Exploit the possiblities
Showing 1 - 25 of 374 RSS Feed

Files Date: 2015-02-01 to 2015-02-28

OpenSCAP Libraries 1.2.1
Posted Feb 27, 2015
Site open-scap.org

The openscap project is a set of open source libraries that support the SCAP (Security Content Automation Protocol) set of standards from NIST. It supports CPE, CCE, CVE, CVSS, OVAL, and XCCDF.

Changes: API and HTML report changes.
tags | protocol, library
systems | unix
MD5 | 294fe7beb81dd103b6e1eb8cec73101e
GNU Privacy Guard 2.0.27
Posted Feb 27, 2015
Site gnupg.org

GnuPG (the GNU Privacy Guard or GPG) is GNU's tool for secure communication and data storage. It can be used to encrypt data and to create digital signatures. It includes an advanced key management facility and is compliant with the proposed OpenPGP Internet standard as described in RFC2440. As such, it is meant to be compatible with PGP from NAI, Inc. Because it does not use any patented algorithms, it can be used without any restrictions.

Changes: Multiple bug fixes. Translation updates.
tags | tool, encryption
MD5 | b35df68881a5ae432b0391b73773c698
GNU Privacy Guard 1.4.19
Posted Feb 27, 2015
Site gnupg.org

GnuPG (the GNU Privacy Guard or GPG) is GNU's tool for secure communication and data storage. It can be used to encrypt data and to create digital signatures. It includes an advanced key management facility and is compliant with the proposed OpenPGP Internet standard as described in RFC2440. As such, it is meant to be compatible with PGP from NAI, Inc. Because it does not use any patented algorithms, it can be used without any restrictions.

Changes: Multiple bug fixes. Translation updates.
tags | tool, encryption
MD5 | 3af4ab5b3113b3e28d3551ecf9600785
Apache Standard Taglibs 1.2.1 XXE / Remote Command Execution
Posted Feb 27, 2015
Authored by David Jorm

Apache Standard Taglibs version 1.2.1 suffers from XXE and remote command execution vulnerabilities via the XSL extension in JSTL XML tags.

tags | advisory, remote, vulnerability
MD5 | b775eafea2729bd44cabb6a385742f9f
Tcl 1.16 Cross Site Scripting
Posted Feb 27, 2015
Authored by Ben Fuhrmannek

Tcl versions 1.0.0 through 1.16 suffer from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | b45b1a12b367ac80e8483e2a6a010cee
WordPress Media Cleaner 2.2.6 Cross Site Scripting
Posted Feb 27, 2015
Authored by Ismail Saygili

WordPress Media Cleaner plugin version 2.2.6 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 27b91f8024f9b8854a18bbd1c46a9b43
Debian Security Advisory 3176-1
Posted Feb 27, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3176-1 - Multiple vulnerabilities have been discovered in Request Tracker, an extensible trouble-ticket tracking system.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2014-9472, CVE-2015-1165, CVE-2015-1464
MD5 | 6625193eeabe6b0ba892ff48cdeb542e
Electronic Arts Origin Client 9.5.5 Privilege Escalation
Posted Feb 27, 2015
Authored by LiquidWorm | Site zeroscience.mk

Electronic Arts Origin Client version 9.5.5 suffers from multiple privilege escalation vulnerabilities.

tags | exploit, vulnerability
MD5 | bfba5993bc16a2002cd2e30a77a99518
Jetty 9.2.8 Shared Buffer Leakage
Posted Feb 27, 2015
Authored by Stephen Komal, Gotham Digital Science

Gotham Digital Science discovered a critical information leakage vulnerability in the Jetty web server that allows an unauthenticated remote attacker to read arbitrary data from previous requests and responses submitted to the server by other users. Jetty versions 9.2.3 through 9.2.8 are affected. Proof of concept code included.

tags | exploit, remote, web, arbitrary, proof of concept, info disclosure
advisories | CVE-2015-2080
MD5 | c61f9be0240289b47c5323b41d606933
Wireless File Transfer Pro Android Cross Site Request Forgery
Posted Feb 27, 2015
Authored by Hadji Samir | Site vulnerability-lab.com

Wireless File Transfer Pro Android suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | 000a5b4b921b8883bfb50ba4d38ddfb1
Data Source: Scopus CMS SQL Injection
Posted Feb 27, 2015
Authored by P0!s0nC0d3 | Site vulnerability-lab.com

Data Source: Scopus CMS suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | d343d99d13bbc91801ab4660f8f62a07
DSS TFTP 1.0 Path Traversal
Posted Feb 27, 2015
Authored by lucyoa | Site vulnerability-lab.com

DSS TFTP version 1.0 suffers from a path traversal vulnerability.

tags | exploit
MD5 | 576a30aeeb555d05cea797261d7c1462
D-Link / TRENDnet ncc2 CSRF / Unauthenticated Access
Posted Feb 27, 2015
Authored by Peter Adkins

Multiple D-Link and TRENDnet devices suffer from cross site request forgery and unauthenticated access vulnerabilities. Various proof of concepts included.

tags | exploit, vulnerability, proof of concept, csrf
MD5 | 81d882c48de34b97c98609a5658d4695
Collabtive 2.0 Cross Site Scripting
Posted Feb 27, 2015
Authored by Provensec

Collabtive version 2.0 suffers from a stored cross site scripting vulnerability.

tags | exploit, xss
MD5 | bd715d01ca7028390da81bc5e2fde991
Akeneo PIM Cross Site Scripting
Posted Feb 27, 2015
Authored by Provensec

Akeneo PIM suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 773f686014273ce4b42e5c893e2794b7
eFront Learning 3.6.11 Cross Site Scripting
Posted Feb 27, 2015
Authored by Provensec

eFront Learning version 3.6.11 suffers from a stored cross site scripting vulnerability.

tags | exploit, xss
MD5 | 0393af4fc6785949849ca3d737b61ab0
Secure rm 1.2.15
Posted Feb 26, 2015
Authored by Matthew Gauthier | Site srm.sourceforge.net

Secure rm (srm) is a command-line compatible rm(1) which completely destroys file contents before unlinking. The goal is to provide drop in security for users who wish to prevent command line recovery of deleted information, even if the machine is compromised.

