exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 15 of 15 RSS Feed

Files Date: 2015-11-23

Red Hat Security Advisory 2015-2512-01
Posted Nov 23, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-2512-01 - Red Hat Ceph Storage is a massively scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system with a Ceph management platform, deployment tools, and support services. A feature in Ceph Object Gateway allows to return a specific HTTP header that contains the name of a bucket that was accessed. It was found that the returned HTTP headers were not sanitized. An unauthenticated attacker could use this flaw to craft HTTP headers in responses that would confuse the load balancer residing in front of RGW, potentially resulting in a denial of service.

tags | advisory, web, denial of service
systems | linux, redhat
advisories | CVE-2015-5245
SHA-256 | 5bba935c88e61a982529ecb4d0825c43268b216c262550f6c407bc0e20298d16
Red Hat Security Advisory 2015-2066-01
Posted Nov 23, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-2066-01 - Red Hat Ceph Storage is a massively scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system with a Ceph management platform, deployment tools, and support services. A feature in Ceph Object Gateway allows to return a specific HTTP header that contains the name of a bucket that was accessed. It was found that the returned HTTP headers were not sanitized. An unauthenticated attacker could use this flaw to craft HTTP headers in responses that would confuse the load balancer residing in front of RGW, potentially resulting in a denial of service.

tags | advisory, web, denial of service
systems | linux, redhat
advisories | CVE-2015-5245
SHA-256 | 4c2c2ec31725478916e6a5361f37441d8c1fb0d51c13871c6ec90c61565d5100
Steam 2.10.91.91 Weak File Permissions Privilege Escalation
Posted Nov 23, 2015
Authored by Andrew J. Smith

A privilege escalation vulnerability has been identified in that the Steam Microsoft Windows client software is installed with weak default permissions. These permissions grant read and write access to the Windows Users group for the install folder. This includes Steam.exe which is launched upon user login. Version 2.10.91.91 is confirmed vulnerable.

tags | advisory
systems | windows
advisories | CVE-2015-7985
SHA-256 | 66f1b7811fa2e915d358da3af9007cb2b0c58c1031bb2b909b5fc2f1e8067197
SAP Mobile Platform 2.3 XXE Injection
Posted Nov 23, 2015
Authored by Vahagn Vardanyan

SAP Mobile Platform version 2.3 suffers from an XML external entity injection vulnerability.

tags | exploit, xxe
advisories | CVE-2015-6664
SHA-256 | 763ac979871c176d5a9e6b1f185a1e6109b4d7b5f4517066de0a8a2a92f8f153
SAP Afaria 7 Cross Site Scripting
Posted Nov 23, 2015
Authored by Dmitry Chastukhin

SAP Afaria version 7 suffers from a stored cross site scripting vulnerability.

tags | advisory, xss
advisories | CVE-2015-6663
SHA-256 | 2082d9ff424b99cbc2ae9d7bfcce7559468dcb8de5806eb40ae0272bfc163ca1
SAP NetWeaver 7.4 XXE Injection
Posted Nov 23, 2015
Authored by Roman Bezhan

SAP NetWeaver version 7.4 suffers from an XML external entity injection vulnerability.

tags | exploit, xxe
advisories | CVE-2015-6662
SHA-256 | b5a92464ff47c770ab76479c835e0239d3e5db4770ef988ae3b50741e8e7356c
Celoxis 9.5 Cross Site Scripting
Posted Nov 23, 2015
Authored by Manuel Mancera

Celoxis versions 9.5 and below suffer from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 0ce327191126fee2975846ae4df13c4f34768a717772e1666d36b2e5d8b59286
Red Hat Security Advisory 2015-2504-01
Posted Nov 23, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-2504-01 - libreport provides an API for reporting different problems in applications to different bug targets, such as Bugzilla, FTP, and Trac. ABRT uses libreport. It was found that ABRT may have exposed unintended information to Red Hat Bugzilla during crash reporting. A bug in the libreport library caused changes made by a user in files included in a crash report to be discarded. As a result, Red Hat Bugzilla attachments may contain data that was not intended to be made public, including host names, IP addresses, or command line options.

