exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 24 of 24 RSS Feed

Files Date: 2016-11-03

Axessh 4.2.2 Denial Of Service
Posted Nov 3, 2016
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Axessh version 4.2.2 suffers from a denial of service vulnerability.

tags | exploit, denial of service
SHA-256 | 6221e04a4b2e6794fae49174fec337f916c731c4c1ee3c2fdd2bdc1aeb2b92db
WinaXe 7.7 Buffer Overflow
Posted Nov 3, 2016
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

WinaXe version 7.l7 suffers from a buffer overflow vulnerability.

tags | exploit, overflow
SHA-256 | be38453d08ddc3624ca01a186e279543cf5ba0ac31250c272f1f78f1632693c3
Spark 2.5 Arbitrary File Read
Posted Nov 3, 2016
Authored by aj

Spark version 2.5 suffers from an arbitrary file read vulnerability.

tags | exploit, arbitrary
SHA-256 | ab13f783a63bd501130714b05a757e9c4fa7bddb35f7e1197b0d5fdac659ce1d
Memcached 1.4.33 Proof Of Concept
Posted Nov 3, 2016
Authored by dawu, p0wd3r

These are three memcached version 1.4.33 proof of concept exploits.

tags | exploit, proof of concept
advisories | CVE-2016-8704, CVE-2016-8705, CVE-2016-8706
SHA-256 | 47b78110df88cd84d7633a63827e64727b70547efb67f0a1499d84c7b0ea068c
PCMan FTP Server 2.0 ACCT Buffer Overflow
Posted Nov 3, 2016
Authored by cybernetic

PCMan FTP server version 2.0 ACCT command buffer overflow exploit.

tags | exploit, overflow
SHA-256 | 2b6b9af00e30254b1f62de7ca7b42aa4531390470e1d6d59f0c56b19c72f0930
ETchat 3.7 Cross Site Request Forgery
Posted Nov 3, 2016
Authored by Hesam Bazvand

ETchat version 3.7 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | 04a2de8c0f273cf4995eb86728c22b0966cdbc9aaa684a57a15e80675301a9c4
SweetRice 1.5.1 File Upload
Posted Nov 3, 2016
Authored by Ehsan Hosseini

SweetRice version 1.5.1 suffers from a remote file upload vulnerability.

tags | exploit, remote, file upload
SHA-256 | 7ee34e66510a94c6befb240c9c2c2f9410dd0a4f71081b3853f15fd00fa1a92f
Red Hat Security Advisory 2016-2587-02
Posted Nov 3, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2587-02 - The wget packages provide the GNU Wget file retrieval utility for HTTP, HTTPS, and FTP protocols. Security Fix: It was found that wget used a file name provided by the server for the downloaded file when following an HTTP redirect to a FTP server resource. This could cause wget to create a file with a different name than expected, possibly allowing the server to execute arbitrary code on the client.

tags | advisory, web, arbitrary, protocol
systems | linux, redhat
advisories | CVE-2016-4971
SHA-256 | 1e8cef7d8f8f658d7a30a5d5c2a015de30669cb1a90b04848980ffde73fbab4a
Red Hat Security Advisory 2016-2586-02
Posted Nov 3, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2586-02 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix: A vulnerability was discovered in Python, in the built-in zipimporter. A specially crafted zip file placed in a module path such that it would be loaded by a later "import" statement could cause a heap overflow, leading to arbitrary code execution.

tags | advisory, overflow, arbitrary, code execution, python
systems | linux, redhat
advisories | CVE-2016-5636
SHA-256 | cbe8a3766007ea755ac88d960d49f5ad7c4c4cf2ed3b1e988f685e129664db39
Red Hat Security Advisory 2016-2585-02
Posted Nov 3, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2585-02 - Kernel-based Virtual Machine is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm packages provide the user-space component for running virtual machines using KVM. Security Fix: An integer overflow flaw and an out-of-bounds read flaw were found in the way QEMU's VGA emulator set certain VGA registers while in VBE mode. A privileged guest user could use this flaw to crash the QEMU process instance.

tags | advisory, overflow, kernel
systems | linux, redhat
advisories | CVE-2016-1981, CVE-2016-3712
SHA-256 | 66556667bcdaedde71ce46eb068e1ab81d9f9e58d4430bb85f45454d38d4f155
Red Hat Security Advisory 2016-2584-02
Posted Nov 3, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2584-02 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix: It was found that the Linux kernel's IPv6 implementation mishandled socket options. A local attacker could abuse concurrent access to the socket options to escalate their privileges, or cause a denial of service via a crafted sendmsg system call.

