what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 41 RSS Feed

Files Date: 2014-02-26

Cisco Security Advisory 20140226-pi
Posted Feb 26, 2014
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - A vulnerability in Cisco Prime Infrastructure could allow an authenticated, remote attacker to execute arbitrary commands with root-level privileges. The vulnerability is due to improper validation of URL requests. An attacker could exploit this vulnerability by requesting an unauthorized command via a specific URL. Successful exploitation could allow an authenticated attacker to execute system commands with root-level privileges. Cisco has released free software updates that address this vulnerability. A software patch that addresses this vulnerability in all affected versions is also available. Workarounds that mitigate this vulnerability are not available.

tags | advisory, remote, arbitrary, root
systems | cisco
SHA-256 | 2085552f3da2a1de4ba3036cf8124df7234b01446b9bb08ae5f19907c7e9ae85
HP Security Bulletin HPSBST02955
Posted Feb 26, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBST02955 - Potential security vulnerabilities have been identified in 3rd party software used in HP XP P9000 Performance Advisor running Oracle and Apache Tomcat Software. HP has updated the Apache Tomcat and Oracle database software to address vulnerabilities affecting confidentiality, availability, and integrity. Revision 1 of this advisory.

tags | advisory, vulnerability
advisories | CVE-2007-5333, CVE-2007-5342, CVE-2007-5461, CVE-2007-6286, CVE-2008-0002, CVE-2008-1232, CVE-2008-1947, CVE-2008-2370, CVE-2009-2693, CVE-2009-2901, CVE-2009-2902, CVE-2009-3548, CVE-2010-1157, CVE-2010-2227, CVE-2010-3718, CVE-2010-4172, CVE-2011-0013, CVE-2011-0534, CVE-2011-1184, CVE-2011-2204, CVE-2011-2481, CVE-2011-2526, CVE-2011-2729, CVE-2011-3190, CVE-2011-5035, CVE-2011-5062, CVE-2011-5063, CVE-2011-5064
SHA-256 | 7a0da1c21ab0ea1ff0e437cda710d643179e7469a520d96d54e7b1e4ad034845
Drupal Mime Mail 6.x / 7.x Access Bypass
Posted Feb 26, 2014
Authored by Heine Deelstra | Site drupal.org

Drupal Mime Mail third party module version 6.x and 7.x suffer from an access bypass vulnerability.

tags | advisory, bypass
SHA-256 | bcf2575491826b0710730dc39d915d6af8fe276f8edf30d29d0e119fe33af483
HP Security Bulletin HPSBPI02869 SSRT100936 3
Posted Feb 26, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBPI02869 SSRT100936 3 - A potential security vulnerability has been identified with HP LaserJet MFP printers, HP Color LaserJet MFP printers, and certain HP LaserJet printers. The vulnerability could be exploited remotely to gain unauthorized access to files. Revision 3 of this advisory.

tags | advisory
advisories | CVE-2012-5221
SHA-256 | 4c59ce6eebc678501a609d6ecc4489c93d0aac9371b86e05604dad9152f1ca81
Drupal Content Locking 6.x / 7.x CSRF
Posted Feb 26, 2014
Authored by Eugen Mayer | Site drupal.org

Drupal Content Locking third party module versions 6.x and 7.x suffer from a cross site request forgery vulnerability.

tags | advisory, csrf
SHA-256 | 16cd79d67b6d805f59cc01b989a8be123d70328cbc9af0cc97a00012b4b6168d
Apple Security Advisory 2014-02-25-3
Posted Feb 26, 2014
Authored by Apple | Site apple.com

Apple Security Advisory 2014-02-25-3 - QuickTime 7.7.5 is now available and addresses multiple security issues related to denial of service and arbitrary code execution.

tags | advisory, denial of service, arbitrary, code execution
systems | apple
advisories | CVE-2013-1032, CVE-2014-1243, CVE-2014-1244, CVE-2014-1245, CVE-2014-1246, CVE-2014-1247, CVE-2014-1248, CVE-2014-1249, CVE-2014-1250, CVE-2014-1251
SHA-256 | d19d51684f4d799bc85e0de254dedd61e3c5f79f8604e717e35213ae98ea6da9
Apple Security Advisory 2014-02-25-2
Posted Feb 26, 2014
Authored by Apple | Site apple.com

