what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 26 RSS Feed

Files Date: 2016-05-02

RSA Data Loss Prevention XSS / Information Disclosure
Posted May 2, 2016
Site emc.com

RSA Data Loss Prevention 9.6.SP2 P5 contains fixes for multiple security vulnerabilities that could potentially be exploited by malicious users to compromise the affected system. These include information disclosure, cross site scripting, and clickjacking issues.

tags | advisory, vulnerability, xss, info disclosure
advisories | CVE-2016-0892, CVE-2016-0893, CVE-2016-0894, CVE-2016-0895
SHA-256 | ee5519615a38ebb9db6380edf7f10a484254241087366a45ae65f1a55b2fa1a4
WordPress Advanced Custom Fields 4.4.7 Cross Site Scripting
Posted May 2, 2016
Authored by Rahul Pratap Singh

WordPress Advanced Custom Fields plugin version 4.4.7 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | f7231aa5c88f5877440775085bf171e757e66fc77d0334fe6f65b579d97c1855
HP Security Bulletin HPSBGN03547 3
Posted May 2, 2016
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN03547 3 - A security vulnerability in glibc has been addressed with HPE Helion Eucalyptus Node Controller and other Helion Eucalyptus components. The vulnerability could be exploited remotely resulting in arbitrary execution of code. Revision 3 of this advisory.

tags | advisory, remote, overflow, arbitrary
systems | linux, redhat, centos
advisories | CVE-2015-7547
SHA-256 | 3a3a7da261ca85e7feb593ac3b1137b0a8baf5a5661d975d9cd76acfc0ff825f
Ubuntu Security Notice USN-2936-2
Posted May 2, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2936-2 - USN-2936-1 fixed vulnerabilities in Firefox. The update caused Firefox to crash on startup with the Oxygen GTK theme due to a pre-existing bug in the Oxygen-GTK3 theme engine. This update fixes the problem. Various other issues were also addressed.

tags | advisory, remote, web, denial of service, overflow, arbitrary, javascript, vulnerability, xss
systems | linux, ubuntu
advisories | CVE-2016-2807, CVE-2016-2808, CVE-2016-2814, CVE-2016-2816, CVE-2016-2817, CVE-2016-2820
SHA-256 | 157ccf1b44c12024cd9523ac2451dbf44f6e81c11cb7e3ab919c1c48794a67bf
Gentoo Linux Security Advisory 201605-01
Posted May 2, 2016
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201605-1 - Git contains multiple vulnerabilities that allow for the remote execution of arbitrary code. Versions less than 2.7.3-r1 are affected.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2015-7545
SHA-256 | cd303c2ea2bf11e1988f430bda5e50280583516e62632b2c5342af18603cccc8
Ubuntu Security Notice USN-2957-2
Posted May 2, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2957-2 - USN-2957-1 fixed a vulnerability in Libtasn1. This update provides the corresponding update for Ubuntu 16.04 LTS. Pascal Cuoq and Miod Vallat discovered that Libtasn1 incorrectly handled certain malformed DER certificates. A remote attacker could possibly use this issue to cause applications using Libtasn1 to hang, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2016-4008
SHA-256 | c33eee1719d4d2b6b1e4d7568f56ee34ddadfeeda6aa155fa8494cd00e22fd1c
Ubuntu Security Notice USN-2957-1
Posted May 2, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2957-1 - Pascal Cuoq and Miod Vallat discovered that Libtasn1 incorrectly handled certain malformed DER certificates. A remote attacker could possibly use this issue to cause applications using Libtasn1 to hang, resulting in a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2016-4008
SHA-256 | 4dd7a3a4941da644fe4723952615b99d9271dfd39e6b14dcdd6384b01fe51673
Ubuntu Security Notice USN-2958-1
Posted May 2, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2958-1 - It was discovered that the poppler pdfseparate tool incorrectly handled certain filenames. A local attacker could use this issue to cause the tool to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only applied to Ubuntu 12.04 LTS. It was discovered that poppler incorrectly parsed certain malformed PDF documents. If a user or automated system were tricked into opening a crafted PDF file, an attacker could cause a denial of service or possibly execute arbitrary code with privileges of the user invoking the program. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2013-4473, CVE-2013-4474, CVE-2015-8868
SHA-256 | 43e08913187cf8f3d9ef94c0abe6a6f0d81775e0a9417d19c6e2b22901da9b2c
Debian Security Advisory 3565-1
Posted May 2, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3565-1 - Several security vulnerabilities were found in botan1.10, a C++ library which provides support for many common cryptographic operations, including encryption, authentication, X.509v3 certificates and CRLs.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2015-5726, CVE-2015-5727, CVE-2015-7827, CVE-2016-2194, CVE-2016-2195, CVE-2016-2849
SHA-256 | d27e740622656c8ad3c7ce6dc7d5c1a9451a45192b16b054ee68a3a9c3718b63
Debian Security Advisory 3564-1
Posted May 2, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3564-1 - Several vulnerabilities have been discovered in the chromium web browser.

