Twenty Year Anniversary
Showing 1 - 17 of 17 RSS Feed

Files Date: 2015-02-02

HP Security Bulletin HPSBMU03239 1
Posted Feb 2, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU03239 1 - A potential security vulnerability has been identified with HP UCMDB. The vulnerability could be exploited remotely to allow disclosure of information. Revision 1 of this advisory.

tags | advisory
advisories | CVE-2014-7883
MD5 | 63165e7d29a5c0d3f9c547d28bd3fe70
Debian Security Advisory 3150-1
Posted Feb 2, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3150-1 - Fabian Yamaguchi discovered multiple vulnerabilities in VLC, a multimedia player and streamer.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2014-9626, CVE-2014-9627, CVE-2014-9628, CVE-2014-9629, CVE-2014-9630
MD5 | 911f2a267deaff824cb07401a0b7c0b2
Red Hat Security Advisory 2015-0113-01
Posted Feb 2, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-0113-01 - LibVNCServer is a library that allows for easy creation of VNC server or client functionality. An integer overflow flaw, leading to a heap-based buffer overflow, was found in the way screen sizes were handled by LibVNCServer. A malicious VNC server could use this flaw to cause a client to crash or, potentially, execute arbitrary code in the client. Two stack-based buffer overflow flaws were found in the way LibVNCServer handled file transfers. A remote attacker could use this flaw to crash the VNC server using a malicious VNC client.

tags | advisory, remote, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2014-6051, CVE-2014-6055
MD5 | aacd3f7ed0b56c000b5c16ee6243e64d
Red Hat Security Advisory 2015-0112-01
Posted Feb 2, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-0112-01 - YAML is a data serialization format designed for human readability and interaction with scripting languages. LibYAML is a YAML parser and emitter written in C. An assertion failure was found in the way the libyaml library parsed wrapped strings. An attacker able to load specially crafted YAML input into an application using libyaml could cause the application to crash. All libyaml users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. All running applications linked against the libyaml library must be restarted for this update to take effect.

tags | advisory
systems | linux, redhat
advisories | CVE-2014-9130
MD5 | 81d9bbd31edd9c48c9775a5b60782809
Debian Security Advisory 3149-1
Posted Feb 2, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3149-1 - Florian Weimer, of Red Hat Product Security, discovered an issue in condor, a distributed workload management system. Upon job completion, it can optionally notify a user by sending an email; the mailx invocation used in that process allowed for any authenticated user able to submit jobs, to execute arbitrary code with the privileges of the condor user.

tags | advisory, arbitrary
systems | linux, redhat, debian
advisories | CVE-2014-8126
MD5 | 6e5dc8758bfb80b67cddac525f0e501b
Ubuntu Security Notice USN-2488-1
Posted Feb 2, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2488-1 - Sebastian Andrzej Siewior discovered that ClamAV incorrectly handled certain upack packer files. An attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2014-9328
MD5 | 98e784b353a7459000b536b55cff09cc
Internet Explorer 11 Same Origin Bypass
Posted Feb 2, 2015
Authored by David Leo

Internet Explorer 11 on Windows 7 suffers from a same origin bypass vulnerability via universal cross site scripting.

tags | exploit, xss, bypass
systems | windows, 7
MD5 | 434e1781dd43e86240f9ea14e33c794e
MS15-004 Microsoft Remote Desktop Services Web Proxy IE Sandbox Escape
Posted Feb 2, 2015
Authored by juan vazquez, temp66, Henry Li | Site metasploit.com

This Metasploit module abuses a process creation policy in Internet Explorer's sandbox, specifically the Microsoft Remote Desktop Services Web Proxy IE one, which allows the attacker to escape the Protected Mode, and execute code with Medium Integrity. At the moment, this module only bypass Protected Mode on Windows 7 SP1 and prior (32 bits). This Metasploit module has been tested successfully on Windows 7 SP1 (32 bits) with IE 8 and IE 11.

tags | exploit, remote, web
systems | windows, 7
advisories | CVE-2015-0016
MD5 | 603be371391e9afbc16e6432a03ab423
WordPress Quasar Theme 1.9.1 Privilege Escalation
Posted Feb 2, 2015
Authored by Evex

