what you don't know can hurt you
Showing 1 - 21 of 21 RSS Feed

Files Date: 2015-03-13

Jolla Phone URI Spoofing
Posted Mar 13, 2015
Authored by Nikolas Sotiriu

Jolla Phone with Sailfish OS versions 1.1.1.27 and below suffer from a telephone URI spoofing vulnerability.

tags | exploit, telephony, spoof
MD5 | 57ef9596cf11861bdc97dd540ee415f4
X2Engine 5.0.4 Platinum Edition Cross Site Request Forgery
Posted Mar 13, 2015
Authored by Provensec

X2Engine version 5.0.4 Platinum Edition suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | 877278aa21ada6b1af40d241a8ea9a19
Debian Security Advisory 3186-1
Posted Mar 13, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3186-1 - It was discovered that the Mozilla Network Security Service library (nss) incorrectly handled certain ASN.1 lengths. A remote attacker could possibly use this issue to perform a data-smuggling attack.

tags | advisory, remote
systems | linux, debian
advisories | CVE-2014-1569
MD5 | 1ac6828016c36d3b1fed8bd4fbbfe9c8
HP Security Bulletin HPSBMU03262 1
Posted Mar 13, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU03262 1 - A potential security vulnerability has been identified with the HP Version Control Agent running OpenSSL on Linux and Windows. This vulnerability is the SSLv3 vulnerability known as "Padding Oracle on Downgraded Legacy Encryption" or "POODLE", which could be exploited remotely to allow disclosure of information. A second vulnerability could be exploited to cause a Denial of Service (Dos). Revision 1 of this advisory.

tags | advisory, denial of service
systems | linux, windows
advisories | CVE-2014-3566, CVE-2014-5139
MD5 | 582c93fa49f6fa2d67d23f493f320ea9
HP Security Bulletin HPSBMU03283 1
Posted Mar 13, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU03283 1 - Potential security vulnerabilities have been identified with the HP Virtual Connect Enterprise Manager SDK running OpenSSL on Windows. This vulnerability is the SSLv3 vulnerability known as "Padding Oracle on Downgraded Legacy Encryption" or "POODLE", which could be exploited remotely to allow disclosure of information. A second vulnerability could be exploited remotely to cause a Denial of Service (DoS). Revision 1 of this advisory.

tags | advisory, denial of service, vulnerability
systems | windows
advisories | CVE-2014-3566, CVE-2014-5139
MD5 | 5a964ae5bcf1f5f013a6a2dd42e92690
HostingTakip 3.0 Cross Site Scripting
Posted Mar 13, 2015
Authored by KnocKout

HostingTakip version 3.0 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | 4e299665a39662162ba1bee579abffa1
HP Security Bulletin HPSBMU03259 1
Posted Mar 13, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU03259 1 - A potential security vulnerability has been identified with the HP Version Control Repository Manager running OpenSSL on Linux and Windows. This vulnerability is the SSLv3 vulnerability known as "Padding Oracle on Downgraded Legacy Encryption" or "POODLE", which could be exploited remotely to allow disclosure of information. Revision 1 of this advisory.

tags | advisory
systems | linux, windows
advisories | CVE-2014-3566, CVE-2014-5139
MD5 | 133e668f504ba8566e9e81afdfeb3320
HP Security Bulletin HPSBMU03267 1
Posted Mar 13, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU03267 1 - Potential security vulnerabilities have been identified with the HP Matrix Operating Environment and HP CloudSystem Matrix running OpenSSL. These vulnerabilities comprise the SSLv3 vulnerability known as "Padding Oracle on Downgraded Legacy Encryption" or "POODLE", which could be exploited remotely to allow disclosure of information. Revision 1 of this advisory.

tags | advisory, vulnerability
advisories | CVE-2014-3508, CVE-2014-3509, CVE-2014-3511, CVE-2014-3513, CVE-2014-3566, CVE-2014-3567, CVE-2014-3568, CVE-2014-5139
MD5 | 1ec40d8dc9f955517fe38ee2c122c801
Mandriva Linux Security Advisory 2015-058
Posted Mar 13, 2015
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2015-058 - Multiple vulnerabilities has been found and corrected in the Linux kernel. The Crypto API in the Linux kernel before 3.18.5 allows local users to load arbitrary kernel modules via a bind system call for an AF_ALG socket with a module name in the salg_name field, a different vulnerability than CVE-2014-9644. arch/x86/kvm/vmx.c in the KVM subsystem in the Linux kernel before 3.17.2 on Intel processors does not ensure that the value in the CR4 control register remains the same after a VM entry, which allows host OS users to kill arbitrary processes or cause a denial of service by leveraging /dev/kvm access, as demonstrated by PR_SET_TSC prctl calls within a modified copy of QEMU. Various other issues have also been addressed. The updated packages provides a solution for these security issues.

tags | advisory, denial of service, arbitrary, x86, kernel, local, crypto, vulnerability
systems | linux, mandriva
advisories | CVE-2013-7421, CVE-2014-3690, CVE-2014-8133, CVE-2014-8160, CVE-2014-8989, CVE-2014-9419, CVE-2014-9420, CVE-2014-9428, CVE-2014-9529, CVE-2014-9584, CVE-2014-9585, CVE-2014-9644, CVE-2014-9683, CVE-2015-0239
MD5 | 1672197a7863a87e12b27bd341a9da98
IPass Control Pipe Remote Command Execution
Posted Mar 13, 2015
Authored by Matthias Kaiser | Site metasploit.com

