Twenty Year Anniversary
Showing 1 - 14 of 14 RSS Feed

Files Date: 2015-03-06

Packet Fence 4.7.0
Posted Mar 6, 2015
Site packetfence.org

PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.

Changes: Various updates.
tags | tool, remote
systems | unix
MD5 | 29083a51101ea27902d8388a0dfc5a85
Elastix 2.5.0 SQL Injection
Posted Mar 6, 2015
Authored by Ahmed Aboul-Ela

Elastix versions 2.5.0 and below suffer from a remote blind SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 81385990327b1a31af0f8097c842b7a7
Hackers 2 Hackers Conference 12 Edition Call For Papers
Posted Mar 6, 2015
Site h2hc.com.br

The call for papers for H2HC 12th edition is now open. H2HC is a hacker conference taking place in Sao Paulo, Brazil, from October 22nd through the 27th, 2015.

tags | paper, conference
MD5 | ed66e08fa0e17d675b4e694c331c8b9c
Betster 1.0.4 SQL Injection / Authentication Bypass
Posted Mar 6, 2015
Authored by CWH Underground, ZeQ3uL

Betster version 1.0.4 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection, bypass
advisories | CVE-2015-2237
MD5 | ab815ec369b78ad8ea18b094a033aaf1
Ubuntu Security Notice USN-2522-2
Posted Mar 6, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2522-2 - USN-2522-1 fixed vulnerabilities in ICU. On Ubuntu 12.04 LTS, the font patches caused a regression when using LibreOffice Calc. The patches have been temporarily backed out until the regression is investigated. It was discovered that ICU incorrectly handled memory operations when processing fonts. If an application using ICU processed crafted data, an attacker could cause it to crash or potentially execute arbitrary code with the privileges of the user invoking the program. This issue only affected Ubuntu 12.04 LTS. It was discovered that ICU incorrectly handled memory operations when processing fonts. If an application using ICU processed crafted data, an attacker could cause it to crash or potentially execute arbitrary code with the privileges of the user invoking the program. Various other issues were also addressed.

tags | advisory, arbitrary, vulnerability
systems | linux, ubuntu
advisories | CVE-2013-2419, CVE-2014-6591, CVE-2014-7940
MD5 | 96cee4473ccb18895456860b0fc5efef
Gentoo Linux Security Advisory 201503-01
Posted Mar 6, 2015
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201503-1 - Multiple vulnerabilities have been found in JasPer, the worst of which could could allow an attacker to execute arbitrary code. Versions less than 1.900.1-r9 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2014-8137, CVE-2014-8138, CVE-2014-8157, CVE-2014-8158, CVE-2014-9029
MD5 | 36fb6d7072b9c5b93302862cdf1f80f1
Nvidia Mental Ray Satellite Service Arbitrary DLL Injection
Posted Mar 6, 2015
Authored by Luigi Auriemma, Donato Ferrante | Site metasploit.com

The Nvidia Mental Ray Satellite Service listens for control commands on port 7414. When it receives the command to load a DLL (via an UNC path) it will try to connect back to the host on port 7514. If a TCP connection is successful it will then attempt to load the DLL. This Metasploit module has been tested successfully on Win7 x64 with Nvidia Mental Ray Satellite Service v3.11.1.

tags | exploit, tcp
MD5 | f525ec81ea95b79a5ad76e5901af869b
FireHOL 2.0.2
Posted Mar 6, 2015
Authored by Costa Tsaousis | Site firehol.org

FireHOL a simple yet powerful way to configure stateful iptables firewalls. It can be used for almost any purpose, including control of any number of internal/external/virtual interfaces, control of any combination of routed traffic, setting up DMZ routers and servers, and all kinds of NAT. It provides strong protection (flooding, spoofing, etc.), transparent caches, source MAC verification, blacklists, whitelists, and more. Its goal is to be completely abstracted and powerful but also easy to use, audit, and understand.

