what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 15 of 15 RSS Feed

Files Date: 2016-11-16

Nginx Root Privilege Escalation
Posted Nov 16, 2016
Authored by Dawid Golunski

Nginx web server packaging on Debian-based distributions such as Debian or Ubuntu was found to create log directories with insecure permissions which can be exploited by malicious local attackers to escalate their privileges from nginx/web user (www-data) to root. The vulnerability could be easily exploited by attackers who have managed to compromise a web application hosted on Nginx server and gained access to www-data account as it would allow them to escalate their privileges further to root access and fully compromise the system. This is fixed in 1.6.2-5+deb8u3 package on Debian and 1.10.0-0ubuntu0.16.04.3 on Ubuntu 16.04 LTS. UPDATE 2017/01/13 - nginx packages below version 1.10.2-r3 on Gentoo are also affected.

tags | exploit, web, local, root
systems | linux, debian, ubuntu
advisories | CVE-2016-1247
SHA-256 | 572946533a64d6b9af6ce4ce53d1c39bc1cc476f9cdbd639425b4aed7713bcef
HP Security Bulletin HPSBGN03676 1
Posted Nov 16, 2016
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN03676 1 - A potential security vulnerability has been identified with HPE Helion OpenStack Glance image service. This vulnerability could be exploited remotely to allow a Denial of Service (DoS). Revision 1 of this advisory.

tags | advisory, denial of service
advisories | CVE-2016-8611
SHA-256 | 34276ff714c214f8de2d088c12dd86926ca1164a7656e3c33d1bc698bbb39afb
Red Hat Security Advisory 2016-2779-01
Posted Nov 16, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2779-01 - Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. The nss-util packages provide utilities for use with the Network Security Services libraries. The following packages have been upgraded to a newer upstream version: nss, nss-util. Multiple security issues have been addressed.

tags | advisory
systems | linux, redhat
advisories | CVE-2016-2834, CVE-2016-5285, CVE-2016-8635
SHA-256 | df0b83d865da079f245658c46d7eff1eab3b336b9074b5a1419917a774b695c1
VMware Security Advisory 2016-0020
Posted Nov 16, 2016
Authored by VMware | Site vmware.com

VMware Security Advisory 2016-0020 - vRealize Operations REST API deserialization vulnerability vRealize Operations contains a deserialization vulnerability in its REST API implementation. This issue may result in a Denial of Service as it allows for writing of files with arbitrary content and moving existing files into certain folders. The name format of the destination files is predefined and their names cannot be chosen. Overwriting files is not feasible.

tags | advisory, denial of service, arbitrary
advisories | CVE-2016-7462
SHA-256 | 29c0a098ffb0c7b27ec0d4610115a63c7d8a7f0037d9c4fba88d83dcb2ddd668
WordPress All In One WP Security And Firewall 4.1.9 Cross Site Scripting
Posted Nov 16, 2016
Authored by Yorick Koster

WordPress All In One WP Security and Firewall plugin versions 4.1.4 through 4.1.9 suffer from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 529e84cd77541f83b0ed65669edd6479516fab6293f7fc579a4115aa74f2d889
Red Hat Security Advisory 2016-2780-01
Posted Nov 16, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2780-01 - Mozilla Firefox is an open source web browser. This update upgrades Firefox to version 45.5.0 ESR. Security Fix: Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox.

tags | advisory, web, arbitrary
systems | linux, redhat
advisories | CVE-2016-5290, CVE-2016-5291, CVE-2016-5296, CVE-2016-5297, CVE-2016-9064, CVE-2016-9066
SHA-256 | 1e6b22dca01d05d1b502a358a47e44384f7ef65d1eaf93c19aefa6b6b2e299d2
Microsoft Internet Explorer 8 Javascript RegExpBase::FBadHeader Use-After-Free
Posted Nov 16, 2016
Authored by SkyLined

A specially crafted web-page can cause the Javascript engine of Microsoft Internet Explorer 8 to free memory used for a string. The code will keep a reference to the string and can be forced to reuse it when compiling a regular expression.

tags | exploit, web, javascript
advisories | CVE-2015-2482
SHA-256 | a44bc80d38c01b629bf33d47219ad52a17a287e1ebeaf43f0e48e32b2c5d2caf
CS-Cart 4.3.10 Unauthenticated XXE Injection
Posted Nov 16, 2016
Authored by Ahmed Sultan

CS-Cart versions 4.3.10 and below suffer from an unauthenticated XML external entity (XXE) injection vulnerability.

tags | exploit, xxe
SHA-256 | d055752e041a2e34fe412240fa6a2df718f958b7dee0c4a6b2350b08ba38432a
Windows x86 EXE Removal Shellcode
Posted Nov 16, 2016
Authored by Fugu

