accept no compromises
Showing 1 - 25 of 460 RSS Feed

Files Date: 2014-03-01 to 2014-03-31

Slackware Security Advisory - seamonkey Updates
Posted Mar 30, 2014
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New seamonkey packages are available for Slackware 14.0, 14.1, and -current to fix security issues.

tags | advisory
systems | linux, slackware
MD5 | 86200ad5b5163c143405eed4a71a559d
Slackware Security Advisory - openssh Updates
Posted Mar 30, 2014
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New openssh packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix a security issue.

tags | advisory
systems | linux, slackware
advisories | CVE-2014-2532
MD5 | 612f413cfdfccc0da36aa5aefe838fa8
Slackware Security Advisory - mozilla-thunderbird Updates
Posted Mar 30, 2014
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New mozilla-thunderbird packages are available for Slackware 14.1, and -current to fix security issues.

tags | advisory
systems | linux, slackware
MD5 | af9386a307e4306cd773d00e8428fac3
Slackware Security Advisory - mozilla-nss Updates
Posted Mar 30, 2014
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New mozilla-nss packages are available for Slackware 14.0, 14.1, and -current to fix a security issue.

tags | advisory
systems | linux, slackware
advisories | CVE-2014-1492
MD5 | 05611c0b154ff1745c960aaeb99ebf70
DAVOSET 1.1.9
Posted Mar 30, 2014
Authored by MustLive

DAVOSET is a tool for committing distributed denial of service attacks using execution on other sites.

Changes: Added new services into both lists of zombies, including sites with Js-Multi-Hotel.
tags | tool, denial of service
MD5 | 9953713c3dbed3cb25127607470c3f62
Slackware Security Advisory - mozilla-firefox Updates
Posted Mar 29, 2014
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New mozilla-firefox packages are available for Slackware 14.1, and -current to fix security issues.

tags | advisory
systems | linux, slackware
MD5 | ebaabdfcf844f55e59c706f9a50b4e65
Slackware Security Advisory - httpd Updates
Posted Mar 29, 2014
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New httpd packages are available for Slackware 14.0, 14.1, and -current to fix security issues.

tags | advisory
systems | linux, slackware
advisories | CVE-2013-6438, CVE-2014-0098
MD5 | 7f69207b471201004901d7ffadce5a2f
Slackware Security Advisory - curl Updates
Posted Mar 29, 2014
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New curl packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix security issues.

tags | advisory
systems | linux, slackware
advisories | CVE-2014-0138, CVE-2014-0139, CVE-2014-1263, CVE-2014-2522
MD5 | ee1bbb1e2e224ff31d99742c4d8f1190
Fitnesse Wiki Remote Command Execution
Posted Mar 28, 2014
Authored by Veerendra G.G, Jerzy Kramarz | Site metasploit.com

This Metasploit module exploits a vulnerability found in Fitnesse Wiki, version 20140201 and earlier.

tags | exploit
advisories | CVE-2014-1216
MD5 | 42f6beeb835a921ce8418c6797220575
SePortal 2.5 SQL Injection / Remote Code Execution
Posted Mar 28, 2014
Authored by xistence, jsass | Site metasploit.com

This Metasploit module exploits a vulnerability found in SePortal version 2.5. When logging in as any non-admin user, it's possible to retrieve the admin session from the database through SQL injection. The SQL injection vulnerability exists in the "staticpages.php" page. This hash can be used to take over the admin user session. After logging in, the "/admin/downloads.php" page will be used to upload arbitrary code.

tags | exploit, arbitrary, php, sql injection
advisories | CVE-2008-5191, OSVDB-46567
MD5 | 63435169c72cc2d2e9cc30ef51896580
Debian Security Advisory 2889-1
Posted Mar 28, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2889-1 - An SQL injection vulnerability was discovered in postfixadmin, a web administration interface for the Postfix Mail Transport Agent, which allowed authenticated users to make arbitrary manipulations to the database.

tags | advisory, web, arbitrary, sql injection
systems | linux, debian
advisories | CVE-2014-2655
MD5 | 5d2a5d97f29a80e7c8532454c554b4e6
Debian Security Advisory 2888-1
Posted Mar 28, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2888-1 - Toby Hsieh, Peter McLarnan, Ankit Gupta, Sudhir Rao and Kevin Reintjes discovered multiple cross-site scripting and denial of service vulnerabilities in Ruby Actionpack.

tags | advisory, denial of service, vulnerability, xss, ruby
systems | linux, debian
advisories | CVE-2013-4389, CVE-2013-4491, CVE-2013-6414, CVE-2013-6415, CVE-2013-6417
MD5 | 50af68b6056896c76834c7995af29ced
Symantec LiveUpdate Administrator 2.3.2.99 Password Reset / SQL Injection
Posted Mar 28, 2014
Authored by S. Viehbock | Site sec-consult.com

Symantec LiveUpdate Administrator versions 2.3.2.99 and below suffer from password reset and remote SQL injection vulnerabilities.

tags | advisory, remote, vulnerability, sql injection
advisories | CVE-2014-1644, CVE-2014-1645
MD5 | a8ff4d370b9610bdeaefb0bdd8fbb50d
LibYAML 0.1.5 Buffer Overflow
Posted Mar 28, 2014
Authored by Andrea Barisani, Open Source CERT

LibYAML versions 0.1.5 and below are affected by a heap-based buffer overflow which can lead to arbitrary code execution. The vulnerability is caused by lack of proper expansion for the string passed to the yaml_parser_scan_uri_escapes() function. A specially crafted YAML file, with a long sequence of percent-encoded characters in a URL, can be used to trigger the overflow.

