what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 15 of 15 RSS Feed

Files Date: 2017-03-10

HPE Security Bulletin HPESBHF03716 1
Posted Mar 10, 2017
Authored by Hewlett Packard Enterprise | Site hpe.com

HPE Security Bulletin HPESBHF03716 1 - A potential security vulnerability has been identified in IMC PLAT. The vulnerability could be remotely exploited to bypass authentication. Revision 1 of this advisory.

tags | advisory
advisories | CVE-2017-5791
SHA-256 | be2937ab892b775936764652d288a4e4ffad829430d3a74d8057b4f7accba69e
Apache Struts 2 2.3.x / 2.5.x Remote Code Execution
Posted Mar 10, 2017
Authored by anarc0der

Apache Struts 2 versions 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 remote code execution exploit that provides a reverse shell.

tags | exploit, remote, shell, code execution
advisories | CVE-2017-5638
SHA-256 | 4249528b5e1ce3828e6c7e9ef9bd8ccc0bce85f9d2c31917b250f9169e585612
e107 2.1.4 Blind SQL Injection
Posted Mar 10, 2017
Authored by StAkeR

e107 versions 2.1.4 and below keyword remote blind SQL injection exploit.

tags | exploit, remote, sql injection
SHA-256 | 214559933faeecb5ba4596529712f3f7d1c4bd7f12b672f78b843f83b25c2c90
Debian Security Advisory 3805-1
Posted Mar 10, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3805-1 - Multiple security issues have been found in the Mozilla Firefox web implementation errors may lead to the execution of arbitrary code, ASLR bypass, information disclosure or denial of service.

tags | advisory, web, denial of service, arbitrary, info disclosure
systems | linux, debian
advisories | CVE-2017-5398, CVE-2017-5400, CVE-2017-5401, CVE-2017-5402, CVE-2017-5404, CVE-2017-5405, CVE-2017-5407, CVE-2017-5408, CVE-2017-5410
SHA-256 | 1665d697b0ebfdd67478c42d0618266c969b3cdd0d6dbb3244e9bfdec29385bc
dnaLIMS Code Execution / XSS / Traversal / Session Hijacking
Posted Mar 10, 2017
Authored by Nicholas von Pechmann

dnaLIMS DNA sequencing application suffers from an improperly protected web shell, a directory traversal, insecure password storage, session hijacking, cross site scripting, and improperly protected content vulnerabilities.

tags | exploit, web, shell, vulnerability, xss, file inclusion
advisories | CVE-2017-6526, CVE-2017-6527, CVE-2017-6528, CVE-2017-6529
SHA-256 | 2c765d1002998d2516a62972d8bae6e5afe2348f1e7d3cf6ef351c942e91a44c
hardwear.io 2017 Call For Papers
Posted Mar 10, 2017
Authored by hardwear.io CFP

hardwear is seeking innovative research on hardware security. If you have done interesting research on attacks or mitigation on any Hardware and want to showcase it to the security community, just submit your research paper. It will take place September 21st through the 22nd, 2017 in The Hague, Netherlands.

tags | paper, conference
SHA-256 | a823795d4d401ae65c510553a7c2326dd1c5a8795234f5f4352c8ccfacad94dc
SICUNET Access Controller 0.32-05z Code Execution / File Disclosure
Posted Mar 10, 2017
Authored by Andrew Griffiths, Google Security Research

SICUNET Access Controller version 0.32-05z suffers from code execution, file disclosure, lack of software updates, and poor credential handling vulnerabilities.

tags | exploit, vulnerability, code execution, info disclosure
SHA-256 | 6e474fae00aedafec56d961b76d675134bb02b644bccab7d3ef2cd787d38f355
FTP Voyager Scheduler 16.2.0 CSRF / Denial Of Service
Posted Mar 10, 2017
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

FTP Voyager Scheduler version 16.2.0 suffers from cross site request forgery and denial of service vulnerabilities.

tags | exploit, denial of service, vulnerability, csrf
advisories | CVE-2017-6803
SHA-256 | c250c29068b52f653617aca259b87be4598e18f76d16ecb57f65037613ae14a6
Tiki Wiki CMS 15.2 Arbitrary File Read
Posted Mar 10, 2017
Authored by Zhao Liang

Tiki Wiki CMS version 15.2 suffers from an arbitrary file read vulnerability.

tags | advisory, arbitrary
advisories | CVE-2016-10143
SHA-256 | 1380e76aab94abf6d09ffb449ca85837242ccc2f189dd3fb0a7f9b8848a528b5
F-Secure AV Man-In-The-Middle
Posted Mar 10, 2017
Authored by Martin Kolarik

F-Secure AV suffers from an issue where remote code execution under SYSTEM can take place due to a man-in-the-middle vulnerability.

tags | advisory, remote, code execution
advisories | CVE-2016-9892
SHA-256 | c573c0561d7186ee1f6213ffb825479e8678f2c6a81ffc7ed854bfd47db8d5f9
Kinsey's Infor-Lawson SQL Injection
Posted Mar 10, 2017
Authored by Michael Benich

Kinsey's Infor-Lawson (formerly ESBUS) suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2017-6550
SHA-256 | 85152340b28b395715e734e2a556531ee9b468cc00ef4193ee190eed3669ba8e
DAVOSET 1.3
Posted Mar 10, 2017
Authored by MustLive

DAVOSET is a tool for committing distributed denial of service attacks using execution on other sites.

Changes: Extended support of SSRF and added XXE vulnerability in SAP NetWeaver AS. Added new services into full list of zombies and removed non-working services from full list of zombies.
tags | tool, denial of service
SHA-256 | ff9e928c831867f6e2a747591afa04fa267a03c4d6f6233c0507eab5b8f40b0b
Ubuntu Security Notice USN-3225-1
Posted Mar 10, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3225-1 - It was discovered that libarchive incorrectly handled hardlink entries when extracting archives. A remote attacker could possibly use this issue to overwrite arbitrary files. Christian Wressnegger, Alwin Maier, and Fabian Yamaguchi discovered that libarchive incorrectly handled filename lengths when writing ISO9660 archives. A remote attacker could use this issue to cause libarchive to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only applied to Ubuntu 12.04 LTS, Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2016-5418, CVE-2016-6250, CVE-2016-7166, CVE-2016-8687, CVE-2016-8688, CVE-2016-8689, CVE-2017-5601
SHA-256 | 2390e963ac7b47dd561295e3663b96519c842fadf463ee74b2d1f962d126476e
Ubuntu Security Notice USN-3224-1
Posted Mar 10, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3224-1 - Jann Horn discovered that LXC incorrectly verified permissions when creating virtual network interfaces. A local attacker could possibly use this issue to create virtual network interfaces in network namespaces that they do not own.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2017-5985
SHA-256 | ad4cb6b6ac15049736b7e80ea58dab1983351119674b6d635daded290ce085a2
WTServer 17.02 DLL Hijacking
Posted Mar 10, 2017
Authored by Nassim Asrir

WTServer version 17.02 suffers from a dll hijacking vulnerability.

tags | exploit
systems | windows
SHA-256 | 42f354f701a039d4b1f5f143f56c2b0fa06cd43c86ae75c3e5c03fa139903414
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close