what you don't know can hurt you
Showing 1 - 15 of 15 RSS Feed

Files Date: 2014-10-28

CUPS Filter Bash Environment Variable Code Injection
Posted Oct 28, 2014
Authored by Michal Zalewski, Stephane Chazelas | Site metasploit.com

This Metasploit module exploits a post-auth code injection in specially crafted environment variables in Bash, specifically targeting CUPS filters through the PRINTER_INFO and PRINTER_LOCATION variables by default.

tags | exploit, bash
advisories | CVE-2014-6271, CVE-2014-6278
MD5 | 29f7d463eabc5a2bc1364b1db48a8215
Tuleap 7.4.99.5 Remote Command Execution
Posted Oct 28, 2014
Authored by Jerzy Kramarz | Site portcullis-security.com

Enalean Tuleap versions 7.4.99.5 and below suffer from a remote command execution vulnerability.

tags | exploit, remote
advisories | CVE-2014-7178
MD5 | c281c54c18b0e63255d47b4e3bd15c05
Tuleap 7.2 XXE Injection
Posted Oct 28, 2014
Authored by Jerzy Kramarz | Site portcullis-security.com

Enalean Tuleap versions 7.2 and below suffer from an external XML entity injection vulnerability.

tags | exploit, xxe
advisories | CVE-2014-7177
MD5 | 7448df07c86ae67d844fb035d4507230
Tuleap 7.4.99.5 Blind SQL Injection
Posted Oct 28, 2014
Authored by Jerzy Kramarz | Site portcullis-security.com

Enalean Tuleap versions 7.4.99.5 and below suffer from a remote, authenticated blind SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2014-7176
MD5 | 3230d92c11f0d7e71905298061cbb705
ESET 7.0 Kernel Memory Leak
Posted Oct 28, 2014
Authored by Kyriakos Economou | Site portcullis-security.com

ESET versions 5.0 through 7.0 suffer from a kernel memory leak vulnerability.

tags | advisory, kernel, memory leak
advisories | CVE-2014-4974
MD5 | 0d7f4a310a0cbb23addfe9d0190134ec
HP Security Bulletin HPSBST03160
Posted Oct 28, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBST03160 - A potential security vulnerability has been identified with HP XP Command View Advanced Edition running Apache Struts. Revision 1 of this advisory.

tags | advisory
advisories | CVE-2014-0114
MD5 | 9b395dbdfb2853bc1226c83291fe27ca
Mandriva Linux Security Advisory 2014-210
Posted Oct 28, 2014
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2014-210 - Multiple vulnerabilities have been discovered and corrected in mariadb.

tags | advisory, vulnerability
systems | linux, mandriva
advisories | CVE-2014-6464, CVE-2014-6469, CVE-2014-6507, CVE-2014-6555, CVE-2014-6559
MD5 | a78ec021a74b018cff5f24559beed96f
Ubuntu Security Notice USN-2390-1
Posted Oct 28, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2390-1 - Jacob Appelbaum and an anonymous person discovered that Pidgin incorrectly handled certificate validation. A remote attacker could exploit this to perform a man in the middle attack to view sensitive information or alter encrypted communications. Yves Younan and Richard Johnson discovered that Pidgin incorrectly handled certain malformed MXit emoticons. A malicious remote server or a man in the middle could use this issue to cause Pidgin to crash, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2014-3694, CVE-2014-3695, CVE-2014-3696, CVE-2014-3698
MD5 | fcec41f713200dce0eb11ee3fac5e062
Mini-stream RM-MP3 Converter 3.1.2.1.2010.03.30 (.wax) Buffer Overflow
Posted Oct 28, 2014
Authored by ZoRLu

Mini-stream RM-MP3 Converter version 3.1.2.1.2010.03.30 suffers from a buffer overflow vulnerability when handling .wax files.

tags | exploit, overflow
MD5 | bdc26c20b4676cc54f28f085bbfb482f
ESTsoft ALUpdate 8.5.1.0.0 Privilege Escalation
Posted Oct 28, 2014
Authored by Osanda Malith