tags | advisory, overflow, arbitrary, code execution
advisories | CVE-2014-2525
MD5 | ac045385785224679f4d12e08802ffed
Ajax Pagination 1.1 Local File Inclusion
Posted Mar 28, 2014
Authored by Glyn Wintle

Ajax Pagination version 1.1 suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
MD5 | 182a531b5368c59241ffb27a0e1278d4
HP Security Bulletin HPSBST02968 2
Posted Mar 28, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBST02968 2 - A potential security vulnerability has been identified with certain HP StoreOnce appliances. This vulnerability could be exploited to allow remote unauthorized access to the appliance. Revision 2 of this advisory.

tags | advisory, remote
advisories | CVE-2013-6211
MD5 | 2bb75c03699ba7140c7c6bf16a9f5739
Debian Security Advisory 2887-1
Posted Mar 28, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2887-1 - Aaron Neyer discovered that missing input sanitizing in the logging component of Ruby Actionmailer could result in denial of service through a malformed e-mail message.

tags | advisory, denial of service, ruby
systems | linux, debian
advisories | CVE-2013-4389
MD5 | 449b4050f0ef00095fe99ff6b7f4dfce
iStArtApp FileXChange 6.2 Command Injection / LFI / File Upload
Posted Mar 28, 2014
Authored by Benjamin Kunz Mejri | Site vulnerability-lab.com

iStArtApp FileXChange version 6.2 for iOS suffers from command injection, local file inclusion, and remote shell upload vulnerabilities.

tags | exploit, remote, shell, local, vulnerability, file inclusion
systems | ios
MD5 | 70dae1718a79ae642e94afe4649efc42
WordPress HTML Sitemap 1.2 Cross Site Request Forgery
Posted Mar 28, 2014
Authored by Tom Adams

WordPress HTML Sitemap version 1.2 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | 15c5fb3e31f742f1d305ea74fe6d222a
GD Star Rating 1.9.22 XSS / CSRF / SQL Injection
Posted Mar 28, 2014
Authored by Tom Adams

GD Star Rating version 1.9.22 suffers from cross site request forgery, cross site scripting, and remote blind SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection, csrf
MD5 | 55f7f773448bb33d99953fffa9cdb37c
Canon PIXMA MX722 Printer Wireless Password Disclosure
Posted Mar 28, 2014
Authored by Taylor Hornby

Canon PIXMA MX722 printer suffers from a WiFi password disclosure vulnerability.

tags | exploit, info disclosure
MD5 | 8c091c0ab4ba66491ca381b75483768c
WordPress Business Intelligence 1.0.6 Shell Upload
Posted Mar 28, 2014
Authored by Manish Tanwar

WordPress wp-business-intelligence plugin version 1.0.6 suffers from a remote shell upload vulnerability due to including ofc_upload_image.php.

tags | exploit, remote, shell, php
MD5 | 08b10dacca3c19abadcf9a52eed81ece
ASP-Nuke 2.0.7 Open Redirect
Posted Mar 28, 2014
Authored by Felipe Andrian Peixoto

ASP-Nuke version 2.0.7 suffers from an open redirect vulnerability.

tags | exploit, asp
MD5 | 320246de1354caff29a2016cda4dd56d
EMC VPLEX GeoSynchrony 5.2.1 Traversal / Session Timeout
Posted Mar 27, 2014
Site emc.com

EMC VPLEX GeoSynchrony versions 4.0 through 5.2.1 suffer from path traversal, timeout validity, session fixation, and various other vulnerabilities.

tags | advisory, vulnerability
advisories | CVE-2002-2443, CVE-2011-1044, CVE-2011-3389, CVE-2011-4110, CVE-2012-0814, CVE-2012-2136, CVE-2012-5166, CVE-2013-1667, CVE-2014-0632, CVE-2014-0633, CVE-2014-0634, CVE-2014-0635
MD5 | 4fabf55ed8ae07e61947cc08474da68d
Lynis Auditing Tool 1.4.8
Posted Mar 27, 2014
Authored by Michael Boelen | Site cisofy.com

Lynis is an auditing tool for Unix (specialists). It scans the system and available software to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated auditing, software patch management, vulnerability and malware scanning of Unix based systems.

Changes: This release adds several improvements like extending accounting, new suggestions, and changes to the LILO boot loader test.
tags | tool, scanner
systems | unix
MD5 | 7f088bca94e3449ae2d69a200dda058a
Page 1 of 19
Back12345Next

File Archive:

September 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    5 Files
  • 2
    Sep 2nd
    5 Files
  • 3
    Sep 3rd
    3 Files
  • 4
    Sep 4th
    13 Files
  • 5
    Sep 5th
    16 Files
  • 6
    Sep 6th
    15 Files
  • 7
    Sep 7th
    20 Files
  • 8
    Sep 8th
    16 Files
  • 9
    Sep 9th
    4 Files
  • 10
    Sep 10th
    2 Files
  • 11
    Sep 11th
    15 Files
  • 12
    Sep 12th
    19 Files
  • 13
    Sep 13th
    20 Files
  • 14
    Sep 14th
    38 Files
  • 15
    Sep 15th
    31 Files
  • 16
    Sep 16th
    1 Files
  • 17
    Sep 17th
    7 Files
  • 18
    Sep 18th
    15 Files
  • 19
    Sep 19th
    40 Files
  • 20
    Sep 20th
    15 Files
  • 21
    Sep 21st
    14 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close