what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 13 of 13 RSS Feed

Files Date: 2017-05-12

Mimosa DoS / Code Execution / File Disclosure
Posted May 12, 2017
Authored by Ian Ling

Various Mimosa products suffer from denial of service, information leakage, code execution, and file disclosure vulnerabilities.

tags | advisory, denial of service, vulnerability, code execution, info disclosure
SHA-256 | 7a6b33948781fb136bf41b92bc58cc0a1e46942a8f3b19bcf9a9eab576873d05
DNS Backchannel
Posted May 12, 2017
Authored by Finn Steglich

This whitepaper discussing using the Domain Name System (DNS) to communicate with hosts in separated networks using the open source tool outis.

tags | paper
SHA-256 | b80a12fb08a3e41b01426c53ccc36da0740600c07d28ac9af4caec8e24dad1e2
Red Hat Security Advisory 2017-1230-01
Posted May 12, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-1230-01 - The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap formats so that the code can be displayed or printed. Security Fix: It was found that ghostscript did not properly validate the parameters passed to the .rsdparams and .eqproc functions. During its execution, a specially crafted PostScript document could execute code in the context of the ghostscript process, bypassing the -dSAFER protection.

tags | advisory
systems | linux, redhat
advisories | CVE-2017-8291
SHA-256 | b65e6e58ed27babdee15105ea19a10437baad7a98432bf586ba47d5a3562cd81
Ubuntu Security Notice USN-3285-1
Posted May 12, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3285-1 - Tyler Hicks discovered that LightDM did not confine the user session for guest users. An attacker with physical access could use this issue to access files and other resources that they should not be able to access. In the default installation, this includes files in the home directories of other users on the system. This update fixes the issue by disabling the guest session. It may be re-enabled in a future update.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2017-8900
SHA-256 | f991e1ab97234feff3a21152aafabb565288a04f866b021f7c7a3bba5ba30f90
miniupnpc 2.0.20170421 Denial Of Service
Posted May 12, 2017
Authored by oststrom

miniupnpc suffers from an integer signedness error when parsing a chunked encoded http response.

tags | exploit, web
advisories | CVE-2017-8798
SHA-256 | eae3b67315257af4d12b280c414e11e2785f5cea3165a59b4f1fa16af40318f8
CMS Made Simple 2.1.6 Code Execution / Cross Site Scripting
Posted May 12, 2017
Authored by Osanda Malith

CMS Made Simple version 2.1.6 suffers from code execution and cross site scripting vulnerabilities.

tags | exploit, vulnerability, code execution, xss
SHA-256 | 30eaff6ebd04dc3917930b8ae8e436030b22b272cc193fab53f323c5fec4f76c
EnCase Forensic Imager 7.10 Buffer Overflow
Posted May 12, 2017
Authored by Wolfgang Ettlinger | Site sec-consult.com

Guidance Software EnCase Forensic Imager versions 7.10 and below suffer from a stack-based buffer overflow vulnerability.

tags | exploit, overflow
SHA-256 | dde2e54320f7ae0c6125565d33c61a502a0e8d4158b92889665a3941c021109b
Google API PHP Client 2.1.3 Cross Site Scripting
Posted May 12, 2017
Authored by Leon Juranic, DefenseCode

google-api-php-client versions 2.1.3 and below suffer from multiple cross site scripting vulnerabilities.

tags | exploit, php, vulnerability, xss
SHA-256 | 8eaec32d7fdf5c15debcbc897ef52db1a3048d72036b4d43408cd00a1a64ebbf
Trashbilling.com / Trashflow 3.0 XSS / SQL Injection
Posted May 12, 2017
Authored by g00se

Trashbilling.com suffered from account enumeration, cross site scripting, denial of service, and remote SQL injection vulnerabilities. Trashflow 3.0 suffers from denial of service and hard-coded credential vulnerabilities.

tags | exploit, remote, denial of service, vulnerability, xss, sql injection
SHA-256 | 470b4eb23083c6d35beb60491c350e8d089794af3047da9432eb27938a471df2
OpenVPN 2.4.0 Denial Of Service
Posted May 12, 2017
Authored by QuarksLab

OpenVPN version 2.4.0 suffers from an unauthenticated denial of service vulnerability.

tags | exploit, denial of service
advisories | CVE-2017-7478
SHA-256 | 1e82be24c77aa6afaba0b639870610f41e593ffc6fe941430118a5d799c598c6
Linux Kernel 3.x usb-midi Local Privilege Escalation
Posted May 12, 2017
Authored by Andrey Konovalov

Linux kernel version 3.x (Ubuntu 14.04 / Mint 17.3 / Fedora 22) double-free usb-midi SMEP local privilege escalation exploit.

tags | exploit, kernel, local
systems | linux, fedora, ubuntu
advisories | CVE-2016-2384
SHA-256 | e7882ec726796b90a0e6bf5db2b33500a6997e2fba0c1e07b3cf8985646d15b1
Vanilla Forums 2.3 Remote Code Execution
Posted May 12, 2017
Authored by Dawid Golunski | Site legalhackers.com

Vanilla Forums versions 2.3 and below remote code execution exploit.

tags | exploit, remote, code execution
advisories | CVE-2016-10033, CVE-2016-10073
SHA-256 | 5c7ea9a23a9cecb94400f22b0952a0d9d93fc3cf4ada6196b41f4105e85931c2
Linux Kernel SO_SNDBUFFORCE / SO_RCVBUFFORCE Local Privilege Escalation
Posted May 12, 2017
Authored by Andrey Konovalov

Linux kernel versions 3.11 through 4.8 O_SNDBUFFORCE and SO_RCVBUFFORCE local privilege escalation exploit.

tags | exploit, kernel, local
systems | linux
advisories | CVE-2016-9793
SHA-256 | 3f9a6416a28509909106dbad3e284de2a20f84d964933b9948e0de462f67f961
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close