Apple Security Advisory 2014-02-25-2 - Safari 6.1.2 and Safari 7.0.2 is now available and addresses an issue where visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution.

tags | advisory, arbitrary, code execution
systems | apple
advisories | CVE-2013-6635, CVE-2014-1268, CVE-2014-1269, CVE-2014-1270
SHA-256 | 5f115e3656944c57ae6ad7a470d49b01ef3a6dc1308fcc4e1edf5fa848043874
Apple Security Advisory 2014-02-25-1
Posted Feb 26, 2014
Authored by Apple | Site apple.com

Apple Security Advisory 2014-02-25-1 - OS X Mavericks 10.9.2 and Security Update 2014-001 is now available and addresses multiple security issues including the recent SSL vulnerability.

tags | advisory
systems | apple, osx
advisories | CVE-2011-3389, CVE-2013-1862, CVE-2013-1896, CVE-2013-4073, CVE-2013-4113, CVE-2013-4248, CVE-2013-5139, CVE-2013-5178, CVE-2013-5179, CVE-2013-5986, CVE-2013-5987, CVE-2013-6420, CVE-2013-6629, CVE-2014-1245, CVE-2014-1246, CVE-2014-1247, CVE-2014-1248, CVE-2014-1249, CVE-2014-1250, CVE-2014-1252, CVE-2014-1254, CVE-2014-1255, CVE-2014-1256, CVE-2014-1257, CVE-2014-1258, CVE-2014-1259, CVE-2014-1260, CVE-2014-1261
SHA-256 | 1d8f727073c1ea1d6289c8c7fa93c5237ad978b58d6ca700d78a6f12ea0f3b83
Barracuda Web Firewall 6.1.0.016 Cross Site Scripting
Posted Feb 26, 2014
Authored by Ateeq ur Rehman Khan, Vulnerability Laboratory | Site vulnerability-lab.com

Barracuda Web Firewall version 6.1.0.016 suffers from a persistent script insertion vulnerability.

tags | exploit, web
SHA-256 | fa8731752b65dbe18c0a5dcb5bf6a32f993c8ace5f0907cd6d1366c6fc2cce5d
HP Security Bulletin HPSBMU02966
Posted Feb 26, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU02966 - A potential security vulnerability has been identified with HP Operations Orchestration. The vulnerability could be exploited to gain unauthorized access to information. Revision 1 of this advisory.

tags | advisory
advisories | CVE-2013-2071
SHA-256 | 32d365b078cb65bcb4beceeac0ade27c68c83a77127c990b36aeb5f30104c0ba
Ubuntu Security Notice USN-2122-1
Posted Feb 26, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2122-1 - It was discovered that FreeRADIUS incorrectly handled unix authentication. A remote user could successfully authenticate with an expired password. Pierre Carrier discovered that FreeRADIUS incorrectly handled rlm_pap hash processing. An authenticated user could use this issue to cause FreeRADIUS to crash, resulting in a denial of service, or possibly execute arbitrary code. The default compiler options for affected releases should reduce the vulnerability to a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary
systems | linux, unix, ubuntu
advisories | CVE-2011-4966, CVE-2014-2015, CVE-2011-4966, CVE-2014-2015
SHA-256 | 0a995469005a5d9cd6cf4dd533400746453f53f7672a93339e2f298e285126ef
Ubuntu Security Notice USN-2123-1
Posted Feb 26, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2123-1 - It was discovered that file incorrectly handled Composite Document files. An attacker could use this issue to cause file to crash, resulting in a denial of service. This issue only affected Ubuntu 10.04 LTS and Ubuntu 12.04 LTS. Bernd Melchers discovered that file incorrectly handled indirect offset values. An attacker could use this issue to cause file to consume resources or crash, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2012-1571, CVE-2014-1943, CVE-2012-1571, CVE-2014-1943
SHA-256 | c15cd48bc8b2799f13c365755252a2482623291ddeebb7c5be3f90af4ec34e10
Gentoo Linux Security Advisory 201402-27
Posted Feb 26, 2014
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201402-27 - A vulnerability in pidgin-knotify might allow remote attackers to execute arbitrary code. Versions 0.2.1 and below are affected.

