exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 18 of 18 RSS Feed

Files Date: 2014-06-30

HP Security Bulletin HPSBST03000 4
Posted Jun 30, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBST03000 4 - A potential security vulnerability has been identified with HP StoreEver ESL G3 Tape Library and Enterprise Library LTO-6 Tape Drives running OpenSSL. This is the OpenSSL vulnerability known as "Heartbleed" which could be exploited remotely resulting in disclosure of information. Revision 4 of this advisory.

tags | advisory
advisories | CVE-2014-0160
SHA-256 | d73fa1bd882e7f8008920c158bf623bc8f8b58fa93cf66a5af55c435e4a4b1a2
Red Hat Security Advisory 2014-0819-01
Posted Jun 30, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-0819-01 - Red Hat JBoss BPM Suite is a business rules and processes management system for the management, storage, creation, modification, and deployment of JBoss rules and BPMN2-compliant business processes. This release of Red Hat JBoss BPM Suite 6.0.2 serves as a replacement for Red Hat JBoss BPM Suite 6.0.1, and includes bug fixes and enhancements.

tags | advisory
systems | linux, redhat
advisories | CVE-2014-0107, CVE-2014-0363, CVE-2014-0364
SHA-256 | 5b2018ca1ea60bf0c168ce31e1328db1823bbc6237ead19c714f783467b0aac2
Red Hat Security Advisory 2014-0818-01
Posted Jun 30, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-0818-01 - Red Hat JBoss BRMS is a business rules management system for the management, storage, creation, modification, and deployment of JBoss Rules. This release of Red Hat JBoss BRMS 6.0.2 serves as a replacement for Red Hat JBoss BRMS 6.0.1, and includes bug fixes and enhancements.

tags | advisory
systems | linux, redhat
advisories | CVE-2014-0107, CVE-2014-0193, CVE-2014-0363, CVE-2014-0364
SHA-256 | be959037484d1a765743e14b992c71c12dc19b2d050e960a53ed6defd1d3f971
Red Hat Security Advisory 2014-0816-01
Posted Jun 30, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-0816-01 - Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller framework for web application development. Action Pack implements the controller and the view components. The SSH utility script created a world-writable file in /tmp/ using a predictable name, and then executed it as root. A local attacker could use this flaw to execute arbitrary commands as the root user. A directory traversal flaw was found in the way Ruby on Rails handled wildcard segments in routes with implicit rendering. A remote attacker could use this flaw to retrieve arbitrary local files accessible to a Ruby on Rails application using the aforementioned routes via a specially crafted request.

tags | advisory, remote, web, arbitrary, local, root, ruby
systems | linux, redhat
advisories | CVE-2014-0130, CVE-2014-0176, CVE-2014-0180, CVE-2014-0184, CVE-2014-3486, CVE-2014-3489
SHA-256 | ed0336504b371e408526319445a5c9fd1d368cc89d53bfcce748e66dc58f4a6d
Gentoo Linux Security Advisory 201406-35
Posted Jun 30, 2014
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201406-35 - Multiple vulnerabilities have been found in Openfire, the worst of which could lead to a Denial of Service condition. Versions less than 3.9.2-r1 are affected.

tags | advisory, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2009-1595, CVE-2009-1596, CVE-2014-2741
SHA-256 | 41324993ffa3eb7b745123fc71b6da971e9a55bdf18cdf640e314610a2cc46af
Red Hat Security Advisory 2014-0814-01
Posted Jun 30, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-0814-01 - The Red Hat Enterprise Virtualization Manager is a centralized management platform that allows system administrators to view and manage virtual machines. It was found that the ovirt-engine REST API resolved entities in XML API calls. A remote attacker with credentials to call the ovirt-engine REST API could use this flaw to read files accessible to the user running the ovirt-engine JBoss server, and potentially perform other more advanced XXE attacks.

