accept no compromises
Showing 1 - 25 of 25 RSS Feed

Files Date: 2014-04-28

HP Security Bulletin HPSBUX02963 SSRT101297 2
Posted Apr 28, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBUX02963 SSRT101297 2 - A potential security vulnerability has been identified with HP-UX's m4(1) macro processor command. The vulnerability could be exploited locally resulting in unauthorized access. Revision 2 of this advisory.

tags | advisory
systems | hpux
advisories | CVE-2013-6200
MD5 | a62e02e75f94bf8703a8dbb200d24be1
SAP Software Lifecycle Manager Information Disclosure
Posted Apr 28, 2014
Authored by Nahuel D. Sanchez | Site onapsis.com

Onapsis Security Advisory - An information disclosure exists in SAP Software Lifecycle Manager. SAP Solution Manager version 7.1 is affected.

tags | advisory, info disclosure
MD5 | d4e40349eeb166e5f859efe555dd0504
TRENDnet TEW-634GRU 1.00.23 Disclosure / DoS / Privilege Escalation
Posted Apr 28, 2014
Authored by SirGod

TRENDnet TEW-634GRU version 1.00.23 suffers from local file disclosure, router crash, and privilege escalation vulnerabilities.

tags | exploit, local, vulnerability
MD5 | ff4d4660c556bd5fbfcba64feaeef5b2
NTP DDoS Amplification
Posted Apr 28, 2014
Authored by Danilo PC

NTP ntpd monlist query reflection denial of service exploit.

tags | exploit, denial of service
advisories | CVE-2013-5211
MD5 | ce7b989c80bd3e604a329625563a56e2
McAfee ePolicy Owner (ePowner) 0.1
Posted Apr 28, 2014
Authored by Jerome Nokin

McAfee ePolicy Owner (ePowner) version 0.1 is an exploit that can add an administrative user to McAfee ePolicy Orchestrator as well as execute arbitrary commands on versions 4.6.0 through 4.6.5.

tags | exploit, arbitrary
systems | unix
advisories | CVE-2013-0140, CVE-2013-0141
MD5 | 555f12d5b8f53bed8b2f48fe792e333b
SEP Manager 12.1.2015.2015 Overflow Proof Of Concept
Posted Apr 28, 2014
Authored by Jerome Nokin

Symantec Endpoint Protection Manager version 12.1.2015.2015 SEH overflow proof of concept exploit.

tags | exploit, overflow, proof of concept
systems | unix
advisories | CVE-2013-1612
MD5 | 71d31144dd6847abf9a9a81a58790df6
HP Security Bulletin HPSBMU03022
Posted Apr 28, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU03022 - A potential security vulnerability has been identified with HP Systems Insight Management (SIM) bundled software running OpenSSL. This is the OpenSSL vulnerability known as "Heartbleed" which could be exploited remotely resulting in disclosure of information. The HP SIM software itself is not vulnerable to CVE-2014-0160 ("Heartbleed"). However, the software components bundled with HP SIM are impacted and should be addressed if installed. Revision 1 of this advisory.

tags | advisory
advisories | CVE-2014-0160
MD5 | 4d3ef57ac566c5a7846a91baacf637cf
HP Security Bulletin HPSBMU03025
Posted Apr 28, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU03025 - A potential security vulnerability has been identified in HP Diagnostics running OpenSSL. OpenSSL is a 3rd party product that is embedded with some of HP Software products. This bulletin objective is to notify HP Software customers about products affected by the Heartbleed vulnerability. NOTE: The Heartbleed vulnerability (CVE-2014-0160) is a vulnerability found in the OpenSSL cryptographic software library. This weakness potentially allows disclosure of information that is normally protected by the SSL/TLS protocol. The impacted products in the list below are vulnerable due to embedding OpenSSL standard release software. Revision 1 of this advisory.

tags | advisory, protocol
advisories | CVE-2014-0160
MD5 | 201463def39c7c336a218473d5037c0d
HP Security Bulletin HPSBGN03010 2
Posted Apr 28, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN03010 2 - A potential security vulnerability has been identified in HP Software Server Automation running OpenSSL. OpenSSL is a 3rd party product that is embedded with some of HP Software products. This bulletin objective is to notify HP Software customers about products affected by the Heartbleed vulnerability. NOTE: The Heartbleed vulnerability (CVE-2014-0160) is a vulnerability found in the OpenSSL cryptographic software library. This weakness potentially allows disclosure of information that is normally protected by the SSL/TLS protocol. The impacted products in the list below are vulnerable due to embedding OpenSSL standard release software. Revision 2 of this advisory.

