exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 17 of 17 RSS Feed

Files Date: 2016-10-05

Cisco Firepower Threat Management Console Local File Inclusion
Posted Oct 5, 2016
Authored by Matthew Bergin | Site korelogic.com

Cisco Firepower Threat Management Console suffers from a local file inclusion vulnerability. Cisco Fire Linux OS 6.0.1 (build 37/build 1213) is affected.

tags | exploit, local, file inclusion
systems | cisco, linux
advisories | CVE-2016-6435
SHA-256 | 3bb68d70578902fa49aa28ddac5c00c057ccf7040672b0e7d40d0048e61e4fee
Ubuntu Security Notice USN-3096-1
Posted Oct 5, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3096-1 - Aanchal Malhotra discovered that NTP incorrectly handled authenticated broadcast mode. A remote attacker could use this issue to perform a replay attack. Matt Street discovered that NTP incorrectly verified peer associations of symmetric keys. A remote attacker could use this issue to perform an impersonation attack. Jonathan Gardner discovered that the NTP ntpq utility incorrectly handled memory. An attacker could possibly use this issue to cause ntpq to crash, resulting in a denial of service. This issue only affected Ubuntu 16.04 LTS. Various other issues were also addressed.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2015-7973, CVE-2015-7974, CVE-2015-7975, CVE-2015-7976, CVE-2015-7977, CVE-2015-7978, CVE-2015-7979, CVE-2015-8138, CVE-2015-8158, CVE-2016-0727, CVE-2016-1547, CVE-2016-1548, CVE-2016-1550, CVE-2016-2516, CVE-2016-2518, CVE-2016-4954, CVE-2016-4955, CVE-2016-4956
SHA-256 | b8f300fae17a52f76a9e98de101486d8e3686770df1e46d25f5d8739810e8276
Cisco Firepower Threat Management Command Execution
Posted Oct 5, 2016
Authored by Matthew Bergin | Site korelogic.com

Cisco Firepower Threat Management Console suffers from a remote command execution vulnerability. Cisco Fire Linux OS 6.0.1 (build 37/build 1213) is affected.

tags | exploit, remote
systems | cisco, linux
advisories | CVE-2016-6433
SHA-256 | 478bf4dcc23d2ef96d26269234864bc75b3152960f1f077a183667abd3cd5cd2
Cisco Firepower Threat Management Console Denial Of Service
Posted Oct 5, 2016
Authored by Matthew Bergin | Site korelogic.com

Cisco Firepower Threat Management Console suffers from a denial of service vulnerability. Cisco Fire Linux OS 6.0.1 (build 37/build 1213) is affected.

tags | exploit, denial of service
systems | cisco, linux
SHA-256 | 93b912c298ea153c2c41d2e2762896ea94b468117fac32c32eaf77e232760a41
Cisco Security Advisory 20161005-bgp
Posted Oct 5, 2016
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - A vulnerability in the Border Gateway Protocol (BGP) implementation of Cisco NX-OS System Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to the device unexpectedly reloading. The vulnerability is due to incomplete input validation of the BGP update messages. An attacker could exploit this vulnerability by sending a crafted BGP update message to the targeted device. An exploit could allow the attacker to cause the switch to reload unexpectedly.

tags | advisory, remote, denial of service, protocol
systems | cisco
SHA-256 | 8ce0b4e2cd44fc5124a463c2336491a1f1c4130af4c7ad089c31218a45daeb59
HP Security Bulletin HPSBGN03639 1
Posted Oct 5, 2016
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN03639 1 - A potential security vulnerability has been identified in HPE KeyView. The vulnerability could be exploited remotely to allow code execution. Revision 1 of this advisory.

tags | advisory, code execution
advisories | CVE-2016-4387, CVE-2016-4388, CVE-2016-4389, CVE-2016-4390
SHA-256 | ad870e799f99454ad629da5f592d1255669c940f72b247fcf719a8620fb2255c
Cisco Security Advisory 20161005-dhcp2
Posted Oct 5, 2016
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - A vulnerability in the implementation of the DHCPv4 relay agent in Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper validation of malformed DHCPv4 packets. An attacker could exploit this vulnerability by sending malformed DHCPv4 packets to an affected device. An exploit could allow the attacker to cause the DHCP process or device to crash. This vulnerability can be exploited using IPv4 packets only. The vulnerability can be triggered by malformed DHCP packets processed by a DHCP relay agent listening on the device, using the IPv4 broadcast address or IPv4 unicast address of any interface configured on a device. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