ESTsoft ALUpdate version 8.5.1.0.0 suffers from a privilege escalation vulnerability.

tags | exploit
advisories | CVE-2014-8494
MD5 | 1ffa37aae8784b3305279987120f2b25
DINWC2015 Call For Papers
Posted Oct 28, 2014

The Third International Conference on Digital Information, Networking, and Wireless Communications (DINWC2015) Call For Papers has been announced. It will be held in Moscow, Russia February 3rd through the 5th, 2015.

tags | paper, conference
MD5 | 963b70f0634f1dc3a53b726ced572ff9
HP Security Bulletin HPSBHF03156
Posted Oct 28, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBHF03156 - A potential security vulnerability has been identified with the HP TippingPoint Intrusion Prevention System (IPS) Local Security Manager (LSM) running SSL. This is the SSLv3 vulnerability known as "POODLE" which could be exploited remotely to allow disclosure of information. Revision 1 of this advisory.

tags | advisory, local
advisories | CVE-2014-3566
MD5 | 6cd4733bbeec43a62aab61102bbdedd6
DAVOSET 1.2.1
Posted Oct 28, 2014
Authored by MustLive

DAVOSET is a tool for committing distributed denial of service attacks using execution on other sites.

Changes: Added support of attacks via WordPress, based on XML support since v.1.1.2 (released at 31.07.2013).
tags | tool, denial of service
MD5 | b51dc9c0c88d789d488e6a580cab488c
Windows TrackPopupMenu Win32k NULL Pointer Dereference
Posted Oct 28, 2014
Authored by Spencer McIntyre, juan vazquez, temp66 | Site metasploit.com

This Metasploit module exploits a NULL Pointer Dereference in win32k.sys, the vulnerability can be triggered through the use of TrackPopupMenu. Under special conditions, the NULL pointer dereference can be abused on xxxSendMessageTimeout to achieve arbitrary code execution. This Metasploit module has been tested successfully on Windows XP SP3, Windows 2003 SP2, Windows 7 SP1 and Windows 2008 32bits. Also on Windows 7 SP1 and Windows 2008 R2 SP1 64 bits.

tags | exploit, arbitrary, code execution
systems | windows, xp, 7
advisories | CVE-2014-4113
MD5 | 52feb4363d45b4378ac8a66855db145f
CBN CH6640E/CG6640E Wireless Gateway XSS / CSRF / DoS / Disclosure
Posted Oct 28, 2014
Authored by LiquidWorm | Site zeroscience.mk

The CBN CH6640E/CG6640E wireless gateway series suffers from information disclosure, cross site request forgery, cross site scripting, and denial of service vulnerabilities.

tags | exploit, denial of service, vulnerability, xss, info disclosure, csrf
MD5 | 280cf06b56acc49647c159ab2fdb0bf3
Page 1 of 1
Back1Next

File Archive:

September 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    1 Files
  • 2
    Sep 2nd
    38 Files
  • 3
    Sep 3rd
    30 Files
  • 4
    Sep 4th
    15 Files
  • 5
    Sep 5th
    12 Files
  • 6
    Sep 6th
    17 Files
  • 7
    Sep 7th
    3 Files
  • 8
    Sep 8th
    1 Files
  • 9
    Sep 9th
    24 Files
  • 10
    Sep 10th
    22 Files
  • 11
    Sep 11th
    22 Files
  • 12
    Sep 12th
    15 Files
  • 13
    Sep 13th
    5 Files
  • 14
    Sep 14th
    0 Files
  • 15
    Sep 15th
    0 Files
  • 16
    Sep 16th
    0 Files
  • 17
    Sep 17th
    0 Files
  • 18
    Sep 18th
    0 Files
  • 19
    Sep 19th
    0 Files
  • 20
    Sep 20th
    0 Files
  • 21
    Sep 21st
    0 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close