exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 16 of 16 RSS Feed

Files Date: 2015-10-22 to 2015-10-23

Red Hat Security Advisory 2015-1919-01
Posted Oct 22, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1919-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Multiple flaws were discovered in the CORBA, Libraries, RMI, Serialization, and 2D components in OpenJDK. An untrusted Java application or applet could use these flaws to completely bypass Java sandbox restrictions. Multiple denial of service flaws were found in the JAXP component in OpenJDK. A specially crafted XML file could cause a Java application using JAXP to consume an excessive amount of CPU and memory when parsed.

tags | advisory, java, denial of service
systems | linux, redhat
advisories | CVE-2015-4734, CVE-2015-4803, CVE-2015-4805, CVE-2015-4806, CVE-2015-4835, CVE-2015-4840, CVE-2015-4842, CVE-2015-4843, CVE-2015-4844, CVE-2015-4860, CVE-2015-4868, CVE-2015-4872, CVE-2015-4881, CVE-2015-4882, CVE-2015-4883, CVE-2015-4893, CVE-2015-4903, CVE-2015-4911
SHA-256 | 61741eff25178d8a836136a28b69a8f3bbcc4ac945d6b0df70d7d90b0952034e
Cisco Security Advisory 20151021-asa-ike
Posted Oct 22, 2015
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - A vulnerability in the Internet Key Exchange (IKE) version 1 (v1) code of Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to cause an affected system to reload. The vulnerability is due to improper handling of Internet Security Association and Key Management Protocol (ISAKMP) packets. An attacker could exploit this vulnerability by sending crafted UDP packets to the affected system. A successful exploit could allow the attacker to cause an affected system to reload.

tags | advisory, remote, udp, protocol
systems | cisco
SHA-256 | 7d4c5d946c180d7db530886cb28a882fa6b9283d15f09d4167f604144f2962a9
Cisco Security Advisory 20151021-asa-dns2
Posted Oct 22, 2015
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - A vulnerability in the DNS code of Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to cause an affected system to reload. The vulnerability is due to improper processing of DNS packets. An attacker could exploit this vulnerability by sending a request to an affected Cisco ASA appliance to cause it to generate a DNS request packet. The attacker would need to spoof the reply packet with a crafted DNS response.

tags | advisory, remote, spoof
systems | cisco
SHA-256 | 5ee7857505fa994098c9c9e4ce490ca05c88b03d2bf0c2ad43f540c2734e5f58
Cisco Security Advisory 20151021-asa-dhcp1
Posted Oct 22, 2015
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - A vulnerability in the DHCPv6 relay feature of Cisco Adaptive Security Appliance (ASA) software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to insufficient validation of DHCPv6 packets. Cisco ASA Software is affected by this vulnerability only if the software is configured with the DHCPv6 relay feature. An attacker could exploit this vulnerability by sending crafted DHCPv6 packets to an affected device.

tags | advisory, remote
systems | cisco
SHA-256 | 3f9de37e2bd0d6154ff3b114a4806263fcf7f098d579b9784472780cdab25a3c
Cisco Security Advisory 20150115-asa-dhcp
Posted Oct 22, 2015
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - A vulnerability in the DHCPv6 relay feature of Cisco Adaptive Security Appliance (ASA) software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to insufficient validation of DHCPv6 packets. Cisco ASA Software is affected by this vulnerability only if the software is configured with the DHCPv6 relay feature. An attacker could exploit this vulnerability by sending crafted DHCPv6 packets to an affected device.

tags | advisory, remote
systems | cisco
SHA-256 | 3cc98d2dc398f7a9e51ff5963ef2b4bfe4df15fb4b805490adacbb8b168d210c
Ubuntu Security Notice USN-2770-2
Posted Oct 22, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2770-2 - USN-2770-1 fixed vulnerabilities in Oxide in Ubuntu 14.04 LTS and Ubuntu 15.04. This update provides the corresponding updates for Ubuntu 15.10. It was discovered that ContainerNode::parserInsertBefore in Blink would incorrectly proceed with a DOM tree insertion in some circumstances. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to bypass same origin restrictions. A use-after-free was discovered in the service worker implementation in Chromium. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking the program. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, ubuntu
advisories | CVE-2015-6755, CVE-2015-6757, CVE-2015-6759, CVE-2015-6761, CVE-2015-6762, CVE-2015-6763, CVE-2015-7834
SHA-256 | cc7ff3720ed49e1a8614059f8624fd170ac675d3c067ed96ba831eff2cb7f5c1
Red Hat Security Advisory 2015-1924-01
Posted Oct 22, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1924-01 - KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm package provides the user-space component for running virtual machines using KVM. A heap buffer overflow flaw was found in the way QEMU's NE2000 NIC emulation implementation handled certain packets received over the network. A privileged user inside a guest could use this flaw to crash the QEMU instance or potentially execute arbitrary code on the host.

tags | advisory, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2015-5279
SHA-256 | 57efea710eb0a005d7e1005b14e3ee253ed6fea58cad65476af25481bb094aab
Red Hat Security Advisory 2015-1925-01
Posted Oct 22, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1925-01 - KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. A heap buffer overflow flaw was found in the way QEMU's NE2000 NIC emulation implementation handled certain packets received over the network. A privileged user inside a guest could use this flaw to crash the QEMU instance or potentially execute arbitrary code on the host.

