Home / Exploit
black-hat-logo

Exploit

EXPLOIT DATABASE

PACKETSTORM DATABASE

  • 30 March 2017: HP Security Bulletin HPESBHF03723 1 - Files ≈ Packet Storm
    HP Security Bulletin HPESBHF03723 1 - A potential security vulnerability has been identified in HPE Aruba ClearPass Policy Manager. The vulnerability could be remotely exploited to allow execution of code. **Note:** The ClearPass Policy Manager administrative Web interface is affected by the vulnerability. ClearPass Guest, Insight, and Graphite are NOT impacted. Revision 1 of this advisory.
  • 30 March 2017: HP Security Bulletin HPESBUX03725 1 - Files ≈ Packet Storm
    HP Security Bulletin HPESBUX03725 1 - Potential security vulnerabilities have been identified with HP-UX Web Server Suite running Apache on HP-UX 11iv3. These vulnerabilities could be exploited remotely to create a Denial of Service (DoS), Unauthorized Read Access to Data and other impacts including: * Padding Oracle attack in Apache mod_session_crypto * Apache HTTP Request Parsing Whitespace Defects. Revision 1 of this advisory.
  • 30 March 2017: Ubuntu Security Notice USN-3251-2 - Files ≈ Packet Storm
    Ubuntu Security Notice 3251-2 - USN-3251-1 fixed a vulnerability in the Linux kernel for Ubuntu 16.10. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 16.10 for Ubuntu 16.04 LTS. It was discovered that the xfrm framework for transforming packets in the Linux kernel did not properly validate data received from user space. A local attacker could use this to cause a denial of service or execute arbitrary code with administrative privileges. Various other issues were also addressed.
  • 30 March 2017: Ubuntu Security Notice USN-3251-1 - Files ≈ Packet Storm
    Ubuntu Security Notice 3251-1 - It was discovered that the xfrm framework for transforming packets in the Linux kernel did not properly validate data received from user space. A local attacker could use this to cause a denial of service or execute arbitrary code with administrative privileges.
  • 30 March 2017: Ubuntu Security Notice USN-3250-1 - Files ≈ Packet Storm
    Ubuntu Security Notice 3250-1 - It was discovered that the xfrm framework for transforming packets in the Linux kernel did not properly validate data received from user space. A local attacker could use this to cause a denial of service or execute arbitrary code with administrative privileges.
  • 30 March 2017: Ubuntu Security Notice USN-3250-2 - Files ≈ Packet Storm
    Ubuntu Security Notice 3250-2 - USN-3250-1 fixed a vulnerability in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 LTS. It was discovered that the xfrm framework for transforming packets in the Linux kernel did not properly validate data received from user space. A local attacker could use this to cause a denial of service or execute arbitrary code with administrative privileges. Various other issues were also addressed.
  • 30 March 2017: Ubuntu Security Notice USN-3249-2 - Files ≈ Packet Storm
    Ubuntu Security Notice 3249-2 - USN-3249-1 fixed a vulnerability in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. It was discovered that the xfrm framework for transforming packets in the Linux kernel did not properly validate data received from user space. A local attacker could use this to cause a denial of service or execute arbitrary code with administrative privileges. Various other issues were also addressed.
  • 30 March 2017: Ubuntu Security Notice USN-3248-1 - Files ≈ Packet Storm
    Ubuntu Security Notice 3248-1 - It was discovered that the xfrm framework for transforming packets in the Linux kernel did not properly validate data received from user space. A local attacker could use this to cause a denial of service or execute arbitrary code with administrative privileges.
  • 30 March 2017: Ubuntu Security Notice USN-3249-1 - Files ≈ Packet Storm
    Ubuntu Security Notice 3249-1 - It was discovered that the xfrm framework for transforming packets in the Linux kernel did not properly validate data received from user space. A local attacker could use this to cause a denial of service or execute arbitrary code with administrative privileges.
  • 30 March 2017: Ubuntu Security Notice USN-3236-1 - Files ≈ Packet Storm
    Ubuntu Security Notice 3236-1 - Multiple vulnerabilities were discovered in Chromium. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to obtain sensitive information, spoof application UI by causing the security status API or webview URL to indicate the wrong values, bypass security restrictions, cause a denial of service via application crash, or execute arbitrary code. Various other issues were also addressed.
  • 30 March 2017: Debian Security Advisory 3824-1 - Files ≈ Packet Storm
    Debian Linux Security Advisory 3824-1 - George Noseevich discovered that firebird2.5, a relational database system, did not properly check User-Defined Functions (UDF), thus allowing remote authenticated users to execute arbitrary code on the firebird server.
  • 30 March 2017: Debian Security Advisory 3798-2 - Files ≈ Packet Storm
    Debian Linux Security Advisory 3798-2 - DSA-3798-1 for tnef introduced a regression that caused crashes on some attachments.
  • 30 March 2017: Red Hat Security Advisory 2017-0847-01 - Files ≈ Packet Storm
    Red Hat Security Advisory 2017-0847-01 - The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fix: It was found that the fix for CVE-2015-3148 in curl was incomplete. An application using libcurl with HTTP Negotiate authentication could incorrectly re-use credentials for subsequent requests to the same server.
  • 30 March 2017: Slackware Security Advisory - mariadb Updates - Files ≈ Packet Storm
    Slackware Security Advisory - New mariadb packages are available for Slackware 14.2 and -current to fix security issues.
  • 28 March 2017: Ubuntu Security Notice USN-3244-1 - Files ≈ Packet Storm
    Ubuntu Security Notice 3244-1 - Hanno Boeck discovered that GStreamer Base Plugins did not correctly handle certain malformed media files. If a user were tricked into opening a crafted media file with a GStreamer application, an attacker could cause a denial of service via application crash.

CERT VULNERABILITY DATABASE

SECURITYFOCUS DATABASE