what you don't know can hurt you
Showing 1 - 15 of 15 RSS Feed

Files Date: 2014-05-14

PayPal Filter Bypass
Posted May 14, 2014
Authored by Ateeq ur Rehman Khan | Site vulnerability-lab.com

PayPal's service application and common service API suffers from filter bypass and script injection vulnerabilities.

tags | exploit, vulnerability
MD5 | 54be8e916b21abf11b7e81711160ce35
Red Hat Security Advisory 2014-0500-01
Posted May 14, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-0500-01 - Red Hat Satellite is a systems management tool for Linux-based infrastructures. It allows for provisioning, monitoring, and remote management of multiple Linux deployments with a single, centralized tool. Apache Struts is a framework for building web applications with Java. It was found that the Struts 1 ActionForm object allowed access to the 'class' parameter, which is directly mapped to the getClass() method. A remote attacker could use this flaw to manipulate the ClassLoader used by an application server running Struts 1. This could lead to remote code execution under certain conditions.

tags | advisory, java, remote, web, code execution
systems | linux, redhat
advisories | CVE-2014-0114
MD5 | 046d6be5d5ced0953d815ee6eefa443e
Red Hat Security Advisory 2014-0498-01
Posted May 14, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-0498-01 - Fuse ESB Enterprise is an integration platform based on Apache ServiceMix. It was found that the Struts 1 ActionForm object allowed access to the 'class' parameter, which is directly mapped to the getClass() method. A remote attacker could use this flaw to manipulate the ClassLoader used by an application server running Struts 1. This could lead to remote code execution under certain conditions.

tags | advisory, remote, code execution
systems | linux, redhat
advisories | CVE-2014-0114
MD5 | 88dc2f3e41de030610a87c412e2602c9
Red Hat Security Advisory 2014-0497-01
Posted May 14, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-0497-01 - Red Hat JBoss Fuse, based on Apache ServiceMix, provides a small-footprint, flexible, open source enterprise service bus and integration platform. It was found that the Struts 1 ActionForm object allowed access to the 'class' parameter, which is directly mapped to the getClass() method. A remote attacker could use this flaw to manipulate the ClassLoader used by an application server running Struts 1. This could lead to remote code execution under certain conditions.

tags | advisory, remote, code execution
systems | linux, redhat
advisories | CVE-2014-0114
MD5 | ab022dff15de3cf47d3c6e94c3aaa24b
Red Hat Security Advisory 2014-0496-01
Posted May 14, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-0496-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update fixes multiple vulnerabilities in Adobe Flash Player. These vulnerabilities are detailed in the Adobe Security Bulletin APSB14-14, listed in the References section. Multiple flaws were found in the way flash-plugin displayed certain SWF content. An attacker could use these flaws to create a specially crafted SWF file that would cause flash-plugin to crash or, potentially, execute arbitrary code when the victim loaded a page containing the malicious SWF content.

tags | advisory, web, arbitrary, vulnerability
systems | linux, redhat
advisories | CVE-2014-0510, CVE-2014-0516, CVE-2014-0517, CVE-2014-0518, CVE-2014-0519, CVE-2014-0520
MD5 | fd9676a865a4c35dba92cd0b5ed4f38d
Ubuntu Security Notice USN-2211-1
Posted May 14, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2211-1 - Ilja van Sprundel discovered that libXfont incorrectly handled font metadata file parsing. A local attacker could use this issue to cause libXfont to crash, or possibly execute arbitrary code in order to gain privileges. Ilja van Sprundel discovered that libXfont incorrectly handled X Font Server replies. A malicious font server could return specially-crafted data that could cause libXfont to crash, or possibly execute arbitrary code. This issue only affected Ubuntu 10.04 LTS, Ubuntu 12.04 LTS, Ubuntu 12.10 and Ubuntu 13.10. Various other issues were also addressed.

