accept no compromises
Showing 1 - 17 of 17 RSS Feed

Files Date: 2014-07-02

Kanboard 1.0.5 Cross Site Request Forgery
Posted Jul 2, 2014
Authored by High-Tech Bridge SA | Site htbridge.com

Kanboard version 1.0.5 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
advisories | CVE-2014-3920
MD5 | e6eda774b050654cdd7cf3cc13ba69a4
Ntop-NG 1.1 Cross Site Scripting
Posted Jul 2, 2014
Authored by Madhu Akula

Ntop-NG version 1.1 suffers from a reflective cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2014-4329
MD5 | 814d2e4c489ca8ff3a66b177c53a382e
IP.Board 3.4.x / 3.3.x Cross Site Scripting
Posted Jul 2, 2014
Authored by Christian Schneider | Site christian-schneider.net

Invision Power IP.Board versions prior to 3.4.6 suffer from a reflective cross site scripting vulnerability.

tags | advisory, xss
advisories | CVE-2014-3149
MD5 | 6a6f2db7f5c8963d5b78ffd29b4df8d6
Cisco Security Advisory 20140702-cucdm
Posted Jul 2, 2014
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Cisco Unified Communications Domain Manager (Cisco Unified CDM) is affected by privilege escalation, default ssh key, and data manipulation vulnerabilities.

tags | advisory, vulnerability
systems | cisco
MD5 | 7f05d0fe378ebe8519e65728d0af7cf9
HP Security Bulletin HPSBMU03055
Posted Jul 2, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU03055 - Potential security vulnerabilities have been identified with HP Smart Update Manager (HP SUM) running OpenSSL. The vulnerabilities could be exploited remotely to create a Denial of Service (DoS), execute code, allow unauthorized access, or disclose information. Revision 1 of this advisory.

tags | advisory, denial of service, vulnerability
advisories | CVE-2010-5298, CVE-2014-0195, CVE-2014-0198, CVE-2014-0221, CVE-2014-0224, CVE-2014-3470
MD5 | bda9eec02275b30eeeecfbd867c17dfc
Red Hat Security Advisory 2014-0827-01
Posted Jul 2, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-0827-01 - Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages technologies. It was discovered that Apache Tomcat did not limit the length of chunk sizes when using chunked transfer encoding. A remote attacker could use this flaw to perform a denial of service attack against Tomcat by streaming an unlimited quantity of data, leading to excessive consumption of server resources. It was found that Apache Tomcat did not check for overflowing values when parsing request content length headers. A remote attacker could use this flaw to perform an HTTP request smuggling attack on a Tomcat server located behind a reverse proxy that processed the content length header correctly.

tags | advisory, java, remote, web, denial of service, overflow
systems | linux, redhat
advisories | CVE-2014-0075, CVE-2014-0096, CVE-2014-0099
MD5 | d4d0e878296b67a182ccaa02b985245f
Ubuntu Security Notice USN-2265-1
Posted Jul 2, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2265-1 - Abhishek Arya discovered that NSPR incorrectly handled certain console functions. A remote attacker could use this issue to cause NSPR to crash, resulting in a denial of service, or possibly execute arbitrary code. The default compiler options for affected releases should reduce the vulnerability to a denial of service.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2014-1545
MD5 | 3043494bd6af29df1e15f8626186dff2
Red Hat Security Advisory 2014-0830-01
Posted Jul 2, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-0830-01 - In accordance with the Red Hat Enterprise Linux Errata Support Policy, Extended Update Support for Red Hat Enterprise Linux 6.3 was retired on June 30, 2014, and support is no longer provided. Accordingly, Red Hat will no longer provide updated packages, including Critical impact security patches or urgent priority bug fixes, for Red Hat Enterprise Linux 6.3 EUS after June 30, 2014. In addition, technical support through Red Hat's Global Support Services will no longer be provided after this date. We encourage customers to plan their migration from Red Hat Enterprise Linux 6.3 to a more recent version of Red Hat Enterprise Linux. As a benefit of the Red Hat subscription model, customers can use their active subscriptions to entitle any system on a currently supported Red Hat Enterprise Linux release.

