exploit the possibilities
Showing 1 - 19 of 19 RSS Feed

Files Date: 2015-03-16

Microsoft Security Bulletin Re-Release For March, 2015
Posted Mar 16, 2015
Site microsoft.com

This bulletin summary lists two re-released Microsoft security bulletins for March, 2015.

tags | advisory
MD5 | 7121bb1c0c9dd73bd283bdf972df6edf
Ubuntu Security Notice USN-2532-1
Posted Mar 16, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2532-1 - It was discovered that cups-browsed incorrectly filtered remote printer names and strings. A remote attacker could use this issue to possibly execute arbitrary commands.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2015-2265
MD5 | 8471c42929eaf56ffbecbe57ff84a9d9
Ubuntu Security Notice USN-2531-1
Posted Mar 16, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2531-1 - Matthew Daley discovered that Requests incorrectly handled cookies without host values when being redirected. A remote attacker could possibly use this issue to perform session fixation or cookie stealing attacks.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2015-2296
MD5 | e5fb1d6b2ab2fe853fe2bd3bdaa94528
Ubuntu Security Notice USN-2533-1
Posted Mar 16, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2533-1 - Jakub Wilk and Stephane Chazelas discovered that Sudo incorrectly handled the TZ environment variable. An attacker with Sudo access could possibly use this issue to open arbitrary files, bypassing intended permissions.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2014-9680
MD5 | 7f53c228e440e358414ce9d89419789d
Mandriva Linux Security Advisory 2015-061
Posted Mar 16, 2015
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2015-061 - Sibiao Luo discovered that QEMU incorrectly handled device hot-unplugging. A local user could possibly use this flaw to cause a denial of service. Michael S. Tsirkin discovered that QEMU incorrectly handled vmxnet3 devices. A local guest could possibly use this issue to cause a denial of service, or possibly execute arbitrary code on the host. Multiple integer overflow, input validation, logic error, and buffer overflow flaws were discovered in various QEMU block drivers. An attacker able to modify a disk image file loaded by a guest could use these flaws to crash the guest, or corrupt QEMU process memory on the host, potentially resulting in arbitrary code execution on the host with the privileges of the QEMU process. Various other issues have also been addressed.

tags | advisory, denial of service, overflow, arbitrary, local, code execution
systems | linux, mandriva
advisories | CVE-2013-4148, CVE-2013-4149, CVE-2013-4150, CVE-2013-4151, CVE-2013-4377, CVE-2013-4526, CVE-2013-4527, CVE-2013-4529, CVE-2013-4530, CVE-2013-4531, CVE-2013-4533, CVE-2013-4534, CVE-2013-4535, CVE-2013-4536, CVE-2013-4537, CVE-2013-4538, CVE-2013-4539, CVE-2013-4540, CVE-2013-4541, CVE-2013-4542, CVE-2013-6399, CVE-2014-0142, CVE-2014-0143, CVE-2014-0144, CVE-2014-0145, CVE-2014-0146, CVE-2014-0147, CVE-2014-0148
MD5 | c9b55834c404543fea26edb504ed3e3e
Debian Security Advisory 3191-1
Posted Mar 16, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3191-1 - Multiple vulnerabilities have been discovered in GnuTLS, a library implementing the TLS and SSL protocols.

tags | advisory, vulnerability, protocol
systems | linux, debian
advisories | CVE-2015-0282, CVE-2015-0294
MD5 | 8fe44d1e05476d9e15b9790d2677c966
Debian Security Advisory 3189-1
Posted Mar 16, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3189-1 - Several security issues have been corrected in multiple demuxers and decoders of the libav multimedia library.

tags | advisory
systems | linux, debian
advisories | CVE-2014-7933, CVE-2014-8543, CVE-2014-8544, CVE-2014-8547, CVE-2014-8548, CVE-2014-9604
MD5 | 1e7f0b35c7f598d7a099be0599c8228f
Debian Security Advisory 3190-1
Posted Mar 16, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3190-1 - Patrick Coleman discovered that the Putty SSH client failed to wipe out unused sensitive memory.

tags | advisory
systems | linux, debian
advisories | CVE-2015-2157
MD5 | cf56925f389c2350775816a0d992faa5
Debian Security Advisory 3188-1
Posted Mar 16, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3188-1 - Mateusz Jurczyk discovered multiple vulnerabilities in Freetype. Opening malformed fonts may result in denial of service or the execution of arbitrary code.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, debian
advisories | CVE-2014-9656, CVE-2014-9657, CVE-2014-9658, CVE-2014-9660, CVE-2014-9661, CVE-2014-9663, CVE-2014-9664, CVE-2014-9666, CVE-2014-9667, CVE-2014-9669, CVE-2014-9670, CVE-2014-9671, CVE-2014-9672, CVE-2014-9673, CVE-2014-9675
MD5 | b34b412fe501019976313a3212c6df3d
Debian Security Advisory 3187-1
Posted Mar 16, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3187-1 - Several vulnerabilities were discovered in the International Components for Unicode (ICU) library.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2013-1569, CVE-2013-2383, CVE-2013-2384, CVE-2013-2419, CVE-2014-6585, CVE-2014-6591, CVE-2014-7923, CVE-2014-7926, CVE-2014-7940, CVE-2014-9654
MD5 | 26dd6b19dbfefc1c781d098ed5c9873a
Mandriva Linux Security Advisory 2015-060
Posted Mar 16, 2015
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2015-060 - Florian Weimer of the Red Hat Product Security Team discovered a heap-based buffer overflow flaw in LibYAML, a fast YAML 1.1 parser and emitter library. A remote attacker could provide a YAML document with a specially-crafted tag that, when parsed by an application using libyaml, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. Ivan Fratric of the Google Security Team discovered a heap-based buffer overflow vulnerability in LibYAML, a fast YAML 1.1 parser and emitter library. A remote attacker could provide a specially-crafted YAML document that, when parsed by an application using libyaml, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. An assertion failure was found in the way the libyaml library parsed wrapped strings. An attacker able to load specially crafted YAML input into an application using libyaml could cause the application to crash.

