exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 16 of 16 RSS Feed

Files Date: 2015-05-11

SixApart MovableType Storable Perl Code Execution
Posted May 11, 2015
Authored by John Lightsey | Site metasploit.com

This Metasploit module exploits a serialization flaw in MovableType before 5.2.12 to execute arbitrary code. The default nondestructive mode depends on the target server having the Object::MultiType and DateTime Perl modules installed in Perl's @INC paths. The destructive mode of operation uses only required MovableType dependencies, but it will noticeably corrupt the MovableType installation.

tags | exploit, arbitrary, perl
advisories | CVE-2015-1592
SHA-256 | 17bd25538ea89d3859076c963f08d57cc0e1cb2c94aab6ad5023702b569a06b8
Ubuntu Security Notice USN-2599-2
Posted May 11, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2599-2 - USN-2599-1 fixed vulnerabilities in the Linux kernel, however an unrelated regression in the auditing of some path names was introduced. Due to the regression the system could crash under certain conditions. This update fixes the problem. Various other issues were also addressed.

tags | advisory, kernel, vulnerability
systems | linux, ubuntu
SHA-256 | 138d43076ed7f427f4ac3fc106588f84c872b431cdaf38b53ed18cebc767dced
Ubuntu Security Notice USN-2597-2
Posted May 11, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2597-2 - USN-2597-1 fixed vulnerabilities in the Linux kernel, however an unrelated regression in the auditing of some path names was introduced. Due to the regression the system could crash under certain conditions. This update fixes the problem. Various other issues were also addressed.

tags | advisory, kernel, vulnerability
systems | linux, ubuntu
SHA-256 | 4a88d13d9d5f47aa9aea582bad465fbd16930733706f264f008633a086c3b8a0
Ubuntu Security Notice USN-2598-2
Posted May 11, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2598-2 - USN-2598-1 fixed vulnerabilities in the Linux kernel, however an unrelated regression in the auditing of some path names was introduced. Due to the regression the system could crash under certain conditions. This update fixes the problem. Various other issues were also addressed.

tags | advisory, kernel, vulnerability
systems | linux, ubuntu
SHA-256 | 634d9ab18a8496fe13544f88038c58781bec20d509ae0535d25ccff9bcbe0df5
HP Security Bulletin HPSBGN03329 1
Posted May 11, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN03329 1 - Potential security vulnerabilities have been identified with HP SDN VAN Controller. The vulnerabilities could be remotely exploited resulting in Denial of Service (DoS) or a Distributed Denial of Service (DDoS). Revision 1 of this advisory.

tags | advisory, denial of service, vulnerability
advisories | CVE-2014-0050, CVE-2015-2122
SHA-256 | d14b675a125e882a2f18beb6a2650d6acf6b9392249ac0ee46ac95f54dec5665
Red Hat Security Advisory 2015-0957-01
Posted May 11, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-0957-01 - Red Hat Satellite is a system management tool for Linux-based infrastructures. It allows for provisioning, monitoring, and remote management of multiple Linux deployments with a single, centralized tool. It was found that the RPC interface in Satellite would resolve external entities, allowing an attacker to conduct XML External Entity attacks. A remote attacker could use this flaw to read files accessible to the user running the Satellite server, and potentially perform other more advanced XXE attacks.

tags | advisory, remote, xxe
systems | linux, redhat
advisories | CVE-2014-8162
SHA-256 | 6bf5094519afad4e95c2db139971651deba0b71c07ab01281232000eaa5331d1
Debian Security Advisory 3256-1
Posted May 11, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3256-1 - Hanno Boeck discovered a heap-based buffer overflow flaw in the way Libtasn1, a library to manage ASN.1 structures, decoded certain DER-encoded input. A specially crafted DER-encoded input could cause an application using the Libtasn1 library to crash, or potentially to execute arbitrary code.

tags | advisory, overflow, arbitrary
systems | linux, debian
advisories | CVE-2015-3622
SHA-256 | 8b4804fb2ec6a12eba636ba1111c4a104c007dfabd81e67ac2d772cc9729b331
Debian Security Advisory 3255-1
Posted May 11, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3255-1 - It was discovered that libzmq, a lightweight messaging kernel, is susceptible to a protocol downgrade attack on sockets using the ZMTP v3 protocol. This could allow remote attackers to bypass ZMTP v3 security mechanisms by sending ZMTP v2 or earlier headers.

