Exploit the possiblities
Showing 1 - 15 of 15 RSS Feed

Files Date: 2014-02-24

HP Security Bulletin HPSBMU02964
Posted Feb 24, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU02964 - Potential security vulnerabilities have been identified with HP Service Manager. The vulnerabilities could be remotely exploited resulting in Cross-Site Scripting (XSS), Cross-Site Request Forgery (CSRF), Denial of Service (DoS), execution of arbitrary code, unauthorized access, disclosure of Information, and authentication issues. Revision 1 of this advisory.

tags | advisory, denial of service, arbitrary, vulnerability, xss, csrf
advisories | CVE-2013-1493, CVE-2013-2067, CVE-2013-6202
MD5 | 842f1da1c7e32d71ad13864c671c5a18
Apple Security Advisory 2014-02-21-1
Posted Feb 24, 2014
Authored by Apple | Site apple.com

Apple Security Advisory 2014-02-21-1 - iOS 6.1.6 is now available and addresses a security issue. Secure Transport failed to validate the authenticity of the connection. This issue was addressed by restoring missing validation steps.

tags | advisory
systems | apple, ios
advisories | CVE-2014-1266
MD5 | 5f11d34def8a450954cc9c0b66e2d62d
Red Hat Security Advisory 2014-0204-01
Posted Feb 24, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-0204-01 - Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. It was found that the security audit functionality, as provided by Red Hat JBoss Enterprise Application Platform 6, logged request parameters in plain text. This may have caused passwords to be included in the audit log files when using BASIC or FORM-based authentication. A local attacker with access to audit log files could possibly use this flaw to obtain application or server authentication credentials.

tags | advisory, java, local
systems | linux, redhat
advisories | CVE-2014-0058
MD5 | 5d3cf4f86953b7fb5305e6b61a95ee98
Apple Security Advisory 2014-02-21-3
Posted Feb 24, 2014
Authored by Apple | Site apple.com

Apple Security Advisory 2014-02-21-3 - Apple TV 6.0.2 is now available and addresses a security issue. Secure Transport failed to validate the authenticity of the connection. This issue was addressed by restoring missing validation steps.

tags | advisory
systems | apple
advisories | CVE-2014-1266
MD5 | d328ed20c503186f028e116150e9875e
Savsoft Quiz Cross Site Request Forgery
Posted Feb 24, 2014
Authored by TUNISIAN CYBER

Savsoft Quiz suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | 7225dc0b03531a4541d6b1c754cf52db
Lynis Auditing Tool 1.4.3
Posted Feb 24, 2014
Authored by Michael Boelen | Site cisofy.com

Lynis is an auditing tool for Unix (specialists). It scans the system and available software to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated auditing, software patch management, vulnerability and malware scanning of Unix based systems.

Changes: This release adds support for ClearOS, data uploading for Lynis Enterprise users (--upload), a debug variable (and parameter), and a license_key option in the profile. It also has several fixes, and the report has been extended with some additional hints.
tags | tool, scanner
systems | unix
MD5 | a797df26583880d60320052c097e5964
PHP Secure Communications Library 0.3.6
Posted Feb 24, 2014
Authored by Jim Wigginton | Site phpseclib.sourceforge.net

PHP Secure Communications Library is a set of pure PHP implementations of DES, 3DES, RC4, Rijndael, AES, RSA (PKCS#1 compliant [v2.1]), SSH-1, SSH-2, and SFTP.

Changes: Minor bugfixes. Adds preliminary support for custom SSH subsystems. Adds ssh-agent support.
tags | php, library
MD5 | 16780cfd17d7e895b5bf538d775b56cd
Debian Security Advisory 2867-1
Posted Feb 24, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2867-1 - Several vulnerabilities were discovered in otrs2, the Open Ticket Request System.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2014-1471, CVE-2014-1694
MD5 | bb7dc67bfa291afb31abc190a6bb7be2
Ubuntu Security Notice USN-2120-1
Posted Feb 24, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2120-1 - Noah Misch and Jonas Sundman discovered that PostgreSQL did not correctly enforce ADMIN OPTION restrictions. An authenticated attacker could use this issue to possibly revoke access from others, contrary to expected permissions. Andres Freund discovered that PostgreSQL incorrectly handled validator functions. An authenticated attacker could possibly use this issue to escalate their privileges. Various other issues were also addressed.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2014-0060, CVE-2014-0061, CVE-2014-0062, CVE-2014-0063, CVE-2014-0064, CVE-2014-0065, CVE-2014-0066, CVE-2014-0060, CVE-2014-0061, CVE-2014-0062, CVE-2014-0063, CVE-2014-0064, CVE-2014-0065, CVE-2014-0066
MD5 | 74294a3afbb215a0f2b48260664020bc
Github Remote Command Execution
Posted Feb 24, 2014
Authored by joernchen

Github suffered from a remote command execution vulnerability via variable injection.

tags | exploit, remote
MD5 | 49234107765c48d29ec33201b4f544ba
Joomla JoomLeague 2.1.12 XSS / XML Injection
Posted Feb 24, 2014
Authored by MustLive

Joomla JoomLeague plugin version 2.1.12 suffers from cross site scripting and XML injection vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 9075dcd10d8194a9b5609bf9177604bf
CISTI 2014 Call For Papers
Posted Feb 24, 2014
Site aisti.eu

The Call For Papers for CISTI'2014, the 9th Iberian Conference on Information Systems and Technologies, has been announced. It will be held June 18th through the 21st, 2014 in Barcelona, Spain.

tags | paper, conference
MD5 | 911d9345490b0a1e90a0221441ffb96f
MyBB 1.6.12 SQL Injection
Posted Feb 24, 2014
Authored by Mr.XpR

MyBB version 1.6.12 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 9fd7f6994ed6c764e59e289c3a2d498a
Barracuda Networks WebFilter Script Insertion
Posted Feb 24, 2014
Authored by Benjamin Kunz Mejri | Site vulnerability-lab.com

WebFilter Appliance Web-Application version 6.0.1.009 suffers from a script insertion vulnerability.

tags | exploit, web
MD5 | 2aa50739e729ef5e1ab050bc07cb3f2f
FreePBX 2.x Remote Command Execution
Posted Feb 24, 2014
Authored by i-Hmx

FreePBX versions before 2.3 suffer from a remote command execution vulnerability.

tags | exploit, remote
MD5 | 38281d77aa25169073da8dd173ef9d70
Page 1 of 1
Back1Next

File Archive:

December 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    15 Files
  • 2
    Dec 2nd
    2 Files
  • 3
    Dec 3rd
    1 Files
  • 4
    Dec 4th
    15 Files
  • 5
    Dec 5th
    15 Files
  • 6
    Dec 6th
    18 Files
  • 7
    Dec 7th
    17 Files
  • 8
    Dec 8th
    15 Files
  • 9
    Dec 9th
    13 Files
  • 10
    Dec 10th
    4 Files
  • 11
    Dec 11th
    41 Files
  • 12
    Dec 12th
    44 Files
  • 13
    Dec 13th
    25 Files
  • 14
    Dec 14th
    10 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close