exploit the possibilities
Showing 1 - 16 of 16 RSS Feed

Files Date: 2014-06-17

Debian Security Advisory 2963-1
Posted Jun 17, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2963-1 - Multiple vulnerabilities were found in Solr, an open source enterprise search server based on Lucene, resulting in information disclosure or code execution.

tags | advisory, vulnerability, code execution, info disclosure
systems | linux, debian
advisories | CVE-2013-6397, CVE-2013-6407, CVE-2013-6408
MD5 | c18f2600646b24dd54e708e5cac26e3f
Debian Security Advisory 2962-1
Posted Jun 17, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2962-1 - Abhiskek Arya discovered an out of bounds write in the cvt_t() function of the NetScape Portable Runtime Library which could result in the execution of arbitrary code.

tags | advisory, arbitrary
systems | linux, debian
advisories | CVE-2014-1545
MD5 | 1cc4aeeedbd62c083ba41ef52ad54381
HP Security Bulletin HPSBMU03048
Posted Jun 17, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU03048 - A potential security vulnerability has been identified with HP Executive Scorecard. The vulnerability could be exploited remotely to allow remote code execution and directory traversal. Revision 1 of this advisory.

tags | advisory, remote, code execution
advisories | CVE-2014-2609, CVE-2014-2610, CVE-2014-2611
MD5 | f243894aba93b765329d3dcef3ef7772
HP Security Bulletin HPSBUX03046 SSRT101590 2
Posted Jun 17, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBUX03046 SSRT101590 2 - Potential security vulnerabilities have been identified with HP-UX running OpenSSL. These vulnerabilities could be exploited remotely to create a Denial of Service (DoS), execute code, bypass security restrictions, disclose information, or allow unauthorized access. Revision 2 of this advisory.

tags | advisory, denial of service, vulnerability
systems | hpux
advisories | CVE-2014-0076, CVE-2014-0195, CVE-2014-0221, CVE-2014-0224, CVE-2014-3470
MD5 | 0713de23cf2c472ecfc4bd2121483262
Ubisoft Rayman Legends 1.2.103716 Buffer Overflow
Posted Jun 17, 2014
Authored by LiquidWorm | Site zeroscience.mk

Ubisoft Rayman Legends version 1.2.103716 suffers from a remote stack buffer overflow vulnerability. The vulnerability is caused due to a memset() boundary error in the processing of incoming data thru raw socket connections on TCP port 1001, which can be exploited to cause a stack based buffer overflow by sending a long string of bytes on the second connection. Successful exploitation could allow execution of arbitrary code on the affected node.

tags | exploit, remote, overflow, arbitrary, tcp
MD5 | 7c953081e55e23a9af193dc8b4adb39c
Ubuntu Security Notice USN-2247-1
Posted Jun 17, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2247-1 - Darragh O'Reilly discovered that OpenStack Nova did not properly set up its sudo configuration. If a different flaw was found in OpenStack Nova, this vulnerability could be used to escalate privileges. This issue only affected Ubuntu 13.10 and Ubuntu 14.04 LTS. Bernhard M. Wiedemann and Pedraig Brady discovered that OpenStack Nova did not properly verify the virtual size of a QCOW2 images. A remote authenticated attacker could exploit this to create a denial of service via disk consumption. This issue did not affect Ubuntu 14.04 LTS. Various other issues were also addressed.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2013-1068, CVE-2013-4463, CVE-2013-4469, CVE-2013-6491, CVE-2013-7130, CVE-2014-0134, CVE-2014-0167
MD5 | 80330368609d50b914d40f85b404de99
Ubuntu Security Notice USN-2246-1
Posted Jun 17, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2246-1 - Jakub Wilk discovered that APT did not correctly validate signatures when downloading source packages. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could potentially be used to install altered source packages.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2014-0478
MD5 | 856862043b7733d58d910299c6d0b24f
ZTE WXV10 W300 Disclosure / CSRF / Default
Posted Jun 17, 2014
Authored by Osanda Malith

ZTE WXV10 W300 suffers from suffers from backup disclosure, cross site request forgery, denial of service, and file disclosure vulnerabilities.

tags | exploit, denial of service, vulnerability, info disclosure, csrf
advisories | CVE-2014-4018, CVE-2014-4019, CVE-2014-4154, CVE-2014-4155
MD5 | 04b6883ec16877491b7b05b0dcfa44bc
BarracudaDrive 6.7.2 Cross Site Scripting
Posted Jun 17, 2014
Authored by Govind Singh

BarracudaDrive version 6.7.2 suffers from cross site scripting vulnerabilities in the administrative panel.

tags | exploit, vulnerability, xss
MD5 | 9f14bd9e3ef3ddc9d6ebcf4a1ed1ae9b
Zabbix 1.8.x - 2.2.x XXE Injection
Posted Jun 17, 2014
Authored by pnig0s

Zabbix versions 1.8.x through 2.2.x suffer from an XML external entity attack vulnerability.

tags | advisory, xxe
MD5 | 88d4efd793e4d77d039647e2f9b9549e
Clam AntiVirus Toolkit 0.98.4
Posted Jun 17, 2014
Authored by Tomasz Kojm | Site clamav.net

Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a commandline scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.

