exploit the possibilities
Showing 1 - 21 of 21 RSS Feed

Files Date: 2014-04-08

Vtiger Install Unauthenticated Remote Command Execution
Posted Apr 8, 2014
Authored by Jonathan Borgeaud | Site metasploit.com

This Metasploit module exploits an arbitrary command execution vulnerability in the Vtiger install script. This Metasploit module is set to ManualRanking due to this module overwriting the target database configuration, which may result in a broken web app, and you may not be able to get a session again.

tags | exploit, web, arbitrary
advisories | CVE-2014-2268
MD5 | 59313941eda9be4027ca7400e3f0bc3d
Open-Xchange AppSuite 7.4.2 XSS / Disclosure
Posted Apr 8, 2014
Authored by Martin Braun

Open-Xchange AppSuite versions 7.4.2 and below suffer from multiple password disclosure and cross site scripting vulnerabilities.

tags | advisory, vulnerability, xss, info disclosure
advisories | CVE-2014-2391, CVE-2014-2392, CVE-2014-2393
MD5 | abb2d77d0f9e2e8e8497044b2c45296f
OpenSSL TLS Heartbeat Extension Memory Disclosure
Posted Apr 8, 2014
Authored by Jared Stafford

This memory disclosure exploit is a quick and dirty demonstration of the TLS heartbeat extension vulnerability.

tags | exploit, info disclosure
advisories | CVE-2014-0160
MD5 | 54db94a4ac828110db09b92572e75004
Microsoft Security Bulletin Summary For April, 2014
Posted Apr 8, 2014
Site microsoft.com

This bulletin summary lists four released Microsoft security bulletins for April, 2014.

tags | advisory
MD5 | 56ac98bac5c714cccc5ae0165e8ff759
Bluetooth Text Chat 1.0 Code Execution
Posted Apr 8, 2014
Authored by Benjamin Kunz Mejri | Site vulnerability-lab.com

Bluetooth Text Chat version 1.0 for iOS suffers from a code execution vulnerability.

tags | exploit, code execution
systems | apple, ios
MD5 | 7ae300ced319c9011bce3f932740f95c
BlackBerry Z 10 Buffer Overflow
Posted Apr 8, 2014
Authored by Modzero Security

BlackBerry Z 10 suffers from a remotely exploitable buffer overflow in qconnDoor.

tags | exploit, overflow
advisories | CVE-2014-2389
MD5 | 518a79246d28f374a95e23fa51c961b3
HP Security Bulletin HPSBST02980
Posted Apr 8, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBST02980 - A potential security vulnerability has been identified in HP Array Configuration Utility, HP Array Diagnostics Utility, HP ProLiant Array Diagnostics, and SmartSSD Wear Gauge Utility running on Linux. The vulnerability could be exploited locally resulting in elevation of privilege. Revision 1 of this advisory.

tags | advisory
systems | linux
advisories | CVE-2013-6216
MD5 | 8af81ed868e49cbdad9f821e438d0877
Halon Security Router XSS / CSRF / Open Redirect
Posted Apr 8, 2014
Authored by Juan Manuel Garcia

Halon Security Router suffers from cross site request forgery, cross site scripting, and open redirection vulnerabilities.

tags | exploit, vulnerability, xss, csrf
MD5 | 7c943c90008b6bd4212d444ec9a3244a
BlazeDVD Pro Player 6.1 Buffer Overflow
Posted Apr 8, 2014
Authored by Deepak Rathore

BlazeDVD Pro Player version 6.1 stack-based buffer overflow exploit.

tags | exploit, overflow
MD5 | 3a821ba82bc3c0d897a043157138b8fd
Red Hat Security Advisory 2014-0378-01
Posted Apr 8, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-0378-01 - The rhev-hypervisor6 package provides a Red Hat Enterprise Virtualization Hypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor is a dedicated Kernel-based Virtual Machine hypervisor. It includes everything necessary to run and manage virtual machines: a subset of the Red Hat Enterprise Linux operating environment and the Red Hat Enterprise Virtualization Agent. Note: Red Hat Enterprise Virtualization Hypervisor is only available for the Intel 64 and AMD64 architectures with virtualization extensions. An information disclosure flaw was found in the way OpenSSL handled TLS and DTLS Heartbeat Extension packets. A malicious TLS or DTLS client or server could send a specially crafted TLS or DTLS Heartbeat packet to disclose a limited portion of memory per request from a connected client or server. Note that the disclosed portions of memory could potentially include sensitive information such as private keys.

tags | advisory, kernel, info disclosure
systems | linux, redhat
advisories | CVE-2014-0160
MD5 | 74bbb3257d3d1aab6292897d124d8b42
Gentoo Linux Security Advisory 201404-07
Posted Apr 8, 2014
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201404-7 - Multiple Information Disclosure vulnerabilities in OpenSSL allow remote attackers to obtain sensitive information via various vectors. Versions less than 1.0.1g are affected.

