Core Security Technologies Advisory - A vulnerability has been found in SAP Netweaver that could allow an unauthenticated, remote attacker to create denial of service conditions. The vulnerability is triggered by sending a specially crafted SAP Enqueue Server packet to remote TCP port 32NN (NN being the SAP system number) of a host running the "Standalone Enqueue Server" service, part of SAP Netweaver Application Server ABAP/Java. The "Standalone Enqueue Server" is a critical component of a SAP Netweaver installation in terms of availability, rendering the whole SAP system unresponsive.
2fe79852efd8b14902357955bf4b11e2258b497446f8f44384873604c64f25dbOpenX version 2.8.10 suffers from multiple open redirection vulnerabilities.
777dfe1778ebee43de5c7970fcfe167872cabea8a13c7106abd4b6f0931c742fHP Security Bulletin HPSBMU03126 - Potential security vulnerabilities have been identified with HP Operations Manager (formerly OpenView Communications Broker). The vulnerabilities could be exploited resulting in remote cross-site scripting (XSS). Revision 1 of this advisory.
64d7496b089a26adf2d01f2b523e2095422c10fd7c698000bbdb2a68ab6db383Drupal versions 7.0 through 7.31 suffer from a remote SQL injection vulnerability.
9334b6a6e29d21e0ca0b95e292aa9748f72a53b287557bce5063375a461b299eNETIS DL4322D 300Mbps Wireless N ADSL2+ modem router suffers from cross site request forgery, cross site scripting, and denial of service vulnerabilities.
b0c14dece0ef955428e9b6e9f570ca06da3ba8d664cbb649ec238a4e2091226dDrupal versions 7.0 through 7.31 suffer from a pre-authentication remote SQL injection vulnerability.
f35969a96fc3edeea7c6ff6dae1ff02d6ed45becae3aa463f435daf8161a7cfcHP Security Bulletin HPSBHF03125 - A potential security vulnerability has been identified with HP Next Generation Firewall (NGFW) running Bash Shell. This is the Bash Shell vulnerability known as "ShellShock" which could be exploited remotely to allow execution of code. NOTE: This vulnerability can only be exploited if the attacker already has valid administrative login credentials. Revision 1 of this advisory.
17f8eddb7283be7cb8ad30c6586d35e371e0c3c28a85f0aa23c2b591cbc0f229Cisco Security Advisory - On October 14, 2014, a vulnerability was publicly announced in the Secure Sockets Layer version 3 (SSLv3) protocol when using a block cipher in Cipher Block Chaining (CBC) mode. SSLv3 is a cryptographic protocol designed to provide communication security, which has been superseded by Transport Layer Security (TLS) protocols. By exploiting this vulnerability, an attacker could decrypt a subset of the encrypted communication.
e37c09bb8f42444adad931a1177f7eaee6f5ff1580e021798171df47e8be0c80Cisco Security Advisory - Cisco TelePresence Video Communication Server (VCS) and Cisco Expressway Software suffer from multiple denial of service vulnerabilities.
f4761d353c361b635fbca858206c528f26cfc0deeb022515d8daebb6a267dcdaCisco Security Advisory - A vulnerability in the network stack of Cisco TelePresence MCU Software could allow an unauthenticated, remote attacker to cause the exhaustion of available memory which could lead to system instability and a reload of the affected system.
4e26469d4866bd8bf06a9088e9a0751a8a63d9eafc2eea16f7156f791511a907nytimes.com suffers from cross site scripting vulnerabilities.
68aa05f01a173b791ce1dcf46151c9bd16ea1b4375ed9dccd79311b27e696db3Hamster Free ZIP Archiver version 2.0.1.7 DLL hijacking exploit.
d5d2c6500d69eeeed43f4f03d733064412af5cb611b1560b1a19e273f16d028aMegapolis.Portal Manager suffers from multiple cross site scripting vulnerabilities.
a9258cd586d823687fa392665432bef1b62cb0c282a433f13c9bebbf12c2c7fdIPy suffers from a blacklist bypass vulnerability.
52330e16a8c0db217b73de740ed229579f3d9b070a700c148046face2ef36557This is a python script that performs brute forcing against WordPress installs using a wordlist.
34a1d35b75a5ee427f856e9296a435d61d1a6ff8f950bb5dafd9d5b3cbfb298a
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Subscribe to an RSS Feed