exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 23 of 23 RSS Feed

Files Date: 2015-05-20

Red Hat Security Advisory 2015-1020-01
Posted May 20, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1020-01 - IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit. Further information about these flaws can be found on the IBM Java Security alerts page, listed in the References section. The CVE-2015-0478 issue was discovered by Florian Weimer of Red Hat Product Security.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2005-1080, CVE-2015-0138, CVE-2015-0192, CVE-2015-0458, CVE-2015-0459, CVE-2015-0469, CVE-2015-0477, CVE-2015-0478, CVE-2015-0480, CVE-2015-0488, CVE-2015-0491, CVE-2015-1914, CVE-2015-2808
SHA-256 | b7d2def09d6a78b4b5773552927e06c22239193f9ed1990fc14f946a4e0ffbeb
Red Hat Security Advisory 2015-1021-01
Posted May 20, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1021-01 - IBM J2SE version 5.0 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit. Further information about these flaws can be found on the IBM Java Security alerts page, listed in the References section. The CVE-2015-0478 issue was discovered by Florian Weimer of Red Hat Product Security.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2005-1080, CVE-2015-0138, CVE-2015-0192, CVE-2015-0459, CVE-2015-0469, CVE-2015-0477, CVE-2015-0478, CVE-2015-0480, CVE-2015-0488, CVE-2015-0491, CVE-2015-1914, CVE-2015-2808
SHA-256 | 10ca220cdd88181ecb769acfd07f597ebc5e8fec1ad61aa1d821d8957b3807aa
HP Security Bulletin HPSBUX03333 SSRT102029 1
Posted May 20, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBUX03333 SSRT102029 1 - Potential security vulnerabilities have been identified with HP-UX running NTP. These could be exploited remotely to create a Denial of Service (DoS), or other vulnerabilities. Revision 1 of this advisory.

tags | advisory, denial of service, vulnerability
systems | hpux
advisories | CVE-2015-1798, CVE-2015-1799
SHA-256 | d5271c40b418bea801c994c27d89bc2fae9ac0aa743450c1e0ec36ed88a20b50
HP Security Bulletin HPSBUX03334 SSRT102000 1
Posted May 20, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBUX03334 SSRT102000 1 - Potential security vulnerabilities have been identified with HP-UX running OpenSSL. These vulnerabilities could be exploited remotely to create a remote Denial of Service (DoS) and other vulnerabilities. Revision 1 of this advisory.

tags | advisory, remote, denial of service, vulnerability
systems | hpux
advisories | CVE-2015-0204, CVE-2015-0209, CVE-2015-0286, CVE-2015-0287, CVE-2015-0288, CVE-2015-0289, CVE-2015-0292, CVE-2015-0293
SHA-256 | eb46fc96819b54c25b2a92e13c8d15dbf525d9e7dd4c0a8ec10967d4cdf2a74a
Debian Security Advisory 3265-1
Posted May 20, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3265-1 - Multiple vulnerabilities were discovered in Zend Framework, a PHP framework. Except for CVE-2015-3154, all these issues were already fixed in the version initially shipped with Jessie.

tags | advisory, php, vulnerability
systems | linux, debian
advisories | CVE-2014-2681, CVE-2014-2682, CVE-2014-2683, CVE-2014-2684, CVE-2014-2685, CVE-2014-4914, CVE-2014-8088, CVE-2014-8089, CVE-2015-3154
SHA-256 | cbf8949170958062f759dd3c0cd87f491f53a82a613a92ce18da29ba930ac6fe
Debian Security Advisory 3263-1
Posted May 20, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3263-1 - Vadim Melihow discovered that in proftpd-dfsg, an FTP server, the mod_copy module allowed unauthenticated users to copy files around on the server, and possibly to execute arbitrary code.

tags | advisory, arbitrary
systems | linux, debian
advisories | CVE-2015-3306
SHA-256 | ac6dcf2b8a50d76523a286978d647d532f4c498be4105ebfdf07388d03782759
Debian Security Advisory 3264-1
Posted May 20, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3264-1 - Multiple security issues have been found in Icedove, Debian's version of buffer overflows and use-after-frees may lead to the execution of arbitrary code, privilege escalation or denial of service.