tags | advisory, remote, vulnerability, info disclosure
systems | linux, gentoo
advisories | CVE-2014-0076, CVE-2014-0160
MD5 | e6a0d15d699df1495b12890e7951a16f
Gentoo Linux Security Advisory 201404-06
Posted Apr 8, 2014
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201404-6 - Multiple vulnerabilities in Mesa could result in execution of arbitrary code or Denial of Service. Versions less than 9.1.4 are affected.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2012-2864, CVE-2012-5129, CVE-2013-1872
MD5 | dbd0f906570545b359b3447fb96714d5
Red Hat Security Advisory 2014-0377-01
Posted Apr 8, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-0377-01 - OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength, general purpose cryptography library. An information disclosure flaw was found in the way OpenSSL handled TLS and DTLS Heartbeat Extension packets. A malicious TLS or DTLS client or server could send a specially crafted TLS or DTLS Heartbeat packet to disclose a limited portion of memory per request from a connected client or server. Note that the disclosed portions of memory could potentially include sensitive information such as private keys.

tags | advisory, protocol, info disclosure
systems | linux, redhat
advisories | CVE-2014-0160
MD5 | e85cd0279f2c2011acef32b6fb42c4ac
Red Hat Security Advisory 2014-0376-01
Posted Apr 8, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-0376-01 - OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength, general purpose cryptography library. An information disclosure flaw was found in the way OpenSSL handled TLS and DTLS Heartbeat Extension packets. A malicious TLS or DTLS client or server could send a specially crafted TLS or DTLS Heartbeat packet to disclose a limited portion of memory per request from a connected client or server. Note that the disclosed portions of memory could potentially include sensitive information such as private keys.

tags | advisory, protocol, info disclosure
systems | linux, redhat
advisories | CVE-2014-0160
MD5 | 8c25f34243b3ef6ec42077c65941648c
Debian Security Advisory 2897-1
Posted Apr 8, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2897-1 - Multiple security issues were found in the Tomcat servlet and JSP engine.

tags | advisory
systems | linux, debian
advisories | CVE-2013-2067, CVE-2013-2071, CVE-2013-4286, CVE-2013-4322, CVE-2014-0050
MD5 | 8e701e5bd7e02ad835906127a793048a
Debian Security Advisory 2896-2
Posted Apr 8, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2896-2 - This revision to the recent OpenSSL update, DSA-2896-1, checks for some services that may use OpenSSL in a way that they expose the vulnerability. Such services are proposed to be restarted during the upgrade to help in the actual deployment of the fix.

tags | advisory
systems | linux, debian
advisories | CVE-2014-0160
MD5 | c9a646c36eef1e581deb6dbef49911ef
Debian Security Advisory 2896-1
Posted Apr 8, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2896-1 - A vulnerability has been discovered in OpenSSL's support for the TLS/DTLS Hearbeat extension. Up to 64KB of memory from either client or server can be recovered by an attacker This vulnerability might allow an attacker to compromise the private key and other sensitive data in memory.

tags | advisory
systems | linux, debian
advisories | CVE-2014-0160
MD5 | ba322951ba61f696972a0fe7ac037357
Ubuntu Security Notice USN-2124-2
Posted Apr 8, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2124-2 - USN-2124-1 fixed vulnerabilities in OpenJDK 6. Due to an upstream regression, memory was not properly zeroed under certain circumstances which could lead to instability. This update fixes the problem. A vulnerability was discovered in the OpenJDK JRE related to information disclosure and data integrity. An attacker could exploit this to expose sensitive data over the network. Various other issues were also addressed.

tags | advisory, vulnerability, info disclosure
systems | linux, ubuntu
advisories | CVE-2014-0411, CVE-2014-0423, CVE-2014-0428
MD5 | f4da775df91868f5ffa577bf509ce126
Heartbleed Mass Testing Script
Posted Apr 8, 2014
Authored by Mustafa Al-Bassam, Jared Stafford

This is a modified version of ssltest.py that will do a mass scan for the Heartbleed TLS heartbeat vulnerability.

tags | exploit
advisories | CVE-2014-0160
MD5 | ea7d33b8c510f161e3a3fff212f7eb55
Heartbleed Proof Of Concept
Posted Apr 8, 2014
Authored by Jared Stafford

This exploit is a quick and dirty demonstration of the Heartbleed TLS vulnerability.

tags | exploit
advisories | CVE-2014-0160
MD5 | e449f35a960cb6df4ccb8a3758b1cb05
Joomla Inneradmission SQL Injection
Posted Apr 8, 2014
Authored by Lazmania61

Joomla Inneradmission component suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | f2a7b16e9ac5607e2b49ab752df7ce04
Page 1 of 1
Back1Next

File Archive:

April 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    60 Files
  • 2
    Apr 2nd
    0 Files
  • 3
    Apr 3rd
    0 Files
  • 4
    Apr 4th
    0 Files
  • 5
    Apr 5th
    0 Files
  • 6
    Apr 6th
    0 Files
  • 7
    Apr 7th
    0 Files
  • 8
    Apr 8th
    0 Files
  • 9
    Apr 9th
    0 Files
  • 10
    Apr 10th
    0 Files
  • 11
    Apr 11th
    0 Files
  • 12
    Apr 12th
    0 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    0 Files
  • 16
    Apr 16th
    0 Files
  • 17
    Apr 17th
    0 Files
  • 18
    Apr 18th
    0 Files
  • 19
    Apr 19th
    0 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close