what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 15 of 15 RSS Feed

Files Date: 2014-02-24

HP Security Bulletin HPSBMU02964
Posted Feb 24, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU02964 - Potential security vulnerabilities have been identified with HP Service Manager. The vulnerabilities could be remotely exploited resulting in Cross-Site Scripting (XSS), Cross-Site Request Forgery (CSRF), Denial of Service (DoS), execution of arbitrary code, unauthorized access, disclosure of Information, and authentication issues. Revision 1 of this advisory.

tags | advisory, denial of service, arbitrary, vulnerability, xss, csrf
advisories | CVE-2013-1493, CVE-2013-2067, CVE-2013-6202
SHA-256 | c063f157a63c0bae841f9ebeda8031d30b8036d3ba7f4f41bb8a0666b7788340
Apple Security Advisory 2014-02-21-1
Posted Feb 24, 2014
Authored by Apple | Site apple.com

Apple Security Advisory 2014-02-21-1 - iOS 6.1.6 is now available and addresses a security issue. Secure Transport failed to validate the authenticity of the connection. This issue was addressed by restoring missing validation steps.

tags | advisory
systems | apple, ios
advisories | CVE-2014-1266
SHA-256 | 5ff242039ba1164c5154f5b9eca7a76ae9b70fea05b0d0ef8d9136918a22e3f7
Red Hat Security Advisory 2014-0204-01
Posted Feb 24, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-0204-01 - Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. It was found that the security audit functionality, as provided by Red Hat JBoss Enterprise Application Platform 6, logged request parameters in plain text. This may have caused passwords to be included in the audit log files when using BASIC or FORM-based authentication. A local attacker with access to audit log files could possibly use this flaw to obtain application or server authentication credentials.

tags | advisory, java, local
systems | linux, redhat
advisories | CVE-2014-0058
SHA-256 | b67208dcdf210c09e5b4aed78b79095618e66ddc70d9229c3e0746396ac3abdb
Apple Security Advisory 2014-02-21-3
Posted Feb 24, 2014
Authored by Apple | Site apple.com

Apple Security Advisory 2014-02-21-3 - Apple TV 6.0.2 is now available and addresses a security issue. Secure Transport failed to validate the authenticity of the connection. This issue was addressed by restoring missing validation steps.

tags | advisory
systems | apple
advisories | CVE-2014-1266
SHA-256 | dd231ddc63d5bd4e78ec35443cb800485be3539a4ef4d9b0848ea0b76b742225
Savsoft Quiz Cross Site Request Forgery
Posted Feb 24, 2014
Authored by TUNISIAN CYBER

Savsoft Quiz suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | 2303cca1251931c791c673983e97fde38714e38eee850a8e9e07cfc1e5240d7e
Lynis Auditing Tool 1.4.3
Posted Feb 24, 2014
Authored by Michael Boelen | Site cisofy.com

Lynis is an auditing tool for Unix (specialists). It scans the system and available software to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated auditing, software patch management, vulnerability and malware scanning of Unix based systems.

Changes: This release adds support for ClearOS, data uploading for Lynis Enterprise users (--upload), a debug variable (and parameter), and a license_key option in the profile. It also has several fixes, and the report has been extended with some additional hints.
tags | tool, scanner
systems | unix
SHA-256 | 2c23bb33ec405502f1cf2302380570aa95d9dac1c3250e2d5c6f07200862307d
PHP Secure Communications Library 0.3.6
Posted Feb 24, 2014
Authored by Jim Wigginton | Site phpseclib.sourceforge.net

PHP Secure Communications Library is a set of pure PHP implementations of DES, 3DES, RC4, Rijndael, AES, RSA (PKCS#1 compliant [v2.1]), SSH-1, SSH-2, and SFTP.

Changes: Minor bugfixes. Adds preliminary support for custom SSH subsystems. Adds ssh-agent support.
tags | php, library
SHA-256 | f04f1ebc8b999854c18a799dd59b76c84c87c104a095d78d9f1473fdebb25989
Debian Security Advisory 2867-1
Posted Feb 24, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2867-1 - Several vulnerabilities were discovered in otrs2, the Open Ticket Request System.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2014-1471, CVE-2014-1694
SHA-256 | add38397d641158072ed0535ee9bae0d24e191990da4d7231da74ebcb6e627d6
Ubuntu Security Notice USN-2120-1
Posted Feb 24, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2120-1 - Noah Misch and Jonas Sundman discovered that PostgreSQL did not correctly enforce ADMIN OPTION restrictions. An authenticated attacker could use this issue to possibly revoke access from others, contrary to expected permissions. Andres Freund discovered that PostgreSQL incorrectly handled validator functions. An authenticated attacker could possibly use this issue to escalate their privileges. Various other issues were also addressed.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2014-0060, CVE-2014-0061, CVE-2014-0062, CVE-2014-0063, CVE-2014-0064, CVE-2014-0065, CVE-2014-0066, CVE-2014-0060, CVE-2014-0061, CVE-2014-0062, CVE-2014-0063, CVE-2014-0064, CVE-2014-0065, CVE-2014-0066
SHA-256 | 039ef81162af14d534e58d3e4c726daecdff46174ce77ce12a5dd6bd5a3dade4
Github Remote Command Execution
Posted Feb 24, 2014
Authored by joernchen

Github suffered from a remote command execution vulnerability via variable injection.

tags | exploit, remote
SHA-256 | 9f7a407ba51e7296ee3742308b11d9a6e7b6f2bcb28af5feb69321525261aeef
Joomla JoomLeague 2.1.12 XSS / XML Injection
Posted Feb 24, 2014
Authored by MustLive

Joomla JoomLeague plugin version 2.1.12 suffers from cross site scripting and XML injection vulnerabilities.

tags | exploit, vulnerability, xss, xxe
SHA-256 | af5baf2b9503bc98d029f951219f69ea3093ae597aa850367a0c41e1d206e812
CISTI 2014 Call For Papers
Posted Feb 24, 2014
Site aisti.eu

The Call For Papers for CISTI'2014, the 9th Iberian Conference on Information Systems and Technologies, has been announced. It will be held June 18th through the 21st, 2014 in Barcelona, Spain.

tags | paper, conference
SHA-256 | 8577694e14454fa46996f136fc909f2b4de343843acde2aa25d46bb4ecf75696
MyBB 1.6.12 SQL Injection
Posted Feb 24, 2014
Authored by Mr.XpR

MyBB version 1.6.12 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 6b0bf9b1bf870f7fbd330b2583ee19deb7b9bbb829e547b505627bd44daf59cd
Barracuda Networks WebFilter Script Insertion
Posted Feb 24, 2014
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

WebFilter Appliance Web-Application version 6.0.1.009 suffers from a script insertion vulnerability.

tags | exploit, web
SHA-256 | adaa2afa748caa2424e3ebe222836d0e1df898d7d7975534838213e4b4dc9f4d
FreePBX 2.x Remote Command Execution
Posted Feb 24, 2014
Authored by i-Hmx

FreePBX versions before 2.3 suffer from a remote command execution vulnerability.

tags | exploit, remote
SHA-256 | 1b6ab5d6eea2edb5fba249fb2cfe50bfe3208ae7e99bf070ba3cfb23ec2b8e63
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    0 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close