tags | advisory, web, vulnerability
systems | linux, debian
advisories | CVE-2016-1660, CVE-2016-1661, CVE-2016-1662, CVE-2016-1663, CVE-2016-1664, CVE-2016-1665, CVE-2016-1666
SHA-256 | 6c88c4c3d89d90a8a443ae77f3264240e8a136f34c3373f329c5f155d54cffcb
Red Hat Security Advisory 2016-0708-01
Posted May 2, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0708-01 - IBM Java SE version 6 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 6 to version 6 SR16-FP25. Security Fix: This update fixes multiple vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2016-0264, CVE-2016-0363, CVE-2016-0376, CVE-2016-0686, CVE-2016-0687, CVE-2016-3422, CVE-2016-3426, CVE-2016-3427, CVE-2016-3443, CVE-2016-3449
SHA-256 | 1f1e565de83c79dd0d44cfbaff2b9b6777159a5636ed0b0b3113c7c606fc423a
Red Hat Security Advisory 2016-0706-01
Posted May 2, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0706-01 - Mercurial is a fast, lightweight source control management system designed for efficient handling of very large distributed projects. Security Fix: It was discovered that Mercurial failed to properly check Git sub-repository URLs. A Mercurial repository that includes a Git sub-repository with a specially crafted URL could cause Mercurial to execute arbitrary code. It was discovered that the Mercurial convert extension failed to sanitize special characters in Git repository names. A Git repository with a specially crafted name could cause Mercurial to execute arbitrary code when the Git repository was converted to a Mercurial repository.

tags | advisory, arbitrary
systems | linux, redhat
advisories | CVE-2016-3068, CVE-2016-3069
SHA-256 | 8d3ab188c8050ef61e4d414ae4a3622d517e9e409cfb8acea2df904721d13de6
Red Hat Security Advisory 2016-0705-01
Posted May 2, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0705-01 - MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon, mysqld, and many client programs. The following packages have been upgraded to a newer upstream version: rh-mysql56-mysql. Security Fix: This update fixes several vulnerabilities in the MySQL database server.

tags | advisory, vulnerability
systems | linux, redhat
advisories | CVE-2015-4792, CVE-2015-4800, CVE-2015-4802, CVE-2015-4815, CVE-2015-4826, CVE-2015-4830, CVE-2015-4836, CVE-2015-4858, CVE-2015-4861, CVE-2015-4862, CVE-2015-4870, CVE-2015-4890, CVE-2015-4910, CVE-2015-4913, CVE-2016-0503, CVE-2016-0504, CVE-2016-0505, CVE-2016-0546, CVE-2016-0595, CVE-2016-0596, CVE-2016-0597, CVE-2016-0598, CVE-2016-0600, CVE-2016-0605, CVE-2016-0606, CVE-2016-0607, CVE-2016-0608, CVE-2016-0609
SHA-256 | 61bf38b1cf0792be6db016a78a5d72159db8ff94854a70c0e551f3a548ebe5cf
Red Hat Security Advisory 2016-0707-01
Posted May 2, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0707-01 - Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 50.0.2661.94. Security Fix: Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Chromium to crash, execute arbitrary code, or disclose sensitive information when visited by the victim.

tags | advisory, web, arbitrary
systems | linux, redhat
advisories | CVE-2016-1660, CVE-2016-1661, CVE-2016-1662, CVE-2016-1663, CVE-2016-1664, CVE-2016-1665, CVE-2016-1666
SHA-256 | b435bb07cff65239707748bd4ce79122e8ca22633b90ded5706e2dc57a65ad86
Debian Security Advisory 3563-1
Posted May 2, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3563-1 - It was discovered that a heap overflow in the Poppler PDF library may result in denial of service and potentially the execution of arbitrary code if a malformed PDF file is opened.