This is a standard meterpreter/windows/reverse_tcp_dns with a little bonus - it will remove the exe that it gets injected/compiled into. Warning: Do not run this from powershell.exe or any other system file exe, because there is a chance it will be erased forever. As is, no warranties.

tags | shellcode
systems | windows
SHA-256 | c81c417caf9b767d9a10e48e8625ee66bf65b8daa94b98170474646e412b0351
Red Hat Security Advisory 2016-2766-01
Posted Nov 16, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2766-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: It was found that stacking a file system over procfs in the Linux kernel could lead to a kernel stack overflow due to deep nesting, as demonstrated by mounting ecryptfs over procfs and creating a recursion by mapping /proc/environ. An unprivileged, local user could potentially use this flaw to escalate their privileges on the system.

tags | advisory, overflow, kernel, local
systems | linux, redhat
advisories | CVE-2016-1583, CVE-2016-2143
SHA-256 | cc91f5aae5acf096e58503cad4e4ced602a901542b2ae666e8d8ade12d687f24
Red Hat Security Advisory 2016-2765-01
Posted Nov 16, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2765-01 - 389 Directory Server is an LDAP version 3 compliant server. The base packages include the Lightweight Directory Access Protocol server and command-line utilities for server administration. Security Fix: It was found that 389 Directory Server was vulnerable to a flaw in which the default ACI could be read by an anonymous user. This could lead to leakage of sensitive information. An information disclosure flaw was found in 389 Directory Server. A user with no access to objects in certain LDAP sub-tree could send LDAP ADD operations with a specific object name. The error message returned to the user was different based on whether the target object existed or not.

tags | advisory, protocol, info disclosure
systems | linux, redhat
advisories | CVE-2016-4992, CVE-2016-5405, CVE-2016-5416
SHA-256 | a23f2adc4f9c7000e2a14bf0039f624d18c36c133617746781bb9f35d92b15dc
Red Hat Security Advisory 2016-2778-01
Posted Nov 16, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2778-01 - Red Hat OpenShift Container Platform is the company's cloud computing Platform-as-a-Service solution designed for on-premise or private cloud deployments. Security Fix: Ansible fails to properly sanitize fact variables sent from the Ansible controller. An attacker with the ability to create special variables on the controller could execute arbitrary commands on Ansible clients as the user Ansible runs as.

tags | advisory, arbitrary
systems | linux, redhat
advisories | CVE-2016-8628
SHA-256 | c29aac5e4a84aa6b60fb8005bb7f3336c0ff6abc1ff541555ec67fe872574c88
Red Hat Security Advisory 2016-2696-01
Posted Nov 16, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2696-01 - Red Hat OpenShift Container Platform is the company's cloud computing Platform-as-a-Service solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform release 3.3.1.4. Multiple security issues have been addressed.

tags | advisory
systems | linux, redhat
advisories | CVE-2016-8631
SHA-256 | c10182559bc0cc2357527ebc02cd6fb0eca4428ed48a30c8201eaa78a1d10a0b
HP Security Bulletin HPSBST03671 1
Posted Nov 16, 2016
Authored by HP | Site hp.com

HP Security Bulletin HPSBST03671 1 - A security vulnerability in PHP was addressed by the HPE StoreEver MSL6480 Tape Library firmware version 5.10. The vulnerability could be exploited remotely to allow Unauthorized Disclosure of Information. Revision 1 of this advisory.

tags | advisory, php
advisories | CVE-2016-5385
SHA-256 | a236eaf5199d818b254fc1971d748d5d36168d9a9c1c1304c367c3f4b563aefb
Cryptsetup 2:1.7.3-2 Root Initramfs Shell
Posted Nov 16, 2016
Authored by Hector Marco, Ismael Ripoll

A vulnerability in Cryptsetup, concretely in the scripts that unlock the system partition when the partition is ciphered using LUKS (Linux Unified Key Setup). This vulnerability allows to obtain a root initramfs shell on affected systems. The vulnerability is very reliable because it doesn't depend on specific systems or configurations. Attackers can copy, modify or destroy the hard disc as well as set up the network to data. In cloud environments it is also possible to remotely exploit this vulnerability without having "physical access". Cryptsetup versions 2:1.7.3-2 and below are affected.

tags | advisory, shell, root
systems | linux
advisories | CVE-2016-4484
SHA-256 | a533475e588d0a35025183dd93ff60b65d867075cd009e955f89a1138f7cd7fe
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    0 Files
  • 7
    Nov 7th
    0 Files
  • 8
    Nov 8th
    0 Files
  • 9
    Nov 9th
    0 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    0 Files
  • 12
    Nov 12th
    0 Files
  • 13
    Nov 13th
    0 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    0 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close