the original cloud security
Showing 1 - 18 of 18 RSS Feed

Files Date: 2014-06-30

HP Security Bulletin HPSBST03000 4
Posted Jun 30, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBST03000 4 - A potential security vulnerability has been identified with HP StoreEver ESL G3 Tape Library and Enterprise Library LTO-6 Tape Drives running OpenSSL. This is the OpenSSL vulnerability known as "Heartbleed" which could be exploited remotely resulting in disclosure of information. Revision 4 of this advisory.

tags | advisory
advisories | CVE-2014-0160
MD5 | e6542a96113ae0479b84ab7aa056ba62
Red Hat Security Advisory 2014-0819-01
Posted Jun 30, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-0819-01 - Red Hat JBoss BPM Suite is a business rules and processes management system for the management, storage, creation, modification, and deployment of JBoss rules and BPMN2-compliant business processes. This release of Red Hat JBoss BPM Suite 6.0.2 serves as a replacement for Red Hat JBoss BPM Suite 6.0.1, and includes bug fixes and enhancements.

tags | advisory
systems | linux, redhat
advisories | CVE-2014-0107, CVE-2014-0363, CVE-2014-0364
MD5 | 4b9da714c4cd1f0a8d7a373e234cea91
Red Hat Security Advisory 2014-0818-01
Posted Jun 30, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-0818-01 - Red Hat JBoss BRMS is a business rules management system for the management, storage, creation, modification, and deployment of JBoss Rules. This release of Red Hat JBoss BRMS 6.0.2 serves as a replacement for Red Hat JBoss BRMS 6.0.1, and includes bug fixes and enhancements.

tags | advisory
systems | linux, redhat
advisories | CVE-2014-0107, CVE-2014-0193, CVE-2014-0363, CVE-2014-0364
MD5 | 4de634c1df8e254066c51ef8bacef962
Red Hat Security Advisory 2014-0816-01
Posted Jun 30, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-0816-01 - Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller framework for web application development. Action Pack implements the controller and the view components. The SSH utility script created a world-writable file in /tmp/ using a predictable name, and then executed it as root. A local attacker could use this flaw to execute arbitrary commands as the root user. A directory traversal flaw was found in the way Ruby on Rails handled wildcard segments in routes with implicit rendering. A remote attacker could use this flaw to retrieve arbitrary local files accessible to a Ruby on Rails application using the aforementioned routes via a specially crafted request.

tags | advisory, remote, web, arbitrary, local, root, ruby
systems | linux, redhat
advisories | CVE-2014-0130, CVE-2014-0176, CVE-2014-0180, CVE-2014-0184, CVE-2014-3486, CVE-2014-3489
MD5 | f409838510de848d2624057bdb6762fc
Gentoo Linux Security Advisory 201406-35
Posted Jun 30, 2014
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201406-35 - Multiple vulnerabilities have been found in Openfire, the worst of which could lead to a Denial of Service condition. Versions less than 3.9.2-r1 are affected.

tags | advisory, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2009-1595, CVE-2009-1596, CVE-2014-2741
MD5 | 6ee45c18e89eca0ad1b65191e28d2fc0
Red Hat Security Advisory 2014-0814-01
Posted Jun 30, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-0814-01 - The Red Hat Enterprise Virtualization Manager is a centralized management platform that allows system administrators to view and manage virtual machines. It was found that the ovirt-engine REST API resolved entities in XML API calls. A remote attacker with credentials to call the ovirt-engine REST API could use this flaw to read files accessible to the user running the ovirt-engine JBoss server, and potentially perform other more advanced XXE attacks.

tags | advisory, remote
systems | linux, redhat
advisories | CVE-2014-3485
MD5 | 78f8ac884cf0b57913aabc44fae8848c
Red Hat Security Advisory 2014-0815-01
Posted Jun 30, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-0815-01 - The rhev-hypervisor6 package provides a Red Hat Enterprise Virtualization Hypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor is a dedicated Kernel-based Virtual Machine hypervisor. It includes everything necessary to run and manage virtual machines: a subset of the Red Hat Enterprise Linux operating environment and the Red Hat Enterprise Virtualization Agent. Note: Red Hat Enterprise Virtualization Hypervisor is only available for the Intel 64 and AMD64 architectures with virtualization extensions. A flaw was found in the way GnuTLS parsed session IDs from ServerHello messages of the TLS/SSL handshake. A malicious server could use this flaw to send an excessively long session ID value, which would trigger a buffer overflow in a connecting TLS/SSL client application using GnuTLS, causing the client application to crash or, possibly, execute arbitrary code.

tags | advisory, overflow, arbitrary, kernel
systems | linux, redhat
advisories | CVE-2014-3466, CVE-2014-3467, CVE-2014-3468, CVE-2014-3469
MD5 | 08a5f90c85d07cd5db87068cce215844
Debian Security Advisory 2970-1
Posted Jun 30, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2970-1 - Multiple security issues (cross-site scripting, cross-site request forgery, SQL injections, missing input sanitising) have been found in Cacti, a web frontend for RRDTool.

tags | advisory, web, xss, sql injection, csrf
systems | linux, debian
advisories | CVE-2014-2326, CVE-2014-2327, CVE-2014-2328, CVE-2014-2708, CVE-2014-2709, CVE-2014-4002
MD5 | a69ad988e27a650486aa3345c952d3a2
Gentoo Linux Security Advisory 201406-34
Posted Jun 30, 2014
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201406-34 - Multiple vulnerabilities have been discovered in KDE Libraries, the worst of which could lead to man-in-the-middle attacks. Versions less than 4.12.5-r1 are affected.

