exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 28 RSS Feed

Files Date: 2017-01-24

Ubuntu Security Notice USN-3178-1
Posted Jan 24, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3178-1 - It was discovered that icoutils incorrectly handled memory when processing certain files. If a user or automated system were tricked into opening a specially crafted file, an attacker could cause icoutils to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2017-5208, CVE-2017-5331, CVE-2017-5332, CVE-2017-5333
SHA-256 | dfdaeabc12516e648cfc5b4964c3b87c94ba53fb1824345a8d411cea8b469708
Cisco Security Advisory 20170124-webex
Posted Jan 24, 2017
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - A vulnerability in the Cisco WebEx browser extensions provided by Cisco WebEx Meetings Server and Cisco WebEx Meetings Center could allow an unauthenticated, remote attacker to execute arbitrary code on a targeted system. The vulnerability is due to the use of a crafted pattern by the affected software. An attacker could exploit this vulnerability by directing a user to a web page that contains the crafted pattern and starting a WebEx session. The WebEx session could allow the attacker to execute arbitrary code on the affected system, which could be used to conduct further attacks. Cisco has begun to release software updates that address this vulnerability. There are no workarounds that address this vulnerability.

tags | advisory, remote, web, arbitrary
systems | cisco
SHA-256 | b4dd5a562bd71f25e3fbb03491264124af0983e2e1def39c2ed41c5de59b19b2
Slackware Security Advisory - mozilla-firefox Updates
Posted Jan 24, 2017
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New mozilla-firefox packages are available for Slackware 14.1, 14.2, and -current to fix security issues.

tags | advisory
systems | linux, slackware
SHA-256 | dae763489bd106fdc5675989384a13d3d71c5191aef60e60ebcc4f85c82d667a
HP Security Bulletin HPSBGN03690 1
Posted Jan 24, 2017
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN03690 1 - A security vulnerability in DES/3DES block ciphers used in the TLS protocol, could potentially impact HPE Real User Monitor (RUM) resulting in remote disclosure of information also known as the SWEET32 attack. Revision 1 of this advisory.

tags | advisory, remote, protocol
advisories | CVE-2016-2183
SHA-256 | 499401e9b3798c5862cad1c516d6613ef4e05c3689810a8048252b9e10f61d84
Gentoo Linux Security Advisory 201701-63
Posted Jan 24, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201701-63 - Multiple vulnerabilities have been found in Graphite, the worst of which could lead to the remote execution of arbitrary code. Versions less than 1.3.7 are affected.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2016-1521, CVE-2016-1522, CVE-2016-1523, CVE-2016-1526, CVE-2016-1977, CVE-2016-2790, CVE-2016-2791, CVE-2016-2792, CVE-2016-2793, CVE-2016-2794, CVE-2016-2795, CVE-2016-2796, CVE-2016-2797, CVE-2016-2798, CVE-2016-2799, CVE-2016-2800, CVE-2016-2801, CVE-2016-2802
SHA-256 | 757f34c27a3b3147e33cf6b8228d59efe5f86a09ecd02431cd1f5343997a83f3
Red Hat Security Advisory 2017-0184-01
Posted Jan 24, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0184-01 - MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon and many client programs and libraries. Security Fix: It was discovered that the MySQL logging functionality allowed writing to MySQL configuration files. An administrative database user, or a database user with FILE privileges, could possibly use this flaw to run arbitrary commands with root privileges on the system running the database server.

tags | advisory, arbitrary, root
systems | linux, redhat
advisories | CVE-2016-5616, CVE-2016-6662, CVE-2016-6663
SHA-256 | 6b95d7c39326ecdc070d235d6eb88d47e3ed59e34b79040f2687f4d36864d0cb
Gentoo Linux Security Advisory 201701-62
Posted Jan 24, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201701-62 - Multiple vulnerabilities have been discovered in Firejail, the worst of which may allow privilege escalation. Versions less than 0.9.44.4 are affected.

tags | advisory, vulnerability
systems | linux, gentoo
advisories | CVE-2017-5180, CVE-2017-5206, CVE-2017-5207
SHA-256 | 21161973f4925d204f0c1cb57cc4a5a2e4c1208b6b49557b194d4c472e3bbcd4
Gentoo Linux Security Advisory 201701-61
Posted Jan 24, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201701-61 - Multiple vulnerabilities have been discovered in WebP, the worst of which could allow a remote attacker to cause a Denial of Service condition. Versions less than 0.5.2 are affected.

tags | advisory, remote, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2016-9085
SHA-256 | 9d6173928598f1a38f935a7e45925b4bb0aba0568c3d04741bc0870e0a243bfa
Red Hat Security Advisory 2017-0183-01
Posted Jan 24, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0183-01 - The squid34 packages provide version 3.4 of Squid, a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. Security Fix: It was found that squid did not properly remove connection specific headers when answering conditional requests using a cached request. A remote attacker could send a specially crafted request to an HTTP server via the squid proxy and steal private data from other connections.

