Twenty Year Anniversary
Showing 1 - 15 of 15 RSS Feed

Files Date: 2014-11-28

HP Security Bulletin HPSBGN03209
Posted Nov 28, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN03209 - A potential security vulnerability has been identified with HP Application Lifecycle Management running SSLv3. This is the SSLv3 vulnerability known as "Padding Oracle on Downgraded Legacy Encryption" also known as "Poodle", which could be exploited remotely to allow disclosure of information. Revision 1 of this advisory.

tags | advisory
advisories | CVE-2014-3566
MD5 | 28194b252becbc7597e4977fdd471f73
Ubuntu Security Notice USN-2425-1
Posted Nov 28, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2425-1 - It was discovered that DBus incorrectly handled a large number of file descriptor messages. A local attacker could use this issue to cause DBus to stop responding, resulting in a denial of service.

tags | advisory, denial of service, local
systems | linux, ubuntu
advisories | CVE-2014-7824
MD5 | f2a95196c63cfe08addb66450febd4bf
Tuleap 7.6-4 PHP Object Injection
Posted Nov 28, 2014
Authored by EgiX

Tuleap versions 7.6-4 and below suffer from a PHP object injection vulnerability in register.php.

tags | exploit, php
advisories | CVE-2014-8791
MD5 | 996df917e13e1acb41ce3587aaadfbe7
FileVista Path Leakage / Path Write Modification
Posted Nov 28, 2014
Authored by DS

FileVista versions prior to 6.1 leak internal path data and allow extraction outside of the stated path.

tags | advisory, info disclosure
advisories | CVE-2014-8788, CVE-2014-8789
MD5 | 7d0dfbef3741155722a7ca59d645ed80
Gentoo Linux Security Advisory 201411-11
Posted Nov 28, 2014
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201411-11 - Multiple vulnerabilities have been found in Squid, allowing remote attackers to execute arbitrary code or cause a Denial of Service condition. Versions less than 3.3.13-r1 are affected.

tags | advisory, remote, denial of service, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2014-0128, CVE-2014-7141, CVE-2014-7142
MD5 | cbe0833a61541372eb99920080cc3a8f
Debian Security Advisory 3078-1
Posted Nov 28, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3078-1 - An integer underflow flaw, leading to a heap-based buffer overflow, was found in the ksba_oid_to_str() function of libksba, an X.509 and CMS (PKCS#7) library. By using special crafted S/MIME messages or ECC based OpenPGP data, it is possible to create a buffer overflow, which could cause an application using libksba to crash (denial of service), or potentially, execute arbitrary code.

tags | advisory, denial of service, overflow, arbitrary
systems | linux, debian
advisories | CVE-2014-9087
MD5 | 965c78a03ffcbe621696690bdf4a78e4
Mandriva Linux Security Advisory 2014-235
Posted Nov 28, 2014
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2014-235 - Plack::App::File would previously strip trailing slashes off provided paths. This in combination with the common pattern of serving files with Plack::Middleware::Static could allow an attacker to bypass a whitelist of generated files.

tags | advisory
systems | linux, mandriva
advisories | CVE-2014-5269
MD5 | 270003ab7e450c0c88c3fcce2e116e67
Mandriva Linux Security Advisory 2014-234
Posted Nov 28, 2014
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2014-234 - Updated libksba packages fix a security vulnerability. By using special crafted S/MIME messages or ECC based OpenPGP data, it is possible to create a buffer overflow, which could lead to a denial of service.

tags | advisory, denial of service, overflow
systems | linux, mandriva
advisories | CVE-2014-9087
MD5 | aa9a63204a3f5d87f74be2b91465c555
Mandriva Linux Security Advisory 2014-236
Posted Nov 28, 2014
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2014-236 - An out-of-bounds read flaw was found in file's donote() function in the way the file utility determined the note headers of a elf file. This could possibly lead to file executable crash.

tags | advisory
systems | linux, mandriva
advisories | CVE-2014-3710
MD5 | 9418cdef0c381844c0de9590a10e2ab3
Mandriva Linux Security Advisory 2014-233
Posted Nov 28, 2014
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2014-233 - An updated wordpress package fixes cross site scripting, cross site request forgery, and various other vulnerabilities.

tags | advisory, vulnerability, xss, csrf
systems | linux, mandriva
advisories | CVE-2014-9031, CVE-2014-9032, CVE-2014-9033, CVE-2014-9034, CVE-2014-9035, CVE-2014-9036, CVE-2014-9037, CVE-2014-9038, CVE-2014-9039
MD5 | 288503effbbc8b9c6f0c840e149c7914
Mandriva Linux Security Advisory 2014-232
Posted Nov 28, 2014
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2014-232 - The function wordexp\(\) fails to properly handle the WRDE_NOCMD flag when processing arithmetic inputs in the form of $((... ``)) where ... can be anything valid. The backticks in the arithmetic expression are evaluated by in a shell even if WRDE_NOCMD forbade command substitution. This allows an attacker to attempt to pass dangerous commands via constructs of the above form, and bypass the WRDE_NOCMD flag. This update fixes the issue.

tags | advisory, shell
systems | linux, mandriva
advisories | CVE-2014-7817
MD5 | 7b3eb93ce346e1df90abd3ec9d6b0df9
Red Hat Security Advisory 2014-1915-01
Posted Nov 28, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-1915-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update fixes one vulnerability in Adobe Flash Player. This vulnerability is detailed in the Adobe Security Bulletin APSB14-26, listed in the References section. A flaw was found in the way flash-plugin displayed certain SWF content. An attacker could use this flaw to create a specially crafted SWF file that would cause flash-plugin to crash or, potentially, execute arbitrary code when the victim loaded a page containing the malicious SWF content.

tags | advisory, web, arbitrary
systems | linux, redhat
advisories | CVE-2014-8439
MD5 | cb31c95d356a3eaf6857c9f62584bc42
Agafi-ROP x86 ROP-Chainer Tool
Posted Nov 28, 2014
Authored by Nicolas A. Economou

Agafi-ROP is a x86 ROP-Chainer tool oriented to build ROP chains for win32 programs, modules, and running processes.

tags | tool, x86
systems | windows
MD5 | 7a59622f47583ec641ed2e596b612702
Microsoft IIS 7.5 Cross Site Scripting
Posted Nov 28, 2014
Authored by A Z

Microsoft IIS version 7.5 suffers from an error message cross site scripting vulnerability.

tags | exploit, xss
MD5 | 152e4ab2c7c811226a05af5d9a02f75b
D-Link DAP-1360 Cross Site Scripting / Cross Site Request Forgery
Posted Nov 28, 2014
Authored by MustLive

The D-Link DAP-1360 suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
MD5 | 27bd4054a49156d0664a0f4a7b85cf4b
Page 1 of 1
Back1Next

Want To Donate?


Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

File Archive:

June 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    14 Files
  • 2
    Jun 2nd
    1 Files
  • 3
    Jun 3rd
    3 Files
  • 4
    Jun 4th
    18 Files
  • 5
    Jun 5th
    21 Files
  • 6
    Jun 6th
    8 Files
  • 7
    Jun 7th
    16 Files
  • 8
    Jun 8th
    18 Files
  • 9
    Jun 9th
    5 Files
  • 10
    Jun 10th
    2 Files
  • 11
    Jun 11th
    21 Files
  • 12
    Jun 12th
    32 Files
  • 13
    Jun 13th
    15 Files
  • 14
    Jun 14th
    16 Files
  • 15
    Jun 15th
    4 Files
  • 16
    Jun 16th
    1 Files
  • 17
    Jun 17th
    2 Files
  • 18
    Jun 18th
    14 Files
  • 19
    Jun 19th
    0 Files
  • 20
    Jun 20th
    0 Files
  • 21
    Jun 21st
    0 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close