tags | advisory, remote, denial of service
systems | cisco
SHA-256 | 00ef1585c4be6ec24217654758520b7d73508afb58cff86f584eb0bf75779bda
Cisco Security Advisory 20161005-dhcp1
Posted Oct 5, 2016
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - A vulnerability in the implementation of the DHCPv4 relay agent and smart relay agent in Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper validation of crafted DHCPv4 offer packets. An attacker could exploit this vulnerability by sending crafted DHCPv4 offer packets to an affected device. An exploit could allow the attacker to cause the DHCP process or device to crash. This vulnerability can be exploited using IPv4 packets only. The vulnerability can be triggered by crafted DHCP packets processed by a DHCP relay agent or smart relay agent listening on the device using the IPv4 broadcast address or the IPv4 unicast address of any interface configured on a device. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

tags | advisory, remote, denial of service
systems | cisco
SHA-256 | bac105f058522024fd5c926ed7cc41355e441a7c3681a5874180b326f3b1738f
Red Hat Security Advisory 2016-2008-01
Posted Oct 5, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2008-01 - In accordance with the Red Hat Enterprise Linux Errata Support Policy, Extended Update Support for Red Hat Enterprise Linux 7.1 will be retired as of March 31, 2017, and support will no longer be provided. Accordingly, Red Hat will no longer provide updated packages, including Critical impact security patches or Urgent priority bug fixes, for Red Hat Enterprise Linux 7.1 EUS after March 31, 2017.

tags | advisory
systems | linux, redhat
SHA-256 | ea7f206596072ef53311be046748828ddad6a795d5ff9245de3f7f370adef18b
Red Hat Security Advisory 2016-2007-01
Posted Oct 5, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2007-01 - Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 53.0.2785.143. Security Fix: Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Chromium to crash, execute arbitrary code, or disclose sensitive information when visited by the victim.

tags | advisory, web, arbitrary
systems | linux, redhat
advisories | CVE-2016-5177, CVE-2016-5178
SHA-256 | b16f665f8347282f8c839c6c2476247470d5cae3c5bd7e9751768919f246300a
Flash Operator Panel 2.31.03 Script Insertion
Posted Oct 5, 2016
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

Flash Operator Panel version 2.31.03 suffers from a script insertion vulnerability.

tags | exploit
SHA-256 | f1de64fa3f392d566daadb176e78352a307b1133c7748337563c79230cfe116e
Cyberoam iview UTM 0.1.2.7 Cross Site Scripting
Posted Oct 5, 2016
Authored by Vulnerability Laboratory, Lawrence Amer | Site vulnerability-lab.com

Cyberoam iview UTM version 0.1.2.7 suffers from a client-side cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 4a5b9d992fa0188eff8de7c2aeafaa0db37bbb54222dd28890d6a9a96e803c1c
Clean Master 1.0 Privilege Escalation
Posted Oct 5, 2016
Authored by Vulnerability Laboratory, ZwX

Clean Master version 1.0 suffers from an unquoted path privilege escalation vulnerability.

tags | exploit
SHA-256 | 0db2fffe34b0feecf451420c297c32fc64dea6bde96103e6106f7ff88e9a353f
Cisco Firepower Threat Management Console Hard-Coded MySQL Credentials
Posted Oct 5, 2016
Authored by Matthew Bergin | Site korelogic.com

Cisco Firepower Threat Management Console has hard-coded MySQL credentials in use. Cisco Fire Linux OS 6.0.1 (build 37/build 1213) is affected.

tags | exploit
systems | cisco, linux
advisories | CVE-2016-6434
SHA-256 | 340707f4d5b3dac91cc48f0c12337c760677cc76dc14f6c4697885df69e314c1
Cisco Security Advisory 20161005-nxaaa
Posted Oct 5, 2016
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - A vulnerability in the SSH subsystem of the Cisco Nexus family of products could allow an authenticated, remote attacker to bypass authentication, authorization, and accounting (AAA) restrictions. The vulnerability is due to the improper processing of certain parameters that are passed to an affected device during the negotiation of an SSH connection. An attacker could exploit this vulnerability by authenticating to an affected device and passing a malicious value as part of the login procedure. A successful exploit could allow an attacker to bypass AAA restrictions and execute commands on the device command-line interface (CLI) that should be restricted to a different privileged user role. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

tags | advisory, remote
systems | cisco
SHA-256 | 8cb73f0b885457c1bbb6667d3ca9b50ef7466185234b0cfb0a6f89c9092b7bf4
FortKnox Personal Firewall 2015 Privilege Escalation
Posted Oct 5, 2016
Authored by zeifan

FortKnox Personal Firewall version 2015 build 16.0.405.0 suffers from a privilege escalation vulnerability.

tags | advisory
SHA-256 | 7d3d24557d4d4420d167d519f220e596e859d32c346992d9d720f2109342b702
Abyss Web Server X1 2.11.1 Privilege Escalation
Posted Oct 5, 2016
Authored by Tulpa

Abyss Web Server X1 version 2.11.1 suffers from an unquoted service path privilege escalation vulnerability.

tags | exploit, web
SHA-256 | d6a1dcf957abf0c183711f13b45bbe45a0c135305bc93a29cf817b6b12c118d6
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close