tags | advisory, remote, xxe
systems | linux, redhat
advisories | CVE-2014-3485
SHA-256 | 05adc95783f571a217ffe1d911df66b509c35fc597481b598054f42f53193008
Red Hat Security Advisory 2014-0815-01
Posted Jun 30, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-0815-01 - The rhev-hypervisor6 package provides a Red Hat Enterprise Virtualization Hypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor is a dedicated Kernel-based Virtual Machine hypervisor. It includes everything necessary to run and manage virtual machines: a subset of the Red Hat Enterprise Linux operating environment and the Red Hat Enterprise Virtualization Agent. Note: Red Hat Enterprise Virtualization Hypervisor is only available for the Intel 64 and AMD64 architectures with virtualization extensions. A flaw was found in the way GnuTLS parsed session IDs from ServerHello messages of the TLS/SSL handshake. A malicious server could use this flaw to send an excessively long session ID value, which would trigger a buffer overflow in a connecting TLS/SSL client application using GnuTLS, causing the client application to crash or, possibly, execute arbitrary code.

tags | advisory, overflow, arbitrary, kernel
systems | linux, redhat
advisories | CVE-2014-3466, CVE-2014-3467, CVE-2014-3468, CVE-2014-3469
SHA-256 | a010735c07300e81c05307db46a722929722e51bde6e7a4c5df209d29725b131
Debian Security Advisory 2970-1
Posted Jun 30, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2970-1 - Multiple security issues (cross-site scripting, cross-site request forgery, SQL injections, missing input sanitising) have been found in Cacti, a web frontend for RRDTool.

tags | advisory, web, xss, sql injection, csrf
systems | linux, debian
advisories | CVE-2014-2326, CVE-2014-2327, CVE-2014-2328, CVE-2014-2708, CVE-2014-2709, CVE-2014-4002
SHA-256 | 67f7c14f82e222e1693697e3659a72b9ae669ebe3fb08bb51ed5f7d72102d52e
Gentoo Linux Security Advisory 201406-34
Posted Jun 30, 2014
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201406-34 - Multiple vulnerabilities have been discovered in KDE Libraries, the worst of which could lead to man-in-the-middle attacks. Versions less than 4.12.5-r1 are affected.

tags | advisory, vulnerability
systems | linux, gentoo
advisories | CVE-2011-1094, CVE-2011-3365, CVE-2013-2074, CVE-2014-3494
SHA-256 | c63b9a944ba7c2935d68a4a420c83a2435da78ca96c29e73e8fb03e625d03496
Gentoo Linux Security Advisory 201406-33
Posted Jun 30, 2014
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201406-33 - Multiple vulnerabilities have been found in Wireshark, the worst of which allows remote attackers to execute arbitrary code. Versions less than 1.10.8 are affected.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2014-2281, CVE-2014-2282, CVE-2014-2283, CVE-2014-2299, CVE-2014-2907, CVE-2014-4020, CVE-2014-4174
SHA-256 | b218ed0f4b25bc94042856f53c2c5fb0fd853c918f085b1972ba76584ad83010
Gentoo Linux Security Advisory 201406-32
Posted Jun 30, 2014
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201406-32 - Multiple vulnerabilities have been found in the IcedTea JDK, the worst of which could lead to arbitrary code execution. Versions less than 6.1.13.3 are affected.

tags | advisory, arbitrary, vulnerability, code execution
systems | linux, gentoo
advisories | CVE-2009-3555, CVE-2010-2548, CVE-2010-2783, CVE-2010-3541, CVE-2010-3548, CVE-2010-3549, CVE-2010-3551, CVE-2010-3553, CVE-2010-3554, CVE-2010-3557, CVE-2010-3561, CVE-2010-3562, CVE-2010-3564, CVE-2010-3565, CVE-2010-3566, CVE-2010-3567, CVE-2010-3568, CVE-2010-3569, CVE-2010-3573, CVE-2010-3574, CVE-2010-3860, CVE-2010-4351, CVE-2010-4448, CVE-2010-4450, CVE-2010-4465, CVE-2010-4467, CVE-2010-4469, CVE-2010-4470
SHA-256 | 090fb98b78d165daf38005d744a51c041e7041bc82e7280894ff7c9447061a32
Baidu Spark Browser 26.5.9999.3511 Stack Overflow
Posted Jun 30, 2014
Authored by LiquidWorm | Site zeroscience.mk

Spark Browser version 26.5.9999.3511 allows remote attackers to cause a denial of service (application crash) resulting in stack overflow via nested calls to the window.print javascript function.

