what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 17 of 17 RSS Feed

Files Date: 2015-02-02

HP Security Bulletin HPSBMU03239 1
Posted Feb 2, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU03239 1 - A potential security vulnerability has been identified with HP UCMDB. The vulnerability could be exploited remotely to allow disclosure of information. Revision 1 of this advisory.

tags | advisory
advisories | CVE-2014-7883
SHA-256 | a0fca233fc71344255014b77bede7f12e2aa1b74776825405da4cc3de6cce1c2
Debian Security Advisory 3150-1
Posted Feb 2, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3150-1 - Fabian Yamaguchi discovered multiple vulnerabilities in VLC, a multimedia player and streamer.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2014-9626, CVE-2014-9627, CVE-2014-9628, CVE-2014-9629, CVE-2014-9630
SHA-256 | dad27706c332cb8c1a538fc598f10305c3e3212c27ff7ad113b1350017412d31
Red Hat Security Advisory 2015-0113-01
Posted Feb 2, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-0113-01 - LibVNCServer is a library that allows for easy creation of VNC server or client functionality. An integer overflow flaw, leading to a heap-based buffer overflow, was found in the way screen sizes were handled by LibVNCServer. A malicious VNC server could use this flaw to cause a client to crash or, potentially, execute arbitrary code in the client. Two stack-based buffer overflow flaws were found in the way LibVNCServer handled file transfers. A remote attacker could use this flaw to crash the VNC server using a malicious VNC client.

tags | advisory, remote, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2014-6051, CVE-2014-6055
SHA-256 | 2c8785410993376fff5c29bb7bc10a430ce410769ce8c5d3d2f73ce9640152a7
Red Hat Security Advisory 2015-0112-01
Posted Feb 2, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-0112-01 - YAML is a data serialization format designed for human readability and interaction with scripting languages. LibYAML is a YAML parser and emitter written in C. An assertion failure was found in the way the libyaml library parsed wrapped strings. An attacker able to load specially crafted YAML input into an application using libyaml could cause the application to crash. All libyaml users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. All running applications linked against the libyaml library must be restarted for this update to take effect.

tags | advisory
systems | linux, redhat
advisories | CVE-2014-9130
SHA-256 | e7e47fedd99a2e7ae8058064043acac9bb0a9789eccc788ad6f1782ad6ec2f6c
Debian Security Advisory 3149-1
Posted Feb 2, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3149-1 - Florian Weimer, of Red Hat Product Security, discovered an issue in condor, a distributed workload management system. Upon job completion, it can optionally notify a user by sending an email; the mailx invocation used in that process allowed for any authenticated user able to submit jobs, to execute arbitrary code with the privileges of the condor user.

tags | advisory, arbitrary
systems | linux, redhat, debian
advisories | CVE-2014-8126
SHA-256 | d67dc19e1a51dcc33a68b430ffc86de24f5824b229425ade21a664c4eb4718b1
Ubuntu Security Notice USN-2488-1
Posted Feb 2, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2488-1 - Sebastian Andrzej Siewior discovered that ClamAV incorrectly handled certain upack packer files. An attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2014-9328
SHA-256 | 7f85859eb916a83eb1c5f0ac5499233c1ad69ebe34b2d85cc4b102f99167c4ea
Internet Explorer 11 Same Origin Bypass
Posted Feb 2, 2015
Authored by David Leo

Internet Explorer 11 on Windows 7 suffers from a same origin bypass vulnerability via universal cross site scripting.

tags | exploit, xss, bypass
systems | windows
SHA-256 | 3294cd653e4079d6b85c8167d441eb2511790b7a6842394532d5a09b6426fe9c
MS15-004 Microsoft Remote Desktop Services Web Proxy IE Sandbox Escape
Posted Feb 2, 2015
Authored by juan vazquez, temp66, Henry Li | Site metasploit.com