tags | advisory, denial of service, overflow, arbitrary
systems | linux, debian
advisories | CVE-2015-8868
SHA-256 | 5cb24620c7c7cbb79be59b28d87ce8d283b75bbc04576991a97d456aa9ad20de
Red Hat Security Advisory 2016-0704-01
Posted May 2, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0704-01 - In accordance with the Red Hat Storage Support Life Cycle policy, the Red Hat Ceph Storage 1.2 offering will be retired as of May 31, 2016, and support will no longer be provided. Accordingly, Red Hat will not provide extended support for this product, including Critical impact security patches or urgent priority bug fixes, after this date.

tags | advisory
systems | linux, redhat
SHA-256 | b4e887d73ab71f82bb93a5d791dabdb92acb8e09865fc54e68b0ee8384ba2a2c
Debian Security Advisory 3562-1
Posted May 2, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3562-1 - Several vulnerabilities were discovered in tardiff, a tarball comparison tool.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2015-0857, CVE-2015-0858
SHA-256 | 306fe98ee2aa902b2d646bdb1b17d3da65dad3d3946ef5bf60eb09601f001e6b
Slackware Security Advisory - subversion Updates
Posted May 2, 2016
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New subversion packages are available for Slackware 14.0, 14.1, and -current to fix security issues.

tags | advisory
systems | linux, slackware
advisories | CVE-2016-2167, CVE-2016-2168
SHA-256 | 384ed0f0e1971c9917b9b019f463d5f21891e2feea3e327669254736a355f117
Slackware Security Advisory - php Updates
Posted May 2, 2016
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New php packages are available for Slackware 14.0, 14.1, and -current to fix security issues.

tags | advisory, php
systems | linux, slackware
advisories | CVE-2016-3074
SHA-256 | 03680f1ef8d2175746213fd3947abf96e71e71cbed3020b9b5b7aef5f1626470
Slackware Security Advisory - ntp Updates
Posted May 2, 2016
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New ntp packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix security issues.

tags | advisory
systems | linux, slackware
advisories | CVE-2015-7704, CVE-2015-8138, CVE-2016-1547, CVE-2016-1548, CVE-2016-1549, CVE-2016-1550, CVE-2016-1551, CVE-2016-2516, CVE-2016-2517, CVE-2016-2518, CVE-2016-2519
SHA-256 | e423f753b93a8a51d515e0f972ee0096cb985df0c115ffa84e4a1ae57df37052
Ansvif 1.4.2
Posted May 2, 2016
Authored by Marshall Whittaker | Site oxagast.github.io

Ansvif is "A Not So Very Intelligent Fuzzer". It feeds garbage arguments and data into programs trying to induce a fault.

Changes: This release includes bug fixes, more crash code detection for Windows, and better overall crash recognition.
tags | tool, fuzzer
systems | unix
SHA-256 | a5e74466bf5d7a40e44822cdd15c9e5cc024ccc34fa74f8f76dac9b988c0409f
Acunetix WVS 10 Remote Command Execution
Posted May 2, 2016
Authored by Daniele Linguaglossa

Acunetix WVS 10 remote command execution exploit that gains SYSTEM privileges.

tags | exploit, remote
SHA-256 | 3e317ba78571cb5a7ade2233913a96c8fc2d129ef22f7d72a39601d107cf8aad
QSEE PRDiag* Privilege Escalation
Posted May 2, 2016
Authored by laginimaineb

Local privilege escalation exploit for Qualcomm's Secure Execution Environment (QSEE) that leverages PRDiag* commands.

tags | exploit, local
systems | linux
advisories | CVE-2015-6639
SHA-256 | 5b72bda07562bc29d06783e77f7af87f375f1b00dbff74e3b5d146090d024e10
WordPress Export To Ghost Export Download
Posted May 2, 2016
Authored by Josh Brody

WordPress Export to Ghost suffers from an unrestricted export download vulnerability.

tags | exploit, info disclosure
SHA-256 | 7db2aec84014d689f596f4bcff5e31b0d437300c1641b1ccfa172a49cb99661c
VBScan Vulnerability Scanner 0.1.6
Posted May 2, 2016
Authored by Mohammad Reza Espargham | Site owasp.org

VBScan is a black box vBulletin vulnerability scanner written in perl.

Changes: Added automatic vBulletin detection. Added robots.txt analyzer module. Added vbulletin LICENSE checker module. Various other fixes and optimizations.
tags | tool, scanner, perl
systems | unix
SHA-256 | c12e918da14aa71629c893643a7bac1ab6f469fdb72a868b4f2e8689e00a88fb
Page 1 of 2
Back12Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close