tags | advisory
systems | linux, redhat
MD5 | bd3a322df1ac86a58a43cdd6a7b3c90b
Red Hat Security Advisory 2014-0831-01
Posted Jul 2, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-0831-01 - In accordance with the Red Hat Developer Toolset Life Cycle policy, the Red Hat Developer Toolset Version 1 offering was retired on June 30, 2014, and support is no longer provided. Accordingly, Red Hat will no longer provide updated packages, including Critical impact security patches or urgent priority bug fixes, for Developer Toolset Version 1 after June 30, 2014. In addition, technical support through Red Hat's Global Support Services will no longer be provided for Red Hat Developer Toolset Version 1 after this date. We encourage customers to plan their migration from Red Hat Developer Toolset Version 1 to a more recent release of Red Hat Developer Toolset. As a benefit of the Red Hat subscription model, customers can use their active Red Hat Developer Toolset subscriptions to entitle any system on a currently supported version of this product.

tags | advisory
systems | linux, redhat
MD5 | 66d3fe22ea466fc7442231b5927127c0
Digital Whisper Electronic Magazine #52
Posted Jul 2, 2014
Authored by cp77fk4r, digitalwhisper

Digital Whisper Electronic Magazine issue 52. Written in Hebrew.

tags | magazine
MD5 | 4f36794f682ef38d9105a046773d89d4
OpenDocMan 1.2.7.2 Cross Site Scripting
Posted Jul 2, 2014
Authored by Madhu Akula

OpenDocMan version 1.2.7.2 suffers from a stored cross site scripting vulnerability.

tags | exploit, xss
MD5 | e9cc531ebce27a551e139320d2c4f2ea
Zurmo CRM Cross Site Scripting
Posted Jul 2, 2014
Authored by Provensec

Zurmo CRM suffers from a stored cross site scripting vulnerability.

tags | exploit, xss
MD5 | 23c571b32e9b267923e00135ababcd7d
CMS ContWEB SQL Injection
Posted Jul 2, 2014
Authored by Felipe Andrian Peixoto

CMS ContWEB suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.

tags | exploit, remote, sql injection
MD5 | c21831911257dc3680a4409ac2230c5d
EMC Documentum eRoom Stored Cross Site Scripting
Posted Jul 2, 2014
Authored by M. Heinzl | Site sec-consult.com

EMC Documentum eRoom versions 7.4.3, 7.4.4, and 7.4.4 SP1 suffer from a stored cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2014-2512
MD5 | 86b512fb87a75eadf4eefeee88168426
Kerio Control 8.3.1 Blind SQL Injection
Posted Jul 2, 2014
Authored by Khashayar Fereidani

Kerio Control versions 8.3.1 and below suffer from a boolean-based blind remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2014-3857
MD5 | bf2eb00f2fdb16408f68e4c6eddfc14f
IDGuard 0.60
Posted Jul 2, 2014
Authored by Gregory Pickett | Site hellfiresecurity.com

IDGuard is a platform for preventing network-layer fingerprinting on the network.

tags | tool
systems | unix
MD5 | aa5047dd4560c1b3ded62d5cc83870f2
HTML5 Modern Day Attack And Defence Vectors
Posted Jul 2, 2014
Authored by Rafay Baloch

Whitepaper called HTML5 Modern Day Attack and Defence Vectors. This paper analyzes most of the features introduced in HTML5 along with the vulnerabilities each feature introduces.

tags | paper, vulnerability
MD5 | 736a888b30911ba37662aea64668271e
Page 1 of 1
Back1Next

File Archive:

July 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    2 Files
  • 2
    Jul 2nd
    3 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    4 Files
  • 5
    Jul 5th
    15 Files
  • 6
    Jul 6th
    15 Files
  • 7
    Jul 7th
    10 Files
  • 8
    Jul 8th
    2 Files
  • 9
    Jul 9th
    10 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    15 Files
  • 12
    Jul 12th
    19 Files
  • 13
    Jul 13th
    16 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    3 Files
  • 16
    Jul 16th
    2 Files
  • 17
    Jul 17th
    8 Files
  • 18
    Jul 18th
    11 Files
  • 19
    Jul 19th
    15 Files
  • 20
    Jul 20th
    15 Files
  • 21
    Jul 21st
    15 Files
  • 22
    Jul 22nd
    7 Files
  • 23
    Jul 23rd
    2 Files
  • 24
    Jul 24th
    19 Files
  • 25
    Jul 25th
    28 Files
  • 26
    Jul 26th
    2 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close