tags | advisory, denial of service, kernel, local
systems | linux, redhat
advisories | CVE-2013-4312, CVE-2015-8374, CVE-2015-8543, CVE-2015-8746, CVE-2015-8812, CVE-2015-8844, CVE-2015-8845, CVE-2015-8956, CVE-2016-2053, CVE-2016-2069, CVE-2016-2117, CVE-2016-2384, CVE-2016-2847, CVE-2016-3070, CVE-2016-3156, CVE-2016-3699, CVE-2016-3841, CVE-2016-4569, CVE-2016-4578, CVE-2016-4581, CVE-2016-4794, CVE-2016-5829, CVE-2016-6136, CVE-2016-6198, CVE-2016-6327, CVE-2016-6480
SHA-256 | 88a2bd8c0f30988120dd0ca735846a15c63a1e9c06edc72ce61959751724fbc4
Red Hat Security Advisory 2016-2583-02
Posted Nov 3, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2583-02 - The Network Time Protocol is used to synchronize a computer's time with another referenced time source. These packages include the ntpd service which continuously adjusts system time and utilities used to query and configure the ntpd service. Security Fix: It was found that the fix for CVE-2014-9750 was incomplete: three issues were found in the value length checks in NTP's ntp_crypto.c, where a packet with particular autokey operations that contained malicious data was not always being completely validated. A remote attacker could use a specially crafted NTP packet to crash ntpd.

tags | advisory, remote, protocol
systems | linux, redhat
advisories | CVE-2015-5194, CVE-2015-5195, CVE-2015-5196, CVE-2015-5219, CVE-2015-7691, CVE-2015-7692, CVE-2015-7701, CVE-2015-7702, CVE-2015-7703, CVE-2015-7852, CVE-2015-7974, CVE-2015-7977, CVE-2015-7978, CVE-2015-7979, CVE-2015-8158
SHA-256 | b29d9245310b0ec9f927c67365c473b5acf58d5ff988391450625bfc3fc3f167
Red Hat Security Advisory 2016-2582-02
Posted Nov 3, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2582-02 - Nettle is a cryptographic library that is designed to fit easily in almost any context: In cryptographic toolkits for object-oriented languages, such as C++, Python, or Pike, in applications like lsh or GnuPG, or even in kernel space. Security Fix: Multiple flaws were found in the way nettle implemented elliptic curve scalar multiplication. These flaws could potentially introduce cryptographic weaknesses into nettle's functionality.

tags | advisory, kernel, python
systems | linux, redhat
advisories | CVE-2015-8803, CVE-2015-8804, CVE-2015-8805, CVE-2016-6489
SHA-256 | e5dfca04374bb6d08b4923e98d607077727bd94ebabbe338b9888f47ba0f959f
Red Hat Security Advisory 2016-2581-02
Posted Nov 3, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2581-02 - NetworkManager is a system network service that manages network devices and connections, attempting to keep active network connectivity when available. Its capabilities include managing Ethernet, wireless, mobile broadband, and PPPoE devices, as well as providing VPN integration with a variety of different VPN services. The following packages have been upgraded to a newer upstream version: NetworkManager, NetworkManager-libreswan, network-manager-applet, libnl3.

tags | advisory
systems | linux, redhat
advisories | CVE-2016-0764
SHA-256 | e4d884bd5903834198192dcd63c1c5e80c9577b229d93868dc3e98f5b20ffe0f
Red Hat Security Advisory 2016-2580-02
Posted Nov 3, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2580-02 - Poppler is a Portable Document Format rendering library, used by applications such as Evince. Security Fix: A heap-buffer overflow was found in the poppler library. An attacker could create a malicious PDF file that would cause applications that use poppler to crash or, potentially, execute arbitrary code when opened.

tags | advisory, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2015-8868
SHA-256 | 0a710787d5295421fac1e2572d2d1d2b710407bd772ff74bed6aea73f53053b5
Red Hat Security Advisory 2016-2579-02
Posted Nov 3, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2579-02 - LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and extended office suite. The following packages have been upgraded to a newer upstream version: libreoffice. Multiple security issues have been addressed.

tags | advisory
systems | linux, redhat
advisories | CVE-2016-0794, CVE-2016-0795
SHA-256 | f900b580f4a655437c2d2ab2b9bfdf2ac62bad8dd368f314836411491c0db28b
Red Hat Security Advisory 2016-2578-02
Posted Nov 3, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2578-02 - The Pacemaker cluster resource manager is a collection of technologies working together to provide data integrity and the ability to maintain application availability in the event of a failure. The following packages have been upgraded to a newer upstream version: pacemaker. Security Fix: It was found that the connection between a pacemaker cluster and a pacemaker_remote node could be shut down using a new unauthenticated connection. A remote attacker could use this flaw to cause a denial of service.

