Exploit the possiblities
Showing 1 - 15 of 15 RSS Feed

Files Date: 2015-02-17

Red Hat Security Advisory 2015-0235-01
Posted Feb 17, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-0235-01 - Red Hat JBoss BRMS is a business rules management system for the management, storage, creation, modification, and deployment of JBoss Rules. This roll up patch serves as a cumulative upgrade for Red Hat JBoss BRMS 6.0.3, and includes bug fixes and enhancements. It includes various bug fixes, which are listed in the README file included with the patch files.

tags | advisory
systems | linux, redhat
advisories | CVE-2012-6153, CVE-2013-4002, CVE-2013-5855, CVE-2014-0005, CVE-2014-0075, CVE-2014-0096, CVE-2014-0099, CVE-2014-0119, CVE-2014-0193, CVE-2014-0227, CVE-2014-3472, CVE-2014-3490, CVE-2014-3530, CVE-2014-3558, CVE-2014-3577, CVE-2014-3578, CVE-2014-3625, CVE-2014-3682, CVE-2014-8114, CVE-2014-8115
MD5 | 1246d516e043ffc90f818f13c00f66ff
Red Hat Security Advisory 2015-0234-01
Posted Feb 17, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-0234-01 - Red Hat JBoss BPM Suite is a business rules and processes management system for the management, storage, creation, modification, and deployment of JBoss rules and BPMN2-compliant business processes. This roll up patch serves as a cumulative upgrade for Red Hat JBoss BPM Suite 6.0.3, and includes bug fixes and enhancements. It includes various bug fixes, which are listed in the README file included with the patch files.

tags | advisory
systems | linux, redhat
advisories | CVE-2012-6153, CVE-2013-4002, CVE-2013-5855, CVE-2014-0005, CVE-2014-0075, CVE-2014-0096, CVE-2014-0099, CVE-2014-0119, CVE-2014-0193, CVE-2014-0227, CVE-2014-3472, CVE-2014-3490, CVE-2014-3530, CVE-2014-3558, CVE-2014-3577, CVE-2014-3578, CVE-2014-3625, CVE-2014-3682, CVE-2014-8114, CVE-2014-8115
MD5 | 8b682069ae2336163404af495febf685
Gentoo Linux Security Advisory 201502-13
Posted Feb 17, 2015
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201502-13 - Multiple vulnerabilities have been found in Chromium, the worst of which can allow remote attackers to cause Denial of Service or gain escalated privileges. Versions less than 40.0.2214.111 are affected.

tags | advisory, remote, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2014-7923, CVE-2014-7924, CVE-2014-7925, CVE-2014-7926, CVE-2014-7927, CVE-2014-7928, CVE-2014-7929, CVE-2014-7930, CVE-2014-7931, CVE-2014-7932, CVE-2014-7933, CVE-2014-7934, CVE-2014-7935, CVE-2014-7936, CVE-2014-7937, CVE-2014-7938, CVE-2014-7939, CVE-2014-7940, CVE-2014-7941, CVE-2014-7942, CVE-2014-7943, CVE-2014-7944, CVE-2014-7945, CVE-2014-7946, CVE-2014-7947, CVE-2014-7948, CVE-2014-9646, CVE-2014-9647
MD5 | 4d90909e743f0d6574b549d64133eaa4
Ubuntu Security Notice USN-2502-1
Posted Feb 17, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2502-1 - William Robinet discovered that unzip incorrectly handled certain malformed zip archives. If a user or automated system were tricked into processing a specially crafted zip archive, an attacker could possibly execute arbitrary code.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2015-1315
MD5 | f65eee5d22654167f01ee468d0000f87
Ubuntu Security Notice USN-2501-1
Posted Feb 17, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2501-1 - Stefan Esser discovered that PHP incorrectly handled unserializing objects. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2015-0231) Brian Carpenter discovered that the PHP CGI component incorrectly handled invalid files. A local attacker could use this issue to obtain sensitive information, or possibly execute arbitrary code. This issue only affected Ubuntu 14.04 LTS and Ubuntu 14.10. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, local, cgi, php
systems | linux, ubuntu
advisories | CVE-2014-8142, CVE-2014-9427, CVE-2014-9652, CVE-2015-0231, CVE-2015-0232, CVE-2015-1351, CVE-2015-1352
MD5 | 7ddc93292681f688a7c0043de9e4d66e
X360 VideoPlayer ActiveX Control Buffer Overflow
Posted Feb 17, 2015
Authored by Rh0, juan vazquez | Site metasploit.com

