what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 16 of 16 RSS Feed

Files Date: 2014-10-01

Bash Me Some More
Posted Oct 1, 2014
Authored by Michal Zalewski, Paul Vixie

This is information regarding more bash vulnerabilities and how the original bash patches are ineffective.

tags | exploit, vulnerability, bash
advisories | CVE-2014-6271, CVE-2014-6277, CVE-2014-6278, CVE-2014-6279
SHA-256 | 9bef4f643cbc941c231d0995aa7df24f7322c03118f4cd7d60f56a5e05ccb428
Epicor Password Disclosure / Cross Site Scripting
Posted Oct 1, 2014
Authored by Fara Denise Rustein

Epicor suffers from cross site scripting and password disclosure vulnerabilities.

tags | exploit, vulnerability, xss, info disclosure
advisories | CVE-2014-4311, CVE-2014-4312
SHA-256 | 0adc38541eec06be524dcdc4e10cbddffc5db40fd0f6f43e692e614e15788b74
VMware Security Advisory 2014-0010
Posted Oct 1, 2014
Authored by VMware | Site vmware.com

VMware Security Advisory 2014-0010 - VMware product updates address Bash security vulnerabilities.

tags | advisory, vulnerability, bash
advisories | CVE-2014-6271, CVE-2014-7169, CVE-2014-7186, CVE-2014-7187
SHA-256 | 35f6ed13d7102c88ca22ea6b869c28a45351e9ff87730aeeba642d5f37e08c62
Packet Storm New Exploits For September, 2014
Posted Oct 1, 2014
Authored by Todd J. | Site packetstormsecurity.com

This archive contains all of the 158 exploits added to Packet Storm in September, 2014.

tags | exploit
systems | linux
SHA-256 | 81e439aa508cca46d13331ea18cff9058479738a2b374e9b407aadaf61ac213e
Debian Security Advisory 3040-1
Posted Oct 1, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3040-1 - Rainer Gerhards, the rsyslog project leader, reported a vulnerability in Rsyslog, a system for log processing. As a consequence of this vulnerability an attacker can send malformed messages to a server, if this one accepts data from untrusted sources, and trigger a denial of service attack.

tags | advisory, denial of service
systems | linux, debian
advisories | CVE-2014-3634
SHA-256 | e561d69b5178aba532af90ac7fb2ff1c69d976ffa69a1ce6567926bb397cbdd2
Debian Security Advisory 3041-1
Posted Oct 1, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3041-1 - Multiple security issues have been discovered in the Xen virtualisation solution which may result in denial of service, information disclosure or privilege escalation.

tags | advisory, denial of service, info disclosure
systems | linux, debian
advisories | CVE-2013-2072, CVE-2014-7154, CVE-2014-7155, CVE-2014-7156, CVE-2014-7188
SHA-256 | 4907d5b964f09a01c74ae0dc6ff9400295f8a8a13014c446cbbe4712c94984e9
HP Security Bulletin HPSBMU03112
Posted Oct 1, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU03112 - Potential security vulnerabilities have been identified with HP System Management Homepage (SMH) on Linux and Windows. The vulnerabilities could be exploited remotely resulting in Cross-site Scripting (XSS), Cross-site Request Forgery (CSRF), unauthorized disclosure of information, Denial of Service (DoS), and Clickjacking. Revision 1 of this advisory.

tags | advisory, denial of service, vulnerability, xss, csrf
systems | linux, windows
advisories | CVE-2013-4545, CVE-2013-6420, CVE-2013-6422, CVE-2013-6712, CVE-2014-2640, CVE-2014-2641, CVE-2014-2642
SHA-256 | c7ee397bfe22743f1104826923b5ce2ee2bca83ffb77b9abc0126c7de3855248
HP Security Bulletin HPSBST02958
Posted Oct 1, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBST02958 - A potential security vulnerability has been identified with the HP MPIO Device Specific Module Manager. The vulnerability could be exploited locally to allow the execution of arbitrary code with privilege elevation. Revision 1 of this advisory.

tags | advisory, arbitrary
advisories | CVE-2014-2639
SHA-256 | a279e6dea837d98cd8fc73d74b390af5d9b26b658c6d62ef392942efede97dc0
Textpattern 4.5.5 Cross Site Scripting
Posted Oct 1, 2014
Authored by High-Tech Bridge SA | Site htbridge.com

Textpattern version 4.5.5 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2014-4737
SHA-256 | c17496ddf5eda6467a85ee2db8b923d8afebf2fd140f0406c05e99b876845c6c
Honeywell Falcon Administrative Bypass
Posted Oct 1, 2014
Authored by Martin Jartelius | Site outpost24.com

