exploit the possibilities
Showing 1 - 22 of 22 RSS Feed

Files Date: 2015-03-25

Ubuntu Security Notice USN-2549-1
Posted Mar 25, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2549-1 - It was discovered that the libarchive bsdcpio utility extracted absolute paths by default without using the --insecure flag, contrary to expectations. If a user or automated system were tricked into extracting cpio archives containing absolute paths, a remote attacker may be able to write to arbitrary files. Fabian Yamaguchi discovered that libarchive incorrectly handled certain type conversions. A remote attacker could possibly use this issue to cause libarchive to crash, resulting in a denial of service. This issue only affected Ubuntu 12.04 LTS. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2013-0211, CVE-2015-2304
MD5 | 89711eb4746d80353169d91fa34b7858
Debian Security Advisory 3197-2
Posted Mar 25, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3197-2 - The openssl update issued as DSA 3197-1 caused regressions. This update reverts the defective patch applied in that update causing these problems. Additionally a follow-up fix for CVE-2015-0209 is applied.

tags | advisory
systems | linux, debian
advisories | CVE-2015-0209, CVE-2015-0286, CVE-2015-0287, CVE-2015-0288, CVE-2015-0289, CVE-2015-0292
MD5 | 797087f48952f61f2312787b2062f077
pfSense 2.2 Cross Site Request Forgery / Cross Site Scripting
Posted Mar 25, 2015
Authored by High-Tech Bridge SA | Site htbridge.com

pfSense version 2.2 suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
advisories | CVE-2015-2294, CVE-2015-2295
MD5 | bc66a1f3e20e3367a0e23a190864aad6
Ubuntu Security Notice USN-2548-1
Posted Mar 25, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2548-1 - Nicolas Gregoire and Kevin Schaller discovered that Batik would load XML external entities by default. If a user or automated system were tricked into opening a specially crafted SVG file, an attacker could possibly obtain access to arbitrary files or cause resource consumption.

tags | advisory, arbitrary, xxe
systems | linux, ubuntu
advisories | CVE-2015-0250
MD5 | c499c0c54f40cb0d8d02809b38112f4d
WordPress Marketplace 2.4.0 Add Administrator
Posted Mar 25, 2015
Authored by Claudio Viviani, Kacper Szurek

WordPress Marketplace plugin version 2.4.0 add administrator exploit that leverages a vulnerability that allows an attacker to execute any php function unauthenticated.

tags | exploit, php
MD5 | f2259eb205884943bc346084f62118cf
Mini-Stream RM-MP3 Converter 2.7.3.700 Buffer Overflow
Posted Mar 25, 2015
Authored by TUNISIAN CYBER

Mini-Stream RM-MP3 Converter version 2.7.3.700 local buffer overflow exploit with message box shellcode.

tags | exploit, overflow, local, shellcode
MD5 | 1a0490d4d3dbc337cec4cdda40b324b1
HP Security Bulletin HPSBGN03285 1
Posted Mar 25, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN03285 1 - Potential security vulnerabilities have been identified with these three packages. These vulnerabilities could be exploited to allow execution of code. HP Operation Agent Virtual Appliance for monitoring VMware vSphere environments (OAVA) HP Virtualization Performance Viewer for monitoring VMware vSphere environments (vPV VA) HP Operations Manager i 10.00 Virtual (OMi VA). Revision 1 of this advisory.

tags | advisory, vulnerability
advisories | CVE-2012-6657, CVE-2014-3673, CVE-2014-3687, CVE-2014-3688, CVE-2014-5471, CVE-2014-5472, CVE-2014-6410, CVE-2014-9322, CVE-2015-0235
MD5 | 846517b320ae47de82aef6e04b78ef03
HP Security Bulletin HPSBMU03263 1
Posted Mar 25, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU03263 1 - Potential security vulnerabilities have been identified with HP Insight Control running OpenSSL. These vulnerabilities include the SSLv3 vulnerability known as "Padding Oracle on Downgraded Legacy Encryption" or "POODLE", which could be exploited remotely to allow disclosure of information. Revision 1 of this advisory.

