ignore security and it'll go away
Showing 1 - 14 of 14 RSS Feed

Files Date: 2015-03-06

Packet Fence 4.7.0
Posted Mar 6, 2015
Site packetfence.org

PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.

Changes: Various updates.
tags | tool, remote
systems | unix
MD5 | 29083a51101ea27902d8388a0dfc5a85
Elastix 2.5.0 SQL Injection
Posted Mar 6, 2015
Authored by Ahmed Aboul-Ela

Elastix versions 2.5.0 and below suffer from a remote blind SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 81385990327b1a31af0f8097c842b7a7
Hackers 2 Hackers Conference 12 Edition Call For Papers
Posted Mar 6, 2015
Site h2hc.com.br

The call for papers for H2HC 12th edition is now open. H2HC is a hacker conference taking place in Sao Paulo, Brazil, from October 22nd through the 27th, 2015.

tags | paper, conference
MD5 | ed66e08fa0e17d675b4e694c331c8b9c
Betster 1.0.4 SQL Injection / Authentication Bypass
Posted Mar 6, 2015
Authored by CWH Underground, ZeQ3uL

Betster version 1.0.4 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection, bypass
advisories | CVE-2015-2237
MD5 | ab815ec369b78ad8ea18b094a033aaf1
Ubuntu Security Notice USN-2522-2
Posted Mar 6, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2522-2 - USN-2522-1 fixed vulnerabilities in ICU. On Ubuntu 12.04 LTS, the font patches caused a regression when using LibreOffice Calc. The patches have been temporarily backed out until the regression is investigated. It was discovered that ICU incorrectly handled memory operations when processing fonts. If an application using ICU processed crafted data, an attacker could cause it to crash or potentially execute arbitrary code with the privileges of the user invoking the program. This issue only affected Ubuntu 12.04 LTS. It was discovered that ICU incorrectly handled memory operations when processing fonts. If an application using ICU processed crafted data, an attacker could cause it to crash or potentially execute arbitrary code with the privileges of the user invoking the program. Various other issues were also addressed.

tags | advisory, arbitrary, vulnerability
systems | linux, ubuntu
advisories | CVE-2013-2419, CVE-2014-6591, CVE-2014-7940
MD5 | 96cee4473ccb18895456860b0fc5efef
Gentoo Linux Security Advisory 201503-01
Posted Mar 6, 2015
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201503-1 - Multiple vulnerabilities have been found in JasPer, the worst of which could could allow an attacker to execute arbitrary code. Versions less than 1.900.1-r9 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2014-8137, CVE-2014-8138, CVE-2014-8157, CVE-2014-8158, CVE-2014-9029
MD5 | 36fb6d7072b9c5b93302862cdf1f80f1
Nvidia Mental Ray Satellite Service Arbitrary DLL Injection
Posted Mar 6, 2015
Authored by Luigi Auriemma, Donato Ferrante | Site metasploit.com

The Nvidia Mental Ray Satellite Service listens for control commands on port 7414. When it receives the command to load a DLL (via an UNC path) it will try to connect back to the host on port 7514. If a TCP connection is successful it will then attempt to load the DLL. This Metasploit module has been tested successfully on Win7 x64 with Nvidia Mental Ray Satellite Service v3.11.1.

tags | exploit, tcp
MD5 | f525ec81ea95b79a5ad76e5901af869b
FireHOL 2.0.2
Posted Mar 6, 2015
Authored by Costa Tsaousis | Site firehol.org

FireHOL a simple yet powerful way to configure stateful iptables firewalls. It can be used for almost any purpose, including control of any number of internal/external/virtual interfaces, control of any combination of routed traffic, setting up DMZ routers and servers, and all kinds of NAT. It provides strong protection (flooding, spoofing, etc.), transparent caches, source MAC verification, blacklists, whitelists, and more. Its goal is to be completely abstracted and powerful but also easy to use, audit, and understand.

