exploit the possibilities
Showing 1 - 19 of 19 RSS Feed

Files Date: 2014-10-09

Cisco Security Advisory 20141008-asa
Posted Oct 9, 2014
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Cisco Adaptive Security Appliance (ASA) Software is affected by denial of service, cross site scripting, and command injection vulnerabilities. Cisco has released free software updates that address these vulnerabilities. Workarounds that mitigate some of these vulnerabilities are available.

tags | advisory, denial of service, vulnerability, xss
systems | cisco
MD5 | 1c05ff52f869e38ecb48fcfeb00259df
HP Security Bulletin HPSBHF03136
Posted Oct 9, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBHF03136 - A potential security vulnerability has been identified with HP TippingPoint NGFW running OpenSSL. This is the OpenSSL vulnerability known as "Heartbleed" which could be exploited remotely resulting in disclosure of information. Revision 1 of this advisory.

tags | advisory
advisories | CVE-2014-0160
MD5 | 830e5a5fdbc46dcad2fbc649f0507ced
HP Security Bulletin HPSBMU03110
Posted Oct 9, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU03110 - Potential security vulnerabilities have been identified with HP Sprinter. The vulnerabilities could be exploited remotely to allow execution of code. Revision 1 of this advisory.

tags | advisory, vulnerability
advisories | CVE-2014-2635, CVE-2014-2636, CVE-2014-2637, CVE-2014-2638
MD5 | c52737fc9e5381bc97c4e0c9a3483d34
HP Security Bulletin HPSBMU03127
Posted Oct 9, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU03127 - A potential security vulnerability has been identified with HP Operations Manager for UNIX. The vulnerability can be exploited remotely to execute arbitrary code. Revision 1 of this advisory.

tags | advisory, arbitrary
systems | unix
advisories | CVE-2014-2648, CVE-2014-2649
MD5 | d4cabeddf15b21c31ad383a1cf118929
Ubuntu Security Notice USN-2379-1
Posted Oct 9, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2379-1 - Steven Vittitoe reported multiple stack buffer overflows in Linux kernel's magicmouse HID driver. A physically proximate attacker could exploit this flaw to cause a denial of service (system crash) or possibly execute arbitrary code via specially crafted devices. Ben Hawkes reported some off by one errors for report descriptors in the Linux kernel's HID stack. A physically proximate attacker could exploit these flaws to cause a denial of service (out-of-bounds write) via a specially crafted device. Various other issues were also addressed.

tags | advisory, denial of service, overflow, arbitrary, kernel
systems | linux, ubuntu
advisories | CVE-2014-3181, CVE-2014-3184, CVE-2014-3185, CVE-2014-3186, CVE-2014-3631, CVE-2014-6410, CVE-2014-6416, CVE-2014-6417, CVE-2014-6418
MD5 | 754194895677e0ad7c97d423efa58313
Ubuntu Security Notice USN-2374-1
Posted Oct 9, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2374-1 - Ben Hawkes reported some off by one errors for report descriptors in the Linux kernel's HID stack. A physically proximate attacker could exploit these flaws to cause a denial of service (out-of-bounds write) via a specially crafted device. Several bounds check flaws allowing for buffer overflows were discovered in the Linux kernel's Whiteheat USB serial driver. A physically proximate attacker could exploit these flaws to cause a denial of service (system crash) via a specially crafted device. Various other issues were also addressed.

tags | advisory, denial of service, overflow, kernel
systems | linux, ubuntu
advisories | CVE-2014-3184, CVE-2014-3185, CVE-2014-6410
MD5 | ae526ceeb542b0be1513627102159eda
Ubuntu Security Notice USN-2378-1
Posted Oct 9, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2378-1 - Steven Vittitoe reported multiple stack buffer overflows in Linux kernel's magicmouse HID driver. A physically proximate attacker could exploit this flaw to cause a denial of service (system crash) or possibly execute arbitrary code via specially crafted devices. Ben Hawkes reported some off by one errors for report descriptors in the Linux kernel's HID stack. A physically proximate attacker could exploit these flaws to cause a denial of service (out-of-bounds write) via a specially crafted device. Various other issues were also addressed.