tags | advisory, denial of service, overflow, arbitrary
systems | linux, debian
advisories | CVE-2015-0797, CVE-2015-2708, CVE-2015-2710, CVE-2015-2713, CVE-2015-2716
SHA-256 | 1a6f9841957ac17613535fd8516b7c9643eed0d4da7d865d3eadb70a9e675a3d
HP Security Bulletin HPSBGN03286 1
Posted May 20, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN03286 1 - A potential security vulnerability has been identified with HP LoadRunner. The vulnerability could be exploited remotely to allow a buffer overflow. Revision 1 of this advisory.

tags | advisory, overflow
advisories | CVE-2015-2110
SHA-256 | 77e1f0017599d488ff29131b60913d103e2951095b7a7763d0e85a09c3bd04a5
HiDisk 2.4 Cross Site Scripting
Posted May 20, 2015
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

HiDisk version 2.4 suffers from cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 64d72136f12d344f723dc4b373e08c6d1dbf2f416063afa99305e3907efcb50b
Apple Security Advisory 2015-05-19-1
Posted May 20, 2015
Authored by Apple | Site apple.com

Apple Security Advisory 2015-05-19-1 - Watch OS 1.0.1 is now available and addresses certificate issues, arbitrary code execution, XML external entity, and various other vulnerabilities.

tags | advisory, arbitrary, vulnerability, code execution, xxe
systems | apple
advisories | CVE-2015-1067, CVE-2015-1092, CVE-2015-1093, CVE-2015-1094, CVE-2015-1096, CVE-2015-1099, CVE-2015-1100, CVE-2015-1101, CVE-2015-1102, CVE-2015-1103, CVE-2015-1104, CVE-2015-1105, CVE-2015-1117
SHA-256 | f17aeaf116598c6c534faf7325f8d39d4a47f7b764dc38ac0fa599637f23b263
Linux/x86 execve "/bin/sh" Shellcode
Posted May 20, 2015
Authored by Reza Behzadpour

26 bytes small Linux/x86 execve "/bin/sh" shellcode.

tags | x86, shellcode
systems | linux
SHA-256 | 55b3e8c490b7e00c5773c1954fca27eecc61f1db2813dc8878005631e4a57d53
Comodo GeekBuddy Local Privilege Escalation
Posted May 20, 2015
Authored by Jeremy Brown

Comodo GeekBuddy, which is bundled with Comodo Anti-Virus, Comodo Firewall, and Comodo Internet Security, runs a passwordless, background VNC server and listens for incoming connections. This can allow for at least local privilege escalation on several platforms. It also may be remotely exploitable via CSRF-like attacks utilizing a modified web-based VNC client (eg. a Java VNC client).

tags | exploit, java, web, local, virus
SHA-256 | 9f9180461e9cd73423e245a053523757ad172b33d270f5c669f95253b81dd237
ZOC SSH Client 7.03.0 Buffer Overflow
Posted May 20, 2015
Authored by Dolev Farhi

ZOC SSH Client version 7.03.0 suffers from a buffer overflow vulnerability.

tags | exploit, overflow
SHA-256 | e42dd15e4a510917e7e3c36fb2b609903cd637f9a9ab4132272feb7ccf07962a
Ubuntu Security Notice USN-2616-1
Posted May 20, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2616-1 - Alexandre Oliva reported a race condition flaw in the btrfs file system's handling of extended attributes (xattrs). A local attacker could exploit this flaw to bypass ACLs and potentially escalate privileges. A memory corruption issue was discovered in AES decryption when using the Intel AES-NI accelerated code path. A remote attacker could exploit this flaw to cause a denial of service (system crash) or potentially escalate privileges on Intel base machines with AEC-GCM mode IPSec security association. Various other issues were also addressed.

tags | advisory, remote, denial of service, local
systems | linux, ubuntu
advisories | CVE-2014-9710, CVE-2015-3331, CVE-2015-3332
SHA-256 | 6d5e854fce22dc7828dfb7fdb530544b850ada7e6eb90e28677f9de08e01f7b9
Ubuntu Security Notice USN-2611-1
Posted May 20, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2611-1 - Vincent Tondellier discovered an integer overflow in the Linux kernel's netfilter connection tracking accounting of loaded extensions. An attacker on the local area network (LAN) could potential exploit this flaw to cause a denial of service (system crash of targeted system).

