ignore security and it'll go away
Showing 1 - 25 of 466 RSS Feed

Files Date: 2015-08-01 to 2015-08-31

Winmail Server 4.2 Cross Site Scripting
Posted Aug 30, 2015
Authored by Jing Wang

Winmail Server version 4.2 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 7d72d759bb5d3d1e28fdcf17909caf37
KnowledgeTree OSS 3.0.3b Cross Site Scripting
Posted Aug 30, 2015
Authored by Jing Wang

KnowledgeTree OSS version 3.0.3b suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 1db6aec720472e0f820780b5941f6156
Debian Security Advisory 3345-1
Posted Aug 29, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3345-1 - Multiple security issues have been found in Iceweasel, Debian's version of the Mozilla Firefox web browser.

tags | advisory, web
systems | linux, debian
advisories | CVE-2015-4497, CVE-2015-4498
MD5 | c12f69499c4fc91a83921c665637c9b5
WordPress sourceAFRICA 0.1.3 Cross Site Scripting
Posted Aug 29, 2015
Authored by Ehsan Hosseini

WordPress sourceAFRICA plugin version 0.1.3 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | b8bb451a1935abfdc78610e86acfcedf
Pluck CMS 4.7.3 CSRF / XSS / LFI / Code Execution
Posted Aug 28, 2015
Authored by Smash_

Pluck CMS version 4.7.3 suffers from code execution, cross site request forgery, cross site scripting, and local file inclusion vulnerabilities.

tags | exploit, local, vulnerability, code execution, xss, file inclusion, csrf
MD5 | 01c76ca85d0d36e268a1ab92da3a8445
freeSSHd 1.3.1 Denial Of Service
Posted Aug 28, 2015
Authored by 3unnym00n

freeSSHd version 1.3.1 suffers from a denial of service vulnerability.

tags | exploit, denial of service
MD5 | 89aef6237e8b483cfedf15913ffc029a
WordPress Captain Slider 1.0.6 Cross Site Scripting
Posted Aug 28, 2015
Authored by Arash Khazaei

WordPress Captain Slider plugin version 1.0.6 suffers from a stored cross site scripting vulnerability.

tags | exploit, xss
MD5 | 1fe42d565e297de4e1eac9e9721517ca
Slackware Security Advisory - mozilla-firefox Updates
Posted Aug 28, 2015
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New mozilla-firefox packages are available for Slackware 14.1 and -current to fix security issues.

tags | advisory
systems | linux, slackware
MD5 | d42bdd792f584e4edf9db2676610e2a2
Apple OS X Entitlements Rootpipe Privilege Escalation
Posted Aug 28, 2015
Authored by joev, Emil Kvarnhammar | Site metasploit.com

This Metasploit module exploits the rootpipe vulnerability and bypasses Apple's initial fix for the issue by injecting code into a process with the 'admin.writeconfig' entitlement.

tags | exploit
systems | apple
advisories | CVE-2015-3673
MD5 | 3e7e7490deb126e286d6313171297750
HP Security Bulletin HPSBGN03387 1
Posted Aug 28, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN03387 1 - A potential security vulnerability has been identified with HP Intelligent Provisioning that could allow remote code execution and unauthorized access. Revision 1 of this advisory.

tags | advisory, remote, code execution
advisories | CVE-2015-2135
MD5 | 14616a692b1e8f0ab50d261bf3aaeccd
HP Security Bulletin HPSBGN03407 1
Posted Aug 28, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN03407 1 - Potential security vulnerabilities have been identified in HP Operations Manager for Windows. The TLS vulnerability using US export-grade 512-bit keys in Diffie-Hellman key exchange known as "Logjam" could be exploited remotely to allow unauthorized modification. The RC4 stream cipher vulnerability in SSL/TLS known as "Bar Mitzvah" could be exploited remotely to allow disclosure of information. Revision 1 of this advisory.

tags | advisory, vulnerability
systems | windows
advisories | CVE-2015-2808, CVE-2015-4000
MD5 | e88e4106021792d4728ba97d0df61607
HP Security Bulletin HPSBMU03416 1
Posted Aug 28, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU03416 1 - A potential security vulnerability has been identified with HP Data Protector. This is the SSLv3 vulnerability known as "Padding Oracle on Downgraded Legacy Encryption" also known as "Poodle", which could be exploited remotely to allow disclosure of information. Revision 1 of this advisory.

tags | advisory
advisories | CVE-2014-3566
MD5 | 50990740d2c2508ec93173a2105f129c
QEMU Programmable Interrupt Timer Controller Heap Overflow
Posted Aug 28, 2015
Authored by Google Security Research, matttait

The programmable interrupt timer (PIT) controller in QEMU does not correctly validate the channel number when performing IO writes to the device controller, allowing both an information disclosure and a heap overflow within the context of the host.

tags | exploit, overflow, info disclosure
systems | linux
MD5 | c83420064d739a0986ba5d439ccc6efe
Photo Transfer 2 1.0 Denial Of Service
Posted Aug 28, 2015
Authored by Benjamin Kunz Mejri | Site vulnerability-lab.com

Photo Transfer 2 version 1.0 suffers from a denial of service vulnerability.

tags | exploit, denial of service
MD5 | 615c7f807324373b12c4b58afbd67e63
PayPal Stored Cross Site Scripting
Posted Aug 28, 2015
Authored by Ebrahim Hegazy | Site vulnerability-lab.com

A stored cross site scripting vulnerability existed in the SecurePayment page on PayPal.