tags | advisory, protocol
advisories | CVE-2014-0160
MD5 | 22d5d197aa513e000fc71b5d8ef57b14
HP Security Bulletin HPSBMU02995 6
Posted Apr 28, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU02995 6 - The Heartbleed vulnerability was detected in specific OpenSSL versions. OpenSSL is a 3rd party product that is embedded with some of HP Software products. This bulletin objective is to notify HP Software customers about products affected by the Heartbleed vulnerability. Note: The Heartbleed vulnerability (CVE-2014-0160) is a vulnerability found in the OpenSSL product cryptographic software library product. This weakness potentially allows disclosure of information protected, under normal conditions, by the SSL/TLS protocol.

tags | advisory, protocol
advisories | CVE-2014-0160
MD5 | 522c307907695f5dcc9f2dee3242ae9f
Debian Security Advisory 2917-1
Posted Apr 28, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2917-1 - John Lightsey of the Debian Security Audit project discovered that the super package did not check for setuid failures, allowing local users to increase the privileges on kernel versions which do not guard against RLIMIT_NPROC attacks.

tags | advisory, kernel, local
systems | linux, debian
advisories | CVE-2014-0470
MD5 | 320e5603e9aa379451e7fdaea7931444
Debian Security Advisory 2916-1
Posted Apr 28, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2916-1 - Alex Chapman discovered that a buffer overflow in processing "MMS over HTTP" messages could result in the execution of arbitrary code.

tags | advisory, web, overflow, arbitrary
systems | linux, debian
advisories | CVE-2014-2892
MD5 | e196a8835c06897566562377041a6b17
Debian Security Advisory 2915-1
Posted Apr 28, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2915-1 - Jakub Wilk discovered that dpkg did not correctly parse C-style filename quoting, allowing for paths to be traversed when unpacking a source package - leading to the creation of files outside the directory of the source being unpacked.

tags | advisory
systems | linux, debian
advisories | CVE-2014-0471
MD5 | 3b8d8b2d4de70d821d767d01552e4214
Red Hat Security Advisory 2014-0441-01
Posted Apr 28, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-0441-01 - Red Hat Enterprise MRG is a next-generation IT infrastructure for enterprise computing. MRG offers increased performance, reliability, interoperability, and faster computing for enterprise customers. MRG Messaging is a high-speed reliable messaging distribution for Linux based on AMQP, an open protocol standard for enterprise messaging that is designed to make mission critical messaging widely available as a standard service, and to make enterprise messaging interoperable across platforms, programming languages, and vendors. MRG Messaging includes an AMQP 0-10 messaging broker; AMQP 0-10 client libraries for C++, Java JMS, and Python; as well as persistence libraries and management tools.

tags | advisory, java, protocol, python
systems | linux, redhat
advisories | CVE-2013-6445
MD5 | f9c88a8e01cd464a825a0138713ca5a1
Red Hat Security Advisory 2014-0440-01
Posted Apr 28, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-0440-01 - Red Hat Enterprise MRG is a next-generation IT infrastructure for enterprise computing. MRG offers increased performance, reliability, interoperability, and faster computing for enterprise customers. MRG Grid provides high-throughput computing and enables enterprises to achieve higher peak computing capacity as well as improved infrastructure utilization by leveraging their existing technology to build high performance grids. MRG Grid provides a job-queueing mechanism, scheduling policy, and a priority scheme, as well as resource monitoring and resource management. Users submit their jobs to MRG Grid, where they are placed into a queue. MRG Grid then chooses when and where to run the jobs based upon a policy, carefully monitors their progress, and ultimately informs the user upon completion.

tags | advisory
systems | linux, redhat
advisories | CVE-2012-6619, CVE-2013-6445
MD5 | ba089f2b100c2e36b9f79a50d0fcbf3f
Red Hat Security Advisory 2014-0439-01
Posted Apr 28, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-0439-01 - The kernel-rt packages contain the Linux kernel, the core of any Linux operating system. A denial of service flaw was found in the way the Linux kernel's IPv6 implementation processed IPv6 router advertisement packets. An attacker able to send a large number of RA packets to a target system could potentially use this flaw to crash the target system. A flaw was found in the way the Linux kernel's netfilter connection tracking implementation for Datagram Congestion Control Protocol packets used the skb_header_pointer() function. A remote attacker could use this flaw to send a specially crafted DCCP packet to crash the system or, potentially, escalate their privileges on the system.