tags | advisory, denial of service, overflow, kernel, local
systems | linux, ubuntu
advisories | CVE-2014-9715
SHA-256 | b4c3e998a7d49a92e110bfc778dcffdf6db3890e165a13a0f8516fe439bbd4d6
Ubuntu Security Notice USN-2612-1
Posted May 20, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2612-1 - A race condition between chown() and execve() was discovered in the Linux kernel. A local attacker could exploit this race by using chown on a setuid-user-binary to gain administrative privileges. Vincent Tondellier discovered an integer overflow in the Linux kernel's netfilter connection tracking accounting of loaded extensions. An attacker on the local area network (LAN) could potential exploit this flaw to cause a denial of service (system crash of targeted system). Various other issues were also addressed.

tags | advisory, denial of service, overflow, kernel, local
systems | linux, ubuntu
advisories | CVE-2014-9715, CVE-2015-3339
SHA-256 | 34f987f7f6f67822ddd0219c9c83f04635ee710cc9f38ec4ba1174eb68d51de2
Ubuntu Security Notice USN-2615-1
Posted May 20, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2615-1 - Alexandre Oliva reported a race condition flaw in the btrfs file system's handling of extended attributes (xattrs). A local attacker could exploit this flaw to bypass ACLs and potentially escalate privileges. A memory corruption issue was discovered in AES decryption when using the Intel AES-NI accelerated code path. A remote attacker could exploit this flaw to cause a denial of service (system crash) or potentially escalate privileges on Intel base machines with AEC-GCM mode IPSec security association. Various other issues were also addressed.

tags | advisory, remote, denial of service, local
systems | linux, ubuntu
advisories | CVE-2014-9710, CVE-2015-3331, CVE-2015-3332
SHA-256 | 25638b80ace2c9f2bdf94815e626ecd8374cf275dfb2ac0988ee18aff2f04ed3
Ubuntu Security Notice USN-2613-1
Posted May 20, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2613-1 - Vincent Tondellier discovered an integer overflow in the Linux kernel's netfilter connection tracking accounting of loaded extensions. An attacker on the local area network (LAN) could potential exploit this flaw to cause a denial of service (system crash of targeted system). Jan Beulich discovered the Xen virtual machine subsystem of the Linux kernel did not properly restrict access to PCI command registers. A local guest user could exploit this flaw to cause a denial of service (host crash). Various other issues were also addressed.

tags | advisory, denial of service, overflow, kernel, local
systems | linux, ubuntu
advisories | CVE-2014-9715, CVE-2015-2150, CVE-2015-2830, CVE-2015-3331
SHA-256 | b64bb60c18c519b0ed27d58ee2e71d6a5fbd6269a6aab22e4be17fc12e4cf9e1
Ubuntu Security Notice USN-2614-1
Posted May 20, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2614-1 - Vincent Tondellier discovered an integer overflow in the Linux kernel's netfilter connection tracking accounting of loaded extensions. An attacker on the local area network (LAN) could potential exploit this flaw to cause a denial of service (system crash of targeted system). Jan Beulich discovered the Xen virtual machine subsystem of the Linux kernel did not properly restrict access to PCI command registers. A local guest user could exploit this flaw to cause a denial of service (host crash). Various other issues were also addressed.

tags | advisory, denial of service, overflow, kernel, local
systems | linux, ubuntu
advisories | CVE-2014-9715, CVE-2015-2150, CVE-2015-2830, CVE-2015-3331
SHA-256 | e0987162501d8a55fc1a3e8a6bf474732d7e1427471124e0dc77fe43dbc3b88a
Simple Invoice 2011.1 Cross Site Request Forgery
Posted May 20, 2015
Authored by Provensec

Simple Invoice version 2011.1 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | 7f7ed221cb72a656ccbb183689f5445ad84650f1578c24e9e6ad537e5385d8c1
Eisbar SCADA Script Insertion
Posted May 20, 2015
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

Eisbar SCADA suffers from a malicious script insertion vulnerability.

tags | exploit
SHA-256 | 3f1cea9f753def53e8d70f200ac4d5ac34877802ee86b77b0d601b26e3a86fb9
Simple Invoice 2011 Cross Site Scripting
Posted May 20, 2015
Authored by Provensec

Simple Invoice version 2011 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | b7e6887a45c5931cb176e53c1412937e536b0e740967f6ff17918aae0d32a09a
DirectAdmin 1.48 Cross Site Request Forgery
Posted May 20, 2015
Authored by Provensec

DirectAdmin version 1.48 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | a1a2a03a5ad46ca01cce7a7e5028a747d883d3be9fb3ab98b9963f200b51925a
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close