This Metasploit module abuses a process creation policy in Internet Explorer's sandbox, specifically the Microsoft Remote Desktop Services Web Proxy IE one, which allows the attacker to escape the Protected Mode, and execute code with Medium Integrity. At the moment, this module only bypass Protected Mode on Windows 7 SP1 and prior (32 bits). This Metasploit module has been tested successfully on Windows 7 SP1 (32 bits) with IE 8 and IE 11.

tags | exploit, remote, web
systems | windows
advisories | CVE-2015-0016
SHA-256 | f251b5620da0f914f68f8405e014d12e7a42023b75421dd37103a505dd589601
WordPress Quasar Theme 1.9.1 Privilege Escalation
Posted Feb 2, 2015
Authored by Evex

WordPress Quasar Theme version 1.9.1 suffers from a privilege escalation vulnerability.

tags | exploit
SHA-256 | c598b7e66c16762ea7b73df6860b119e97301a02e41b309dcab241a0b8b7878b
Packet Storm New Exploits For January, 2015
Posted Feb 2, 2015
Authored by Todd J. | Site packetstormsecurity.com

This archive contains all of the 187 exploits added to Packet Storm in January, 2015.

tags | exploit
systems | linux
SHA-256 | baa98ae3798024bcce58888a633b7094d55481d0fcde94647dc46ea8af74dcc7
Debian Security Advisory 3148-1
Posted Feb 2, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3148-1 - Security support for the chromium web browser is now discontinued for the stable distribution (wheezy). Chromium upstream stopped supporting wheezy's build environment (gcc 4.7, make, etc.), so there is no longer any practical way to continue building security updates.

tags | advisory, web
systems | linux, debian
SHA-256 | 146cbb4f671450513f73e2b6fbe2350216a8be9339bc7d0c578ba5f3c2ee4ad5
HP Security Bulletin HPSBMU03236 1
Posted Feb 2, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU03236 1 - A potential security vulnerability has been identified with HP Systems Insight Manager for Windows running Bash shell. This is the Bash Shell vulnerability known as "ShellShock" which could be exploited remotely to allow execution of code. Revision 1 of this advisory.

tags | advisory, shell, bash
systems | windows
advisories | CVE-2014-6277, CVE-2014-7186, CVE-2014-7187
SHA-256 | 0b30d6cd920d41ee2125d1b3503d2de9d4d82cceab9f6819f51330357463b946
B-Sides Knoxville 2015 Call For Papers
Posted Feb 2, 2015
Site bsidesknoxville.com

The B-Sides Knoxville 2015 Call For Papers has been announced. It will take place May 15th, 2015 at Scruffy City Hall.

tags | paper, conference
SHA-256 | 1f723f6812c04a80c21220df662c65636f147035c6e4e21150834a853a381dcd
Landesk Management Suite 9.5 Cross Site Scripting
Posted Feb 2, 2015
Authored by Alex Haynes

Landesk Management Suite version 9.5 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2014-5360
SHA-256 | 80f41bee0c9b08fa8095f1512a9ed6c1bb81de7e5a86874760dc24f35e98b31f
OptimalSite CMS 1 / 2.4 Cross Site Scripting
Posted Feb 2, 2015
Authored by Jing Wang

OptimalSite CMS versions 1 and 2.4 suffer from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2014-9562
SHA-256 | bfa1f87cdd9a0315af305a897fa2cfcd4a254746f41335d367c3d9895da93774
About.com Cross Site Scripting
Posted Feb 2, 2015
Authored by Jing Wang

All "topic sites" on about.com suffer from cross site scripting and iframe injection vulnerabilities. The researcher has reported this to about.com but they have not responded nor addressed the issues since October, 2014.

tags | exploit, vulnerability, xss
SHA-256 | 6b185b212d9c7e8b5cca27a8726c53efde81fba88595fbd45215392b45fc3395
Metamorphic Worms: Can They Remain Hidden?
Posted Feb 2, 2015
Authored by Reethi Kotti

Whitepaper that discusses types of computer worms and how metamorphic worms differ from the rest.

tags | paper, worm
SHA-256 | a0add4653a5c75e92a5147130c2b9d8fa675a786b51bb7b700de2c8af48867f3
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close