what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 16 of 16 RSS Feed

Files Date: 2014-10-01

Bash Me Some More
Posted Oct 1, 2014
Authored by Michal Zalewski, Paul Vixie

This is information regarding more bash vulnerabilities and how the original bash patches are ineffective.

tags | exploit, vulnerability, bash
advisories | CVE-2014-6271, CVE-2014-6277, CVE-2014-6278, CVE-2014-6279
SHA-256 | 9bef4f643cbc941c231d0995aa7df24f7322c03118f4cd7d60f56a5e05ccb428
Epicor Password Disclosure / Cross Site Scripting
Posted Oct 1, 2014
Authored by Fara Denise Rustein

Epicor suffers from cross site scripting and password disclosure vulnerabilities.

tags | exploit, vulnerability, xss, info disclosure
advisories | CVE-2014-4311, CVE-2014-4312
SHA-256 | 0adc38541eec06be524dcdc4e10cbddffc5db40fd0f6f43e692e614e15788b74
VMware Security Advisory 2014-0010
Posted Oct 1, 2014
Authored by VMware | Site vmware.com

VMware Security Advisory 2014-0010 - VMware product updates address Bash security vulnerabilities.

tags | advisory, vulnerability, bash
advisories | CVE-2014-6271, CVE-2014-7169, CVE-2014-7186, CVE-2014-7187
SHA-256 | 35f6ed13d7102c88ca22ea6b869c28a45351e9ff87730aeeba642d5f37e08c62
Packet Storm New Exploits For September, 2014
Posted Oct 1, 2014
Authored by Todd J. | Site packetstormsecurity.com

This archive contains all of the 158 exploits added to Packet Storm in September, 2014.

tags | exploit
systems | linux
SHA-256 | 81e439aa508cca46d13331ea18cff9058479738a2b374e9b407aadaf61ac213e
Debian Security Advisory 3040-1
Posted Oct 1, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3040-1 - Rainer Gerhards, the rsyslog project leader, reported a vulnerability in Rsyslog, a system for log processing. As a consequence of this vulnerability an attacker can send malformed messages to a server, if this one accepts data from untrusted sources, and trigger a denial of service attack.

tags | advisory, denial of service
systems | linux, debian
advisories | CVE-2014-3634
SHA-256 | e561d69b5178aba532af90ac7fb2ff1c69d976ffa69a1ce6567926bb397cbdd2
Debian Security Advisory 3041-1
Posted Oct 1, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3041-1 - Multiple security issues have been discovered in the Xen virtualisation solution which may result in denial of service, information disclosure or privilege escalation.

tags | advisory, denial of service, info disclosure
systems | linux, debian
advisories | CVE-2013-2072, CVE-2014-7154, CVE-2014-7155, CVE-2014-7156, CVE-2014-7188
SHA-256 | 4907d5b964f09a01c74ae0dc6ff9400295f8a8a13014c446cbbe4712c94984e9
HP Security Bulletin HPSBMU03112
Posted Oct 1, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU03112 - Potential security vulnerabilities have been identified with HP System Management Homepage (SMH) on Linux and Windows. The vulnerabilities could be exploited remotely resulting in Cross-site Scripting (XSS), Cross-site Request Forgery (CSRF), unauthorized disclosure of information, Denial of Service (DoS), and Clickjacking. Revision 1 of this advisory.

tags | advisory, denial of service, vulnerability, xss, csrf
systems | linux, windows
advisories | CVE-2013-4545, CVE-2013-6420, CVE-2013-6422, CVE-2013-6712, CVE-2014-2640, CVE-2014-2641, CVE-2014-2642
SHA-256 | c7ee397bfe22743f1104826923b5ce2ee2bca83ffb77b9abc0126c7de3855248
HP Security Bulletin HPSBST02958
Posted Oct 1, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBST02958 - A potential security vulnerability has been identified with the HP MPIO Device Specific Module Manager. The vulnerability could be exploited locally to allow the execution of arbitrary code with privilege elevation. Revision 1 of this advisory.

tags | advisory, arbitrary
advisories | CVE-2014-2639
SHA-256 | a279e6dea837d98cd8fc73d74b390af5d9b26b658c6d62ef392942efede97dc0
Textpattern 4.5.5 Cross Site Scripting
Posted Oct 1, 2014
Authored by High-Tech Bridge SA | Site htbridge.com

Textpattern version 4.5.5 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2014-4737
SHA-256 | c17496ddf5eda6467a85ee2db8b923d8afebf2fd140f0406c05e99b876845c6c
Honeywell Falcon Administrative Bypass
Posted Oct 1, 2014
Authored by Martin Jartelius | Site outpost24.com

