Updated virtualbox packages fixes security vulnerabilities

This update provides virtualbox 5.1.18 maintenance release and resolves at least the following security issues: A vulnerability in the GUI subcomponent of virtualbox allows unauthenticated attacker unauthorized update, insert or delete access to some data as well as unauthorized read access to a...

VirtualBox - Cooperating VMs can Escape from Shared Folder Exploit

Exploit for linux platform in category local exploits Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1037 There is a security issue in the shared folder implementation that permits cooperating guests with write access to the same shared folder to gain access to the whole...

Oracle VM VirtualBox - Cooperating VMs can Escape from Shared Folder

Oracle VM VirtualBox - Cooperating VMs can Escape from Shared Folder Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1037 There is a security issue in the shared folder implementation that permits cooperating guests with write access to the same shared folder to gain access to t...

Oracle VM VirtualBox - Cooperating VMs can Escape from Shared Folder

Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1037 There is a security issue in the shared folder implementation that permits cooperating guests with write access to the same shared folder to gain access to the whole filesystem of the host, at least on Linux hosts. The issue i...

cgPwn - Cyber Grand Pwnage Box

A lightweight VM for hardware hacking, RE fuzzing, symEx, exploiting etc and wargaming tasks. This is a Ubuntu VM tailored for hardware hacking, RE and Wargaming. Tools included Pwndbg Pwntools Binwalk Radare2 Capstone, Unicorn and Keystone Engines Qira Timeless Debugger AFL Valgrind , VGdb...

openSUSE Security Update : virtualbox (openSUSE-2017-203)

This update for virtualbox to version 5.1.14 fixes the following issues : These security issues were fixed : - CVE-2016-5545: Vulnerability in the GUI subcomponent of virtualbox allows unauthenticated attacker unauthorized update, insert or delete access to some data as well as unauthorized read...

openSUSE Security Update : virtualbox (openSUSE-2017-178)

This update for virtualbox to version 5.0.32 fixes the following issues : These security issues were fixed : - CVE-2016-5545: Vulnerability in the GUI subcomponent of virtualbox allows unauthenticated attacker unauthorized update, insert or delete access to some data as well as unauthorized read...

CVE-2017-3290

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization subcomponent: Shared Folder. Supported versions that are affected are VirtualBox prior to 5.0.32 and prior to 5.1.14. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure wher...

UBUNTU-CVE-2017-3290

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization subcomponent: Shared Folder. Supported versions that are affected are VirtualBox prior to 5.0.32 and prior to 5.1.14. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure wher...

CVE-2017-3290

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization subcomponent: Shared Folder. Supported versions that are affected are VirtualBox prior to 5.0.32 and prior to 5.1.14. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure wher...

CVE-2017-3290

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization subcomponent: Shared Folder. Supported versions that are affected are VirtualBox prior to 5.0.32 and prior to 5.1.14. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure wher...

Oracle VM VirtualBox Local Vulnerability

Oracle VM VirtualBox is a cross-platform virtual machine software from Oracle. The software supports running multiple operating systems, creating VM groups, sharing folders, etc. on the same computer. A local security vulnerability exists in Oracle VM VirtualBox versions prior to 5.0.32 and...

Oracle VirtualBox Multiple Unspecified Vulnerabilities - 01 (Jan 2017) - Mac OS X

Oracle VirtualBox is prone to multiple unspecified vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Oracle VM VirtualBox 5.0.x < 5.0.32 / 5.1.x < 5.1.14 Multiple Vulnerabilities (January 2017 CPU)

The version of Oracle VM VirtualBox installed on the remote host is 5.0.x prior to 5.0.32 or 5.1.x prior to 5.1.14. It is, therefore, affected by multiple vulnerabilities : - An unspecified flaw exists in the GUI subcomponent that allows an unauthenticated, remote attacker to impact...

CVE-2016-6842

An issue was discovered in Open-Xchange OX App Suite before 7.8.2-rev8. Setting the user's name to JS code makes that code execute when selecting that user's "Templates" folder from OX Documents settings. This requires the folder to be shared to the victim. Malicious script code can be executed...

Open redirect

An issue was discovered in Open-Xchange OX App Suite before 7.8.2-rev8. Setting the user's name to JS code makes that code execute when selecting that user's "Templates" folder from OX Documents settings. This requires the folder to be shared to the victim. Malicious script code can be executed...

Repetitive SMB Rename Command Attempts

Ransomwares access shared folder in order to encrypt files. Successful exploitation might lead to loss of sensitive data...

Ransomware Shared Folder Access

Ransomwares access shared folder in order to encrypt files. Successful exploitation might lead to loss of sensitive data...

Nextcloud: Uploading files to a folder where invited user don't have any EDIT privilege

Hi, Any invited user to a shared folder with no edit privilege can create files in it through copy feature of Nextclod android app. Steps to reproduce it + Create any folder and invite a user in it without any edit privilege. + Now login from invited user account through android app. + Copy any...

ownCloud Server Cross-Site Scripting Vulnerability

ownCloud Server is a free and open source personal cloud storage solution created by German KDE developer Frank Karlitschek. ownCloud Server is a server version. A cross-site scripting vulnerability exists in ownCloud Server versions prior to 7.0.5 and 8.0.4 and prior to 8.0.x. The vulnerability...