tags | advisory, remote, web
systems | linux, redhat
advisories | CVE-2016-10002
SHA-256 | 81ac7d06a59f0b25477bb41bcc1ad6a82d5559631aad25a4bfac59beb1b49ab8
Gentoo Linux Security Advisory 201701-60
Posted Jan 24, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201701-60 - Multiple vulnerabilities have been found in LibRaw, the worst of which may allow attackers to execute arbitrary code. Versions less than 0.17.1 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2015-8366, CVE-2015-8367
SHA-256 | ae54a5639c508a3464efc2a2fb368ba2e7ca4be0f6a2472dd93fb8414c827ed5
Red Hat Security Advisory 2017-0182-01
Posted Jan 24, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0182-01 - Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. Security Fix: It was found that squid did not properly remove connection specific headers when answering conditional requests using a cached request. A remote attacker could send a specially crafted request to an HTTP server via the squid proxy and steal private data from other connections.

tags | advisory, remote, web
systems | linux, redhat
advisories | CVE-2016-10002
SHA-256 | 7a6354e81530268f91cd7e92e13667bfaaa9c5f40c09d70361ca4ffd11b76dd7
Gentoo Linux Security Advisory 201701-59
Posted Jan 24, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201701-59 - Multiple vulnerabilities have been found in ADOdb, all of which could allow remote attackers to execute arbitrary code. Versions less than 5.20.9 are affected.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2016-4855, CVE-2016-7405
SHA-256 | 96d23397d095ac0be200a53ac32ead1febd86ca1941231b7ea7a3d4a8865b433
Gentoo Linux Security Advisory 201701-58
Posted Jan 24, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201701-58 - Multiple vulnerabilities have been found in ICU, the worst of which could cause a Denial of Service condition. Versions less than 58.1 are affected.

tags | advisory, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2015-2632, CVE-2016-6293, CVE-2016-7415
SHA-256 | af165b910b9cab0e90eb6f51d53cf32db133c0f1824a7c73288c366552b3bf6b
Wireshark Analyzer 2.2.4
Posted Jan 24, 2017
Authored by Gerald Combs | Site wireshark.org

Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers.

Changes: Various updates.
tags | tool, sniffer, protocol
systems | windows, unix
SHA-256 | 42a7fb35eed5a32478153e24601a284bb50148b7ba919c3e8452652f4c2a3911
TOR Virtual Network Tunneling Tool 0.2.9.9
Posted Jan 24, 2017
Authored by Roger Dingledine | Site tor.eff.org

Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).

Changes: Tor 0.2.9.9 fixes a denial-of-service bug where an attacker could cause relays and clients to crash, even if they were not built with the --enable-expensive-hardening option. This bug affects all 0.2.9.x versions, and also affects 0.3.0.1-alpha: all relays running an affected version should upgrade. This release also resolves a client-side onion service reachability bug, and resolves a pair of small portability issues.
tags | tool, remote, local, peer2peer
systems | unix
SHA-256 | 33325d2b250fd047ba2ddc5d11c2190c4e2951f4b03ec48ebd8bf0666e990d43
Firefox nsSMILTimeContainer::NotifyTimeChange() Remote Code Execution
Posted Jan 24, 2017
Authored by Anonymous Gaijin | Site metasploit.com

This Metasploit module exploits an out-of-bounds indexing/use-after-free condition present in nsSMILTimeContainer::NotifyTimeChange() across numerous versions of Mozilla Firefox on Microsoft Windows.

tags | exploit
systems | windows
advisories | CVE-2016-9079
SHA-256 | af960164b10f4978888d3c2dcdca0041f4f8d2e33bf4bb4404e345fe8ea3e6b9
RSA Security Analytics Cross Site Scripting
Posted Jan 24, 2017
Site emc.com

RSA Security Analytics versions prior to 10.6.2 suffers from a cross site scripting vulnerability.

tags | advisory, xss
advisories | CVE-2016-8215
SHA-256 | 29f3df9a582d5fc126a13ddd2ca653246e51d0d92232e8210ef0277dd28c4102
Gentoo Linux Security Advisory 201701-57
Posted Jan 24, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201701-57 - Multiple vulnerabilities have been discovered in T1Lib, the worst of which could lead to remote execution of arbitrary code. Versions less than 5.1.2-r1 are affected.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2010-2642, CVE-2011-0433, CVE-2011-0764, CVE-2011-1552, CVE-2011-1553, CVE-2011-1554, CVE-2011-5244
SHA-256 | b2873c49c9fb6b6a50355619b845a09f6eee18b440a36822021f1f915877e044
Ubuntu Security Notice USN-3176-1
Posted Jan 24, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3176-1 - Peter Wu discovered that the PC/SC service did not correctly handle certain resources. A local attacker could use this issue to cause PC/SC to crash, resulting in a denial of service, or possibly execute arbitrary code with root privileges.