This Metasploit module exploits a buffer overflow in the VideoPlayer.ocx ActiveX installed with the X360 Software. By setting an overly long value to 'ConvertFile()',an attacker can overrun a .data buffer to bypass ASLR/DEP and finally execute arbitrary code.

tags | exploit, overflow, arbitrary, activex
MD5 | ccdbee72507f4689f2f29a861de8f106
Java JMX Server Insecure Configuration Java Code Execution
Posted Feb 17, 2015
Authored by Braden Thomas, juan vazquez | Site metasploit.com

This Metasploit module takes advantage a Java JMX interface insecure configuration, which would allow loading classes from any remote (HTTP) URL. JMX interfaces with authentication disabled (com.sun.management.jmxremote.authenticate=false) should be vulnerable, while interfaces with authentication enabled will be vulnerable only if a weak configuration is deployed (allowing to use javax.management.loading.MLet, having a security manager allowing to load a ClassLoader MBean, etc.).

tags | exploit, java, remote, web
MD5 | ba7da3ce98fa7745ef13cb5f3a2d8f9a
Ubuntu Security Notice USN-2500-1
Posted Feb 17, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2500-1 - Olivier Fourdan discovered that the X.Org X server incorrectly handled XkbSetGeometry requests resulting in an information leak. An attacker able to connect to an X server, either locally or remotely, could use this issue to possibly obtain sensitive information. It was discovered that the X.Org X server incorrectly handled certain trapezoids. An attacker able to connect to an X server, either locally or remotely, could use this issue to possibly crash the server. This issue only affected Ubuntu 12.04 LTS. Various other issues were also addressed.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2013-6424, CVE-2015-0255
MD5 | bc7d08b4a93cbe152fa15cda5cbc1616
GuppY CMS 5.0.9 / 5.00.10 CSRF / Shell Upload
Posted Feb 17, 2015
Authored by Brandon Murphy

GuppY CMS versions 5.0.9 and 5.00.10 suffer from cross site request forgery and remote shell upload vulnerabilities.

tags | exploit, remote, shell, vulnerability, csrf
MD5 | 2f0ded5c55813679bf6095ec8b40ff5e
GuppY CMS 5.0.9 / 5.00.10 Authentication Bypass / Change Email
Posted Feb 17, 2015
Authored by Brandon Murphy

GuppY CMS versions 5.0.9 and 5.00.10 remote authentication bypass and change email exploit.

tags | exploit, remote, bypass
MD5 | 58e512843a5611ea33afc80e4f15ee1d
WordPress Image Metadata Cruncher CSRF / XSS
Posted Feb 17, 2015
Authored by Kaustubh G. Padwad

WordPress Image Metadata Cruncher plugin suffers from cross site request forgery and stored cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
advisories | CVE-2015-1614
MD5 | 168ed045040f9b82d2b5387d46d117e3
D-Link DSL-2640B Unauthenticated Remote DNS Changer
Posted Feb 17, 2015
Authored by Todor Donev

Remote exploit for changing DNS settings unauthenticated on the D-Link DSL-2640B.

tags | exploit, remote
MD5 | 531bc607c1c29b0947c50f3022f4a732
Ebay Magento Script Insertion
Posted Feb 17, 2015
Authored by Benjamin Kunz Mejri | Site vulnerability-lab.com

Ebay's Magento application suffers from a malicious script insertion vulnerability.

tags | exploit
MD5 | 32a3d9a84bdd560106ec974a6e95190a
ES File Explorer 3.2.4.1 Path Traversal
Posted Feb 17, 2015
Authored by Hadji Samir | Site vulnerability-lab.com

ES File Explorer version 3.2.4.1 suffers from a path traversal vulnerability.

tags | exploit
advisories | CVE-2015-1876
MD5 | 7ddee995689b7ee1ead2ebf39c2ca315
Samhain File Integrity Checker 3.1.4
Posted Feb 17, 2015
Authored by Rainer Wichmann | Site samhain.sourceforge.net

Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.

Changes: Added non-existent file to the regression test config. Multiple bug fixes.
tags | tool, tcp, intrusion detection
systems | linux, unix, solaris, aix, hpux, unixware
MD5 | bdbed66edcf473b0458a0baf1ebe670b
Page 1 of 1
Back1Next

File Archive:

December 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    15 Files
  • 2
    Dec 2nd
    2 Files
  • 3
    Dec 3rd
    1 Files
  • 4
    Dec 4th
    15 Files
  • 5
    Dec 5th
    15 Files
  • 6
    Dec 6th
    18 Files
  • 7
    Dec 7th
    17 Files
  • 8
    Dec 8th
    15 Files
  • 9
    Dec 9th
    13 Files
  • 10
    Dec 10th
    1 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close