exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 15 of 15 RSS Feed

Files Date: 2016-03-08

Exim 4.84-3 Local Root / Privilege Escalation
Posted Mar 8, 2016
Authored by Hacker Fantastic

Exim versions 4.84-3 and below suffer from a local privilege escalation vulnerability.

tags | exploit, local
advisories | CVE-2016-1531
SHA-256 | 338e278d54bff0fcb3160902a0f4e6e04e509da47b831229d06ee56563a1ce5c
Microsoft Security Bulletin Summary For March, 2016
Posted Mar 8, 2016
Site microsoft.com

This bulletin summary lists thirteen released Microsoft security bulletins for March, 2016.

tags | advisory
SHA-256 | 2b1aef83033281d72cc9463addeb39543650001eb067e9c7a75a4ad7e74b9fb0
Red Hat Security Advisory 2016-0365-01
Posted Mar 8, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0365-01 - OpenStack Compute launches and schedules large networks of virtual machines, creating a redundant and scalable cloud computing platform. Compute provides the software, control panels, and APIs required to orchestrate a cloud, including running virtual machine instances and controlling access through users and projects. An information-exposure flaw was found in the OpenStack Compute resize and migrate functionality. An authenticated user could write a malicious qcow header to an ephemeral or root disk, referencing a block device as a backing file. With a subsequent resize or migration, file system content on the specified device would be leaked to the user. Only setups using libvirt with raw storage and "use_cow_images = False" were affected.

tags | advisory, root
systems | linux, redhat
advisories | CVE-2016-2140
SHA-256 | 2a608fa8fbe520f4d54fa3c7dbf910eb476d99ebb854e7f864548d4ad439ebd5
Red Hat Security Advisory 2016-0364-01
Posted Mar 8, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0364-01 - OpenStack Compute launches and schedules large networks of virtual machines, creating a redundant and scalable cloud computing platform. Compute provides the software, control panels, and APIs required to orchestrate a cloud, including running virtual machine instances and controlling access through users and projects. An information-exposure flaw was found in the OpenStack Compute resize and migrate functionality. An authenticated user could write a malicious qcow header to an ephemeral or root disk, referencing a block device as a backing file. With a subsequent resize or migration, file system content on the specified device would be leaked to the user. Only setups using libvirt with raw storage and "use_cow_images = False" were affected.

tags | advisory, root
systems | linux, redhat
advisories | CVE-2016-2140
SHA-256 | 42f43c962db704a6e4d1ef4275f1c6ab1979f03bd2aba312893b8d69ff7c0c9b
Red Hat Security Advisory 2016-0363-01
Posted Mar 8, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0363-01 - OpenStack Compute launches and schedules large networks of virtual machines, creating a redundant and scalable cloud computing platform. Compute provides the software, control panels, and APIs required to orchestrate a cloud, including running virtual machine instances and controlling access through users and projects. An information-exposure flaw was found in the OpenStack Compute resize and migrate functionality. An authenticated user could write a malicious qcow header to an ephemeral or root disk, referencing a block device as a backing file. With a subsequent resize or migration, file system content on the specified device would be leaked to the user. Only setups using libvirt with raw storage and "use_cow_images = False" were affected.

tags | advisory, root
systems | linux, redhat
advisories | CVE-2016-2140
SHA-256 | 807f9dc627917a3ab6155b29750bc8cca6f2081cb7fb9a13c0c8632a4b6fe6c6
HP Security Bulletin HPSBHF03557 1
Posted Mar 8, 2016
Authored by HP | Site hp.com

HP Security Bulletin HPSBHF03557 1 - A potential security vulnerability has been identified with HPE Networking products using Comware 7 (CW7) running NTP. The vulnerability could be remotely exploited resulting in Denial of Service (DoS). Revision 1 of this advisory.

tags | advisory, denial of service
advisories | CVE-2015-1799
SHA-256 | 6e2309bc06ad5e4c3030cade0da03d041a9be29ed81c5ddd587e172312d053e2
Slackware Security Advisory - samba Updates
Posted Mar 8, 2016
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New samba packages are available for Slackware 14.1 and -current to fix security issues.

tags | advisory
systems | linux, slackware
advisories | CVE-2015-7560, CVE-2016-0771
SHA-256 | 274d84c171279ccff7e3225ed2dbe4dbf2aa420514a84b8855d2dd0bc9b90adf
Slackware Security Advisory - mozilla-firefox Updates
Posted Mar 8, 2016
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New mozilla-firefox packages are available for Slackware 14.1 and -current to fix security issues.

