exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 13 of 13 RSS Feed

Files Date: 2015-01-30

EMC Avamar Missing Certificate Validation
Posted Jan 30, 2015
Site emc.com

EMC Avamar contains a security vulnerability that may potentially be leveraged by a malicious user to obtain sensitive information when performing a backup or restore operation relating to the vCenter Server. EMC Avamar VMware image and File Level Restore (FLR) proxies do not verify SSL certificates properly when presented by vCenter and may be vulnerable to man-in-the-middle attacks. This vulnerability may potentially be exploited to obtain sensitive information when performing backup and restore operations relating to the vCenter Server. EMC Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) 6.x and 7.0.x are affected.

tags | advisory
advisories | CVE-2014-4632
SHA-256 | 960253ccc6bd345db43360a894017a6964b76e9c567c6ab6c5de909091e08bfa
Unisphere Central Redirect / Access Bypass / DoS / Updates
Posted Jan 30, 2015
Site emc.com

Unisphere Central versions prior to 4.0 suffer from a large amount of security vulnerabilities and an update has been released that includes a fix for an unvalidated redirect issue along with various embedded component vulnerabilities.

tags | advisory, vulnerability
advisories | CVE-2010-5107, CVE-2010-5298, CVE-2011-0020, CVE-2011-0064, CVE-2011-3389, CVE-2012-2137, CVE-2012-5885, CVE-2012-6085, CVE-2012-6548, CVE-2012-6549, CVE-2013-0160, CVE-2013-0216, CVE-2013-0231, CVE-2013-0268, CVE-2013-0311, CVE-2013-0349, CVE-2013-0913, CVE-2013-0914, CVE-2013-1767, CVE-2013-1772, CVE-2013-1774, CVE-2013-1792, CVE-2013-1796, CVE-2013-1797, CVE-2013-1798, CVE-2013-1848, CVE-2013-1860, CVE-2013-1899
SHA-256 | ce4edb828cb719a743e51aeccc8b869350ac720be7a173f3e3978c205c139f5f
Asus RT-N10 Plus Cross Site Scripting
Posted Jan 30, 2015
Authored by Kaustubh G. Padwad

Asus RT-N10 Plus with firmware version 2.1.1.1.70 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 52834296326caf3b9233a242ffe1a865ee9dddc03118fc76297f3bfe0a1ac589
VMware Security Advisory 2015-0002
Posted Jan 30, 2015
Authored by VMware | Site vmware.com

VMware Security Advisory 2015-0002 - VMware vSphere Data Protection product update addresses a certificate validation vulnerability.

tags | advisory
advisories | CVE-2014-4632
SHA-256 | 0531aeee8d20e6e4def483d5bc261726b7dc432377407392d954630e1a91fddd
Debian Security Advisory 3145-1
Posted Jan 30, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3145-1 - Multiple vulnerabilities were discovered in Privoxy, a privacy enhancing HTTP proxy, which might result in denial of service.

tags | advisory, web, denial of service, vulnerability
systems | linux, debian
advisories | CVE-2015-1381, CVE-2015-1382
SHA-256 | e6db28ba30169786edf2dcf19679ab5a026574a62ab07e73a140bfd7b7124c5b
Debian Security Advisory 3144-1
Posted Jan 30, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3144-1 - Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in the execution of arbitrary code, information disclosure or denial of service.

tags | advisory, java, denial of service, arbitrary, vulnerability, info disclosure
systems | linux, debian
advisories | CVE-2014-3566, CVE-2014-6585, CVE-2014-6587, CVE-2014-6591, CVE-2014-6593, CVE-2014-6601, CVE-2015-0383, CVE-2015-0395, CVE-2015-0407, CVE-2015-0408, CVE-2015-0410, CVE-2015-0412
SHA-256 | 622b1ffb514cee356dcd2ec27f28c7e4b1b32a3f20afd883039207989ce539b0
HP Security Bulletin HPSBOV03226 2
Posted Jan 30, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBOV03226 2 - Potential security vulnerabilities have been identified with the TCP/IP Services for OpenVMS BIND 9 Resolver. These vulnerabilities could be remotely exploited to cause a Denial of Service (DoS) and other vulnerabilities. NOTE: These vulnerabilities impact OpenVMS TCP/IP BIND servers only. No update is required for BIND clients. Revision 2 of this advisory.

tags | advisory, denial of service, tcp, vulnerability
advisories | CVE-2006-4096, CVE-2007-2926, CVE-2008-1447, CVE-2009-0025, CVE-2011-4313, CVE-2012-4244
SHA-256 | 4935d3f1fb7ea8e8542d5095cd4cb2b982b905b4752fdda66d72da48b1f6e88d
Debian Security Advisory 3146-1
Posted Jan 30, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3146-1 - Jakub Wilk discovered that in requests, an HTTP library for the Python language, authentication information was improperly handled when a redirect occurred. This would allow remote servers to obtain two Proxy-Authorization header (CVE-2014-1830), or netrc passwords from the Authorization header (CVE-2014-1829).

tags | advisory, remote, web, python
systems | linux, debian
advisories | CVE-2014-1829, CVE-2014-1830
SHA-256 | d12919710b3c1d41c774e5833078bfdcbc449f8d50ae48755845daa5dbf03e7a
Debian Security Advisory 3147-1
Posted Jan 30, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3147-1 - Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in the execution of arbitrary code, information disclosure or denial of service.

tags | advisory, java, denial of service, arbitrary, vulnerability, info disclosure
systems | linux, debian
advisories | CVE-2014-3566, CVE-2014-6585, CVE-2014-6587, CVE-2014-6591, CVE-2014-6593, CVE-2014-6601, CVE-2015-0383, CVE-2015-0395, CVE-2015-0407, CVE-2015-0408, CVE-2015-0410, CVE-2015-0412
SHA-256 | 8f72aaccb477a21c98ab72ae6ecbad94d77750711480b0a4c5c4c91781281f8c
Symantec Encryption Management Server Remote Command Injection
Posted Jan 30, 2015
Authored by Paul Craig from Vantage Point

Symantec Encryption Management Server versions prior to 3.2.0 MP6 suffers from a remote command injection vulnerability.

tags | exploit, remote
SHA-256 | 3bc3eeac36113e210abe514dc8172c9c2bb90bb59bbe5d343e9ac303b7490024
NPDS CMS Revolution-13 SQL Injection
Posted Jan 30, 2015
Authored by Nahendra Bhati

NPDS CMS Revolution-13 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2015-1400
SHA-256 | 142ca9db88be9cf3d50167d0e6ca107fc856238d9b989d450adedf97f40190cc
How To Secure Against Glibc Ghost Vulnerability
Posted Jan 30, 2015
Authored by Rajivarnan.R

This is a whitepaper discussing mitigation of the Ghost glibc vulnerability as discussed in CVE-2015-0235.

tags | paper
advisories | CVE-2015-0235
SHA-256 | 77fdf5e2024f2bd5d09207c0e6a1b4251255bb6447af8bde63b893affd58ba12
McAfee Data Loss Prevention Endpoint Privilege Escalation
Posted Jan 30, 2015
Authored by Parvez Anwar

McAfee Data Loss Prevention Endpoint version 9.3.200.23 suffers from an arbitrary write privilege escalation vulnerability.

tags | exploit, arbitrary
advisories | CVE-2015-1305
SHA-256 | b96f5506ade3562db4422d9d10574de13efea0a185c340127a4a630ff1c8727d
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close