This Metasploit module exploits a vulnerability in the IPass Client service. This service provides a named pipe which can be accessed by the user group BUILTIN\Users. This pipe can be abused to force the service to load a DLL from a SMB share.

tags | exploit
advisories | CVE-2015-0925
MD5 | ffc39e2ef1fd5a0cf7b4f982947690e3
Alkacon OpenCms 9.5.1 Cross Site Scripting
Posted Mar 13, 2015
Authored by Rehan Ahmed

Alkacon OpenCms version 9.5.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 3d084771b1baac89e9f752cbc9edecc2
WordPress SEO By Yoast 1.7.3.3 SQL Injection
Posted Mar 13, 2015
Authored by Ryan Dewhurst

WordPress SEO by Yoast plugin versions 1.7.3.3 and below suffer from a remote blind SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | e5250a7dfde4fb7e954ba5c8607ff1eb
WordPress WPML XSS / Deletion / SQL Injection
Posted Mar 13, 2015
Authored by Jouko Pynnonen | Site klikki.fi

WordPress WPML plugin versions prior to 3.1.9.1 suffer from remote SQL injection, cross site scripting, and page/post/menu deletion vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
MD5 | a22d22991a043270f96f8e41fed347f9
Codiad 2.5.3 Local File Inclusion
Posted Mar 13, 2015
Authored by TUNISIAN CYBER

Codiad version 2.5.3 suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
MD5 | 8bdbe05fbaa9900680311f36d6be4609
iPass Mobile Client 2.4.2.15122 Privilege Escalation
Posted Mar 13, 2015
Authored by Hans-Martin Muench

iPass Mobile Client version 2.4.2.15122 suffers from a local privilege escalation vulnerability.

tags | exploit, local
MD5 | 4c5355b5d39555eab80c8d1b1908db1e
Ckeditor 4.4.7 Shell Upload / Cross Site Scripting
Posted Mar 13, 2015
Authored by KedAns-Dz

Ckeditor version 4.4.7.x suffers from cross site scripting and remote shell upload vulnerabilities.

tags | exploit, remote, shell, vulnerability, xss
MD5 | e8624b8c4ac1962e13f3d4672f9a6761
Debian Security Advisory 3185-1
Posted Mar 13, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3185-1 - Multiple vulnerabilities were discovered in libgcrypt.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2014-3591, CVE-2015-0837
MD5 | f0c5d0f18d2ca6b02de9a4619ba16987
Debian Security Advisory 3184-1
Posted Mar 13, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3184-1 - Multiple vulnerabilities were discovered in GnuPG, the GNU Privacy Guard.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2014-3591, CVE-2015-0837, CVE-2015-1606
MD5 | 597bb3322ba9abb2d5362afadecace13
HP Security Bulletin HPSBMU02895 SSRT101253 5
Posted Mar 13, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU02895 SSRT101253 5 - Potential security vulnerabilities have been identified with HP Data Protector. These vulnerabilities could be remotely exploited to allow an increase of privilege, create a Denial of Service (DoS), or execute arbitrary code. Revision 5 of this advisory.

tags | advisory, denial of service, arbitrary, vulnerability
advisories | CVE-2013-2344, CVE-2013-2345, CVE-2013-2346, CVE-2013-2347, CVE-2013-2348, CVE-2013-2349, CVE-2013-2350, CVE-2013-6194, CVE-2013-6195
MD5 | 2ee0bde75e35fb76aedf6add788d8258
HP Security Bulletin HPSBGN03249 1
Posted Mar 13, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN03249 1 - Potential security vulnerabilities has been identified with HP ArcSight Enterprise Security Manager (ESM) and HP ArcSight Logger. These vulnerabilities could be exploited remotely resulting in multiple vulnerabilities. Revision 1 of this advisory.

tags | advisory, vulnerability
advisories | CVE-2014-7884, CVE-2014-7885
MD5 | 0158bc52b8c30a9c3c1083232d8639be
Debian Security Advisory 3183-1
Posted Mar 13, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3183-1 - Multiple vulnerabilities have been discovered in Movable Type, a blogging system.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2013-2184, CVE-2014-9057, CVE-2015-1592
MD5 | ceb5b7e73629bea880d14be77a58aac7
Page 1 of 1
Back1Next

File Archive:

February 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    22 Files
  • 2
    Feb 2nd
    9 Files
  • 3
    Feb 3rd
    2 Files
  • 4
    Feb 4th
    15 Files
  • 5
    Feb 5th
    50 Files
  • 6
    Feb 6th
    24 Files
  • 7
    Feb 7th
    15 Files
  • 8
    Feb 8th
    6 Files
  • 9
    Feb 9th
    1 Files
  • 10
    Feb 10th
    1 Files
  • 11
    Feb 11th
    22 Files
  • 12
    Feb 12th
    25 Files
  • 13
    Feb 13th
    16 Files
  • 14
    Feb 14th
    32 Files
  • 15
    Feb 15th
    15 Files
  • 16
    Feb 16th
    10 Files
  • 17
    Feb 17th
    0 Files
  • 18
    Feb 18th
    0 Files
  • 19
    Feb 19th
    0 Files
  • 20
    Feb 20th
    0 Files
  • 21
    Feb 21st
    0 Files
  • 22
    Feb 22nd
    0 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close