tags | advisory, remote, arbitrary
systems | linux, gentoo
advisories | CVE-2010-3088
SHA-256 | bd35a01c12edbb39efb00665101fb5625886d7cf8e22e46d5468af7c2c2f6b98
Piwigo 2.6.1 Cross Site Request Forgery
Posted Feb 26, 2014
Authored by killall-9

Piwigo version 2.6.1 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | 9fa115551f322ba1a0b022b4e18de7ff9a95a261a5eb3f402337f5cf4f4d20a2
CosmoShop ePRO 10.17.00 Authentication Bypass
Posted Feb 26, 2014
Authored by l0om

CosmoShop ePRO version 10.17.00 suffers from an authentication bypass vulnerability.

tags | exploit, bypass
SHA-256 | 9ca82553e2a91b39a4615aa811e754f8bc091c8b5bfe3f6def05090e26d88f4c
WordPress Alpine PhotoTile For Instagram 1.2.6.5 XSS
Posted Feb 26, 2014
Authored by HauntIT

WordPress Alpine PhotoTile for Instagram version 1.2.6.5 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | fb0e7ff33564e1c67c0ba31392952aafa3ffd8c78f14845e2a0d34d6165e9147
WordPress PrintFriendly 3.3.7 Cross Site Scripting
Posted Feb 26, 2014
Authored by HauntIT

WordPress PrintFriendly plugin version 3.3.7 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 0597b3f3efd8178b04551532352cc9d00f93f12822c84d0ab5fd356b6533aa61
Drupal Project Issue File Review 6.x Cross Site Scripting
Posted Feb 26, 2014
Authored by Wim Leers, Jeremy Thorson | Site drupal.org

Drupal Project Issue File Review third party module version 6.x suffers from a cross site scripting vulnerability.

tags | advisory, xss
SHA-256 | e28a6cbac52ea9062d475561ecd582132a19356c74b977a8f2c3c14fd96983e8
WordPress mp3-jplayer 1.8.7 Cross Site Scripting
Posted Feb 26, 2014
Authored by HauntIT

WordPress mp3-jplayer plugin version 1.8.7 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 91b07fd21c45f1692daef0821fa7179eaedefe8e444588acf5a7ee01b5f84792
WordPress BSK PDF Manager 1.3 Cross Site Scripting
Posted Feb 26, 2014
Authored by HauntIT

WordPress BSK PDF Manager plugin version 1.3 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 5c5300181fb7e63a9409940bf6f5c2ca5a0fba53380dad56c2750875d79e9315
Drupal Open Omega 7.x Access Bypass
Posted Feb 26, 2014
Authored by Peter Taylor | Site drupal.org

Drupal Open Omega third party theme version 7.x suffers from an access bypass vulnerability.

tags | advisory, bypass
SHA-256 | 3ffbc3e066436f401887a605bc6972b7273f85ee4b6ffcd592b9a0d7aa384779
WordPress VideoWhisper Live Streaming 4.29.6 Cross Site Scripting
Posted Feb 26, 2014
Authored by HauntIT

WordPress VideoWhisper Live Streaming plugin version 4.29.6 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | f31d3cbdaf63234b21c5fb7834cf22badf88ed91b40256060480d17b14fee27f
WordPress Widget Control 1.0.1 Cross Site Scripting
Posted Feb 26, 2014
Authored by HauntIT

WordPress Widget Control Powered by Everyblock plugin version 1.0.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | ba19ab112ca4f59177f954fde29f8db27ebda68e9b8957708911bfc40b9ad510
GoAhead Web Server 3.1.x Denial Of Service
Posted Feb 26, 2014
Authored by Alaeddine MESBAHI

GoAhead Web Server versions prior to 3.1.3 suffer from a denial of service vulnerability.

tags | exploit, web, denial of service
SHA-256 | 62316905684cbb42f570b049e4d87177417005d271d14da5f3b675df0a3f533a
WordPress Post To PDF 2.3.1 Cross Site Scripting
Posted Feb 26, 2014
Authored by HauntIT

WordPress Post to PDF plugin version 2.3.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | dfe32028cb2dfb453144c718be3ef8f11ff9595e5a6081f52cc999718970b5fc
Page 1 of 2
Back12Next

File Archive:

December 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    2 Files
  • 2
    Dec 2nd
    12 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    14 Files
  • 6
    Dec 6th
    18 Files
  • 7
    Dec 7th
    11 Files
  • 8
    Dec 8th
    36 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close