Changes: Added option --disable-doc to configure script. Fix to ensure the final firewall close code emits as both ipv4 and ipv6 where appropriate even if only ipv4 or ipv6 was used for the final interface/router.
tags | tool, spoof, firewall
systems | linux, unix
MD5 | 424f39588853c8685db6eda6d3867fbf
ProjectSend r561 SQL Injection
Posted Mar 6, 2015
Authored by Phi Le Ngoc

ProjectSend version r561 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | c97f151927e91f02aea4747bef511850
WordPress Download Manager 2.7.2 Privilege Escalation
Posted Mar 6, 2015
Authored by Kacper Szurek

WordPress Download Manager plugin version 2.7.2 suffers from a privilege escalation vulnerability.

tags | exploit
advisories | CVE-2014-9260
MD5 | 3b4aea9cbac6798957957afe34fcd40b
Red Hat Security Advisory 2015-0643-01
Posted Mar 6, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-0643-01 - KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm-rhev package provides the user-space component for running virtual machines using KVM, in environments managed by Red Hat Enterprise Linux OpenStack Platform. It was found that the Cirrus blit region checks were insufficient. A privileged guest user could use this flaw to write outside of VRAM-allocated buffer boundaries in the host's QEMU process address space with attacker-provided data. This issue was found by Paolo Bonzini of Red Hat.

tags | advisory
systems | linux, redhat
advisories | CVE-2014-8106
MD5 | 21203745205766bb7d7bbcb92f5dc54b
Red Hat Security Advisory 2015-0644-01
Posted Mar 6, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-0644-01 - OpenStack Image service provides discovery, registration, and delivery services for disk and server images. It provides the ability to copy or snapshot a server image, and immediately store it away. Stored images can be used as a template to get new servers up and running quickly and more consistently than installing a server operating system and individually configuring additional services. A storage quota bypass flaw was found in OpenStack Image. If an image was deleted while it was being uploaded, it would not count towards a user's quota. A malicious user could use this flaw to deliberately fill the backing store, and cause a denial of service.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2014-9623
MD5 | 77ca7c48a7dc726436e5296fc5a56e43
Red Hat Security Advisory 2015-0642-01
Posted Mar 6, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-0642-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. An information leak flaw was found in the way Thunderbird implemented autocomplete forms. An attacker able to trick a user into specifying a local file in the form could use this flaw to access the contents of that file.

tags | advisory, web, arbitrary, local
systems | linux, redhat
advisories | CVE-2015-0822, CVE-2015-0827, CVE-2015-0831, CVE-2015-0836
MD5 | e0769745203a2c7b19bc026282f98a94
Red Hat Security Advisory 2015-0645-01
Posted Mar 6, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-0645-01 - The Red Hat Support plug-in for Red Hat OpenStack is a Technology Preview feature which offers seamless integrated access to Red Hat subscription services from the Red Hat OpenStack administration portal. The plug-in provides automated functionality that enables quicker help, answers, and proactive services. It offers easy and instant access to Red Hat exclusive knowledge, resources, engagement, and diagnostic features. It was found that the local log-viewing function of the redhat-access-plugin for OpenStack Dashboard did not sanitize user input. An authenticated user could use this flaw to read an arbitrary file with the permissions of the web server.

tags | advisory, web, arbitrary, local
systems | linux, redhat
advisories | CVE-2015-0271
MD5 | e2aa1de30318e7d41f4ab3dac9339fb8
Page 1 of 1
Back1Next

Want To Donate?


Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

File Archive:

May 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    15 Files
  • 2
    May 2nd
    17 Files
  • 3
    May 3rd
    30 Files
  • 4
    May 4th
    29 Files
  • 5
    May 5th
    2 Files
  • 6
    May 6th
    3 Files
  • 7
    May 7th
    13 Files
  • 8
    May 8th
    27 Files
  • 9
    May 9th
    17 Files
  • 10
    May 10th
    15 Files
  • 11
    May 11th
    8 Files
  • 12
    May 12th
    2 Files
  • 13
    May 13th
    8 Files
  • 14
    May 14th
    7 Files
  • 15
    May 15th
    43 Files
  • 16
    May 16th
    19 Files
  • 17
    May 17th
    16 Files
  • 18
    May 18th
    15 Files
  • 19
    May 19th
    3 Files
  • 20
    May 20th
    7 Files
  • 21
    May 21st
    15 Files
  • 22
    May 22nd
    31 Files
  • 23
    May 23rd
    55 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close