what you don't know can hurt you
Showing 1 - 14 of 14 RSS Feed

Files Date: 2015-02-19

Packet Fence 4.6.1
Posted Feb 19, 2015
Site packetfence.org

PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.

Changes: Various updates.
tags | tool, remote
systems | unix
MD5 | 73154ea08e88d43891182a295961f317
Javascript Injection For Eval-Based Unpackers
Posted Feb 19, 2015
Authored by joev | Site metasploit.com

This Metasploit module generates a Javascript file that executes arbitrary code when an eval-based unpacker is run on it. Works against js-beautify's P_A_C_K_E_R unpacker.

tags | exploit, arbitrary, javascript
MD5 | aa5a02de3ff662a29dec25c941017dce
Red Hat Security Advisory 2015-0246-01
Posted Feb 19, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-0246-01 - OpenStack Image service provides discovery, registration, and delivery services for disk and server images. It provides the ability to copy or snapshot a server image, and immediately store it away. Stored images can be used as a template to get new servers up and running quickly and more consistently than installing a server operating system and individually configuring additional services. It was discovered that an authenticated user could use a path traversal flaw in glance to download or delete any file on the glance server that is accessible to the glance process user. Note that only setups using the OpenStack Image V2 API were affected by this flaw.

tags | advisory
systems | linux, redhat
advisories | CVE-2014-9493
MD5 | 2b78b1b6476c999fa74c65cd31e6c08b
Ubuntu Security Notice USN-2504-1
Posted Feb 19, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2504-1 - The NSS package contained outdated CA certificates. This update refreshes the NSS package to version 3.17.4 which includes the latest CA certificate bundle.

tags | advisory
systems | linux, ubuntu
MD5 | c103e8bd5c54ecd2912b62129c167df2
phpBugTracker 1.6.0 CSRF / XSS / SQL Injection
Posted Feb 19, 2015
Authored by Steffen Roesemann

phpBugTracker version 1.6.0 suffers from cross site request forgery, cross site scripting, and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection, csrf
MD5 | 6d431ef6426336fdeb205b764bfea575
HP Security Bulletin HPSBUX03240 SSRT101872
Posted Feb 19, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBUX03240 SSRT101872 - Potential security vulnerabilities have been identified with HP-UX running NTP. These could be exploited remotely to execute code, create a Denial of Service (DoS), or other vulnerabilities. Revision 1 of this advisory.

tags | advisory, denial of service, vulnerability
systems | hpux
advisories | CVE-2014-9293, CVE-2014-9294, CVE-2014-9295, CVE-2014-9296, CVE-2014-9297
MD5 | 5c4a66b3cb7e2dd8edd7d99f81147e16
WordPress Easy Social Icons 1.2.2 CSRF / XSS
Posted Feb 19, 2015
Authored by Eric Flokstra

WordPress Easy Social Icons plugin version 1.2.2 suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
MD5 | aa9d6641835a63dec0f3a4e4702273a0
Debian Security Advisory 3163-1
Posted Feb 19, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3163-1 - It was discovered that LibreOffice, an office productivity suite, could try to write to invalid memory areas when importing malformed RTF files. This could allow remote attackers to cause a denial of service (crash) or arbitrary code execution via crafted RTF files.

tags | advisory, remote, denial of service, arbitrary, code execution
systems | linux, debian
advisories | CVE-2014-9093
MD5 | d7952a815080f56eae44ab4178c3953b
Debian Security Advisory 3162-1
Posted Feb 19, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3162-1 - Jan-Piet Mens discovered that the BIND DNS server would crash when processing an invalid DNSSEC key rollover, either due to an error on the zone operator's part, or due to interference with network traffic by an attacker. This issue affects configurations with the directives "dnssec-validation auto;" (as enabled in the Debian default configuration) or "dnssec-lookaside auto;".

tags | advisory
systems | linux, debian
advisories | CVE-2015-1349
MD5 | 5b996f9aec5679c4769cd68dabb0ee09
4images Cross Site Scripting / Clickjacking
Posted Feb 19, 2015
Authored by Provensec

4images suffers from cross site scripting and clickjacking vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 05867c680192cc7918e7c651addb7bd2
Mediafire Open Redirect
Posted Feb 19, 2015
Authored by Nicholas Lemonias

Mediafire suffered from an open redirect vulnerability.

tags | exploit
MD5 | 4ec3b549ee6b4e5c201082ee0c22223e
WordPress WooCommerce 2.2.10 Cross Site Scripting
Posted Feb 19, 2015
Authored by Eric Flokstra

WordPress WooCommerce plugin version 2.2.10 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 5caec7a5453c6062c82abc18a579d7ae
MyBB 1.8.3 Cross Site Scripting
Posted Feb 19, 2015
Authored by Steffen Roesemann

MyBB version 1.8.3 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 906646c03c59b32fc904a45a1022578c
Rackspace Cross Site Scripting
Posted Feb 19, 2015
Authored by Nicholas Lemonias

Rackspace suffers from cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | be432db39e65c254d84354cbef549061
Page 1 of 1
Back1Next

File Archive:

October 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    25 Files
  • 2
    Oct 2nd
    13 Files
  • 3
    Oct 3rd
    1 Files
  • 4
    Oct 4th
    1 Files
  • 5
    Oct 5th
    15 Files
  • 6
    Oct 6th
    15 Files
  • 7
    Oct 7th
    15 Files
  • 8
    Oct 8th
    11 Files
  • 9
    Oct 9th
    3 Files
  • 10
    Oct 10th
    1 Files
  • 11
    Oct 11th
    1 Files
  • 12
    Oct 12th
    8 Files
  • 13
    Oct 13th
    12 Files
  • 14
    Oct 14th
    23 Files
  • 15
    Oct 15th
    4 Files
  • 16
    Oct 16th
    13 Files
  • 17
    Oct 17th
    1 Files
  • 18
    Oct 18th
    1 Files
  • 19
    Oct 19th
    27 Files
  • 20
    Oct 20th
    41 Files
  • 21
    Oct 21st
    18 Files
  • 22
    Oct 22nd
    16 Files
  • 23
    Oct 23rd
    2 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close