tags | advisory, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2014-0209, CVE-2014-0210, CVE-2014-0211
MD5 | ca4e6b882df5f54bc098a6819a05ca91
Red Hat Security Advisory 2014-0486-01
Posted May 14, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-0486-01 - IBM Java SE version 7 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2013-6629, CVE-2013-6954, CVE-2014-0429, CVE-2014-0446, CVE-2014-0448, CVE-2014-0449, CVE-2014-0451, CVE-2014-0452, CVE-2014-0453, CVE-2014-0454, CVE-2014-0455, CVE-2014-0457, CVE-2014-0458, CVE-2014-0459, CVE-2014-0460, CVE-2014-0461, CVE-2014-1876, CVE-2014-2398, CVE-2014-2401, CVE-2014-2402, CVE-2014-2409, CVE-2014-2412, CVE-2014-2414, CVE-2014-2420, CVE-2014-2421, CVE-2014-2423, CVE-2014-2427, CVE-2014-2428
MD5 | c312649c1b71716340b6ab7d379a37e0
Microsoft Security Bulletin Re-Release For May, 2014
Posted May 14, 2014
Site microsoft.com

This bulletin summary lists eight released Microsoft security bulletins for May, 2014.

tags | advisory
MD5 | 83c0ef9fb147af8269ac817bb3e05265
Linux Kernel 3.15-rc4 PTY Race Condition
Posted May 14, 2014
Authored by Matthew Daley

Linux Kernel versions above 3.14-rc1 and below 3.15-rc4 raw mode PTY local echo race condition privilege escalation proof of concept exploit. This bug also affects kernel 2.6.31-rc3 and newer.

tags | exploit, kernel, local, proof of concept
systems | linux
advisories | CVE-2014-0196
MD5 | 13d392a765d40d69d673f57809956287
eInstruction Workspace Sudo Misconfiguration
Posted May 14, 2014
Authored by Martin von Gagern

eInstruction Workspace uses sudo in an insecure manner that allows for root level privilege escalation.

tags | advisory, root
MD5 | b4812ddb075048d72b8dba1fd3e991b2
Config Push snmpset Utility
Posted May 14, 2014
Authored by Michael Killebrew

This is a tool to span /8-sized networks quickly sending snmpset requests with default or otherwise specified community string to Cisco devices.

tags | tool
systems | cisco, unix
MD5 | fcf68d61c79279ffafcf6115f320556d
TFTPD32 / TFTPD64 4.5 Denial Of Service
Posted May 14, 2014
Authored by j0s3h4x0r

TFTPD32 / TFTPD64 version 4.5 denial of service proof of concept exploit.

tags | exploit, denial of service, proof of concept
MD5 | 5e838594c47ccc0d793f4ce802e4856b
Easy File Sharing Web Server 6.8 Buffer Overflow
Posted May 14, 2014
Authored by superkojiman

Easy File Sharing Web Server version 6.8 suffers from a stack buffer overflow vulnerability.

tags | exploit, web, overflow
MD5 | 80e75563f638a0d45ec5b2953c703491
K-Lite CODEC 10.45 Memory Corruption
Posted May 14, 2014
Authored by Aryan Bayaninejad

K-Lite CODEC version 10.45 suffers from a memory corruption vulnerability.

tags | exploit
MD5 | 9725e2197873ea0adb276fca73b4659b
Elastic Search File Read / Append
Posted May 14, 2014
Authored by Jeff Geiger | Site github.com

Elastic Search remote code execution exploit that leverages an issue which allows an attacker to read from and append to files on the system.

tags | exploit, remote, code execution
advisories | CVE-2014-3120
MD5 | c146923ac6fb0b9ea26f881569a44913
Page 1 of 1
Back1Next

File Archive:

July 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    2 Files
  • 2
    Jul 2nd
    3 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    4 Files
  • 5
    Jul 5th
    15 Files
  • 6
    Jul 6th
    15 Files
  • 7
    Jul 7th
    10 Files
  • 8
    Jul 8th
    2 Files
  • 9
    Jul 9th
    10 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    15 Files
  • 12
    Jul 12th
    19 Files
  • 13
    Jul 13th
    16 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    3 Files
  • 16
    Jul 16th
    2 Files
  • 17
    Jul 17th
    8 Files
  • 18
    Jul 18th
    11 Files
  • 19
    Jul 19th
    15 Files
  • 20
    Jul 20th
    15 Files
  • 21
    Jul 21st
    15 Files
  • 22
    Jul 22nd
    7 Files
  • 23
    Jul 23rd
    2 Files
  • 24
    Jul 24th
    19 Files
  • 25
    Jul 25th
    28 Files
  • 26
    Jul 26th
    2 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close