Honeywell Falcon suffers from a vulnerability that allows anyone to login as the administrator without prior knowledge of any username or password.

tags | advisory, bypass
advisories | CVE-2014-2717
SHA-256 | 38330e824709e2c82d60c63e425dfc961fdac2c05ddd5ba2bd7656c5ec7730c2
WordPress Photo Gallery 1.1.30 Cross Site Scripting
Posted Oct 1, 2014
Authored by High-Tech Bridge SA | Site htbridge.com

WordPress Photo Gallery plugin version 1.1.30 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2014-6315
SHA-256 | 963cbc8f2a16c4c41a12514cac90dc610c8c590afb2e097a64fd27d9a84c60a8
FreePBX Authentication Bypass / Account Creation
Posted Oct 1, 2014
Authored by Rob Thomas

A remote attacker can bypass authentication and create a false FreePBX Administrator account, which will then let them perform any action on a FreePBX system as the FreePBX user (which is often 'asterisk' or 'apache'). As of 2014/10/01 all versions of FreePBX are affected.

tags | advisory, remote, bypass
SHA-256 | 260d4b01eefece16b936fcbf58b1831d277210366a095cd34a9abbeb2d4109df
HP Security Bulletin HPSBHF03119
Posted Oct 1, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBHF03119 - A potential security vulnerability has been identified with HP DreamColor Display running Bash Shell. This is the Bash Shell vulnerability known as "ShellShock" which could be exploited remotely to allow execution of code. NOTE: Only the Z27x model is vulnerable. Revision 1 of this advisory.

tags | advisory, shell, bash
advisories | CVE-2014-6271, CVE-2014-7169
SHA-256 | da9257ca6c57b23fa4805ff297044e25f462fa8dde75c23bf8abded80b03f407
TestLink 1.9.11 SQL Injection
Posted Oct 1, 2014
Authored by Jerzy Kramarz | Site portcullis-security.com

TestLink version 1.9.11 suffers from multiple remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
advisories | CVE-2014-5308
SHA-256 | 89a8209be3fba1b541de072c93114fc6da4c5937177e0ac438ee7af7946ca9c8
HP Security Bulletin HPSBGN03117
Posted Oct 1, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN03117 - A potential security vulnerability has been identified with HP Remote Device Access: Virtual Customer Access System (vCAS) running Bash Shell. This is the Bash Shell vulnerability known as "ShellShock" which could be exploited remotely to allow execution of code. NOTE: The vCAS product is vulnerable only if DHCP is enabled. Revision 1 of this advisory.

tags | advisory, remote, shell, bash
advisories | CVE-2014-6271, CVE-2014-7169
SHA-256 | 477153bb7561e72d2c4aa3bcf37dc3af2ca5f1778cd8673085ac6be3db145009
TP-Link VxWorks / 2-Series Switches Fail
Posted Oct 1, 2014
Authored by kvnjs

TP-Link VxWorks-based devices and 2-Series switches suffer from a large amount of vulnerabilities that the vendor refuses to address.

tags | advisory, vulnerability
advisories | CVE-2008-2476, CVE-2010-2966, CVE-2010-2967, CVE-2013-0711, CVE-2013-0712, CVE-2013-0713, CVE-2013-0714, CVE-2013-0715, CVE-2013-0716
SHA-256 | a676a5da6cb174308fa906e9e2a112a82239a9b19b287869528315328ae3de27
Page 1 of 1
Back1Next

File Archive:

January 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    0 Files
  • 2
    Jan 2nd
    13 Files
  • 3
    Jan 3rd
    5 Files
  • 4
    Jan 4th
    5 Files
  • 5
    Jan 5th
    9 Files
  • 6
    Jan 6th
    5 Files
  • 7
    Jan 7th
    0 Files
  • 8
    Jan 8th
    0 Files
  • 9
    Jan 9th
    18 Files
  • 10
    Jan 10th
    31 Files
  • 11
    Jan 11th
    30 Files
  • 12
    Jan 12th
    33 Files
  • 13
    Jan 13th
    25 Files
  • 14
    Jan 14th
    0 Files
  • 15
    Jan 15th
    0 Files
  • 16
    Jan 16th
    7 Files
  • 17
    Jan 17th
    25 Files
  • 18
    Jan 18th
    38 Files
  • 19
    Jan 19th
    6 Files
  • 20
    Jan 20th
    21 Files
  • 21
    Jan 21st
    0 Files
  • 22
    Jan 22nd
    0 Files
  • 23
    Jan 23rd
    24 Files
  • 24
    Jan 24th
    68 Files
  • 25
    Jan 25th
    22 Files
  • 26
    Jan 26th
    20 Files
  • 27
    Jan 27th
    17 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close