what you don't know can hurt you
Showing 1 - 8 of 8 RSS Feed

Files Date: 2014-10-31

Xerox Multifunction Printers (MFP) "Patch" DLM Escalation
Posted Oct 31, 2014
Authored by Deral Heiland, Pete Bokojan Arzamendi | Site metasploit.com

This Metasploit module exploits a vulnerability found in Xerox Multifunction Printers (MFP). By supplying a modified Dynamic Loadable Module (DLM), it is possible to execute arbitrary commands under root privileges.

tags | exploit, arbitrary, root
MD5 | 270e3aa9b73dd488246b837651307080
Scalix Web Access 11.4.6.12377 / 12.2.0.14697 XXE Injection / XSS
Posted Oct 31, 2014
Authored by A. Kolmann, R. Giruckas | Site sec-consult.com

Scalix Web Access versions 11.4.6.12377 and 12.2.0.14697 suffer from cross site scripting and XXE injection vulnerabilities.

tags | advisory, web, vulnerability, xss, xxe
MD5 | 0b5fe5c55eb0be68f900155d07181282
McAfee EEFF / FRP Predictable Salt
Posted Oct 31, 2014
Authored by Matthias Deeg

The software encryption tool McAfee Endpoint Encryption for Removable Media (EERM) which is part of the data protection software McAfee Endpoint Encryption for Files and Folders (EEFF) uses a static and thus predictable salt for generating password hashes using the password-based key derivation function 2 (PBKDF2). Due to the use of a predictable, hard-coded salt, it is possible for an attacker to precompute password candidates and thus to perform more efficient dictionary attacks against the password-based authentication with the use of rainbow tables (time-memory trade-off).

tags | exploit
advisories | CVE-2014-8565
MD5 | 390b4a7ad55a68812f34c441ef059425
HP Security Bulletin HPSBUX03162 SSRT101767
Posted Oct 31, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBUX03162 SSRT101767 - Potential security vulnerabilities have been identified with HP-UX running OpenSSL. These vulnerabilities could be exploited remotely to create a Denial of Service (DoS), allow unauthorized access, or a man-in-the-middle (MitM) attack. This is the SSLv3 vulnerability known as "Padding Oracle on Downgraded Legacy Encryption" also known as "Poodle", which could be exploited remotely to allow disclosure of information. Revision 1 of this advisory.

tags | advisory, denial of service, vulnerability
systems | hpux
advisories | CVE-2014-3566, CVE-2014-3567, CVE-2014-3568
MD5 | 1259d49a6268d57181f1e4244159e128
HP Security Bulletin HPSBPI03147
Posted Oct 31, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBPI03147 - A potential security vulnerability has been identified with certain HP Color LaserJet printers. The vulnerability could be exploited remotely to gain unauthorized access to data or to create a Denial of Service (DoS). Revision 1 of this advisory.

tags | advisory, denial of service
advisories | CVE-2014-7875
MD5 | 2228302369c23c3ec3dbdc3fceba06ff
HumHub Modules Mail 0.5.8 Cross Site Scripting
Posted Oct 31, 2014
Authored by Morten Nortoft, Kenneth Jepsen, Mikkel Vej

HumHub Modules Mail version 0.5.8 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 0742c9011158d478fb61391c642832fe
Ubuntu Security Notice USN-2396-1
Posted Oct 31, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2396-1 - Nadav Amit reported that the KVM (Kernel Virtual Machine) mishandles noncanonical addresses when emulating instructions that change the rip (Instruction Pointer). A guest user with access to I/O or the MMIO can use this flaw to cause a denial of service (system crash) of the guest. A flaw was discovered with the handling of the invept instruction in the KVM (Kernel Virtual Machine) subsystem of the Linux kernel. An unprivileged guest user could exploit this flaw to cause a denial of service (system crash) on the guest. Various other issues were also addressed.

tags | advisory, denial of service, kernel
systems | linux, ubuntu
advisories | CVE-2014-3610, CVE-2014-3611, CVE-2014-3646, CVE-2014-3647
MD5 | 9ce9b78c0e41e47d56be9e335e9ccd40
Debian Security Advisory 3060-1
Posted Oct 31, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3060-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, debian
advisories | CVE-2014-3610, CVE-2014-3611, CVE-2014-3645, CVE-2014-3646, CVE-2014-3647, CVE-2014-3673, CVE-2014-3687, CVE-2014-3688, CVE-2014-3690, CVE-2014-7207
MD5 | 0c9b1bb14b8b0fce3cf7b7819a4cbbf0
Page 1 of 1
Back1Next

File Archive:

November 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    28 Files
  • 2
    Nov 2nd
    1 Files
  • 3
    Nov 3rd
    1 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    19 Files
  • 6
    Nov 6th
    65 Files
  • 7
    Nov 7th
    22 Files
  • 8
    Nov 8th
    18 Files
  • 9
    Nov 9th
    1 Files
  • 10
    Nov 10th
    1 Files
  • 11
    Nov 11th
    11 Files
  • 12
    Nov 12th
    65 Files
  • 13
    Nov 13th
    27 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    0 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close