exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 19 of 19 RSS Feed

Files Date: 2014-07-17

Omeka 2.2 Cross Site Request Forgery / Cross Site Scripting
Posted Jul 17, 2014
Authored by LiquidWorm | Site zeroscience.mk

Omeka version 2.2 suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
SHA-256 | f03557e695e804ef6a1ce733359bfca3c46a15464352e305d38e814421f08d8e
Trixbox XSS / LFI / SQL Injection / Code Execution
Posted Jul 17, 2014
Authored by AtT4CKxT3rR0r1ST

Trixbox suffers from cross site scripting, local file inclusion, SQL injection, and remote code execution vulnerabilities.

tags | exploit, remote, local, vulnerability, code execution, xss, sql injection, file inclusion
SHA-256 | 9ef0ed67767e646a6f2d1db382c38acd0e8f214fb1e4961fb49e8336b89d0d82
OL-Commerce 2.1.1 Cross Site Scripting / SQL Injection
Posted Jul 17, 2014
Authored by AtT4CKxT3rR0r1ST

OL-Commerce version 2.1.1 suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
SHA-256 | 4f82c8a5cedb0631e0830ff7889b78362f484948bf62f7ba8d9b619b16d05643
Cisco Security Advisory 20140716-cm
Posted Jul 17, 2014
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - A vulnerability in the web server used in multiple Cisco Wireless Residential Gateway products could allow an unauthenticated, remote attacker to exploit a buffer overflow and cause arbitrary code execution.

tags | advisory, remote, web, overflow, arbitrary, code execution
systems | cisco
SHA-256 | 6968ff4fbb937eaac9473bb098851f61c4f66b3058d93aeac5e38d2623713836
Ubuntu Security Notice USN-2290-1
Posted Jul 17, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2290-1 - Sasha Levin reported a flaw in the Linux kernel's point-to-point protocol (PPP) when used with the Layer Two Tunneling Protocol (L2TP). A local user could exploit this flaw to gain administrative privileges. It was discovered that an information leak in the Linux kernel's media- device driver. A local attacker could exploit this flaw to obtain sensitive information from kernel memory. A bounds check error was discovered in the socket filter subsystem of the Linux kernel. A local user could exploit this flaw to cause a denial of service (system crash) via crafted BPF instructions. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local, protocol
systems | linux, ubuntu
advisories | CVE-2014-1739, CVE-2014-3144, CVE-2014-3145, CVE-2014-3940, CVE-2014-4608, CVE-2014-4611, CVE-2014-4943
SHA-256 | d08146b9fea95b5609bae004d574e7ab893d68c13196106b2acc630dcddde5be
Ubuntu Security Notice USN-2288-1
Posted Jul 17, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2288-1 - Sasha Levin reported a flaw in the Linux kernel's point-to-point protocol (PPP) when used with the Layer Two Tunneling Protocol (L2TP). A local user could exploit this flaw to gain administrative privileges. An information leak was discovered in the Linux kernel's media-device driver. A local attacker could exploit this flaw to obtain sensitive information from kernel memory. A bounds check error was discovered in the socket filter subsystem of the Linux kernel. A local user could exploit this flaw to cause a denial of service (system crash) via crafted BPF instructions. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local, protocol
systems | linux, ubuntu
advisories | CVE-2014-1739, CVE-2014-3144, CVE-2014-3145, CVE-2014-3940, CVE-2014-4608, CVE-2014-4611, CVE-2014-4943
SHA-256 | 762c3e6b6422023b0cf7a2e4570f032da29fd554adfd4933d7c81ac2791e2d59
Ubuntu Security Notice USN-2287-1
Posted Jul 17, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2287-1 - Sasha Levin reported a flaw in the Linux kernel's point-to-point protocol (PPP) when used with the Layer Two Tunneling Protocol (L2TP). A local user could exploit this flaw to gain administrative privileges. Michael S. Tsirkin discovered an information leak in the Linux kernel's segmentation of skbs when using the zerocopy feature of vhost-net. A local attacker could exploit this flaw to gain potentially sensitive information from kernel memory. Various other issues were also addressed.

tags | advisory, kernel, local, protocol
systems | linux, ubuntu
advisories | CVE-2014-0131, CVE-2014-3917, CVE-2014-4014, CVE-2014-4608, CVE-2014-4611, CVE-2014-4943
SHA-256 | 94ee00bc3e51eee0cab2b52407443420b1915d25bdf54bb8483c9baf7e584422
Ubuntu Security Notice USN-2286-1
Posted Jul 17, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2286-1 - Sasha Levin reported a flaw in the Linux kernel's point-to-point protocol (PPP) when used with the Layer Two Tunneling Protocol (L2TP). A local user could exploit this flaw to gain administrative privileges. Michael S. Tsirkin discovered an information leak in the Linux kernel's segmentation of skbs when using the zerocopy feature of vhost-net. A local attacker could exploit this flaw to gain potentially sensitive information from kernel memory. Various other issues were also addressed.