WordPress Quasar Theme version 1.9.1 suffers from a privilege escalation vulnerability.

tags | exploit
MD5 | d3feeaddaaccf2de5db0abe51c1e32c2
Packet Storm New Exploits For January, 2015
Posted Feb 2, 2015
Authored by Todd J. | Site packetstormsecurity.org

This archive contains all of the 187 exploits added to Packet Storm in January, 2015.

tags | exploit
systems | linux
MD5 | 78a0ede9b22751ec549b10e5adda4798
Debian Security Advisory 3148-1
Posted Feb 2, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3148-1 - Security support for the chromium web browser is now discontinued for the stable distribution (wheezy). Chromium upstream stopped supporting wheezy's build environment (gcc 4.7, make, etc.), so there is no longer any practical way to continue building security updates.

tags | advisory, web
systems | linux, debian
MD5 | 8091b1c1c29d0f319d8dc13c40b039d8
HP Security Bulletin HPSBMU03236 1
Posted Feb 2, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU03236 1 - A potential security vulnerability has been identified with HP Systems Insight Manager for Windows running Bash shell. This is the Bash Shell vulnerability known as "ShellShock" which could be exploited remotely to allow execution of code. Revision 1 of this advisory.

tags | advisory, shell, bash
systems | windows
advisories | CVE-2014-6277, CVE-2014-7186, CVE-2014-7187
MD5 | 8465e3ea711e78a35cb046f926bd9152
B-Sides Knoxville 2015 Call For Papers
Posted Feb 2, 2015
Site bsidesknoxville.com

The B-Sides Knoxville 2015 Call For Papers has been announced. It will take place May 15th, 2015 at Scruffy City Hall.

tags | paper, conference
MD5 | 0cfdb1c20ea58f845be07c6f65b73919
Landesk Management Suite 9.5 Cross Site Scripting
Posted Feb 2, 2015
Authored by Alex Haynes

Landesk Management Suite version 9.5 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2014-5360
MD5 | 8469cc92287e32ab2f9bfba18a0716f5
OptimalSite CMS 1 / 2.4 Cross Site Scripting
Posted Feb 2, 2015
Authored by Jing Wang

OptimalSite CMS versions 1 and 2.4 suffer from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2014-9562
MD5 | af6f0bba2808438105633314d607a7eb
About.com Cross Site Scripting
Posted Feb 2, 2015
Authored by Jing Wang

All "topic sites" on about.com suffer from cross site scripting and iframe injection vulnerabilities. The researcher has reported this to about.com but they have not responded nor addressed the issues since October, 2014.

tags | exploit, vulnerability, xss
MD5 | cbe5dd65066e49e6d9403ec7b1f6a10e
Metamorphic Worms: Can They Remain Hidden?
Posted Feb 2, 2015
Authored by Reethi Kotti

Whitepaper that discusses types of computer worms and how metamorphic worms differ from the rest.

tags | paper, worm
MD5 | 4ae6e561c0c9dbfec13ce2965d4d8a49
Page 1 of 1
Back1Next

File Archive:

September 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    1 Files
  • 2
    Sep 2nd
    3 Files
  • 3
    Sep 3rd
    15 Files
  • 4
    Sep 4th
    15 Files
  • 5
    Sep 5th
    18 Files
  • 6
    Sep 6th
    18 Files
  • 7
    Sep 7th
    15 Files
  • 8
    Sep 8th
    2 Files
  • 9
    Sep 9th
    2 Files
  • 10
    Sep 10th
    16 Files
  • 11
    Sep 11th
    17 Files
  • 12
    Sep 12th
    15 Files
  • 13
    Sep 13th
    29 Files
  • 14
    Sep 14th
    21 Files
  • 15
    Sep 15th
    3 Files
  • 16
    Sep 16th
    1 Files
  • 17
    Sep 17th
    15 Files
  • 18
    Sep 18th
    16 Files
  • 19
    Sep 19th
    13 Files
  • 20
    Sep 20th
    0 Files
  • 21
    Sep 21st
    0 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close