exploit the possibilities
Showing 1 - 18 of 18 RSS Feed

Files Date: 2015-05-29

HP Security Bulletin HPSBMU03263 3
Posted May 29, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU03263 3 - Potential security vulnerabilities have been identified with HP Insight Control running OpenSSL. These vulnerabilities include the SSLv3 vulnerability known as "Padding Oracle on Downgraded Legacy Encryption" or "POODLE", which could be exploited remotely to allow disclosure of information. Revision 3 of this advisory.

tags | advisory, vulnerability
advisories | CVE-2014-3508, CVE-2014-3509, CVE-2014-3511, CVE-2014-3513, CVE-2014-3566, CVE-2014-3567, CVE-2014-3568, CVE-2014-5139
MD5 | 4dcf9410e2b2d05ded7c38ebaa8868bd
HP Security Bulletin HPSBGN03332 1
Posted May 29, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN03332 1 - A potential security vulnerability has been identified in HP Operations Analytics running SSLv3. This is the SSLv3 vulnerability known as "Padding Oracle on Downgraded Legacy Encryption" or "Poodle", which could be exploited remotely resulting in Denial of Service (DoS) or disclosure of information. Revision 1 of this advisory.

tags | advisory, denial of service
advisories | CVE-2014-3566
MD5 | f2d66a55f98bcf0d0b7b594b659a35ad
Debian Security Advisory 3274-1
Posted May 29, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3274-1 - Jason Geffner discovered a buffer overflow in the emulated floppy disk drive, resulting in the potential privilege escalation.

tags | advisory, overflow
systems | linux, debian
advisories | CVE-2015-3456
MD5 | 71443fc7c69bfcab20e7eb1ab88349bb
HP Security Bulletin HPSBMU03223 1
Posted May 29, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU03223 1 - Several potential security vulnerabilities have been identified with HP Insight Control server provisioning running SSLv3. These are the SSLv3 vulnerabilities known as "Padding Oracle on Downgraded Legacy Encryption" also known as "Poodle", which could be exploited remotely resulting in Denial of Service (DoS) or disclosure of information. Revision 1 of this advisory.

tags | advisory, denial of service, vulnerability
advisories | CVE-2014-3513, CVE-2014-3566, CVE-2014-3567
MD5 | 0df3665f2e015d12453d2d569d1f0ca3
HP Security Bulletin HPSBMU03261 2
Posted May 29, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU03261 2 - Potential security vulnerabilities have been identified with HP Systems Insight Manager running OpenSSL on Linux and Windows. These vulnerabilities are related to the SSLv3 vulnerability known as "Padding Oracle on Downgraded Legacy Encryption" or "POODLE", which could be exploited remotely to allow disclosure of information. Revision 2 of this advisory.

tags | advisory, vulnerability
systems | linux, windows
advisories | CVE-2014-3508, CVE-2014-3509, CVE-2014-3511, CVE-2014-3513, CVE-2014-3566, CVE-2014-3567, CVE-2014-3568, CVE-2014-5139
MD5 | 388033c447c7f33f34f8050665d2febf
HP Security Bulletin HPSBMU03267 2
Posted May 29, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU03267 2 - Potential security vulnerabilities have been identified with the HP Matrix Operating Environment and HP CloudSystem Matrix running OpenSSL. These vulnerabilities comprise the SSLv3 vulnerability known as "Padding Oracle on Downgraded Legacy Encryption" or "POODLE", which could be exploited remotely to allow disclosure of information. Revision 2 of this advisory.

tags | advisory, vulnerability
advisories | CVE-2014-3508, CVE-2014-3509, CVE-2014-3511, CVE-2014-3513, CVE-2014-3566, CVE-2014-3567, CVE-2014-3568, CVE-2014-5139
MD5 | 4d4224e68626e86dd98e27f95e93ecda
Realtek SDK Miniigd UPnP SOAP Command Execution
Posted May 29, 2015
Authored by Michael Messner, Ricky Lawshae | Site metasploit.com

Different devices using the Realtek SDK with the miniigd daemon are vulnerable to OS command injection in the UPnP SOAP interface. Since it is a blind OS command injection vulnerability, there is no output for the executed command. This Metasploit module has been tested successfully on a Trendnet TEW-731BR router with emulation.

tags | exploit
advisories | CVE-2014-8361
MD5 | 72b8fb778fd1fdd823f1a701f3594e09
Airties login-cgi Buffer Overflow
Posted May 29, 2015
Authored by Michael Messner, Batuhan Burakcin | Site metasploit.com

This Metasploit module exploits a remote buffer overflow vulnerability on several Airties routers. The vulnerability exists in the handling of HTTP queries to the login cgi with long redirect parameters. The vulnerability doesn't require authentication. This Metasploit module has been tested successfully on the AirTies_Air5650v3TT_FW_1.0.2.0.bin firmware with emulation. Other versions such as the Air6372, Air5760, Air5750, Air5650TT, Air5453, Air5444TT, Air5443, Air5442, Air5343, Air5342, Air5341, Air5021 are also reported as vulnerable.