tags | advisory, kernel, local, protocol
systems | linux, ubuntu
advisories | CVE-2014-0131, CVE-2014-1739, CVE-2014-3144, CVE-2014-3145, CVE-2014-3917, CVE-2014-4014, CVE-2014-4608, CVE-2014-4943
SHA-256 | a5ef90e192f25e88bdc05dfdee78ce4c2c01c37086253de1e44f5916378ea6d5
Ubuntu Security Notice USN-2285-1
Posted Jul 17, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2285-1 - Sasha Levin reported a flaw in the Linux kernel's point-to-point protocol (PPP) when used with the Layer Two Tunneling Protocol (L2TP). A local user could exploit this flaw to gain administrative privileges. Michael S. Tsirkin discovered an information leak in the Linux kernel's segmentation of skbs when using the zerocopy feature of vhost-net. A local attacker could exploit this flaw to gain potentially sensitive information from kernel memory. Various other issues were also addressed.

tags | advisory, kernel, local, protocol
systems | linux, ubuntu
advisories | CVE-2014-0131, CVE-2014-1739, CVE-2014-3917, CVE-2014-4014, CVE-2014-4027, CVE-2014-4608, CVE-2014-4943
SHA-256 | 53e0798c2145b912fe223a7d42f93aed871de378ec27bac50506de03da6f050f
Ubuntu Security Notice USN-2284-1
Posted Jul 17, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2284-1 - Sasha Levin reported a flaw in the Linux kernel's point-to-point protocol (PPP) when used with the Layer Two Tunneling Protocol (L2TP). A local user could exploit this flaw to gain administrative privileges. Michael S. Tsirkin discovered an information leak in the Linux kernel's segmentation of skbs when using the zerocopy feature of vhost-net. A local attacker could exploit this flaw to gain potentially sensitive information from kernel memory. Various other issues were also addressed.

tags | advisory, kernel, local, protocol
systems | linux, ubuntu
advisories | CVE-2014-0131, CVE-2014-4608, CVE-2014-4943
SHA-256 | 65de288e89273b4a19a71abb156d0c8a5e22311920ee9d2e00adb2f15336ac60
Ubuntu Security Notice USN-2283-1
Posted Jul 17, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2283-1 - Sasha Levin reported a flaw in the Linux kernel's point-to-point protocol (PPP) when used with the Layer Two Tunneling Protocol (L2TP). A local user could exploit this flaw to gain administrative privileges. Michael S. Tsirkin discovered an information leak in the Linux kernel's segmentation of skbs when using the zerocopy feature of vhost-net. A local attacker could exploit this flaw to gain potentially sensitive information from kernel memory. Various other issues were also addressed.

tags | advisory, kernel, local, protocol
systems | linux, ubuntu
advisories | CVE-2014-0131, CVE-2014-4608, CVE-2014-4943
SHA-256 | 51f7353dddebbf98d96c1d6defd1a3d69f1782559d7243fa23fd748f4b653195
Ubuntu Security Notice USN-2292-1
Posted Jul 17, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2292-1 - It was discovered that the LWP::Protocol::https perl module incorrectly disabled peer certificate verification completely when only hostname verification was requested to be disabled. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could possibly be exploited in certain scenarios to alter or compromise confidential information in applications that used the LWP::Protocol::https module.

tags | advisory, remote, web, perl, protocol
systems | linux, ubuntu
advisories | CVE-2014-3230
SHA-256 | 04124159814afda52855f16ba5f872746057725d6ed57e3e9e8e74d49f9a14f0
Red Hat Security Advisory 2014-0900-01
Posted Jul 17, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-0900-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A flaw was found in the way the Linux kernel's futex subsystem handled the requeuing of certain Priority Inheritance futexes. A local, unprivileged user could use this flaw to escalate their privileges on the system. A flaw was found in the way the Linux kernel's floppy driver handled user space provided data in certain error code paths while processing FDRAWCMD IOCTL commands. A local user with write access to /dev/fdX could use this flaw to free function) arbitrary kernel memory.

tags | advisory, arbitrary, kernel, local
systems | linux, redhat
advisories | CVE-2014-1737, CVE-2014-1738, CVE-2014-3153
SHA-256 | 93d4f43f287c1cf23493c2e022072560eb159a8f9435a1c0e2e7ec757823346e
Ubuntu Security Notice USN-2291-1
Posted Jul 17, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2291-1 - Multiple security issues were discovered in MySQL and this update includes a new upstream MySQL version to fix these issues. MySQL has been updated to 5.5.38. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Various other issues were also addressed.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2014-2494, CVE-2014-4207, CVE-2014-4258, CVE-2014-4260
SHA-256 | 723e8cb6fd677790ef2622722d59af916bd5e27e09651422f5ca6aaa4e08b132
Ubuntu Security Notice USN-2282-1
Posted Jul 17, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2282-1 - Sasha Levin reported a flaw in the Linux kernel's point-to-point protocol (PPP) when used with the Layer Two Tunneling Protocol (L2TP). A local user could exploit this flaw to gain administrative privileges. A flaw was discovered in the Linux kernel's audit subsystem when auditing certain syscalls. A local attacker could exploit this flaw to obtain potentially sensitive single-bit values from kernel memory or cause a denial of service (OOPS). Various other issues were also addressed.