Honeywell Falcon suffers from a vulnerability that allows anyone to login as the administrator without prior knowledge of any username or password.

tags | advisory, bypass
advisories | CVE-2014-2717
SHA-256 | 38330e824709e2c82d60c63e425dfc961fdac2c05ddd5ba2bd7656c5ec7730c2
WordPress Photo Gallery 1.1.30 Cross Site Scripting
Posted Oct 1, 2014
Authored by High-Tech Bridge SA | Site htbridge.com

WordPress Photo Gallery plugin version 1.1.30 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2014-6315
SHA-256 | 963cbc8f2a16c4c41a12514cac90dc610c8c590afb2e097a64fd27d9a84c60a8
FreePBX Authentication Bypass / Account Creation
Posted Oct 1, 2014
Authored by Rob Thomas

A remote attacker can bypass authentication and create a false FreePBX Administrator account, which will then let them perform any action on a FreePBX system as the FreePBX user (which is often 'asterisk' or 'apache'). As of 2014/10/01 all versions of FreePBX are affected.

tags | advisory, remote, bypass
SHA-256 | 260d4b01eefece16b936fcbf58b1831d277210366a095cd34a9abbeb2d4109df
HP Security Bulletin HPSBHF03119
Posted Oct 1, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBHF03119 - A potential security vulnerability has been identified with HP DreamColor Display running Bash Shell. This is the Bash Shell vulnerability known as "ShellShock" which could be exploited remotely to allow execution of code. NOTE: Only the Z27x model is vulnerable. Revision 1 of this advisory.

tags | advisory, shell, bash
advisories | CVE-2014-6271, CVE-2014-7169
SHA-256 | da9257ca6c57b23fa4805ff297044e25f462fa8dde75c23bf8abded80b03f407
TestLink 1.9.11 SQL Injection
Posted Oct 1, 2014
Authored by Jerzy Kramarz | Site portcullis-security.com

TestLink version 1.9.11 suffers from multiple remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
advisories | CVE-2014-5308
SHA-256 | 89a8209be3fba1b541de072c93114fc6da4c5937177e0ac438ee7af7946ca9c8
HP Security Bulletin HPSBGN03117
Posted Oct 1, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN03117 - A potential security vulnerability has been identified with HP Remote Device Access: Virtual Customer Access System (vCAS) running Bash Shell. This is the Bash Shell vulnerability known as "ShellShock" which could be exploited remotely to allow execution of code. NOTE: The vCAS product is vulnerable only if DHCP is enabled. Revision 1 of this advisory.

tags | advisory, remote, shell, bash
advisories | CVE-2014-6271, CVE-2014-7169
SHA-256 | 477153bb7561e72d2c4aa3bcf37dc3af2ca5f1778cd8673085ac6be3db145009
TP-Link VxWorks / 2-Series Switches Fail
Posted Oct 1, 2014
Authored by kvnjs

TP-Link VxWorks-based devices and 2-Series switches suffer from a large amount of vulnerabilities that the vendor refuses to address.

tags | advisory, vulnerability
advisories | CVE-2008-2476, CVE-2010-2966, CVE-2010-2967, CVE-2013-0711, CVE-2013-0712, CVE-2013-0713, CVE-2013-0714, CVE-2013-0715, CVE-2013-0716
SHA-256 | a676a5da6cb174308fa906e9e2a112a82239a9b19b287869528315328ae3de27
Page 1 of 1
Back1Next

File Archive:

May 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    44 Files
  • 2
    May 2nd
    5 Files
  • 3
    May 3rd
    11 Files
  • 4
    May 4th
    0 Files
  • 5
    May 5th
    0 Files
  • 6
    May 6th
    28 Files
  • 7
    May 7th
    3 Files
  • 8
    May 8th
    4 Files
  • 9
    May 9th
    54 Files
  • 10
    May 10th
    12 Files
  • 11
    May 11th
    0 Files
  • 12
    May 12th
    0 Files
  • 13
    May 13th
    17 Files
  • 14
    May 14th
    11 Files
  • 15
    May 15th
    17 Files
  • 16
    May 16th
    13 Files
  • 17
    May 17th
    22 Files
  • 18
    May 18th
    0 Files
  • 19
    May 19th
    0 Files
  • 20
    May 20th
    17 Files
  • 21
    May 21st
    18 Files
  • 22
    May 22nd
    7 Files
  • 23
    May 23rd
    111 Files
  • 24
    May 24th
    27 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close