the original cloud security
Showing 1 - 15 of 15 RSS Feed

Files Date: 2015-07-28

FreeBSD Security Advisory - patch Shell Injection
Posted Jul 28, 2015
Authored by Martin Natano | Site security.freebsd.org

FreeBSD Security Advisory - Due to insufficient sanitization of the input patch stream, it is possible for a patch file to cause patch to run commands in addition to the desired SCCS or RCS commands.

tags | advisory
systems | freebsd
advisories | CVE-2015-1416
MD5 | 64a06be92c3ae6e37bf4d6ed19120232
HP Security Bulletin HPSBGN03372 1
Posted Jul 28, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN03372 1 - A potential security vulnerability has been identified with HP Business Process Monitor. Note: This is the RC4 vulnerability known as Bar Mitzvah, which could be exploited remotely to allow disclosure of information. Revision 1 of this advisory.

tags | advisory
advisories | CVE-2015-2808
MD5 | 2412a005d759cc2aa692e6eb8c11b231
Slackware Security Advisory - bind Updates
Posted Jul 28, 2015
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New bind packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix a security issue.

tags | advisory
systems | linux, slackware
advisories | CVE-2015-5477
MD5 | 7ffd48dadaa3262223ccd712677cc0cd
FreeBSD Security Advisory - BIND Denial Of Service
Posted Jul 28, 2015
Site security.freebsd.org

FreeBSD Security Advisory - A remote attacker can trigger a crash of a name server. Both recursive and authoritative servers are affected, and the exposure can not be mitigated by either ACLs or configuration options limiting or denying service because the exploitable code occurs early in the packet handling, before checks enforcing those boundaries.

tags | advisory, remote
systems | freebsd
advisories | CVE-2015-5477
MD5 | 2047cc3417a329326545ba6278d4797b
FreeBSD Security Advisory - OpenSSH Record Check
Posted Jul 28, 2015
Site security.freebsd.org

FreeBSD Security Advisory - OpenSSH clients does not correctly verify DNS SSHFP records when a server offers a certificate. OpenSSH servers which are configured to allow password authentication using PAM (default) would allow many password attempts.

tags | advisory
systems | freebsd
advisories | CVE-2014-2653, CVE-2015-5600
MD5 | 8cb4a72bf773c38e284608edf83d9522
OpenBSD Local Denial Of Service
Posted Jul 28, 2015
Authored by Maxime Villard

OpenBSD local memory leak denial of service proof of concept exploit.

tags | exploit, denial of service, local, proof of concept, memory leak
systems | openbsd
MD5 | abcf35a318f88ee51e0aae5b82ba1757
WordPress Advance Categorizer 0.3 Cross Site Scripting
Posted Jul 28, 2015
Authored by Morten Nortoft, Kenneth Jepsen, Mikkel Vej

WordPress Advanced Categorizer plugin version 0.3 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 347983de4aab3350e2a54d04608e7657
WordPress F/T/G Social Widgets 1.3.7 Cross Site Scripting
Posted Jul 28, 2015
Authored by Morten Nortoft, Kenneth Jepsen, Mikkel Vej

WordPress Facebook, Twitter, and Google+ Social Widgets plugin version 1.3.7 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 07135e9368d4a7e2279972138f2e2e3d
phpFileManager 0.9.8 Remote Command Execution / CSRF
Posted Jul 28, 2015
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

phpFileManager version 0.9.8 suffers from a remote command execution vulnerability that can be leveraged via cross site request forgery.

tags | exploit, remote
advisories | CVE-2015-5958
MD5 | f1555c3c33e909c2e4fda99f6a2c3217
Basware Banking/Maksuliikenne Software Hardcoded Creds / Client Checks
Posted Jul 28, 2015
Authored by Ronja Addams-Moring, Samuel Lavitt

Basware Banking/Maksuliikenne software suffers from hard-coded credentials, client-side auth checks, and other issues.

tags | advisory
advisories | CVE-2015-0942, CVE-2015-0943
MD5 | 1f2fabdb04fa5f852115fd1a85765a4c
FreeBSD Security Advisory - TCP Reassembly Resource Exhaustion
Posted Jul 28, 2015
Authored by Patrick Kelsey | Site security.freebsd.org

FreeBSD Security Advisory - There is a mistake with the introduction of VNET, which converted the global limit on the number of segments that could belong to reassembly queues into a per-VNET limit. Because mbufs are allocated from a global pool, in the presence of a sufficient number of VNETs, the total number of mbufs attached to reassembly queues can grow to the total number of mbufs in the system, at which point all network traffic would cease. An attacker who can establish concurrent TCP connections across a sufficient number of VNETs and manipulate the inbound packet streams such that the maximum number of mbufs are enqueued on each reassembly queue can cause mbuf cluster exhaustion on the target system, resulting in a Denial of Service condition. As the default per-VNET limit on the number of segments that can belong to reassembly queues is 1/16 of the total number of mbuf clusters in the system, only systems that have 16 or more VNET instances are vulnerable.

tags | advisory, denial of service, tcp
systems | freebsd
advisories | CVE-2015-1417
MD5 | a66a42619ffbd61e012b14370befb044
McAfee Application Control Bypass / Driver Issues
Posted Jul 28, 2015
Authored by Rene Freingruber | Site sec-consult.com

McAfee Application Control version 6.1.3.353 suffers from multiple vulnerabilities including insufficient whitelist protection and bypass issues.

tags | advisory, vulnerability
MD5 | 9e9665313071b62a515db6eb74e7e7d7
WordPress Flickr Justified Gallery 3.3.6 Cross Site Scripting
Posted Jul 28, 2015
Authored by Tom Adams

WordPress Flickr Justified Gallery plugin version 3.3.6 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | c0026af52e5eb0282ab47eedf75b5cef
D-Link DCS-2103 1.20 CSRF / Cross Site Scripting
Posted Jul 28, 2015
Authored by MustLive

D-Link DCS-2103 version 1.20 suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
MD5 | 9735060d7d88b4dd87100292e4c7f6f3
Tendoo CMS 1.3 Cross Site Scripting
Posted Jul 28, 2015
Authored by Arash Khazaei

Tendoo CMS version 1.3 suffers from stored and reflective cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 0d74d49fffdb8d452df1d32a49adfde2
Page 1 of 1
Back1Next

File Archive:

October 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    15 Files
  • 2
    Oct 2nd
    16 Files
  • 3
    Oct 3rd
    15 Files
  • 4
    Oct 4th
    15 Files
  • 5
    Oct 5th
    11 Files
  • 6
    Oct 6th
    6 Files
  • 7
    Oct 7th
    2 Files
  • 8
    Oct 8th
    1 Files
  • 9
    Oct 9th
    13 Files
  • 10
    Oct 10th
    16 Files
  • 11
    Oct 11th
    15 Files
  • 12
    Oct 12th
    23 Files
  • 13
    Oct 13th
    13 Files
  • 14
    Oct 14th
    12 Files
  • 15
    Oct 15th
    2 Files
  • 16
    Oct 16th
    16 Files
  • 17
    Oct 17th
    16 Files
  • 18
    Oct 18th
    15 Files
  • 19
    Oct 19th
    10 Files
  • 20
    Oct 20th
    7 Files
  • 21
    Oct 21st
    4 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close