tags | advisory, vulnerability
systems | linux, gentoo
advisories | CVE-2011-1094, CVE-2011-3365, CVE-2013-2074, CVE-2014-3494
MD5 | 87d528407d0e9798c48f7829e1c9ed58
Gentoo Linux Security Advisory 201406-33
Posted Jun 30, 2014
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201406-33 - Multiple vulnerabilities have been found in Wireshark, the worst of which allows remote attackers to execute arbitrary code. Versions less than 1.10.8 are affected.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2014-2281, CVE-2014-2282, CVE-2014-2283, CVE-2014-2299, CVE-2014-2907, CVE-2014-4020, CVE-2014-4174
MD5 | 5ee303168fd92233fb43f7bccdd15435
Gentoo Linux Security Advisory 201406-32
Posted Jun 30, 2014
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201406-32 - Multiple vulnerabilities have been found in the IcedTea JDK, the worst of which could lead to arbitrary code execution. Versions less than 6.1.13.3 are affected.

tags | advisory, arbitrary, vulnerability, code execution
systems | linux, gentoo
advisories | CVE-2009-3555, CVE-2010-2548, CVE-2010-2783, CVE-2010-3541, CVE-2010-3548, CVE-2010-3549, CVE-2010-3551, CVE-2010-3553, CVE-2010-3554, CVE-2010-3557, CVE-2010-3561, CVE-2010-3562, CVE-2010-3564, CVE-2010-3565, CVE-2010-3566, CVE-2010-3567, CVE-2010-3568, CVE-2010-3569, CVE-2010-3573, CVE-2010-3574, CVE-2010-3860, CVE-2010-4351, CVE-2010-4448, CVE-2010-4450, CVE-2010-4465, CVE-2010-4467, CVE-2010-4469, CVE-2010-4470
MD5 | d9cd76f51005d3dcd235abaed9cde74b
Baidu Spark Browser 26.5.9999.3511 Stack Overflow
Posted Jun 30, 2014
Authored by LiquidWorm | Site zeroscience.mk

Spark Browser version 26.5.9999.3511 allows remote attackers to cause a denial of service (application crash) resulting in stack overflow via nested calls to the window.print javascript function.

tags | exploit, remote, denial of service, overflow, javascript
MD5 | 00d4cae32afc7dd800c0f99fa2089885
IBM Algorithmics RICOS Disclosure / XSS / CSRF
Posted Jun 30, 2014
Authored by F. Lukavsky, A. Kolmann, V. Habsburg-Lothringen | Site sec-consult.com

IBM Algorithmics RICOS versions 4.5.0 through 4.7.0 suffer from cross site scripting, cross site request forgery, information disclosure, data manipulation, broken encryption, and various other vulnerabilities.

tags | exploit, vulnerability, xss, info disclosure, csrf
advisories | CVE-2014-0864, CVE-2014-0865, CVE-2014-0866, CVE-2014-0867, CVE-2014-0868, CVE-2014-0869, CVE-2014-0870, CVE-2014-0871, CVE-2014-0894
MD5 | b8df7e37d1837ce179ae7e94c785a9ab
Gitlist 0.4.0 Remote Code Execution
Posted Jun 30, 2014
Authored by drone

Gitlist versions 0.4.0 and below suffer from a remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2014-4511
MD5 | ee46caf85f37abd2c3b0838eea3b25ad
WordPress Theme My Login 6.3.9 Local File Inclusion
Posted Jun 30, 2014
Authored by Tom Adams

WordPress Theme My Login plugin version 6.3.9 provides access to arbitrary files and could facilitate arbitrary code execution.

tags | exploit, arbitrary, code execution, file inclusion
MD5 | 5bd79c15b884dd6075f5cee6d905f57c
56 Bytes shutdown -h now Shellcode
Posted Jun 30, 2014
Authored by Osanda Malith

56 bytes small Linux/x86 shellcode for shutdown -h now.

tags | x86, shellcode
systems | linux
MD5 | f7a071789989e250bf4b15ede7242608
65 Bytes shutdown -h now Shellcode
Posted Jun 30, 2014
Authored by Osanda Malith

64 bytes small Linux/x86_64 shellcode for shutdown -h now.

tags | shellcode
systems | linux
MD5 | aead2a42ecd5bc727239c9ca2e0a527d
Hacking ASP/ASPX Websites Manually
Posted Jun 30, 2014
Authored by Chetan Soni

This is a whitepaper that goes into detail on hacking ASP/ASPX websites manually.

tags | paper, asp
MD5 | d56d34728763832f62fc8b57670829be
Page 1 of 1
Back1Next

File Archive:

July 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    2 Files
  • 2
    Jul 2nd
    3 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    4 Files
  • 5
    Jul 5th
    15 Files
  • 6
    Jul 6th
    15 Files
  • 7
    Jul 7th
    10 Files
  • 8
    Jul 8th
    2 Files
  • 9
    Jul 9th
    10 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    15 Files
  • 12
    Jul 12th
    19 Files
  • 13
    Jul 13th
    16 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    3 Files
  • 16
    Jul 16th
    2 Files
  • 17
    Jul 17th
    8 Files
  • 18
    Jul 18th
    11 Files
  • 19
    Jul 19th
    15 Files
  • 20
    Jul 20th
    15 Files
  • 21
    Jul 21st
    15 Files
  • 22
    Jul 22nd
    7 Files
  • 23
    Jul 23rd
    2 Files
  • 24
    Jul 24th
    19 Files
  • 25
    Jul 25th
    28 Files
  • 26
    Jul 26th
    2 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close