what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 15 of 15 RSS Feed

Files Date: 2014-10-16

SAP Netweaver Enqueue Server Trace Pattern Denial Of Service
Posted Oct 16, 2014
Authored by Core Security Technologies, Joaquin Rodriguez Varela | Site coresecurity.com

Core Security Technologies Advisory - A vulnerability has been found in SAP Netweaver that could allow an unauthenticated, remote attacker to create denial of service conditions. The vulnerability is triggered by sending a specially crafted SAP Enqueue Server packet to remote TCP port 32NN (NN being the SAP system number) of a host running the "Standalone Enqueue Server" service, part of SAP Netweaver Application Server ABAP/Java. The "Standalone Enqueue Server" is a critical component of a SAP Netweaver installation in terms of availability, rendering the whole SAP system unresponsive.

tags | exploit, java, remote, denial of service, tcp
advisories | CVE-2014-0995
SHA-256 | 2fe79852efd8b14902357955bf4b11e2258b497446f8f44384873604c64f25db
OpenX 2.8.10 Open Redirect
Posted Oct 16, 2014
Authored by Jing Wang

OpenX version 2.8.10 suffers from multiple open redirection vulnerabilities.

tags | exploit, vulnerability
advisories | CVE-2014-2230
SHA-256 | 777dfe1778ebee43de5c7970fcfe167872cabea8a13c7106abd4b6f0931c742f
HP Security Bulletin HPSBMU03126
Posted Oct 16, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU03126 - Potential security vulnerabilities have been identified with HP Operations Manager (formerly OpenView Communications Broker). The vulnerabilities could be exploited resulting in remote cross-site scripting (XSS). Revision 1 of this advisory.

tags | advisory, remote, vulnerability, xss
advisories | CVE-2014-2647
SHA-256 | 64d7496b089a26adf2d01f2b523e2095422c10fd7c698000bbdb2a68ab6db383
Drupal 7.X SQL Injection
Posted Oct 16, 2014
Authored by Claudio Viviani

Drupal versions 7.0 through 7.31 suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2014-3704
SHA-256 | 9334b6a6e29d21e0ca0b95e292aa9748f72a53b287557bce5063375a461b299e
NETIS DL4322D XSS / CSRF / DoS
Posted Oct 16, 2014
Authored by Akastep

NETIS DL4322D 300Mbps Wireless N ADSL2+ modem router suffers from cross site request forgery, cross site scripting, and denial of service vulnerabilities.

tags | exploit, denial of service, vulnerability, xss, info disclosure, csrf
SHA-256 | b0c14dece0ef955428e9b6e9f570ca06da3ba8d664cbb649ec238a4e2091226d
Drupal 7.31 SQL Injection
Posted Oct 16, 2014
Authored by Stefan Horst

Drupal versions 7.0 through 7.31 suffer from a pre-authentication remote SQL injection vulnerability.

tags | advisory, remote, sql injection
advisories | CVE-2014-3704
SHA-256 | f35969a96fc3edeea7c6ff6dae1ff02d6ed45becae3aa463f435daf8161a7cfc
HP Security Bulletin HPSBHF03125
Posted Oct 16, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBHF03125 - A potential security vulnerability has been identified with HP Next Generation Firewall (NGFW) running Bash Shell. This is the Bash Shell vulnerability known as "ShellShock" which could be exploited remotely to allow execution of code. NOTE: This vulnerability can only be exploited if the attacker already has valid administrative login credentials. Revision 1 of this advisory.

tags | advisory, shell, bash
advisories | CVE-2014-6271, CVE-2014-6277, CVE-2014-6278, CVE-2014-7169, CVE-2014-7186, CVE-2014-7187
SHA-256 | 17f8eddb7283be7cb8ad30c6586d35e371e0c3c28a85f0aa23c2b591cbc0f229
Cisco Security Advisory 20141015-poodle
Posted Oct 16, 2014
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - On October 14, 2014, a vulnerability was publicly announced in the Secure Sockets Layer version 3 (SSLv3) protocol when using a block cipher in Cipher Block Chaining (CBC) mode. SSLv3 is a cryptographic protocol designed to provide communication security, which has been superseded by Transport Layer Security (TLS) protocols. By exploiting this vulnerability, an attacker could decrypt a subset of the encrypted communication.

tags | advisory, protocol
systems | cisco
SHA-256 | e37c09bb8f42444adad931a1177f7eaee6f5ff1580e021798171df47e8be0c80
Cisco Security Advisory 20141015-vcs
Posted Oct 16, 2014
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Cisco TelePresence Video Communication Server (VCS) and Cisco Expressway Software suffer from multiple denial of service vulnerabilities.

tags | advisory, denial of service, vulnerability
systems | cisco
SHA-256 | f4761d353c361b635fbca858206c528f26cfc0deeb022515d8daebb6a267dcda
Cisco Security Advisory 20141015-mcu
Posted Oct 16, 2014
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - A vulnerability in the network stack of Cisco TelePresence MCU Software could allow an unauthenticated, remote attacker to cause the exhaustion of available memory which could lead to system instability and a reload of the affected system.

tags | advisory, remote
systems | cisco
SHA-256 | 4e26469d4866bd8bf06a9088e9a0751a8a63d9eafc2eea16f7156f791511a907
New York Times Cross Site Scripting
Posted Oct 16, 2014
Authored by Jing Wang

nytimes.com suffers from cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 68aa05f01a173b791ce1dcf46151c9bd16ea1b4375ed9dccd79311b27e696db3
Hamster Free ZIP Archiver 2.0.1.7 DLL Hijacking
Posted Oct 16, 2014
Authored by Osanda Malith

Hamster Free ZIP Archiver version 2.0.1.7 DLL hijacking exploit.

tags | exploit
systems | windows
advisories | CVE-2014-0619
SHA-256 | d5d2c6500d69eeeed43f4f03d733064412af5cb611b1560b1a19e273f16d028a
Megapolis.Portal Manager Cross Site Scripting
Posted Oct 16, 2014
Authored by MustLive

Megapolis.Portal Manager suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | a9258cd586d823687fa392665432bef1b62cb0c282a433f13c9bebbf12c2c7fd
IPy Blacklist Bypass
Posted Oct 16, 2014
Authored by Nicolas Gregoire

IPy suffers from a blacklist bypass vulnerability.

tags | exploit, bypass
SHA-256 | 52330e16a8c0db217b73de740ed229579f3d9b070a700c148046face2ef36557
WordPress Brute Forcer
Posted Oct 16, 2014
Authored by Claudio Viviani

This is a python script that performs brute forcing against WordPress installs using a wordlist.

tags | tool, cracker, python
SHA-256 | 34a1d35b75a5ee427f856e9296a435d61d1a6ff8f950bb5dafd9d5b3cbfb298a
Page 1 of 1
Back1Next

File Archive:

October 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    39 Files
  • 2
    Oct 2nd
    23 Files
  • 3
    Oct 3rd
    18 Files
  • 4
    Oct 4th
    20 Files
  • 5
    Oct 5th
    0 Files
  • 6
    Oct 6th
    0 Files
  • 7
    Oct 7th
    17 Files
  • 8
    Oct 8th
    66 Files
  • 9
    Oct 9th
    25 Files
  • 10
    Oct 10th
    20 Files
  • 11
    Oct 11th
    21 Files
  • 12
    Oct 12th
    0 Files
  • 13
    Oct 13th
    0 Files
  • 14
    Oct 14th
    0 Files
  • 15
    Oct 15th
    0 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close