Changes: This release addressed build problems on Solaris, OpenBSD, and AIX. Additional issues on Windows, Mac OS X, and Solaris 10 have been resolved.
tags | tool, virus
systems | unix
MD5 | 6d409eab6c311de05a0a591fccd2ec83
Rocket Servergraph Admin Center fileRequestor Remote Code Execution
Posted Jun 17, 2014
Authored by rgod, juan vazquez | Site metasploit.com

This Metasploit module abuses several directory traversal flaws in Rocket Servergraph Admin Center for Tivoli Storage Manager. The issues exist in the fileRequestor servlet, allowing a remote attacker to write arbitrary files and execute commands with administrative privileges. This Metasploit module has been tested successfully on Rocket ServerGraph 1.2 over Windows 2008 R2 64 bits, Windows 7 SP1 32 bits and Ubuntu 12.04 64 bits.

tags | exploit, remote, arbitrary
systems | linux, windows, ubuntu, 7
advisories | CVE-2014-3914
MD5 | 9179b5c8a6e501cfaae32462b97b7468
Ubuntu Security Notice USN-2214-3
Posted Jun 17, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2214-3 - USN-2214-1 fixed vulnerabilities in libxml2. The upstream fix introduced a number of regressions. This update fixes the problem. Daniel Berrange discovered that libxml2 would incorrectly perform entity substitution even when requested not to. If a user or automated system were tricked into opening a specially crafted document, an attacker could possibly cause resource consumption, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, vulnerability
systems | linux, ubuntu
MD5 | 3b4a8be01539e5b2a2134146b703075e
Debian Security Advisory 2961-1
Posted Jun 17, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2961-1 - It was discovered that PHP, a general-purpose scripting language commonly used for web application development, is vulnerable to a heap-based buffer overflow in the DNS TXT record parsing. A malicious server or man-in-the-middle attacker could possibly use this flaw to execute arbitrary code as the PHP interpreter if a PHP application uses dns_get_record() to perform a DNS query.

tags | advisory, web, overflow, arbitrary, php
systems | linux, debian
advisories | CVE-2014-4049
MD5 | fc69ad6d6e3d23d218e3a7456f1d4467
Debian Security Advisory 2950-2
Posted Jun 17, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2950-2 - This update updates the upstream fix for CVE-2014-0224 to address problems with CCS which could result in problems with the Postgres database.

tags | advisory
systems | linux, debian
advisories | CVE-2014-0195, CVE-2014-0221, CVE-2014-0224, CVE-2014-3470
MD5 | 298c3fdb2a8d3cba2bb81e4385a01265
Gentoo Linux Security Advisory 201406-17
Posted Jun 17, 2014
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201406-17 - Multiple vulnerabilities have been found in Adobe Flash Player, worst of which allows remote attackers to execute arbitrary code. Versions less than 11.2.202.378 are affected.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2014-0531, CVE-2014-0532, CVE-2014-0533, CVE-2014-0534, CVE-2014-0535, CVE-2014-0536
MD5 | 7c85ddec8e4ef3c3d7ef72db85467412
Page 1 of 1
Back1Next

File Archive:

August 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    10 Files
  • 2
    Aug 2nd
    8 Files
  • 3
    Aug 3rd
    2 Files
  • 4
    Aug 4th
    1 Files
  • 5
    Aug 5th
    15 Files
  • 6
    Aug 6th
    79 Files
  • 7
    Aug 7th
    16 Files
  • 8
    Aug 8th
    10 Files
  • 9
    Aug 9th
    10 Files
  • 10
    Aug 10th
    0 Files
  • 11
    Aug 11th
    6 Files
  • 12
    Aug 12th
    26 Files
  • 13
    Aug 13th
    15 Files
  • 14
    Aug 14th
    19 Files
  • 15
    Aug 15th
    52 Files
  • 16
    Aug 16th
    11 Files
  • 17
    Aug 17th
    1 Files
  • 18
    Aug 18th
    2 Files
  • 19
    Aug 19th
    18 Files
  • 20
    Aug 20th
    19 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close