tags | advisory, denial of service, arbitrary, local, root
systems | linux, ubuntu
advisories | CVE-2016-10109
SHA-256 | 79deb34b38677f7ec730420c31bde38600894161d0a441be4782efed4bd79845
Ubuntu Security Notice USN-3177-1
Posted Jan 24, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3177-1 - It was discovered that the Tomcat realm implementations incorrectly handled passwords when a username didn't exist. A remote attacker could possibly use this issue to enumerate usernames. This issue only applied to Ubuntu 12.04 LTS, Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. Alvaro Munoz and Alexander Mirosh discovered that Tomcat incorrectly limited use of a certain utility method. A malicious application could possibly use this to bypass Security Manager restrictions. This issue only applied to Ubuntu 12.04 LTS, Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. Various other issues were also addressed.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2016-0762, CVE-2016-5018, CVE-2016-5388, CVE-2016-6794, CVE-2016-6796, CVE-2016-6797, CVE-2016-6816, CVE-2016-8735, CVE-2016-8745, CVE-2016-9774, CVE-2016-9775
SHA-256 | 2713577ab03cb9b5c070b7a23a9b0c6daedc179f766b08f40cfeaa05ec2a47d5
Apple Security Advisory 2017-01-23-6
Posted Jan 24, 2017
Authored by Apple | Site apple.com

Apple Security Advisory 2017-01-23-6 - iCloud for Windows 6.1.1 is now available and addresses multiple code execution issues.

tags | advisory, code execution
systems | windows, apple
advisories | CVE-2017-2354, CVE-2017-2355, CVE-2017-2356, CVE-2017-2366
SHA-256 | 477fd6a85d8b6b9bb90e81d561e0b9c67141cbe619e48a94d45323df17982caa
Apple Security Advisory 2017-01-23-5
Posted Jan 24, 2017
Authored by Apple | Site apple.com

Apple Security Advisory 2017-01-23-5 - Safari 10.0.3 is now available and addresses spoofing, data exfiltration, and various other security vulnerabilities.

tags | advisory, spoof, vulnerability
systems | apple
advisories | CVE-2017-2350, CVE-2017-2354, CVE-2017-2355, CVE-2017-2356, CVE-2017-2359, CVE-2017-2362, CVE-2017-2363, CVE-2017-2364, CVE-2017-2365, CVE-2017-2366, CVE-2017-2369, CVE-2017-2373
SHA-256 | 9380ba037cb7a4a08a6957da5be6a90a85229a9d5a4279cc9e45ce3958bfe552
Apple Security Advisory 2017-01-23-4
Posted Jan 24, 2017
Authored by Apple | Site apple.com

Apple Security Advisory 2017-01-23-4 - tvOS 10.1.1 is now available and addresses buffer overflow, code execution, and various other security vulnerabilities.

tags | advisory, overflow, vulnerability, code execution
systems | apple
advisories | CVE-2016-8687, CVE-2017-2350, CVE-2017-2354, CVE-2017-2355, CVE-2017-2356, CVE-2017-2360, CVE-2017-2362, CVE-2017-2363, CVE-2017-2365, CVE-2017-2369, CVE-2017-2370, CVE-2017-2373
SHA-256 | d752960214514544ebcbcd5838b9d16b7826312ba8c694a44be4a74ac8b34f4c
Apple Security Advisory 2017-01-23-3
Posted Jan 24, 2017
Authored by Apple | Site apple.com

Apple Security Advisory 2017-01-23-3 - watchOS 3.1.3 is now available and addresses memory corruption and various other security vulnerabilities.

tags | advisory, vulnerability
systems | apple
advisories | CVE-2016-4688, CVE-2016-4691, CVE-2016-4693, CVE-2016-7588, CVE-2016-7589, CVE-2016-7591, CVE-2016-7594, CVE-2016-7595, CVE-2016-7606, CVE-2016-7607, CVE-2016-7612, CVE-2016-7615, CVE-2016-7616, CVE-2016-7619, CVE-2016-7621, CVE-2016-7626, CVE-2016-7627, CVE-2016-7636, CVE-2016-7637, CVE-2016-7643, CVE-2016-7644, CVE-2016-7651, CVE-2016-7657, CVE-2016-7658, CVE-2016-7659, CVE-2016-7660, CVE-2016-7662, CVE-2016-7663
SHA-256 | e7398c9697427aff5db86c0043f8a99f108c5d8a3a6b00ffdda93d155b08b2b3
Apple Security Advisory 2017-01-23-2
Posted Jan 24, 2017
Authored by Apple | Site apple.com

Apple Security Advisory 2017-01-23-2 - macOS 10.12.3 is now available and addresses suffers from code execution and various other security vulnerabilities.

tags | advisory, vulnerability, code execution
systems | apple
advisories | CVE-2016-1248, CVE-2016-8670, CVE-2016-8687, CVE-2016-9933, CVE-2016-9934, CVE-2017-2353, CVE-2017-2357, CVE-2017-2358, CVE-2017-2360, CVE-2017-2361, CVE-2017-2370, CVE-2017-2371
SHA-256 | 4c40e5dbd35093797941e97f507065322698c00b5f58f1d348c313103335398b
Page 1 of 2
Back12Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close