Twenty Year Anniversary
Showing 1 - 18 of 18 RSS Feed

Files Date: 2015-05-21

Pluck CMS 4.7.2 Directory Traversal
Posted May 21, 2015
Authored by Kacper Szurek

Pluck CMS version 4.7.2 suffers from a directory traversal vulnerability.

tags | exploit, file inclusion
MD5 | 267b495650c70038bf181ebc615f0fb9
Debian Security Advisory 3261-2
Posted May 21, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3261-2 - The update for libmodule-signature-perl issued as DSA-3261-1 introduced a regression in the handling of the --skip option of cpansign. Updated packages are now available to address this regression.

tags | advisory, perl
systems | linux, debian
MD5 | d2d892fb5ef9716d76503254a689f98c
Ubuntu Security Notice USN-2610-1
Posted May 21, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2610-1 - Several security issues were discovered in the DOM implementation in Blink. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to bypass Same Origin Policy restrictions. A use-after-free was discovered in the WebAudio implementation in Chromium. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via renderer crash, or execute arbitrary code with the privileges of the sandboxed render process. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2015-1253, CVE-2015-1254, CVE-2015-1255, CVE-2015-1256, CVE-2015-1257, CVE-2015-1258, CVE-2015-1260, CVE-2015-1262, CVE-2015-1265, CVE-2015-3910
MD5 | 1de555013061342950306a43a26b13be
Ubuntu Security Notice USN-2618-1
Posted May 21, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2618-1 - It was discovered that python-dbusmock incorrectly handled template loading from shared directories. A local attacker could possibly use this issue to execute arbitrary code.

tags | advisory, arbitrary, local, python
systems | linux, ubuntu
advisories | CVE-2015-1326
MD5 | 9f0590401ef7f51ba78eed2f115cc217
Debian Security Advisory 3266-1
Posted May 21, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3266-1 - Tavis Ormandy discovered that FUSE, a Filesystem in Userspace, does not scrub the environment before executing mount or umount with elevated privileges. A local user can take advantage of this flaw to overwrite arbitrary files and gain elevated privileges by accessing debugging features via the environment that would not normally be safe for unprivileged users.

tags | advisory, arbitrary, local
systems | linux, debian
advisories | CVE-2015-3202
MD5 | 3484476fdcc99edcae38af4aa798fd32
Jackrabbit WebDAV XXE Injection
Posted May 21, 2015
Authored by Mikhail Egorov

Jackrabbit versions 2.x suffer from a WebDAV XXE injection vulnerability. Included are details and patches.

tags | exploit, xxe
systems | linux
advisories | CVE-2015-1833
MD5 | 7255a86227bb0197a965671c920d7057
Ubuntu Security Notice USN-2609-1
Posted May 21, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2609-1 - Sander Bos discovered that Apport incorrectly handled permissions when the system was configured to generate core dumps for setuid binaries. A local attacker could use this issue to gain elevated privileges. Philip Pettersson discovered that Apport contained race conditions resulting core dumps to be generated with incorrect permissions in arbitrary locations. A local attacker could use this issue to gain elevated privileges. Various other issues were also addressed.

tags | advisory, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2015-1324, CVE-2015-1325
MD5 | 6567fd6f12b410fb78cad6c6f68b0b5c
Microsoft Security Bulletin Summary For May, 2015
Posted May 21, 2015
Site microsoft.com

This bulletin summary lists one released Microsoft security bulletin for May, 2015.

tags | advisory
MD5 | 5439337a034a768ebf071c247f3239ff
hardwear.io Call For Papers
Posted May 21, 2015
Authored by hardwear.io CFP

hardwear is seeking innovative research on hardware security. If you have done interesting research on attacks or mitigation on any Hardware and want to showcase it to the security community, just submit your research paper. It will take place October 1st through the 2nd, 2015 in The Hague, Netherlands.

tags | paper, conference
MD5 | 3227c183c691c9e84dfa4be33860d36f
Hacktivity 2015 Call For Papers
Posted May 21, 2015
Site hacktivity.com

The Hacktivity 2015 Call For Papers has been announced. It will be held from October 9th through the 10th, 2015 in Budapest, Hungary.

tags | paper, conference
MD5 | 3a1ce30357377ea2896a1e73d72ee7dd
KCodes NetUSB Buffer Overflow
Posted May 21, 2015
Authored by Stefan Viehbock | Site sec-consult.com

KCodes NetUSB suffers from a kernel stack buffer overflow vulnerability.

tags | advisory, overflow, kernel
advisories | CVE-2015-3036
MD5 | 2c9b512013df0c3329d23013cf4edc6f
Ubuntu Security Notice USN-2617-1
Posted May 21, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2617-1 - Tavis Ormandy discovered that FUSE incorrectly filtered environment variables. A local attacker could use this issue to gain administrative privileges.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2015-3202
MD5 | d605605960352c1297fa52f00d020594
Coppermine Gallery 1.5.34 XSS / Open Redirection
Posted May 21, 2015
Authored by Mahendra

Coppermine Gallery version 1.5.34 suffers from cross site scripting, open redirection, and directory enumeration vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2015-3921, CVE-2015-3922, CVE-2015-3923
MD5 | 21658dbec1d5fa4c19976a2f5e761f0a
Newsletter 4.3 SQL Injection
Posted May 21, 2015
Authored by Ashiyane Digital Security Team

Newsletter version 4.3 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | d32cd4332bbb2ecb6d0d77b1804189c4
WordPress WP Photo Album Plus 6.1.2 Cross Site Scripting
Posted May 21, 2015
Authored by High-Tech Bridge SA | Site htbridge.com

WordPress WP Photo Album Plus plugin version 6.1.2 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2015-3647
MD5 | 2aa25d1b81d911745691144ddb319487
Windows 8.0 / 8.1 x64 TrackPopupMenu Privilege Escalation
Posted May 21, 2015
Authored by Matteo Memelli

Microsoft Windows versions 8.0 and 8.1 on x64 TrackPopupMenu privilege escalation exploit that leverages the vulnerability documented in MS14-058.

tags | exploit
systems | windows
advisories | CVE-2014-4113
MD5 | 7558f5dbcb1f1aad75dd4f8fd1021ff5
SAP ERPScan XXE Injection / XSS / Missing Authorization
Posted May 21, 2015
Authored by Darya Maenkova

SAP ERPScan has patched buffer overflow, XXE injection, and missing authorization vulnerabilities.

tags | advisory, overflow, vulnerability, xxe
MD5 | a1aee554abedafae1f238218b2038094
Hikvision DS-7108HWI-SH XML Injection / Abuse Issues
Posted May 21, 2015
Authored by MustLive

Hikvision DS-7108HWI-SH suffers from XML injection and abuse control vulnerabilities.

tags | exploit, vulnerability, xxe
MD5 | 640f79771f41fb706f57dc4b44e0ca8e
Page 1 of 1
Back1Next

File Archive:

November 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    10 Files
  • 2
    Nov 2nd
    15 Files
  • 3
    Nov 3rd
    2 Files
  • 4
    Nov 4th
    2 Files
  • 5
    Nov 5th
    32 Files
  • 6
    Nov 6th
    27 Files
  • 7
    Nov 7th
    8 Files
  • 8
    Nov 8th
    9 Files
  • 9
    Nov 9th
    17 Files
  • 10
    Nov 10th
    2 Files
  • 11
    Nov 11th
    2 Files
  • 12
    Nov 12th
    33 Files
  • 13
    Nov 13th
    29 Files
  • 14
    Nov 14th
    23 Files
  • 15
    Nov 15th
    0 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close