tags | advisory, denial of service, kernel, local, protocol
systems | linux, ubuntu
advisories | CVE-2014-3917, CVE-2014-4608, CVE-2014-4943
SHA-256 | 7576ac5f9418fb22970fae92bda3060de5c7f880fb96a5b9f8bf23edeaa5a089
Debian Security Advisory 2765-2
Posted Jul 17, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2765-2 - The update released for davfs2 in DSA 2765 had a version number for Debian 7 "wheezy" that sorts lower than the version in Debian 6 "squeeze", causing problems on upgrades. This update makes a package of davfs2 in wheezy available which corrects only the version number.

tags | advisory
systems | linux, debian
advisories | CVE-2013-4362
SHA-256 | aa8bfc6ea9c15a1557ed96764c642823aafbff021291cfa52eff9a50cf97c2e6
Red Hat Security Advisory 2014-0899-01
Posted Jul 17, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-0899-01 - The openstack-neutron packages provide Openstack Networking, the virtual network service. OpenStack Networking is a pluggable, scalable, and API-driven system that provisions networking services to virtual machines. Its main function is to manage connectivity to and from virtual machines. It was discovered that an authenticated user could add a security group rule with an invalid CIDR causing the openvswitch-agent process to fail and prevent further rules from being applied.

tags | advisory
systems | linux, redhat
advisories | CVE-2014-0187, CVE-2014-4167
SHA-256 | 12984459022baf2395d5a366d6fa4c480f4128a03b2f292f6a9b26954ff26981
Ubuntu Security Notice USN-2289-1
Posted Jul 17, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2289-1 - Sasha Levin reported a flaw in the Linux kernel's point-to-point protocol (PPP) when used with the Layer Two Tunneling Protocol (L2TP). A local user could exploit this flaw to gain administrative privileges. Michael S. Tsirkin discovered an information leak in the Linux kernel's segmentation of skbs when using the zerocopy feature of vhost-net. A local attacker could exploit this flaw to gain potentially sensitive information from kernel memory. Various other issues were also addressed.

tags | advisory, kernel, local, protocol
systems | linux, ubuntu
advisories | CVE-2014-0131, CVE-2014-3917, CVE-2014-4014, CVE-2014-4608, CVE-2014-4611, CVE-2014-4943
SHA-256 | ee4b5aba8b85af49f51b037947116834b7eba864e9592e5b19b0e8efa9345287
Ubuntu Security Notice USN-2281-1
Posted Jul 17, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2281-1 - Sasha Levin reported a flaw in the Linux kernel's point-to-point protocol (PPP) when used with the Layer Two Tunneling Protocol (L2TP). A local user could exploit this flaw to gain administrative privileges. A flaw was discovered in the Linux kernel's audit subsystem when auditing certain syscalls. A local attacker could exploit this flaw to obtain potentially sensitive single-bit values from kernel memory or cause a denial of service (OOPS). Various other issues were also addressed.

tags | advisory, denial of service, kernel, local, protocol
systems | linux, ubuntu
advisories | CVE-2014-3917, CVE-2014-4608, CVE-2014-4943
SHA-256 | fb76516b15ce9ca580e4630ff501124404a3bd73f76afd4fa1763950b0a262ab
Page 1 of 1
Back1Next

File Archive:

September 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    23 Files
  • 2
    Sep 2nd
    12 Files
  • 3
    Sep 3rd
    0 Files
  • 4
    Sep 4th
    0 Files
  • 5
    Sep 5th
    10 Files
  • 6
    Sep 6th
    8 Files
  • 7
    Sep 7th
    30 Files
  • 8
    Sep 8th
    14 Files
  • 9
    Sep 9th
    26 Files
  • 10
    Sep 10th
    0 Files
  • 11
    Sep 11th
    0 Files
  • 12
    Sep 12th
    5 Files
  • 13
    Sep 13th
    28 Files
  • 14
    Sep 14th
    15 Files
  • 15
    Sep 15th
    17 Files
  • 16
    Sep 16th
    9 Files
  • 17
    Sep 17th
    0 Files
  • 18
    Sep 18th
    0 Files
  • 19
    Sep 19th
    12 Files
  • 20
    Sep 20th
    15 Files
  • 21
    Sep 21st
    20 Files
  • 22
    Sep 22nd
    13 Files
  • 23
    Sep 23rd
    12 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    30 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close