what you don't know can hurt you
Showing 1 - 16 of 16 RSS Feed

Files Date: 2014-10-01

Bash Me Some More
Posted Oct 1, 2014
Authored by Michal Zalewski, Paul Vixie

This is information regarding more bash vulnerabilities and how the original bash patches are ineffective.

tags | exploit, vulnerability, bash
advisories | CVE-2014-6271, CVE-2014-6277, CVE-2014-6278, CVE-2014-6279
MD5 | ca1ab0ec96da633346beaff825bd23c6
Epicor Password Disclosure / Cross Site Scripting
Posted Oct 1, 2014
Authored by Fara Denise Rustein

Epicor suffers from cross site scripting and password disclosure vulnerabilities.

tags | exploit, vulnerability, xss, info disclosure
advisories | CVE-2014-4311, CVE-2014-4312
MD5 | 0dba91aa0a03bab09020d4c1a614304e
VMware Security Advisory 2014-0010
Posted Oct 1, 2014
Authored by VMware | Site vmware.com

VMware Security Advisory 2014-0010 - VMware product updates address Bash security vulnerabilities.

tags | advisory, vulnerability, bash
advisories | CVE-2014-6271, CVE-2014-7169, CVE-2014-7186, CVE-2014-7187
MD5 | a62029dff7e8f86fcd15b53cdef89fd9
Packet Storm New Exploits For September, 2014
Posted Oct 1, 2014
Authored by Todd J. | Site packetstormsecurity.com

This archive contains all of the 158 exploits added to Packet Storm in September, 2014.

tags | exploit
systems | linux
MD5 | 04486e0946a9bb3abc4f6450bc333d86
Debian Security Advisory 3040-1
Posted Oct 1, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3040-1 - Rainer Gerhards, the rsyslog project leader, reported a vulnerability in Rsyslog, a system for log processing. As a consequence of this vulnerability an attacker can send malformed messages to a server, if this one accepts data from untrusted sources, and trigger a denial of service attack.

tags | advisory, denial of service
systems | linux, debian
advisories | CVE-2014-3634
MD5 | 4f8410a1dea7e6f494f1e82bc09d8ad6
Debian Security Advisory 3041-1
Posted Oct 1, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3041-1 - Multiple security issues have been discovered in the Xen virtualisation solution which may result in denial of service, information disclosure or privilege escalation.

tags | advisory, denial of service, info disclosure
systems | linux, debian
advisories | CVE-2013-2072, CVE-2014-7154, CVE-2014-7155, CVE-2014-7156, CVE-2014-7188
MD5 | c655c7c6ef389fd19437ddbf3d7980b9
HP Security Bulletin HPSBMU03112
Posted Oct 1, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU03112 - Potential security vulnerabilities have been identified with HP System Management Homepage (SMH) on Linux and Windows. The vulnerabilities could be exploited remotely resulting in Cross-site Scripting (XSS), Cross-site Request Forgery (CSRF), unauthorized disclosure of information, Denial of Service (DoS), and Clickjacking. Revision 1 of this advisory.

tags | advisory, denial of service, vulnerability, xss, csrf
systems | linux, windows
advisories | CVE-2013-4545, CVE-2013-6420, CVE-2013-6422, CVE-2013-6712, CVE-2014-2640, CVE-2014-2641, CVE-2014-2642
MD5 | 096a4b6e918fe386022d2a0049754ee0
HP Security Bulletin HPSBST02958
Posted Oct 1, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBST02958 - A potential security vulnerability has been identified with the HP MPIO Device Specific Module Manager. The vulnerability could be exploited locally to allow the execution of arbitrary code with privilege elevation. Revision 1 of this advisory.

tags | advisory, arbitrary
advisories | CVE-2014-2639
MD5 | 3c194aaebee8e47dd1351e2293e56886
Textpattern 4.5.5 Cross Site Scripting
Posted Oct 1, 2014
Authored by High-Tech Bridge SA | Site htbridge.com

Textpattern version 4.5.5 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2014-4737
MD5 | ec580678c0e319fc402b1c110fbdc1e6
Honeywell Falcon Administrative Bypass
Posted Oct 1, 2014
Authored by Martin Jartelius | Site outpost24.com