tags | advisory, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2015-5279
SHA-256 | 34474d4388dd63016e4f02e85c330f5170d5ff26ef1d9a1683efbba058d5b9f2
Red Hat Security Advisory 2015-1923-01
Posted Oct 22, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1923-01 - KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm-rhev package provides the user-space component for running virtual machines using KVM. A heap buffer overflow flaw was found in the way QEMU's NE2000 NIC emulation implementation handled certain packets received over the network. A privileged user inside a guest could use this flaw to crash the QEMU instance or potentially execute arbitrary code on the host.

tags | advisory, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2015-5279
SHA-256 | f012e9ccacba8f64dd5aab7e0ae3942dd803d745e77056bb3a70aaf782bcb6ef
Red Hat Security Advisory 2015-1920-01
Posted Oct 22, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1920-01 - The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. Multiple flaws were discovered in the CORBA, Libraries, RMI, Serialization, and 2D components in OpenJDK. An untrusted Java application or applet could use these flaws to completely bypass Java sandbox restrictions. Multiple denial of service flaws were found in the JAXP component in OpenJDK. A specially crafted XML file could cause a Java application using JAXP to consume an excessive amount of CPU and memory when parsed.

tags | advisory, java, denial of service
systems | linux, redhat
advisories | CVE-2015-4734, CVE-2015-4803, CVE-2015-4805, CVE-2015-4806, CVE-2015-4835, CVE-2015-4840, CVE-2015-4842, CVE-2015-4843, CVE-2015-4844, CVE-2015-4860, CVE-2015-4872, CVE-2015-4881, CVE-2015-4882, CVE-2015-4883, CVE-2015-4893, CVE-2015-4903, CVE-2015-4911
SHA-256 | 9ac18bfdf04382d72ffee12d18413d5e56c5159d29a01fbfecafa03341a81c10
Red Hat Security Advisory 2015-1921-01
Posted Oct 22, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1921-01 - The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. Multiple flaws were discovered in the CORBA, Libraries, RMI, Serialization, and 2D components in OpenJDK. An untrusted Java application or applet could use these flaws to completely bypass Java sandbox restrictions. Multiple denial of service flaws were found in the JAXP component in OpenJDK. A specially crafted XML file could cause a Java application using JAXP to consume an excessive amount of CPU and memory when parsed.

tags | advisory, java, denial of service
systems | linux, redhat
advisories | CVE-2015-4734, CVE-2015-4803, CVE-2015-4805, CVE-2015-4806, CVE-2015-4835, CVE-2015-4840, CVE-2015-4842, CVE-2015-4843, CVE-2015-4844, CVE-2015-4860, CVE-2015-4872, CVE-2015-4881, CVE-2015-4882, CVE-2015-4883, CVE-2015-4893, CVE-2015-4903, CVE-2015-4911
SHA-256 | 14928189fc53248a9ff8eeea22f0708da21860ebd6b0655af037f636a10b3bbf
Debian Security Advisory 3376-1
Posted Oct 22, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3376-1 - Several vulnerabilities have been discovered in the chromium web browser.

tags | advisory, web, vulnerability
systems | linux, debian
advisories | CVE-2015-1303, CVE-2015-1304, CVE-2015-6755, CVE-2015-6756, CVE-2015-6757, CVE-2015-6758, CVE-2015-6759, CVE-2015-6760, CVE-2015-6761, CVE-2015-6762, CVE-2015-6763
SHA-256 | c2fb639f121d86a50280fee2d1e8efc29647ec5574df20fecf40a4dcbfeaf827
Java SE 7 Improper Initialization
Posted Oct 22, 2015
Authored by Adam Gowdiak | Site security-explorations.com

Issue number 42 from SE-2014-02 has been addressed by Oracle. Included in this archive are proof of concepts and information regarding the fix.

tags | exploit, proof of concept
systems | linux
SHA-256 | 7df623023a7204002b65855afccec136cda0d1a4a5470f0bb205626f4b1824fe
AlienVault OSSIM 4.3 Cross Site Request Forgery
Posted Oct 22, 2015
Authored by MohammadReza Mohajerani

AlienVault OSSIM version 4.3 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | 070be2bd3bbec9a09484c82f4dfab63895888bf9f5181660c7a06235ad2250d5
The World Browser 3.0 Final Remote Code Execution
Posted Oct 22, 2015
Authored by Ehsan Noreddini

The World Browser version 3.0 Final remote code execution exploit that downloads a malicious file.

tags | exploit, remote, code execution
advisories | CVE-2014-6332
SHA-256 | 31359c9c17043d8c2e045d3a8fd263978d1aeba799e30d7f647055a1579eeca6
HTML Compiler Remote Code Execution
Posted Oct 22, 2015
Authored by Ehsan Noreddini

HTML Compiler remote code execution exploit that downloads a malicious file.

tags | exploit, remote, code execution
advisories | CVE-2014-6332
SHA-256 | 317e8b8ffb24b8c80a55e79508fcdc36cf5b620e1b361a2a7dd28d2b251903c1
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close