tags | exploit, xss
MD5 | dc78edd42716d9ae70a4124a9dec8d8c
Jenkins 1.626 Code Execution / Cross Site Request Forgery
Posted Aug 28, 2015
Authored by Smash_

Jenkins version 1.626 suffers from cross site request forgery and command execution vulnerabilities.

tags | exploit, vulnerability, csrf
MD5 | e8b95a581d2ea619cb8a9692da4a46c2
WordPress Responsive Thumbnail Slider 1.0 Shell Upload
Posted Aug 28, 2015
Authored by Arash Khazaei

WordPress Responsive Thumbnail Slider plugin version 1.0 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
MD5 | 8b3b171ca2de9a0028842b02bb0ea3ab
WordPress Navis DocumentCloud 0.1 Cross Site Scripting
Posted Aug 27, 2015
Authored by Harry Metcalfe

WordPress Navis DocumentCloud plugin version 0.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2015-2807
MD5 | 3666b2a096dfc4da80d3cdb14a833994
Red Hat Security Advisory 2015-1693-01
Posted Aug 27, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1693-01 - Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. A flaw was found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. A flaw was found in the way Firefox handled installation of add-ons. An attacker could use this flaw to bypass the add-on installation prompt, and trick the user into installing an add-on from a malicious source.

tags | advisory, web, arbitrary
systems | linux, redhat
advisories | CVE-2015-4497, CVE-2015-4498
MD5 | 1939a40da10e838d9a31fb71738f482a
Ubuntu Security Notice USN-2723-1
Posted Aug 27, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2723-1 - A use-after-free was discovered when resizing a canvas element during restyling in some circumstances. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Firefox. Bas Venis discovered that the addon install permission prompt could be bypassed using data: URLs in some circumstances. It was also discovered that the installation notification could be made to appear over another site. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to install a malicious addon. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2015-4497, CVE-2015-4498
MD5 | 87ca780b444b16497435b87d09c1df72
Ubuntu Security Notice USN-2725-1
Posted Aug 27, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2725-1 - Seth Arnold discovered that ippusbxd in the cups-filters package would incorrectly listen to all configured network interfaces. A remote attacker could use this issue to possibly access locally-connected printers.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2015-6520
MD5 | aab790f1a5abd844411410cf99a38276
Debian Security Advisory 3344-1
Posted Aug 27, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3344-1 - Multiple vulnerabilities have been discovered in the PHP language.

tags | advisory, php, vulnerability
systems | linux, debian
advisories | CVE-2015-4598, CVE-2015-4643, CVE-2015-4644, CVE-2015-5589, CVE-2015-5590
MD5 | f24a8a0feb679af5a1adbe3e68ff7806
HP Security Bulletin HPSBGN03402 2
Posted Aug 27, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN03402 2 - Potential security vulnerabilities have been identified in HP Performance Manager. The TLS vulnerability using US export-grade 512-bit keys in Diffie-Hellman key exchange known as "Logjam" could be exploited remotely to allow unauthorized modification. The RC4 stream cipher vulnerability in SSL/TLS known as "Bar Mitzvah" could be exploited remotely to allow disclosure of information. Revision 2 of this advisory.

tags | advisory, vulnerability
advisories | CVE-2015-2808, CVE-2015-4000
MD5 | c32c736bb5be833a33501bcb5d1d3179
Red Hat Security Advisory 2015-1691-01
Posted Aug 27, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1691-01 - In accordance with the Red Hat Enterprise Developer Toolset Life Cycle policy, the Red Hat Developer Toolset Version 2 offering will be retired as of September 30, 2015, and support will no longer be provided. Accordingly, Red Hat will no longer provide updated packages, including Critical impact security patches or urgent priority bug fixes, for Developer Toolset Version 2 after September 30, 2015. In addition, technical support through Red Hat's Global Support Services will no longer be provided for Red Hat Developer Toolset Version 2 after this date.

tags | advisory
systems | linux, redhat
MD5 | 5a98499d4bd4ea83ae9228b04b89047e
Ubuntu Security Notice USN-2724-1
Posted Aug 27, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2724-1 - It was discovered that QEMU incorrectly handled a PRDT with zero complete sectors in the IDE functionality. A malicious guest could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. Donghai Zhu discovered that QEMU incorrectly handled the RTL8139 driver. A malicious guest could possibly use this issue to read sensitive information from arbitrary host memory. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2014-9718, CVE-2015-5165, CVE-2015-5166, CVE-2015-5225, CVE-2015-5745
MD5 | e6ff9fe93e822d70b635257f4a557371
Page 1 of 19
Back12345Next

File Archive:

September 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    5 Files
  • 2
    Sep 2nd
    5 Files
  • 3
    Sep 3rd
    3 Files
  • 4
    Sep 4th
    13 Files
  • 5
    Sep 5th
    16 Files
  • 6
    Sep 6th
    15 Files
  • 7
    Sep 7th
    20 Files
  • 8
    Sep 8th
    16 Files
  • 9
    Sep 9th
    4 Files
  • 10
    Sep 10th
    2 Files
  • 11
    Sep 11th
    15 Files
  • 12
    Sep 12th
    19 Files
  • 13
    Sep 13th
    20 Files
  • 14
    Sep 14th
    38 Files
  • 15
    Sep 15th
    31 Files
  • 16
    Sep 16th
    1 Files
  • 17
    Sep 17th
    7 Files
  • 18
    Sep 18th
    15 Files
  • 19
    Sep 19th
    40 Files
  • 20
    Sep 20th
    8 Files
  • 21
    Sep 21st
    1 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close