tags | advisory, remote, denial of service, kernel, protocol
systems | linux, redhat
advisories | CVE-2013-7263, CVE-2013-7265, CVE-2014-0069, CVE-2014-1438, CVE-2014-1690, CVE-2014-1874, CVE-2014-2309, CVE-2014-2523
MD5 | ac07ee1af1a7b13769db2b4b3154d678
Debian Security Advisory 2913-1
Posted Apr 28, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2913-1 - An information disclosure vulnerability was discovered in Drupal, a fully-featured content management framework. When pages are cached for anonymous users, form state may leak between anonymous users. Sensitive or private information recorded for one anonymous user could thus be disclosed to other users interacting with the same form at the same time.

tags | advisory, info disclosure
systems | linux, debian
advisories | CVE-2014-2983
MD5 | bda7ab0872ae4fd5ea529e88d678714f
Debian Security Advisory 2914-1
Posted Apr 28, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2914-1 - An information disclosure vulnerability was discovered in Drupal, a fully-featured content management framework. When pages are cached for anonymous users, form state may leak between anonymous users. Sensitive or private information recorded for one anonymous user could thus be disclosed to other users interacting with the same form at the same time.

tags | advisory, info disclosure
systems | linux, debian
advisories | CVE-2014-2983
MD5 | a266dbfff38f353eb3e06c50dd122a06
Ubuntu Security Notice USN-2182-1
Posted Apr 28, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2182-1 - Michael S. Tsirkin discovered that QEMU incorrectly handled vmxnet3 devices. A local guest could possibly use this issue to cause a denial of service, or possibly execute arbitrary code on the host. This issue only applied to Ubuntu 13.10 and Ubuntu 14.04 LTS. Michael S. Tsirkin discovered that QEMU incorrectly handled virtio-net MAC addresses. A local guest could possibly use this issue to cause a denial of service, or possibly execute arbitrary code on the host. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2013-4544, CVE-2014-0150, CVE-2014-2894
MD5 | a4c669a7b515b516a0582414cba48b9f
Ubuntu Security Notice USN-2183-1
Posted Apr 28, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2183-1 - Jakub Wilk discovered that dpkg incorrectly certain paths and symlinks when unpacking source packages. If a user or an automated system were tricked into unpacking a specially crafted source package, a remote attacker could modify files outside the target unpack directory, leading to a denial of service or potentially gaining access to the system.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2014-0471
MD5 | 7b92e373acc5a72ce49c45bc84d61784
Cells Blog 3.4 Cross Site Scripting
Posted Apr 28, 2014
Authored by kurdish hackers team

Cells Blog version 3.4 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | d928aab9d1215ab4d4cba0925d8124e1
Terminal IP Lookup Tool (TILT) 0.5 Beta
Posted Apr 28, 2014
Authored by AeonDave | Site github.com

TILT is a tool written in python that performs simple recon jobs against a given host.

tags | tool, python
systems | unix
MD5 | 9f11b7c1f9027c6b93c987c78e16b9a2
CalendarScript 3.2.1 Password Disclosure
Posted Apr 28, 2014
Authored by Felipe Andrian Peixoto

CalendarScript version 3.2.1 suffers from a remote password disclosure vulnerability. Note that this finding houses site-specific data.

tags | exploit, remote, info disclosure
MD5 | 9235d2fa6bd2c0fe6e3b33477e8c4d44
Adem 0.5.1 Local File Inclusion
Posted Apr 28, 2014
Authored by jiko

Adem version 0.5.1 suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
MD5 | 0fb90ac095fbca5a1a0acde569f0abbe
Kmplayer 3.8.0.122 / 3.8.0.123 DLL Hijacking
Posted Apr 28, 2014
Authored by Aryan Bayaninejad

Kmplayer versions 3.8.0.122 and 3.8.0.123 suffer from a dll hijacking vulnerability.

tags | exploit
systems | windows
advisories | CVE-2014-2985
MD5 | 2678c8a6bbfd154ff21d85aa78402792
Page 1 of 1
Back1Next

File Archive:

July 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    2 Files
  • 2
    Jul 2nd
    3 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    4 Files
  • 5
    Jul 5th
    15 Files
  • 6
    Jul 6th
    15 Files
  • 7
    Jul 7th
    10 Files
  • 8
    Jul 8th
    2 Files
  • 9
    Jul 9th
    10 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    15 Files
  • 12
    Jul 12th
    19 Files
  • 13
    Jul 13th
    16 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    3 Files
  • 16
    Jul 16th
    2 Files
  • 17
    Jul 17th
    8 Files
  • 18
    Jul 18th
    11 Files
  • 19
    Jul 19th
    15 Files
  • 20
    Jul 20th
    15 Files
  • 21
    Jul 21st
    15 Files
  • 22
    Jul 22nd
    7 Files
  • 23
    Jul 23rd
    2 Files
  • 24
    Jul 24th
    19 Files
  • 25
    Jul 25th
    28 Files
  • 26
    Jul 26th
    2 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close