tags | advisory, remote, denial of service
systems | linux, redhat
advisories | CVE-2016-7797
SHA-256 | 2460ab8eda8338aedda405b0fa29d1e926a6a23a7a588b52cc1626f20980a5e4
Red Hat Security Advisory 2016-2577-02
Posted Nov 3, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2577-02 - The libvirt library contains a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems.

tags | advisory
systems | linux, redhat
advisories | CVE-2015-5160, CVE-2015-5313, CVE-2016-5008
SHA-256 | 118b2a68f087d0b881f87bbe5c345b76866347fea54cab5d7b90899f14c20513
Red Hat Security Advisory 2016-2576-02
Posted Nov 3, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2576-02 - The libguestfs packages contain a library, which is used for accessing and modifying virtual machine disk images. Virt-p2v is a tool for conversion of a physical server to a virtual guest. The following packages have been upgraded to a newer upstream version: libguestfs, virt-p2v. Security Fix: An integer conversion flaw was found in the way OCaml's String handled its length. Certain operations on an excessively long String could trigger a buffer overflow or result in an information leak.

tags | advisory, overflow
systems | linux, redhat
advisories | CVE-2015-8869
SHA-256 | 37eabece8dccd116651740c428db2fd23a7c4d2a71a0ff1de84a700f8bfb65ee
Red Hat Security Advisory 2016-2575-02
Posted Nov 3, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2575-02 - The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fix: It was found that the libcurl library did not prevent TLS session resumption when the client certificate had changed. An attacker could potentially use this flaw to hijack the authentication of the connection by leveraging a previously created connection with a different client certificate.

tags | advisory, web, protocol
systems | linux, redhat
advisories | CVE-2016-5419, CVE-2016-5420, CVE-2016-7141
SHA-256 | 6ded3ee3863bdea0ccb1e1da6586004598947276a437a6a908d555e08d3dca4d
Red Hat Security Advisory 2016-2574-02
Posted Nov 3, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2574-02 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: It was found that the Linux kernel's IPv6 implementation mishandled socket options. A local attacker could abuse concurrent access to the socket options to escalate their privileges, or cause a denial of service via a crafted sendmsg system call.

tags | advisory, denial of service, kernel, local
systems | linux, redhat
advisories | CVE-2013-4312, CVE-2015-8374, CVE-2015-8543, CVE-2015-8746, CVE-2015-8812, CVE-2015-8844, CVE-2015-8845, CVE-2015-8956, CVE-2016-2053, CVE-2016-2069, CVE-2016-2117, CVE-2016-2384, CVE-2016-2847, CVE-2016-3070, CVE-2016-3156, CVE-2016-3699, CVE-2016-3841, CVE-2016-4569, CVE-2016-4578, CVE-2016-4581, CVE-2016-4794, CVE-2016-5412, CVE-2016-5828, CVE-2016-5829, CVE-2016-6136, CVE-2016-6198, CVE-2016-6327, CVE-2016-6480
SHA-256 | a58b7b5d58e92d5a084026c53f5461e431441e86891787922c799b50ae4376ed
Intel(R) HD Graphics 10.18.10.4358 Privilege Escalation
Posted Nov 3, 2016
Authored by ZwX

Intel(R) HD Graphics version 10.18.10.4358 suffers from an unquoted service path privilege escalation vulnerability.

tags | exploit
SHA-256 | 9fb443b96de9759949d6d206cfaace84b4d025406ccffc546c2a814083bc33eb
SweetRice 1.5.1 Code Execution
Posted Nov 3, 2016
Authored by Ashiyane Digital Security Team

SweetRice version 1.5.1 suffers from a code execution vulnerability via the use of a cross site request forgery flaw.

tags | exploit, code execution, csrf
SHA-256 | f3bfe44c4bc8a14bbdfd762dc9d57d3f96dbce1698057f497e050e8e9168e5b4
Red Hat Security Advisory 2016-2573-02
Posted Nov 3, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2573-02 - The glibc packages provide the standard C libraries, POSIX thread libraries, standard math libraries, and the name service cache daemon used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Security Fix: A stack overflow vulnerability was found in _nss_dns_getnetbyname_r. On systems with nsswitch configured to include "networks: dns" with a privileged or network-facing service that would attempt to resolve user-provided network names, an attacker could provide an excessively long network name, resulting in stack corruption and code execution.

tags | advisory, overflow, code execution
systems | linux, redhat, osx
advisories | CVE-2016-3075
SHA-256 | 73af8c49aae2ea595d4a81807a2cbcdcbd04c82b5c9359f6943ef80ef65cee45
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    0 Files
  • 12
    Nov 12th
    0 Files
  • 13
    Nov 13th
    0 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    0 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close