RootedCON will be held as RootedHK 2016 in Hong Kong. They have announced their call for papers. It will take place November 17th through the 18th, 2016.
0e8af9f2030f6533e682b335d3a11dc0a574f93193d35458c2435917870a1cb4SAP Netweaver 2004s suffers from a Security Audit Log invalid address logging issue.
209e6e26f282e79e950659858428ce65950b8a6438be686c8d03d5c3ba43079fDebian Linux Security Advisory 3684-1 - Paul Rohar discovered that libdbd-mysql-perl, the Perl DBI database driver for MySQL and MariaDB, constructed an error message in a fixed-length buffer, leading to a crash (_FORTIFY_SOURCE failure) and, potentially, to denial of service.
3c5d32f4eeefce06446e3e8b30f5304251c1d06e65a6099765bc82ba6c6cce14Red Hat Security Advisory 2016-1991-01 - In accordance with the Red Hat Enterprise Linux Errata Support Policy, Advanced Mission Critical for Red Hat Enterprise Linux 5.6 will be retired as of March 31, 2017, and active support will no longer be provided. Accordingly, Red Hat will no longer provide updated packages, including Critical impact security patches or Urgent priority bug fixes, for Red Hat Enterprise Linux 5.6 AMC after March 31, 2017.
8d3a1d93791f09ea024307ab2653b8e590b3f23387c6dfc437798d10f6b94c14Red Hat Security Advisory 2016-1990-01 - In accordance with the Red Hat Enterprise Linux Errata Support Policy, support for Red Hat Enterprise Linux 5 will be retired on March 31, 2017, at the end of Production Phase 3. Until that date, customers will continue to receive Critical impact security patches and selected Urgent priority bug fixes for RHEL 5.11. On that date, active support included with your RHEL Premium or Standard subscription will conclude. This means that customers will continue to have access to all previously released content.
820deb287b6a4264fdc9dd4c0c3af70077f6196f9d26b27606679ae5edd8ad54Red Hat Security Advisory 2016-1989-01 - In accordance with the Red Hat Enterprise Developer Toolset Life Cycle policy, the Red Hat Developer Toolset Version 3.x offering will be retired as of October 31, 2016, and active support will no longer be provided. Accordingly, Red Hat will no longer provide updated packages, including Critical impact security patches or Urgent priority bug fixes, for Developer Toolset Version 3.x after October 31, 2016.
18ab03180600324074b9073b53852d55c1c640035a3f5f7f19eab9aa863ba706Red Hat Security Advisory 2016-1986-01 - In accordance with the Red Hat Enterprise Linux Errata Support Policy, Extended Life Cycle Support for Red Hat Enterprise Linux 4 will be retired as of March 31, 2017, and active support will no longer be provided. Accordingly, Red Hat will no longer provide updated packages, including Critical impact security patches or Urgent priority bug fixes, for Red Hat Enterprise Linux 4 ELS after March 31, 2017.
d2b059c5bdc16452e013759a17d4afcc497f972a57dd8c3301d6d726ecd72ccaRed Hat Security Advisory 2016-1985-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 45.4.0. Security Fix: Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird.
62b7270c8e486aafe5d9529d9ce76fc72d1d54962f2cc87fdf6e75c0998e7c42DWebPro version 8.4.2 suffers from a file inclusion vulnerability that can trigger remote binary execution.
585c5944cbd53d6ef1625e5ba24695a08743d9b684aaeeab9a94ee352f5acfdfDigital Whisper Electronic Magazine issue 76. Written in Hebrew.
1b08b655512034cce585ad17e6b26ef726d291d8f77186ca39be100723a4727fWindows Firewall Control suffers from an unquoted service path privilege escalation vulnerability.
80a38c8e5036d2c6163447857a8e2fa1200852e15a5f009f9e9ede40f5a28935The SAP Netweaver version 7.40 SP 12 SCTC_TMS_MAINTAIN_ALOG function does not correctly sanitize variables used when executing CALL 'SYSTEM' statement, allowing an attacker, with particular privileges, to execute any arbitrary OS command.
cdea10037f25f37e68dadc3dd2a5c0d0f27caaca32899c47a4e16ddc8f3b72ebThe SAP Netweaver version 7.40 SP 12 SCTC_REFRESH_CHECK_ENV function does not correctly sanitize variables used when executing CALL 'SYSTEM' statement, allowing an attacker, with particular privileges, to execute any arbitrary OS command.
b35e9f6613d4f1f23468ca6d75fc9ed768d97653f4622f0c9116590ea888b4f4Debian Linux Security Advisory 3681-2 - It was discovered that the patch to fix CVE-2016-6635 added a function already present in the code, preventing the website to display completely. The package has been updated to fix this regression.
4b8db9ac0b35ea546b7f6ab57fb2cc630c536fef5e45a0b4ac7e3fa3c767f274The SAP Netweaver version 7.40 SP 12 SCTC_REFRESH_EXPORT_TAB_COMP function does not correctly sanitize variables used when executing CALL 'SYSTEM' statement, allowing an attacker, with particular privileges, to execute any arbitrary OS command.
48c0424ccdff8795c1c8e34571da47df3e36d4472a09787da490e76fa363125cThis is a whitepaper discussing important tips for using Wireshark. Written in Turkish.
478cd56d7f569b7f38474c8b63d3d81560b46e5f0a9e14ab6cf7565202e14f76Flv Player 2011 version 1.3 suffers from a dll hijacking vulnerability.
9d0066706f9705814537e0a33aef8f9f6bea5beb32f69b290dc3c0a139b18e0cThis Metasploit module abuses the Capcom.sys kernel driver's function that allows for an arbitrary function to be executed in the kernel from user land. This function purposely disables SMEP prior to invoking a function given by the caller. This has been tested on Windows 7 x64.
1cee469e5e571383c0f9e5e97edee2bf63d77321f66855763160c9ef70f4275dThis archive contains all of the 178 exploits added to Packet Storm in September, 2016.
c8e838190d88bd305fdf8e533afb092ad92547760f64b10b06ef8e555a04e646WampServer version 3.0.6 suffers from an insecure file permission vulnerability.
80dc918ec0fefcb500a8690945618c12f0713082c5fcb6aa79cf65ecf16297c6
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed