what you don't know can hurt you
Showing 1 - 21 of 21 RSS Feed

Files Date: 2015-01-05

AdaptCMS 3.0.3 Remote Command Execution
Posted Jan 5, 2015
Authored by LiquidWorm | Site zeroscience.mk

AdaptCMS version 3.0.3 suffers from an authenticated arbitrary command execution vulnerability. The issue is caused due to the improper verification of uploaded files. This can be exploited to execute arbitrary PHP code by creating or uploading a malicious PHP script file that will be stored in '\app\webroot\uploads' directory.

tags | exploit, arbitrary, php
MD5 | 5bb4517e735b5743e84a2e836100b332
AdaptCMS 3.0.3 HTTP Referer Header Open Redirect
Posted Jan 5, 2015
Authored by LiquidWorm | Site zeroscience.mk

AdaptCMS version 3.0.3 suffers from an open redirection vulnerability due to giving implied trust to the HTTP Referer header.

tags | exploit, web
MD5 | ed6e448d09a1ab3a782f465d95f11790
AdaptCMS 3.0.3 Cross Site Scripting
Posted Jan 5, 2015
Authored by LiquidWorm | Site zeroscience.mk

AdaptCMS version 3.0.3 suffers from multiple persistent cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | b17b3f16f925a4b1c017e8c884700f1b
Open-Xchange Server 6 / OX AppSuite 7.6.1 Cross Site Scripting
Posted Jan 5, 2015
Authored by Martin Heiland, John de Kroon

Open-Xchange Server 6 / OX AppSuite versions 7.6.1 and below suffer from a cross site scripting vulnerability.

tags | advisory, xss
advisories | CVE-2014-8993
MD5 | b7382005ce24ee724c045fbdf1adca9c
Mantis BugTracker 1.2.17 XSS / DoS / Redirect
Posted Jan 5, 2015
Authored by Mathias Karlsson, Paul Richards, Alejo Popovici, Ryan Giobbi, Shahee Mirza

Mantis BugTracker version 1.2.17 suffers from denial of service, potential cross site scripting, and arbitrary redirection vulnerabilities.

tags | advisory, denial of service, arbitrary, vulnerability, xss
advisories | CVE-2014-6316, CVE-2014-8987, CVE-2014-9117
MD5 | d36912d0c9fe479d0ccf9e67dfd1fa43
ManageEngine Shell Upload / Directory Traversal
Posted Jan 5, 2015
Authored by Pedro Ribeiro

ManageEngine products Service Desk Plus, Asset Explorer, Support Center, and IT360 suffer from file upload and directory traversal vulnerabilities.

tags | exploit, vulnerability, file inclusion, file upload
advisories | CVE-2014-5301, CVE-2014-5302
MD5 | 68c22a3a899962e1033909dc917841aa
HikaShop 2.3.3 Local File Inclusion
Posted Jan 5, 2015
Authored by HauntIT

This Metasploit module exploits a local file inclusion vulnerability in HikaShop version 2.3.3.

tags | exploit, local, file inclusion
MD5 | d2e48af76b6f77fdbe6c2b2ed9f8c672
Red Hat Security Advisory 2015-0012-01
Posted Jan 5, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-0012-01 - Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. This update adds support for the TLS Fallback Signaling Cipher Suite Value, which can be used to prevent protocol downgrade attacks against applications which re-connect using a lower SSL/TLS protocol version when the initial connection indicating the highest supported protocol version fails. This can prevent a forceful downgrade of the communication to SSL 3.0. The SSL 3.0 protocol was found to be vulnerable to the padding oracle attack when using block cipher suites in cipher block chaining mode. This issue is identified as CVE-2014-3566, and also known under the alias POODLE. This SSL 3.0 protocol flaw will not be addressed in a future update; it is recommended that users configure their applications to require at least TLS protocol version 1.0 for secure communication.

tags | advisory, java, protocol
systems | linux, redhat
MD5 | 54f301669e17f2202796750c5a9de94a
Red Hat Security Advisory 2015-0011-01
Posted Jan 5, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-0011-01 - Red Hat JBoss Enterprise Web Platform is a platform for Java applications, which integrates the JBoss Web Server with JBoss Hibernate and JBoss Seam. This update adds support for the TLS Fallback Signaling Cipher Suite Value, which can be used to prevent protocol downgrade attacks against applications which re-connect using a lower SSL/TLS protocol version when the initial connection indicating the highest supported protocol version fails. This can prevent a forceful downgrade of the communication to SSL 3.0. The SSL 3.0 protocol was found to be vulnerable to the padding oracle attack when using block cipher suites in cipher block chaining mode. This issue is identified as CVE-2014-3566, and also known under the alias POODLE. This SSL 3.0 protocol flaw will not be addressed in a future update; it is recommended that users configure their applications to require at least TLS protocol version 1.0 for secure communication.

tags | advisory, java, web, protocol
systems | linux, redhat
MD5 | 7e5b996fbc66f85dc26af2cafb2192f2
Red Hat Security Advisory 2015-0010-01
Posted Jan 5, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-0010-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications, which integrates the JBoss Application Server with JBoss Hibernate and JBoss Seam. This update adds support for the TLS Fallback Signaling Cipher Suite Value, which can be used to prevent protocol downgrade attacks against applications which re-connect using a lower SSL/TLS protocol version when the initial connection indicating the highest supported protocol version fails. This can prevent a forceful downgrade of the communication to SSL 3.0. The SSL 3.0 protocol was found to be vulnerable to the padding oracle attack when using block cipher suites in cipher block chaining mode. This issue is identified as CVE-2014-3566, and also known under the alias POODLE. This SSL 3.0 protocol flaw will not be addressed in a future update; it is recommended that users configure their applications to require at least TLS protocol version 1.0 for secure communication.

tags | advisory, java, protocol
systems | linux, redhat
MD5 | 80c5dbfb2190c2c22c6af661b839e81e
Red Hat Security Advisory 2015-0008-01
Posted Jan 5, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-0008-01 - The libvirt library is a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. In addition, libvirt provides tools for remote management of virtualized systems. It was found that when the VIR_DOMAIN_XML_MIGRATABLE flag was used, the QEMU driver implementation of the virDomainGetXMLDesc() function could bypass the restrictions of the VIR_DOMAIN_XML_SECURE flag. A remote attacker able to establish a read-only connection to libvirtd could use this flaw to leak certain limited information from the domain XML data.

tags | advisory, remote
systems | linux, redhat
advisories | CVE-2014-7823
MD5 | 962da83cbaafd2663389569c59231ee7
Red Hat Security Advisory 2015-0009-01
Posted Jan 5, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-0009-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A flaw was found in the way the Linux kernel handled GS segment register base switching when recovering from a #SS fault on an erroneous return to user space. A local, unprivileged user could use this flaw to escalate their privileges on the system.

tags | advisory, kernel, local
systems | linux, redhat
advisories | CVE-2014-9322
MD5 | d362dec975b8e853972295725fb5cb8a
Mandriva Linux Security Advisory 2015-001
Posted Jan 5, 2015
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2015-001 - Several vulnerabilities were found in c-icap, which could allow a remote attacker to cause c-icap to crash, or have other, unspecified impacts.

tags | advisory, remote, vulnerability
systems | linux, mandriva
advisories | CVE-2013-7401, CVE-2013-7402
MD5 | 30709f4453c3d65619ab586e7db1108a
Mandriva Linux Security Advisory 2015-002
Posted Jan 5, 2015
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2015-002 - A flaw was found in the way PCRE handled certain malformed regular expressions. This issue could cause an application linked against PCRE to crash while parsing malicious regular expressions.

tags | advisory
systems | linux, mandriva
advisories | CVE-2014-8964
MD5 | 6d6a2e19f3308dc07118289b6afc5df6
Ubuntu Security Notice USN-2450-1
Posted Jan 5, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2450-1 - Mike Daskalakis discovered that strongSwan incorrectly handled IKEv2 payloads that contained the Diffie-Hellman group 1025. A remote attacker could use this issue to cause the IKE daemon to crash, resulting in a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2014-9221
MD5 | 1e801e9c003f89112cbbdbf5fc22ec34
Debian Security Advisory 3118-1
Posted Jan 5, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3118-1 - Mike Daskalakis reported a denial of service vulnerability in charon, the IKEv2 daemon for strongSwan, an IKE/IPsec suite used to establish IPsec protected links.

tags | advisory, denial of service
systems | linux, debian
advisories | CVE-2014-9221
MD5 | 33a4f4939448498397eb2a51524dc6b6
Mandriva Linux Security Advisory 2015-003
Posted Jan 5, 2015
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2015-003 - If no authentication key is defined in the ntp.conf file, a cryptographically-weak default key is generated. ntp-keygen before 4.2.7p230 uses a non-cryptographic random number generator with a weak seed to generate symmetric keys. A remote unauthenticated attacker may craft special packets that trigger buffer overflows in the ntpd functions crypto_recv() (when using autokey authentication), ctl_putdata(), and configure(). The resulting buffer overflows may be exploited to allow arbitrary malicious code to be executed with the privilege of the ntpd process. A section of code in ntpd handling a rare error is missing a return statement, therefore processing did not stop when the error was encountered. This situation may be exploitable by an attacker. The ntp package has been patched to fix these issues.

tags | advisory, remote, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2014-9293, CVE-2014-9294, CVE-2014-9295, CVE-2014-9296
MD5 | f616ead0b5ef994d0519beeb7a84a09a
Mandriva Linux Security Advisory 2015-004
Posted Jan 5, 2015
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2015-004 - A use-after-free flaw was found in PHP unserialize(). An untrusted input could cause PHP interpreter to crash or, possibly, execute arbitrary code when processed using unserialize(). PHP has been updated to version 5.5.20, which fixes these issues and other bugs.

tags | advisory, arbitrary, php
systems | linux, mandriva
advisories | CVE-2014-8142
MD5 | db61337a6172e68a506d794296930663
ASUSWRT 3.0.0.4.376_1071 LAN Backdoor Command Execution
Posted Jan 5, 2015
Authored by Friedrich Postelstorfer

ASUSWRT version 3.0.0.4.376_1071 suffers from a remote command execution vulnerability. A service called "infosvr" listens on port 9999 on the LAN bridge. Normally this service is used for device discovery using the "ASUS Wireless Router Device Discovery Utility", but this service contains a feature that allows an unauthenticated user on the LAN to execute commands less than or equal to 237 bytes as root. Source code is in asuswrt/release/src/router/infosvr. "iboxcom.h" is in asuswrt/release/src/router/shared.

tags | exploit, remote, root
MD5 | 5ec3e85958335b910a0bf2c90f373d64
Online Airline Booking System Authentication Bypass
Posted Jan 5, 2015
Authored by WICS

Online Airline Booking System suffers from bypass and reinstall vulnerabilities.

tags | exploit, vulnerability, bypass
MD5 | 1ccf39f123dcdff99ce037e6df56b78d
ZTE Datacard MF19 Privilege Escalation / DLL Hijacking
Posted Jan 5, 2015
Authored by Hadji Samir

ZTE Datacard MF19 suffers from privilege escalation and DLL hijacking vulnerabilities.

tags | exploit, vulnerability
systems | windows
advisories | CVE-2015-0974
MD5 | 9a40ed46aa359333b212c2bab118c9e9
Page 1 of 1
Back1Next

File Archive:

September 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    20 Files
  • 2
    Sep 2nd
    15 Files
  • 3
    Sep 3rd
    15 Files
  • 4
    Sep 4th
    4 Files
  • 5
    Sep 5th
    1 Files
  • 6
    Sep 6th
    1 Files
  • 7
    Sep 7th
    15 Files
  • 8
    Sep 8th
    27 Files
  • 9
    Sep 9th
    7 Files
  • 10
    Sep 10th
    16 Files
  • 11
    Sep 11th
    9 Files
  • 12
    Sep 12th
    0 Files
  • 13
    Sep 13th
    0 Files
  • 14
    Sep 14th
    25 Files
  • 15
    Sep 15th
    15 Files
  • 16
    Sep 16th
    15 Files
  • 17
    Sep 17th
    15 Files
  • 18
    Sep 18th
    12 Files
  • 19
    Sep 19th
    1 Files
  • 20
    Sep 20th
    1 Files
  • 21
    Sep 21st
    15 Files
  • 22
    Sep 22nd
    21 Files
  • 23
    Sep 23rd
    8 Files
  • 24
    Sep 24th
    15 Files
  • 25
    Sep 25th
    4 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close