b3f4730e22f3b7318737ee5628509e
Joomla! CheckList 1.1.1 SQL Injection
Posted Feb 23, 2018
Authored by Ihsan Sencan

Joomla! CheckList component version 1.1.1 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2018-7318
MD5 | da40a67229d8a2554d96e24e8dd85c27
Joomla! Alexandria Book Library 3.1.2 SQL Injection
Posted Feb 23, 2018
Authored by Ihsan Sencan

Joomla! Alexandria Book Library component version 3.1.2 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2018-7312
MD5 | 7cc1ce6165302e8abb336073f066c668
Page 5 of 1,027
Back34567Next

Want To Donate?


Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

File Archive:

April 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    5 Files
  • 2
    Apr 2nd
    17 Files
  • 3
    Apr 3rd
    11 Files
  • 4
    Apr 4th
    21 Files
  • 5
    Apr 5th
    17 Files
  • 6
    Apr 6th
    12 Files
  • 7
    Apr 7th
    1 Files
  • 8
    Apr 8th
    6 Files
  • 9
    Apr 9th
    21 Files
  • 10
    Apr 10th
    18 Files
  • 11
    Apr 11th
    42 Files
  • 12
    Apr 12th
    7 Files
  • 13
    Apr 13th
    14 Files
  • 14
    Apr 14th
    1 Files
  • 15
    Apr 15th
    1 Files
  • 16
    Apr 16th
    15 Files
  • 17
    Apr 17th
    20 Files
  • 18
    Apr 18th
    24 Files
  • 19
    Apr 19th
    20 Files
  • 20
    Apr 20th
    2 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close