tags | advisory, remote, overflow, arbitrary
systems | linux, redhat, mandriva
advisories | CVE-2013-6393, CVE-2014-2525, CVE-2014-9130
MD5 | 58623aa93e3abcf6f58d5b3c93e753fd
Mandriva Linux Security Advisory 2015-059
Posted Mar 16, 2015
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2015-059 - Multiple vulnerabilities has been found and corrected in the Mozilla NSS and NSPR packages. The updated packages provides a solution for these security issues.

tags | advisory, vulnerability
systems | linux, mandriva
advisories | CVE-2014-1492, CVE-2014-1544, CVE-2014-1545, CVE-2014-1568, CVE-2014-1569
MD5 | 2c77270c2fd4ff12cd5ee2996304f911
Gentoo Linux Security Advisory 201503-07
Posted Mar 16, 2015
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201503-7 - An out-of-bounds error in hivex may result in execution of arbitrary code or Denial of Service. Versions less than 1.3.11 are affected.

tags | advisory, denial of service, arbitrary
systems | linux, gentoo
advisories | CVE-2014-9273
MD5 | 4c71773f1a39e39ad3e0d766894b78d4
Gentoo Linux Security Advisory 201503-06
Posted Mar 16, 2015
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201503-6 - Multiple vulnerabilities have been found in ICU, possibly resulting in Denial of Service. Versions less than 54.1-r1 are affected.

tags | advisory, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2014-7923, CVE-2014-7926, CVE-2014-7940, CVE-2014-9654
MD5 | fcb78ecc23ea112d82885be32074aeb8
Foxit Reader 7.0.6.1126 Privilege Escalation
Posted Mar 16, 2015
Authored by Aljaz Ceru | Site zeroscience.mk

Foxit Reader version 7.0.6.1126 suffers from an unquoted service path elevation of privilege vulnerability.

tags | exploit
MD5 | 6405d325fb84e1ef1b0864584fec84bb
724CMS 5.01 / 4.59 / 4.01 / 3.01 Directory Traversal
Posted Mar 16, 2015
Authored by Wang Jing

724CMS versions 5.01, 4.59, 4.01, and 3.01 suffer from directory traversal vulnerabilities.

tags | exploit, vulnerability, file inclusion
MD5 | cb84ff6b5489670664e40338d60cf02f
WordPress Reflex Gallery 3.1.3 Shell Upload
Posted Mar 16, 2015
Authored by Cleiton Pinheiro

WordPress Reflex Gallery plugin version 3.1.3 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
MD5 | 5d0c580555da0c2ca98431e3de69c5e7
724CMS 5.01 / 4.59 / 4.01 / 3.01 Information Leakage
Posted Mar 16, 2015
Authored by Wang Jing

724CMS versions 5.01, 4.59, 4.01, and 3.01 suffer from multiple information leakage vulnerabilities.

tags | exploit, vulnerability
MD5 | 3c6fd9456b1f7e5392fc23281ce36401
Windows x86/x64 Download/Execute Shellcode
Posted Mar 16, 2015
Authored by Ali Razmjoo

Obfuscated shellcode for Windows x86/x64 that downloads and executes a binary using powershell.

tags | x86, shellcode
systems | windows
MD5 | 568c605c2b2da654b50180ab952c88c3
Page 1 of 1
Back1Next

File Archive:

August 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    3 Files
  • 2
    Aug 2nd
    2 Files
  • 3
    Aug 3rd
    32 Files
  • 4
    Aug 4th
    22 Files
  • 5
    Aug 5th
    15 Files
  • 6
    Aug 6th
    19 Files
  • 7
    Aug 7th
    6 Files
  • 8
    Aug 8th
    1 Files
  • 9
    Aug 9th
    2 Files
  • 10
    Aug 10th
    27 Files
  • 11
    Aug 11th
    11 Files
  • 12
    Aug 12th
    11 Files
  • 13
    Aug 13th
    17 Files
  • 14
    Aug 14th
    7 Files
  • 15
    Aug 15th
    0 Files
  • 16
    Aug 16th
    0 Files
  • 17
    Aug 17th
    0 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close