tags | advisory, vulnerability
advisories | CVE-2014-3508, CVE-2014-3509, CVE-2014-3511, CVE-2014-3513, CVE-2014-3566, CVE-2014-3567, CVE-2014-3568, CVE-2014-5139
MD5 | ed1fada39923ff77abf1a96cc2596fd0
HP Security Bulletin HPSBMU03291 1
Posted Mar 25, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU03291 1 - A potential security vulnerability has been identified with HP Operations Orchestration running Powershell operations that could result in the remote disclosure of information. Revision 1 of this advisory.

tags | advisory, remote
advisories | CVE-2015-2108
MD5 | d5f22e82fe2996ad21ca0ff828917414
HP Security Bulletin HPSBMU03292 1
Posted Mar 25, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU03292 1 - A potential security vulnerability has been identified with HP Operations Orchestration that could result in authentication bypass. Revision 1 of this advisory.

tags | advisory
advisories | CVE-2015-2109
MD5 | 25675d74672517862322d08c9fad09c1
HP Security Bulletin HPSBMU03262 2
Posted Mar 25, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU03262 2 - A potential security vulnerability has been identified with the HP Version Control Agent running OpenSSL on Linux and Windows. This vulnerability is the SSLv3 vulnerability known as "Padding Oracle on Downgraded Legacy Encryption" or "POODLE", which could be exploited remotely to allow disclosure of information. A second vulnerability could be exploited to cause a Denial of Service (Dos). Revision 2 of this advisory.

tags | advisory, denial of service
systems | linux, windows
advisories | CVE-2014-3566, CVE-2014-5139
MD5 | 117d67b2cc026b09f04a77a8b353952b
HP Security Bulletin HPSBHF03276 1
Posted Mar 25, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBHF03276 1 - A potential security vulnerability has been identified with HP Integrated Lights-Out 2, 3, and 4 (iLO 2, iLO 3, iLO 4). The vulnerability could be exploited remotely resulting in unauthorized access or Denial of Service. Revision 1 of this advisory.

tags | advisory, denial of service
advisories | CVE-2015-2106
MD5 | 475d320c0090ae01d95b4f83704d136d
HP Security Bulletin HPSBHF03275 1
Posted Mar 25, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBHF03275 1 - A potential security vulnerability has been identified with HP Integrated Lights-Out 2, 3, and 4 (iLO 2, iLO 3, iLO 4). The vulnerability could be exploited remotely resulting in disclosure of information. Revision 1 of this advisory.

tags | advisory
advisories | CVE-2014-3566
MD5 | 1d783c0732d4c309a388ef05e44f35f5
HP Security Bulletin HPSBMU03301 1
Posted Mar 25, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU03301 1 - Potential security vulnerabilities have been identified with HP BladeSystem c-Class Onboard Administrator. These vulnerabilities include the SSLv3 vulnerability known as "Padding Oracle on Downgraded Legacy Encryption" or "POODLE", which could be exploited remotely to allow disclosure of information. Revision 1 of this advisory.

tags | advisory, vulnerability
advisories | CVE-2014-3566
MD5 | 65f9fc7539f4bba0dfbc460cd16f4fc9
Red Hat Security Advisory 2015-0720-01
Posted Mar 25, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-0720-01 - Red Hat JBoss Fuse Service Works is the next-generation ESB and business process automation infrastructure. This roll up patch serves as a cumulative upgrade for Red Hat JBoss Fuse Service Works 6.0.0. It includes various bug fixes, which are listed in the README file included with the patch files.

tags | advisory
systems | linux, redhat
advisories | CVE-2012-6153, CVE-2013-4002, CVE-2013-5855, CVE-2014-0005, CVE-2014-0075, CVE-2014-0096, CVE-2014-0099, CVE-2014-0119, CVE-2014-0193, CVE-2014-0227, CVE-2014-3472, CVE-2014-3481, CVE-2014-3490, CVE-2014-3530, CVE-2014-3558, CVE-2014-3577, CVE-2014-3578, CVE-2014-3625
MD5 | 8fb593ee700f2902ffa163e2dde11f52
Red Hat Security Advisory 2015-0719-01
Posted Mar 25, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-0719-01 - Red Hat JBoss Web Framework Kit combines popular open source web frameworks into a single solution for Java applications. RichFaces is an open source framework that adds Ajax capability into existing JavaServer Faces applications. It was found that the 'do' parameter permitted expression language injection, which could allow a remote attacker to execute Java methods on an affected server.