Honeywell Falcon suffers from a vulnerability that allows anyone to login as the administrator without prior knowledge of any username or password.

tags | advisory, bypass
advisories | CVE-2014-2717
MD5 | f401e9d01ea5113eb44a2ef636401a49
WordPress Photo Gallery 1.1.30 Cross Site Scripting
Posted Oct 1, 2014
Authored by High-Tech Bridge SA | Site htbridge.com

WordPress Photo Gallery plugin version 1.1.30 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2014-6315
MD5 | 7cc57de67c5c2113aab822f25bdd4eaf
FreePBX Authentication Bypass / Account Creation
Posted Oct 1, 2014
Authored by Rob Thomas

A remote attacker can bypass authentication and create a false FreePBX Administrator account, which will then let them perform any action on a FreePBX system as the FreePBX user (which is often 'asterisk' or 'apache'). As of 2014/10/01 all versions of FreePBX are affected.

tags | advisory, remote, bypass
MD5 | be8e253ba1f0dd155fc81a0cab78d6ec
HP Security Bulletin HPSBHF03119
Posted Oct 1, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBHF03119 - A potential security vulnerability has been identified with HP DreamColor Display running Bash Shell. This is the Bash Shell vulnerability known as "ShellShock" which could be exploited remotely to allow execution of code. NOTE: Only the Z27x model is vulnerable. Revision 1 of this advisory.

tags | advisory, shell, bash
advisories | CVE-2014-6271, CVE-2014-7169
MD5 | e14fbf1feadb41c1ace82ff40b6a4859
TestLink 1.9.11 SQL Injection
Posted Oct 1, 2014
Authored by Jerzy Kramarz | Site portcullis-security.com

TestLink version 1.9.11 suffers from multiple remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
advisories | CVE-2014-5308
MD5 | 44905021c9a6396664b48a6238903e5c
HP Security Bulletin HPSBGN03117
Posted Oct 1, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN03117 - A potential security vulnerability has been identified with HP Remote Device Access: Virtual Customer Access System (vCAS) running Bash Shell. This is the Bash Shell vulnerability known as "ShellShock" which could be exploited remotely to allow execution of code. NOTE: The vCAS product is vulnerable only if DHCP is enabled. Revision 1 of this advisory.

tags | advisory, remote, shell, bash
advisories | CVE-2014-6271, CVE-2014-7169
MD5 | 4f4c512b7185151562966daed7528b08
TP-Link VxWorks / 2-Series Switches Fail
Posted Oct 1, 2014
Authored by kvnjs

TP-Link VxWorks-based devices and 2-Series switches suffer from a large amount of vulnerabilities that the vendor refuses to address.

tags | advisory, vulnerability
advisories | CVE-2008-2476, CVE-2010-2966, CVE-2010-2967, CVE-2013-0711, CVE-2013-0712, CVE-2013-0713, CVE-2013-0714, CVE-2013-0715, CVE-2013-0716
MD5 | 48a1386aa4cc2a7cdd06ce61efa747fb
Page 1 of 1
Back1Next

File Archive:

October 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    16 Files
  • 2
    Oct 2nd
    1 Files
  • 3
    Oct 3rd
    1 Files
  • 4
    Oct 4th
    24 Files
  • 5
    Oct 5th
    24 Files
  • 6
    Oct 6th
    11 Files
  • 7
    Oct 7th
    14 Files
  • 8
    Oct 8th
    19 Files
  • 9
    Oct 9th
    1 Files
  • 10
    Oct 10th
    0 Files
  • 11
    Oct 11th
    7 Files
  • 12
    Oct 12th
    15 Files
  • 13
    Oct 13th
    26 Files
  • 14
    Oct 14th
    10 Files
  • 15
    Oct 15th
    6 Files
  • 16
    Oct 16th
    2 Files
  • 17
    Oct 17th
    1 Files
  • 18
    Oct 18th
    14 Files
  • 19
    Oct 19th
    15 Files
  • 20
    Oct 20th
    20 Files
  • 21
    Oct 21st
    12 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close