tags | exploit, remote, denial of service, overflow, javascript
SHA-256 | 1648d8f4e73ede106fecb1b26df6c6ee26b52192d6775810b994868fb4f449ed
IBM Algorithmics RICOS Disclosure / XSS / CSRF
Posted Jun 30, 2014
Authored by F. Lukavsky, A. Kolmann, V. Habsburg-Lothringen | Site sec-consult.com

IBM Algorithmics RICOS versions 4.5.0 through 4.7.0 suffer from cross site scripting, cross site request forgery, information disclosure, data manipulation, broken encryption, and various other vulnerabilities.

tags | exploit, vulnerability, xss, info disclosure, csrf
advisories | CVE-2014-0864, CVE-2014-0865, CVE-2014-0866, CVE-2014-0867, CVE-2014-0868, CVE-2014-0869, CVE-2014-0870, CVE-2014-0871, CVE-2014-0894
SHA-256 | 945e5852d35d3f39d7bede3cae55f9fa93875250647822bf399c4895974db9cc
Gitlist 0.4.0 Remote Code Execution
Posted Jun 30, 2014
Authored by drone

Gitlist versions 0.4.0 and below suffer from a remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2014-4511
SHA-256 | 00b7d366435cf917c8e9dd552a46f3409e889e65dde7d0753735ef2ebe2b6d00
WordPress Theme My Login 6.3.9 Local File Inclusion
Posted Jun 30, 2014
Authored by Tom Adams

WordPress Theme My Login plugin version 6.3.9 provides access to arbitrary files and could facilitate arbitrary code execution.

tags | exploit, arbitrary, code execution, file inclusion
SHA-256 | 4c53920b98114515bc1f2346def95625fb01546704b44a6a30f469a4f29a1dea
56 Bytes shutdown -h now Shellcode
Posted Jun 30, 2014
Authored by Osanda Malith

56 bytes small Linux/x86 shellcode for shutdown -h now.

tags | x86, shellcode
systems | linux
SHA-256 | af9cbefd009e0c69cf8e02310560fb4fdb27fa5f125eb912ebf7cbf3843e245a
65 Bytes shutdown -h now Shellcode
Posted Jun 30, 2014
Authored by Osanda Malith

64 bytes small Linux/x86_64 shellcode for shutdown -h now.

tags | shellcode
systems | linux
SHA-256 | 305fe86022580df42aa8242abaf648d4013c15d0be3f2307de3611d7d1525563
Hacking ASP/ASPX Websites Manually
Posted Jun 30, 2014
Authored by Chetan Soni

This is a whitepaper that goes into detail on hacking ASP/ASPX websites manually.

tags | paper, asp
SHA-256 | e01e929f0159f35636b57ccb14d23133cee0871e331625923ed2e065e0033b49
Page 1 of 1
Back1Next

File Archive:

January 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    0 Files
  • 2
    Jan 2nd
    13 Files
  • 3
    Jan 3rd
    5 Files
  • 4
    Jan 4th
    5 Files
  • 5
    Jan 5th
    9 Files
  • 6
    Jan 6th
    5 Files
  • 7
    Jan 7th
    0 Files
  • 8
    Jan 8th
    0 Files
  • 9
    Jan 9th
    18 Files
  • 10
    Jan 10th
    31 Files
  • 11
    Jan 11th
    30 Files
  • 12
    Jan 12th
    33 Files
  • 13
    Jan 13th
    25 Files
  • 14
    Jan 14th
    0 Files
  • 15
    Jan 15th
    0 Files
  • 16
    Jan 16th
    7 Files
  • 17
    Jan 17th
    25 Files
  • 18
    Jan 18th
    38 Files
  • 19
    Jan 19th
    6 Files
  • 20
    Jan 20th
    21 Files
  • 21
    Jan 21st
    0 Files
  • 22
    Jan 22nd
    0 Files
  • 23
    Jan 23rd
    24 Files
  • 24
    Jan 24th
    68 Files
  • 25
    Jan 25th
    22 Files
  • 26
    Jan 26th
    20 Files
  • 27
    Jan 27th
    17 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close