tags | advisory, java, remote, web
systems | linux, redhat
advisories | CVE-2015-0279
MD5 | 5eb6037e778261e0669767d9e350efcf
HP Security Bulletin HPSBGN03288 1
Posted Mar 25, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN03288 1 - A potential security vulnerability has been identified with HP Server Automation. This vulnerability could be exploited remotely to allow execution of arbitrary code. Revision 1 of this advisory.

tags | advisory, arbitrary
advisories | CVE-2015-0240
MD5 | 9bd2ce215e789b5d3fbba93288b3c470
HP Security Bulletin HPSBGN03282 1
Posted Mar 25, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN03282 1 - Potential security vulnerabilities have been identified with the underlying Linux Operating System kernel which supports these three Virtual Appliance packages. These vulnerabilities could be exploited to allow execution of code and other issues. HP Operations Agent Virtual Appliance for monitoring VMware vSphere environments (OAVA) HP Virtualization Performance Viewer Virtual appliance (vPV VA) HP Operations Manager i 10.00 Virtual (OMi VA). Revision 1 of this advisory.

tags | advisory, kernel, vulnerability
systems | linux
advisories | CVE-2012-6657, CVE-2014-3673, CVE-2014-3687, CVE-2014-3688, CVE-2014-5471, CVE-2014-5472, CVE-2014-6410, CVE-2014-9322
MD5 | b6db1e4534fa921828db08416786dbb5
WordPress Marketplace 2.4.0 Arbitrary File Download
Posted Mar 25, 2015
Authored by Kacper Szurek

WordPress Marketplace version 2.4.0 suffers from an arbitrary file download vulnerability.

tags | exploit, arbitrary
advisories | CVE-2014-9013, CVE-2014-9014
MD5 | 6d258e0c35118fc80ca80dc6e72fe9bf
HP Security Bulletin HPSBHF03151 1
Posted Mar 25, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBHF03151 1 - A potential security vulnerability has been identified with HP Integrated Lights-Out 2 and 4 (iLO 2, iLO 4) and Chassis Management (iLO CM) firmware. The vulnerabilities could be exploited remotely resulting in Denial of Service (DoS) remote execution of code, and elevation of privilege. Revision 1 of this advisory.

tags | advisory, remote, denial of service, vulnerability
advisories | CVE-2014-7876
MD5 | 049946dc3e4018420211cda6d402b0cf
Joomla Spider Random Article SQL Injection
Posted Mar 25, 2015
Authored by Jagriti Sahu

Joomla Spider Random Article component suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 3ad6be6f094f2fb29d633dd06ea1123e
Question2Answer 1.7 Cross Site Scripting
Posted Mar 25, 2015
Authored by s0w

Question2Answer version 1.7 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | 6e13a2776a410dc0b8d76b4cf2f77587
Page 1 of 1
Back1Next

File Archive:

March 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    15 Files
  • 2
    Mar 2nd
    5 Files
  • 3
    Mar 3rd
    3 Files
  • 4
    Mar 4th
    25 Files
  • 5
    Mar 5th
    20 Files
  • 6
    Mar 6th
    16 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    12 Files
  • 9
    Mar 9th
    3 Files
  • 10
    Mar 10th
    4 Files
  • 11
    Mar 11th
    23 Files
  • 12
    Mar 12th
    12 Files
  • 13
    Mar 13th
    12 Files
  • 14
    Mar 14th
    19 Files
  • 15
    Mar 15th
    12 Files
  • 16
    Mar 16th
    3 Files
  • 17
    Mar 17th
    1 Files
  • 18
    Mar 18th
    15 Files
  • 19
    Mar 19th
    22 Files
  • 20
    Mar 20th
    14 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    15 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close