what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 16 of 16 RSS Feed

Files Date: 2017-03-24

Debian Security Advisory 3817-1
Posted Mar 24, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3817-1 - Multiple security issues have been found in the JBIG2 decoder library, which may lead to lead to denial of service or the execution of arbitrary code if a malformed image file (usually embedded in a PDF document) is opened.

tags | advisory, denial of service, arbitrary
systems | linux, debian
advisories | CVE-2016-9601
SHA-256 | f695f07a31864f9fbcba8a516dca7a7fd4e967523c42052df52113a9f1e281d0
Ubuntu Security Notice USN-3233-1
Posted Mar 24, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3233-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted website in a browsing context, an attacker could potentially exploit these to bypass same origin restrictions, obtain sensitive information, cause a denial of service via application crash or hang, or execute arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2017-5398, CVE-2017-5400, CVE-2017-5401, CVE-2017-5402, CVE-2017-5404, CVE-2017-5405, CVE-2017-5407, CVE-2017-5408, CVE-2017-5410
SHA-256 | 4abb70b1c35863ded49709995ba4e6d401e8550e183f3defde0d6a4363af7dad
Miele Professional PG 8528 Directory Traversal
Posted Mar 24, 2017
Authored by Jens Regel

The Miele Professional PG 8528 suffers from a directory traversal vulnerability.

tags | exploit, file inclusion
advisories | CVE-2017-7240
SHA-256 | c94b17923d930d05dd075dd8fc7387a99ddd50e808d1eec813b5c76589b89de4
Ubuntu Security Notice USN-3239-3
Posted Mar 24, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3239-3 - USN-3239-1 fixed vulnerabilities in the GNU C Library. Unfortunately, the fix for CVE-2016-3706 introduced a regression that in some circumstances prevented IPv6 addresses from resolving. This update reverts the change in Ubuntu 12.04 LTS.

tags | advisory, vulnerability
systems | linux, ubuntu
advisories | CVE-2015-8982, CVE-2015-8983, CVE-2015-8984, CVE-2016-1234, CVE-2016-3706, CVE-2016-4429, CVE-2016-5417, CVE-2016-6323
SHA-256 | 5ac6541ec2d8b1c23c092a5bf72c90784949c38ff1917bcec981e9c9d84897c2
Nuxeo Platform 6.x / 7.x Shell Upload
Posted Mar 24, 2017
Authored by Ronan Kervella

Nuxeo Platform versions 6.0 (LTS 2014), 7.1, 7.2, and 7.3 suffer from a remote shell upload vulnerability.

tags | exploit, remote, shell
advisories | CVE-2017-5869
SHA-256 | 3e2fc05481642e4e573d91a0aec056b65ed84f6b82806e8f82f2889909da7b0d
EON 5.0 SQL Injection
Posted Mar 24, 2017
Authored by Nicolas Serra

EON versions 5.0 and below suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2017-6088
SHA-256 | 67e1f146fc5c949060425000beb0f03761a65cdb1a34e7cefb735591016086d3
EON 5.0 Remote Code Execution
Posted Mar 24, 2017
Authored by Nicolas Serra

EON versions 5.0 and below suffer from a remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2017-6087
SHA-256 | c7846fe3c70cdb527a601ecf168a4bbb668fde1a6cdac12993d51150965c4783
Apple Security Advisory 2017-03-22-2
Posted Mar 24, 2017
Authored by Apple | Site apple.com

Apple Security Advisory 2017-03-22-2 - iTunes for Mac 12.6 is now available and addresses vulnerabilities in expat and SQLite.

tags | advisory, vulnerability
systems | apple
advisories | CVE-2009-3270, CVE-2009-3560, CVE-2009-3720, CVE-2012-1147, CVE-2012-1148, CVE-2012-6702, CVE-2013-7443, CVE-2015-1283, CVE-2015-3414, CVE-2015-3415, CVE-2015-3416, CVE-2015-3717, CVE-2015-6607, CVE-2016-0718, CVE-2016-4472, CVE-2016-5300, CVE-2016-6153
SHA-256 | e601858939a95c65d673d763bbb29441fc85d606b842630460eb8b9750f35800
Microsoft Windows AppLocker Bypass
Posted Mar 24, 2017
Authored by Stefan Kanthak

Microsoft Windows versions 8 and newer suffer from an AppLocker bypass vulnerability.

tags | advisory, bypass
systems | windows
SHA-256 | 9d1b92067f6ae28cd876b6ae4a80e1d0947df6c18468cc1f09f3c8d2eeeca041
wifirxpower Local Buffer Overflow
Posted Mar 24, 2017
Authored by Nassim Asrir

wifirxpower suffers from local stack-based buffer overflow vulnerability.

tags | exploit, overflow, local
SHA-256 | 7702a7d845f4147286735810caba8bdfbba5ae3fb84a17b4c88eb9fec0fd7af5
FTPShell Server 6.56 Import CSV Buffer Overflow
Posted Mar 24, 2017
Authored by Nassim Asrir

FTPShell Server version 6.56 import CSV buffer overflow denial of service exploit.

tags | exploit, denial of service, overflow
SHA-256 | 7a7641c431d0f588f45d092e14d5af75868943149b181c464babff71a810c013
Gr8 Tutorial Script SQL Injection
Posted Mar 24, 2017
Authored by Ihsan Sencan

Gr8 Tutorial Script suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 8b6a6007ea8937aa9c224d330e0df5f987f8002cc7f690afbea6394d7f18588e
Sparrow Web Server Directory Traversal
Posted Mar 24, 2017
Authored by Nassim Asrir

Sparrow Web Server suffers from a directory traversal vulnerability.

tags | exploit, web, file inclusion
SHA-256 | bca941889016395fc4ea26b1d05b3ad0300e1155974bdfb8ba314432a81335ea
Gr8 Gallery Script SQL Injection
Posted Mar 24, 2017
Authored by Ihsan Sencan

Gr8 Gallery Script suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 3b4d29b9be17ecd5e950581d8da3d980189292ab4e1cfe9e2316095a6a287e04
Linux XFBurn Buffer Overflow
Posted Mar 24, 2017
Authored by Hosein Askari

XFBurn suffers from a stack-based buffer overflow vulnerability that escalate privileges.

tags | advisory, overflow
SHA-256 | ca0d7ba6363a978b3d6fa7d8e7bc4884c33c240783550a711247bccb95c25733
NETGEAR WNR2000v5 (Un)authenticated hidden_lang_avi Stack Overflow
Posted Mar 24, 2017
Authored by Pedro Ribeiro | Site metasploit.com

The NETGEAR WNR2000 router has a buffer overflow vulnerability in the hidden_lang_avi parameter. In order to exploit it, it is necessary to guess the value of a certain timestamp which is in the configuration of the router. An authenticated attacker can simply fetch this from a page, but an unauthenticated attacker has to brute force it. Brute-forcing the timestamp token might take a few minutes, a few hours, or days, but it is guaranteed that it can be brute-forced. This Metasploit module implements both modes, and it works very reliably. It has been tested with the WNR2000v5, firmware versions 1.0.0.34 and 1.0.0.18. It should also work with hardware revisions v4 and v3, but this has not been tested - with these routers it might be necessary to adjust the LibcBase variable as well as the gadget addresses.

tags | exploit, overflow
advisories | CVE-2016-10174
SHA-256 | 9a070ce74f71e2662326a2f24f0e886e3c26c8510e555c2e622810bbc7f545ed
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close