tags | advisory, remote, kernel, protocol
systems | linux, debian
SHA-256 | 3b484ced1d85c9e34526ce7e1b6b342d3dd806ea04f41acf71d4af3e8e482cea
Debian Security Advisory 3254-1
Posted May 11, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3254-1 - Kostya Kortchinsky of the Google Security Team discovered a flaw in the DER parser used to decode SSL/TLS certificates in suricata. A remote attacker can take advantage of this flaw to cause suricata to crash.

tags | advisory, remote
systems | linux, debian
advisories | CVE-2015-0971
SHA-256 | faaa13d4ddf18383266058e4735488e0193572dc6586a03438c811e9cd8e7af7
Ubuntu Security Notice USN-2600-2
Posted May 11, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2600-2 - USN-2600-1 fixed vulnerabilities in the Linux kernel, however an unrelated regression in the auditing of some path names was introduced. Due to the regression the system could crash under certain conditions. This update fixes the problem. Various other issues were also addressed.

tags | advisory, kernel, vulnerability
systems | linux, ubuntu
SHA-256 | effbf4aaafa73b1e388b20ce5390094432d68398b7aadfc05971e5db30a777ad
Ubuntu Security Notice USN-2604-1
Posted May 11, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2604-1 - Hanno B=C3=B6ck discovered that Libtasn1 incorrectly handled certain ASN.1 data. A remote attacker could possibly exploit this with specially crafted ASN.1 data and cause applications using Libtasn1 to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2015-3622
SHA-256 | 2a5e0c061702739f2a1c761d7b8bc2d7220399e8f44fb3c8f6b34fbc69a9783c
Ubuntu Security Notice USN-2605-1
Posted May 11, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2605-1 - Pedro Ribeiro discovered that ICU incorrectly handled certain memory operations when processing data. If an application using ICU processed crafted data, an attacker could cause it to crash or potentially execute arbitrary code with the privileges of the user invoking the program.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2014-8146, CVE-2014-8147
SHA-256 | df24d5929bd95bdea3f99762fb96a396d7bc61e03400a4581c8d65f63e3a921b
HP Security Bulletin HPSBGN03328 1
Posted May 11, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN03328 1 - A potential security vulnerability has been identified with Network Virtualization for HP LoadRunner and Performance Center. The vulnerability could be exploited remotely to allow disclosure of information. Revision 1 of this advisory.

tags | advisory
advisories | CVE-2015-2121
SHA-256 | 2a5ea3a0ec8503ee4a719f4a873edfa3c871a5e7c51227f67210cf26121345fc
Netsniff-NG High Performance Sniffer 0.5.9
Posted May 11, 2015
Authored by Tobias Klauser, Daniel Borkmann | Site code.google.com

netsniff-ng is is a free, performant Linux network sniffer for packet inspection. The gain of performance is reached by 'zero-copy' mechanisms, so that the kernel does not need to copy packets from kernelspace to userspace. For this purpose netsniff-ng is libpcap independent, but nevertheless supports the pcap file format for capturing, replaying and performing offline-analysis of pcap dumps. netsniff-ng can be used for protocol analysis, reverse engineering and network debugging.

Changes: Addition of packet fanout support.
tags | tool, kernel, sniffer, protocol
systems | linux, unix
SHA-256 | d37b664865419aaa15321fc259a71272c791fde7ec5c3f9638ded43b902b8380
RAID 2015 Call For Papers
Posted May 11, 2015
Site raid2015.org

RAID 2015 Call For Papers - The 18th International Symposium on Research in Attacks, Intrusions and Defenses (RAID 2015) aims at bringing together leading researchers and practitioners from academia, government, and industry to discuss novel research contributions related to any area of computer and information security. Papers on all topics related to intrusion detection and prevention are within scope. This event will be held from November 2nd through the 4th, 2015, in Kyoto, Japan.

tags | paper, conference
SHA-256 | f34c98b87a0ca5d157c3e7b7ef4ee8894799ad7c79b594a05f40eee52a6fb02c
WordPress Roomcloud 1.1 Cross Site Scripting
Posted May 11, 2015
Authored by Nitin Venkatesh

WordPress Roomcloud plugin version 1.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | aa6f1baa084cf9ef2f9f490eca9a17fc9a3a2e9cc0ee9c57b7313b5821b6ad0d
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close