tags | exploit, remote, web, overflow, cgi
MD5 | 24fc892e9293e536950a82cf2c9c2bc1
D-Link Devices UPnP SOAPAction-Header Command Execution
Posted May 29, 2015
Authored by Craig Heffner, Samuel Huntley | Site metasploit.com

Different D-Link Routers are vulnerable to OS command injection in the UPnP SOAP interface. Since it is a blind OS command injection vulnerability, there is no output for the executed command. This Metasploit module has been tested on a DIR-645 device. The following devices are also reported as affected: DAP-1522 revB, DAP-1650 revB, DIR-880L, DIR-865L, DIR-860L revA, DIR-860L revB DIR-815 revB, DIR-300 revB, DIR-600 revB, DIR-645, TEW-751DR, TEW-733GR

tags | exploit
MD5 | 9120bc404ccb10c6abc177860b52fe17
Flash Timing Side-Channel Data Exfiltration
Posted May 29, 2015
Authored by Jann Horn

Flash by design allows local SWF files to read arbitrary local files, but prevents communication with remote servers. By smuggling data through a timing side-channel, this can be circumvented, allowing local SWF files to exfiltrate the contents of arbitrary local files to the internet.

tags | exploit, remote, arbitrary, local
systems | linux
MD5 | bf466e892df822f79e5d6bdb528cc1cf
ESC 8832 Data Controller Session Hijacking
Posted May 29, 2015
Authored by Balazs Makany

ESC 8832 suffers from insecure user session handling and generation as well as interception and user management issues.

tags | exploit
MD5 | 6ce1da56bad1f48c668cb9252a4e75b4
Smart PCAP Replay 1.0
Posted May 29, 2015
Authored by Srinivas Naik

This is a tool to replay packet captures and simulate client/server models when doing analysis. Written in Python.

tags | tool, sniffer, python
systems | unix
MD5 | f67567bc74e9ae13b343617007b2eec8
Sypex Dumper 2.0.11 Cross Site Scripting
Posted May 29, 2015
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Sypex Dumper version 2.0.11 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | bb25866ae6bb9ac5cdc4f226fbd896dc
JSPAdmin 1.1 SQL Injection / CSRF / Cross Site Scripting
Posted May 29, 2015
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

JSPAdmin version 1.1 suffers from cross site request forgery, cross site scripting, and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection, csrf
MD5 | 2edcffd18bcf1a67406d14393098f47c
60+ Vulnerabilities In 22 SOHO Routers
Posted May 29, 2015
Authored by Ivan Sanz de Castro, Alvaro Folgado Rueda, Jose Antonio Rodriguez Garcia

SOHO routers have been found vulnerable to privilege escalation, information disclosure, cross site request forgery, cross site scripting, authentication bypass, denial of service, and various other vulnerabilities.

tags | exploit, denial of service, vulnerability, xss, info disclosure, csrf
MD5 | 883b458f340bf4b144ed04e1de200778
HP Security Bulletin HPSBHF03340 1
Posted May 29, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBHF03340 1 - A potential security vulnerability has been identified with HP ThinPro Linux and HP Smart Zero Core running HP Easy Setup Wizard. The vulnerability could result in local unauthorized access and elevation of privilege on an HP thin client device. Revision 1 of this advisory.

tags | advisory, local
systems | linux
advisories | CVE-2015-2124
MD5 | bf1c8f23e4e798b47e992453b1f3e499
Invision Power Board 3.4.7 SQL Injection
Posted May 29, 2015
Authored by ZeroDay

Invision Power Board versions 3.4.7 and below suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | c6b333a75080c99e68840b1e0f23508b
Vevocart 6.1.0 Open Redirect
Posted May 29, 2015
Authored by Provensec

Vevocart version 6.1.0 suffers from an open redirection vulnerability.

tags | exploit
MD5 | 7f2c968a5b692ef42facdc007e1114fc
Page 1 of 1
Back1Next

File Archive:

October 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    25 Files
  • 2
    Oct 2nd
    13 Files
  • 3
    Oct 3rd
    1 Files
  • 4
    Oct 4th
    1 Files
  • 5
    Oct 5th
    15 Files
  • 6
    Oct 6th
    15 Files
  • 7
    Oct 7th
    15 Files
  • 8
    Oct 8th
    11 Files
  • 9
    Oct 9th
    3 Files
  • 10
    Oct 10th
    1 Files
  • 11
    Oct 11th
    1 Files
  • 12
    Oct 12th
    8 Files
  • 13
    Oct 13th
    12 Files
  • 14
    Oct 14th
    23 Files
  • 15
    Oct 15th
    4 Files
  • 16
    Oct 16th
    13 Files
  • 17
    Oct 17th
    1 Files
  • 18
    Oct 18th
    1 Files
  • 19
    Oct 19th
    27 Files
  • 20
    Oct 20th
    41 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close