tags | advisory, denial of service, overflow, arbitrary, kernel
systems | linux, ubuntu
advisories | CVE-2014-3181, CVE-2014-3184, CVE-2014-3185, CVE-2014-3186, CVE-2014-3631, CVE-2014-6410, CVE-2014-6416, CVE-2014-6417, CVE-2014-6418
MD5 | bf010d17639321205b8c1c2f102ab006
Ubuntu Security Notice USN-2376-1
Posted Oct 9, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2376-1 - Steven Vittitoe reported multiple stack buffer overflows in Linux kernel's magicmouse HID driver. A physically proximate attacker could exploit this flaw to cause a denial of service (system crash) or possibly execute arbitrary code via specially crafted devices. Ben Hawkes reported some off by one errors for report descriptors in the Linux kernel's HID stack. A physically proximate attacker could exploit these flaws to cause a denial of service (out-of-bounds write) via a specially crafted device. Various other issues were also addressed.

tags | advisory, denial of service, overflow, arbitrary, kernel
systems | linux, ubuntu
advisories | CVE-2014-3181, CVE-2014-3184, CVE-2014-3185, CVE-2014-3186, CVE-2014-6410, CVE-2014-6416, CVE-2014-6417, CVE-2014-6418
MD5 | 3691544cad84e109b6d997899ff09081
Ubuntu Security Notice USN-2377-1
Posted Oct 9, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2377-1 - Steven Vittitoe reported multiple stack buffer overflows in Linux kernel's magicmouse HID driver. A physically proximate attacker could exploit this flaw to cause a denial of service (system crash) or possibly execute arbitrary code via specially crafted devices. Ben Hawkes reported some off by one errors for report descriptors in the Linux kernel's HID stack. A physically proximate attacker could exploit these flaws to cause a denial of service (out-of-bounds write) via a specially crafted device. Various other issues were also addressed.

tags | advisory, denial of service, overflow, arbitrary, kernel
systems | linux, ubuntu
advisories | CVE-2014-3181, CVE-2014-3184, CVE-2014-3185, CVE-2014-3186, CVE-2014-6410, CVE-2014-6416, CVE-2014-6417, CVE-2014-6418
MD5 | 278fae9b0ce2516e832cccd57e9c9c84
Ubuntu Security Notice USN-2375-1
Posted Oct 9, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2375-1 - Ben Hawkes reported some off by one errors for report descriptors in the Linux kernel's HID stack. A physically proximate attacker could exploit these flaws to cause a denial of service (out-of-bounds write) via a specially crafted device. Several bounds check flaws allowing for buffer overflows were discovered in the Linux kernel's Whiteheat USB serial driver. A physically proximate attacker could exploit these flaws to cause a denial of service (system crash) via a specially crafted device. Various other issues were also addressed.

tags | advisory, denial of service, overflow, kernel
systems | linux, ubuntu
advisories | CVE-2014-3184, CVE-2014-3185, CVE-2014-6410
MD5 | d4906cb84001378be72e061d5cf2518e
Red Hat Security Advisory 2014-1370-01
Posted Oct 9, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-1370-01 - Apache POI is a library providing Java API for working with OOXML document files. It was found that Apache POI would resolve entities in OOXML documents. A remote attacker able to supply OOXML documents that are parsed by Apache POI could use this flaw to read files accessible to the user running the application server, and potentially perform more advanced XML External Entity attacks. It was found that Apache POI would expand an unlimited number of entities in OOXML documents. A remote attacker able to supply OOXML documents that are parsed by Apache POI could use this flaw to trigger a denial of service attack via excessive CPU and memory consumption.

tags | advisory, java, remote, denial of service, xxe
systems | linux, redhat
advisories | CVE-2014-3529, CVE-2014-3574
MD5 | fa452acf7058ae6e63c12620cf3123ad
Ubuntu Security Notice USN-2381-1
Posted Oct 9, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2381-1 - It was discovered that Rsyslog incorrectly handled invalid PRI values. An attacker could use this issue to send malformed messages to the Rsyslog server and cause it to stop responding, resulting in a denial of service and possibly message loss.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2014-3634, CVE-2014-3683
MD5 | 11866bf8534cc265171db91d28f4e4d6
Red Hat Security Advisory 2014-1369-01
Posted Oct 9, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-1369-01 - Fuse ESB Enterprise is an integration platform based on Apache ServiceMix. Fuse MQ Enterprise, based on Apache ActiveMQ, is a standards-compliant messaging system that is tailored for use in mission critical applications. This release of Fuse ESB Enterprise/MQ Enterprise 7.1.0 R1 P6 is an update to Fuse ESB Enterprise 7.1.0 and Fuse MQ Enterprise 7.1.0. The following security issues are addressed with this release: It was discovered that Apache Shiro authenticated users without specifying a user name or a password when used in conjunction with an LDAP back end that allowed unauthenticated binds.