Changes: Added option --disable-doc to configure script. Fix to ensure the final firewall close code emits as both ipv4 and ipv6 where appropriate even if only ipv4 or ipv6 was used for the final interface/router.
tags | tool, spoof, firewall
systems | linux, unix
MD5 | 424f39588853c8685db6eda6d3867fbf
ProjectSend r561 SQL Injection
Posted Mar 6, 2015
Authored by Phi Le Ngoc

ProjectSend version r561 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | c97f151927e91f02aea4747bef511850
WordPress Download Manager 2.7.2 Privilege Escalation
Posted Mar 6, 2015
Authored by Kacper Szurek

WordPress Download Manager plugin version 2.7.2 suffers from a privilege escalation vulnerability.

tags | exploit
advisories | CVE-2014-9260
MD5 | 3b4aea9cbac6798957957afe34fcd40b
Red Hat Security Advisory 2015-0643-01
Posted Mar 6, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-0643-01 - KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm-rhev package provides the user-space component for running virtual machines using KVM, in environments managed by Red Hat Enterprise Linux OpenStack Platform. It was found that the Cirrus blit region checks were insufficient. A privileged guest user could use this flaw to write outside of VRAM-allocated buffer boundaries in the host's QEMU process address space with attacker-provided data. This issue was found by Paolo Bonzini of Red Hat.

tags | advisory
systems | linux, redhat
advisories | CVE-2014-8106
MD5 | 21203745205766bb7d7bbcb92f5dc54b
Red Hat Security Advisory 2015-0644-01
Posted Mar 6, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-0644-01 - OpenStack Image service provides discovery, registration, and delivery services for disk and server images. It provides the ability to copy or snapshot a server image, and immediately store it away. Stored images can be used as a template to get new servers up and running quickly and more consistently than installing a server operating system and individually configuring additional services. A storage quota bypass flaw was found in OpenStack Image. If an image was deleted while it was being uploaded, it would not count towards a user's quota. A malicious user could use this flaw to deliberately fill the backing store, and cause a denial of service.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2014-9623
MD5 | 77ca7c48a7dc726436e5296fc5a56e43
Red Hat Security Advisory 2015-0642-01
Posted Mar 6, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-0642-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. An information leak flaw was found in the way Thunderbird implemented autocomplete forms. An attacker able to trick a user into specifying a local file in the form could use this flaw to access the contents of that file.

tags | advisory, web, arbitrary, local
systems | linux, redhat
advisories | CVE-2015-0822, CVE-2015-0827, CVE-2015-0831, CVE-2015-0836
MD5 | e0769745203a2c7b19bc026282f98a94
Red Hat Security Advisory 2015-0645-01
Posted Mar 6, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-0645-01 - The Red Hat Support plug-in for Red Hat OpenStack is a Technology Preview feature which offers seamless integrated access to Red Hat subscription services from the Red Hat OpenStack administration portal. The plug-in provides automated functionality that enables quicker help, answers, and proactive services. It offers easy and instant access to Red Hat exclusive knowledge, resources, engagement, and diagnostic features. It was found that the local log-viewing function of the redhat-access-plugin for OpenStack Dashboard did not sanitize user input. An authenticated user could use this flaw to read an arbitrary file with the permissions of the web server.

tags | advisory, web, arbitrary, local
systems | linux, redhat
advisories | CVE-2015-0271
MD5 | e2aa1de30318e7d41f4ab3dac9339fb8
Page 1 of 1
Back1Next

File Archive:

October 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    15 Files
  • 2
    Oct 2nd
    16 Files
  • 3
    Oct 3rd
    15 Files
  • 4
    Oct 4th
    15 Files
  • 5
    Oct 5th
    11 Files
  • 6
    Oct 6th
    6 Files
  • 7
    Oct 7th
    2 Files
  • 8
    Oct 8th
    1 Files
  • 9
    Oct 9th
    13 Files
  • 10
    Oct 10th
    16 Files
  • 11
    Oct 11th
    15 Files
  • 12
    Oct 12th
    23 Files
  • 13
    Oct 13th
    13 Files
  • 14
    Oct 14th
    12 Files
  • 15
    Oct 15th
    2 Files
  • 16
    Oct 16th
    16 Files
  • 17
    Oct 17th
    16 Files
  • 18
    Oct 18th
    15 Files
  • 19
    Oct 19th
    10 Files
  • 20
    Oct 20th
    7 Files
  • 21
    Oct 21st
    4 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close