tags | advisory
systems | linux, slackware
SHA-256 | 06b863c6e5e927853a166e8dc8437d41ed9961f61d4401db3925a6951a5c7bf8
Ubuntu Security Notice USN-2923-1
Posted Mar 8, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2923-1 - Alvaro Munoz and Christian Schneider discovered that BeanShell incorrectly handled deserialization. A remote attacker could possibly use this issue to execute arbitrary code.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2016-2510
SHA-256 | 3fd51cf31d3027308b2b62ccbdb0574abcbabf1d05ac42351d8f18a0cc8ad81f
Ubuntu Security Notice USN-2922-1
Posted Mar 8, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2922-1 - Jeremy Allison discovered that Samba incorrectly handled ACLs on symlink paths. A remote attacker could use this issue to overwrite the ownership of ACLs using symlinks. Garming Sam and Douglas Bagnall discovered that the Samba internal DNS server incorrectly handled certain DNS TXT records. A remote attacker could use this issue to cause Samba to crash, resulting in a denial of service, or possibly obtain uninitialized memory contents. This issue only applied to Ubuntu 14.04 LTS and Ubuntu 15.10. Various other issues were also addressed.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2013-0213, CVE-2013-0214, CVE-2015-7560, CVE-2016-0771
SHA-256 | d89321fe54aaae2fee8ac4126b5ed1dd4b4a026fe607daad51d94d265b82ac95
Ubuntu Security Notice USN-2904-1
Posted Mar 8, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2904-1 - Karthikeyan Bhargavan and Gaetan Leurent discovered that NSS incorrectly allowed MD5 to be used for TLS 1.2 connections. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could be exploited to view sensitive information. Yves Younan discovered that graphite2 incorrectly handled certain malformed fonts. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit this to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Thunderbird. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2015-7575, CVE-2016-1523, CVE-2016-1930, CVE-2016-1935
SHA-256 | 00e2112e476b8ee0ea01963d5d54a9bcdbba8012f5b17c74973a114b0b5d54cb
Red Hat Security Advisory 2016-0360-01
Posted Mar 8, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0360-01 - Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as possible and adhering to the DRY principle. An information-exposure flaw was found in the Django date filter. If an application allowed users to provide non-validated date formats, a malicious end user could expose application-settings data by providing the relevant applications-settings key instead of a valid date format.

tags | advisory, web, python
systems | linux, redhat
advisories | CVE-2015-8213
SHA-256 | 534dc85f19e1756823f50a36a48b1664523beae4b518b000419000601d8f26e6
Red Hat Security Advisory 2016-0366-01
Posted Mar 8, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0366-01 - OpenStack Compute launches and schedules large networks of virtual machines, creating a redundant and scalable cloud computing platform. Compute provides the software, control panels, and APIs required to orchestrate a cloud, including running virtual machine instances and controlling access through users and projects. An information-exposure flaw was found in the OpenStack Compute resize and migrate functionality. An authenticated user could write a malicious qcow header to an ephemeral or root disk, referencing a block device as a backing file. With a subsequent resize or migration, file system content on the specified device would be leaked to the user. Only setups using libvirt with raw storage and "use_cow_images = False" were affected.

tags | advisory, root
systems | linux, redhat
advisories | CVE-2016-2140
SHA-256 | 214355ec6dde9651562bfb9588c0d193bdcafd9debc91171f1d1f43fee5d6fe1
Slackware Security Advisory - php Updates
Posted Mar 8, 2016
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New php packages are available for Slackware 14.0, 14.1, and -current to fix security issues.

tags | advisory, php
systems | linux, slackware
SHA-256 | e1c5763f859f2f3b80aa99bc29bc04e8ed56978fc7407ea89a55b9748ff45496
Windows Mail Find People DLL Hijacking
Posted Mar 8, 2016
Authored by Yorick Koster, Securify B.V.

A DLL side loading vulnerability was found in the Windows Mail Find People DLL.

tags | advisory
systems | windows
advisories | CVE-2016-0100
SHA-256 | ea917827aad00097e1d2145c6360443bad6934c6dc351135b29531a3c97f5dde
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    69 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    0 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close