tags | advisory
systems | linux, redhat
advisories | CVE-2013-2172, CVE-2014-0074, CVE-2014-0107
MD5 | 5863702dfae5df868f78b3a7faa8d090
Ubuntu Security Notice USN-2380-1
Posted Oct 9, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2380-1 - Michal Zalewski discovered that Bash incorrectly handled parsing certain function definitions. If an attacker were able to create an environment variable containing a function definition with a very specific name, these issues could possibly be used to bypass certain environment restrictions and execute arbitrary code. Please note that the previous Bash security update, USN-2364-1, includes a hardening measure that prevents these issues from being used in a Shellshock attack. Various other issues were also addressed.

tags | advisory, arbitrary, bash
systems | linux, ubuntu
advisories | CVE-2014-6277, CVE-2014-6278
MD5 | 4b8d0d203dbf6988d2d615d28f839118
Debian Security Advisory 3048-1
Posted Oct 9, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3048-1 - Guillem Jover discovered that the changelog retrieval functionality in apt-get used temporary files in an insecure way, allowing a local user to cause arbitrary files to be overwritten.

tags | advisory, arbitrary, local
systems | linux, debian
advisories | CVE-2014-7206
MD5 | aa196d5102edc9c643f8f96626316487
Debian Security Advisory 3047-1
Posted Oct 9, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3047-1 - Mancha discovered a vulnerability in rsyslog, a system for log processing. This vulnerability is an integer overflow that can be triggered by malformed messages to a server, if this one accepts data from untrusted sources, provoking message loss.

tags | advisory, overflow
systems | linux, debian
advisories | CVE-2014-3683
MD5 | 2e252549d8b49942020835c23f5bf46f
WordPress EWWW Image Optimizer 2.0.1 Cross Site Scripting
Posted Oct 9, 2014
Authored by High-Tech Bridge SA | Site htbridge.com

WordPress EWWW Image Optimizer plugin version 2.0.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2014-6243
MD5 | 53781f30f07f1bfa8896449a8509ead8
Aardvark Topsites PHP 5.2 Cross Site Scripting / Local File Inclusion
Posted Oct 9, 2014
Authored by indoushka

Aardvark Topsites PHP version 5.2 suffers from cross site scripting and local file inclusion vulnerabilities.

tags | exploit, local, php, vulnerability, xss, file inclusion
MD5 | 239558191a65e72c67d8394b55b3826c
Wordpress InfusionSoft Upload
Posted Oct 9, 2014
Authored by us3r777, g0blin | Site metasploit.com

This Metasploit module exploits an arbitrary PHP code upload in the wordpress Infusionsoft Gravity Forms plugin, versions from 1.5.3 to 1.5.10. The vulnerability allows for arbitrary file upload and remote code execution.

tags | exploit, remote, arbitrary, php, code execution, file upload
advisories | CVE-2014-6446
MD5 | 3ef5d01f3fff767944b688c41ca72860
Page 1 of 1
Back1Next

File Archive:

June 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    1 Files
  • 2
    Jun 2nd
    2 Files
  • 3
    Jun 3rd
    19 Files
  • 4
    Jun 4th
    21 Files
  • 5
    Jun 5th
    15 Files
  • 6
    Jun 6th
    12 Files
  • 7
    Jun 7th
    11 Files
  • 8
    Jun 8th
    1 Files
  • 9
    Jun 9th
    1 Files
  • 10
    Jun 10th
    15 Files
  • 11
    Jun 11th
    15 Files
  • 12
    Jun 12th
    15 Files
  • 13
    Jun 13th
    8 Files
  • 14
    Jun 14th
    16 Files
  • 15
    Jun 15th
    2 Files
  • 16
    Jun 16th
    1 Files
  • 17
    Jun 17th
    18 Files
  • 18
    Jun 18th
    15 Files
  • 19
    Jun 19th
    15 Files
  • 20
    Jun 20th
    0 Files
  • 21
    Jun 21st
    0 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close