Changes: Various updates.
tags | tool
systems | unix
MD5 | 681cbb0950b25e300a3f6d680f57f56c
FreeBSD Security Advisory - BIND Denial Of Service
Posted Feb 26, 2015
Site security.freebsd.org

FreeBSD Security Advisory - BIND servers which are configured to perform DNSSEC validation and which are using managed keys (which occurs implicitly when using "dnssec-validation auto;" or "dnssec-lookaside auto;") may exhibit unpredictable behavior due to the use of an improperly initialized variable. A remote attacker can trigger a crash of a name server that is configured to use managed keys under specific and limited circumstances. However, the complexity of the attack is very high unless the attacker has a specific network relationship to the BIND server which is targeted.

tags | advisory, remote
systems | freebsd
advisories | CVE-2015-1349
MD5 | 157aa73bbdf00c6b7d3cfe3f70a70177
FreeBSD Security Advisory - IGMP Integer Overflow
Posted Feb 26, 2015
Authored by Marek Kroemeke, Mateusz Kocielski | Site security.freebsd.org

FreeBSD Security Advisory - An integer overflow in computing the size of IGMPv3 data buffer can result in a buffer which is too small for the requested operation. An attacker who can send specifically crafted IGMP packets could cause a denial of service situation by causing the kernel to crash.

tags | advisory, denial of service, overflow, kernel
systems | freebsd
advisories | CVE-2015-1414
MD5 | 89b443fe13922317739f20717496c68e
TangoBB 1.5.0-A3 Cross Site Scripting
Posted Feb 26, 2015
Authored by Dennis Veninga

TangoBB version 1.5.0-A3 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 4d13ad6178f50e593beebc36f19fa18b
Enano CMS 1.1.8pl1 Cross Site Scripting
Posted Feb 26, 2015
Authored by Dennis Veninga

Enano CMS version 1.1.8pl1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 539d2c273daaded546415cf1f393b241
Ubuntu Security Notice USN-2512-1
Posted Feb 26, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2512-1 - A race condition was discovered in the Linux kernel's key ring. A local user could cause a denial of service (memory corruption or panic) or possibly have unspecified impact via the keyctl commands. A memory leak was discovered in the ISO 9660 CDROM file system when parsing rock ridge ER records. A local user could exploit this flaw to obtain sensitive information from kernel memory via a crafted iso9660 image. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local, memory leak
systems | linux, ubuntu
advisories | CVE-2014-9529, CVE-2014-9584
MD5 | 4e19f7fad044a7c2abb2f8c50b9ddb86
Ubuntu Security Notice USN-2519-1
Posted Feb 26, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2519-1 - Arnaud Le Blanc discovered that the GNU C Library incorrectly handled file descriptors when resolving DNS queries under high load. This may cause a denial of service in other applications, or an information leak. This issue only affected Ubuntu 10.04 LTS, Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. It was discovered that the GNU C Library incorrectly handled receiving a positive answer while processing the network name when performing DNS resolution. A remote attacker could use this issue to cause the GNU C Library to hang, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2013-7423, CVE-2014-9402, CVE-2015-1472, CVE-2015-1473
MD5 | 36ea5f1ec5067ca33c97a7fb40bc5965
Ubuntu Security Notice USN-2520-1
Posted Feb 26, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2520-1 - Peter De Wachter discovered that CUPS incorrectly handled certain malformed compressed raster files. A remote attacker could use this issue to cause CUPS to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2014-9679
MD5 | c2dafdb52a479e275b2bca9aa9cf1ec1
Slackware Security Advisory - mozilla-firefox Updates
Posted Feb 26, 2015
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New mozilla-firefox packages are available for Slackware 14.1 and -current to fix security issues.

tags | advisory
systems | linux, slackware
MD5 | 77e6b0f50613fe42ee9818a43ac983f0
Page 1 of 15
Back12345Next

File Archive:

December 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    15 Files
  • 2
    Dec 2nd
    2 Files
  • 3
    Dec 3rd
    1 Files
  • 4
    Dec 4th
    15 Files
  • 5
    Dec 5th
    15 Files
  • 6
    Dec 6th
    18 Files
  • 7
    Dec 7th
    17 Files
  • 8
    Dec 8th
    15 Files
  • 9
    Dec 9th
    13 Files
  • 10
    Dec 10th
    4 Files
  • 11
    Dec 11th
    41 Files
  • 12
    Dec 12th
    44 Files
  • 13
    Dec 13th
    25 Files
  • 14
    Dec 14th
    15 Files
  • 15
    Dec 15th
    28 Files
  • 16
    Dec 16th
    3 Files
  • 17
    Dec 17th
    13 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close