tags | advisory
systems | linux, redhat
advisories | CVE-2015-5302
SHA-256 | c6e8ff0f0a3029c1ec338fb8b132ef3439f2abe1072f5e3c8114d5298359986f
Red Hat Security Advisory 2015-2505-01
Posted Nov 23, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-2505-01 - ABRT is a tool to help users to detect defects in applications and to create a bug report with all the information needed by a maintainer to fix it. It uses a plug-in system to extend its functionality. libreport provides an API for reporting different problems in applications to different bug targets, such as Bugzilla, FTP, and Trac. It was found that the ABRT debug information installer did not use temporary directories in a secure way. A local attacker could use the flaw to create symbolic links and files at arbitrary locations as the abrt user.

tags | advisory, arbitrary, local
systems | linux, redhat
advisories | CVE-2015-5273, CVE-2015-5287, CVE-2015-5302
SHA-256 | 96ace45f7feb868e68722af714fbf8c6b1b7e30c0c115609d93d96fa1c299b11
Red Hat Security Advisory 2015-2507-01
Posted Nov 23, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-2507-01 - IBM Java SE version 7 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2015-4734, CVE-2015-4803, CVE-2015-4805, CVE-2015-4806, CVE-2015-4810, CVE-2015-4835, CVE-2015-4840, CVE-2015-4842, CVE-2015-4843, CVE-2015-4844, CVE-2015-4860, CVE-2015-4871, CVE-2015-4872, CVE-2015-4882, CVE-2015-4883, CVE-2015-4893, CVE-2015-4902, CVE-2015-4903, CVE-2015-5006
SHA-256 | b7e18c8684088d3578868cd309fddf0f9f8f8c4b95fd2ddc2625b84d512d1d53
Red Hat Security Advisory 2015-2509-01
Posted Nov 23, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-2509-01 - IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2015-4734, CVE-2015-4803, CVE-2015-4805, CVE-2015-4806, CVE-2015-4810, CVE-2015-4835, CVE-2015-4840, CVE-2015-4842, CVE-2015-4843, CVE-2015-4844, CVE-2015-4860, CVE-2015-4871, CVE-2015-4872, CVE-2015-4882, CVE-2015-4883, CVE-2015-4893, CVE-2015-4902, CVE-2015-4903, CVE-2015-5006
SHA-256 | 834832b1484e1625bcfa6276df2ee304215ec2774b0b531108d0f255023a9501
Red Hat Security Advisory 2015-2508-01
Posted Nov 23, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-2508-01 - IBM Java SE version 6 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2015-4734, CVE-2015-4803, CVE-2015-4805, CVE-2015-4806, CVE-2015-4835, CVE-2015-4842, CVE-2015-4843, CVE-2015-4844, CVE-2015-4860, CVE-2015-4872, CVE-2015-4882, CVE-2015-4883, CVE-2015-4893, CVE-2015-4902, CVE-2015-4903, CVE-2015-5006
SHA-256 | 2450d307ad133a0d099f9fe68c01e663e8e8321ecc3f4e0edabc899a3e46d828
Red Hat Security Advisory 2015-2506-01
Posted Nov 23, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-2506-01 - IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2015-4734, CVE-2015-4803, CVE-2015-4805, CVE-2015-4806, CVE-2015-4810, CVE-2015-4835, CVE-2015-4840, CVE-2015-4842, CVE-2015-4843, CVE-2015-4844, CVE-2015-4860, CVE-2015-4871, CVE-2015-4872, CVE-2015-4882, CVE-2015-4883, CVE-2015-4893, CVE-2015-4902, CVE-2015-4903, CVE-2015-5006
SHA-256 | 2b58a7dc0e4778c5b7cef3899bb02cd76151611c5fe6b525585ddca301e44746
Apache Flex BlazeDS 4.7.1 SSRF
Posted Nov 23, 2015
Authored by Christofer Dutz

Apache Flex BlazeDS versions 4.7.0 and 4.7.1 suffer from a server-side request forgery vulnerability.

tags | exploit
advisories | CVE-2015-5255
SHA-256 | 0005b6103d499d01523afeee675b0ec07725b42b1b1468d91a6d3b6c8f9096ae
vBulletin 5.x Remote Code Execution
Posted Nov 23, 2015
Authored by Mohammad Reza Espargham

vBulletin version 5.x suffers from a code execution vulnerability.

tags | exploit, code execution
SHA-256 | 8bae9267f14bc87a02271f45d06cb5b550d1a16db3443ab464810a2e31344f2b
Page 1 of 1
Back1Next

File Archive:

August 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    20 Files
  • 2
    Aug 2nd
    4 Files
  • 3
    Aug 3rd
    6 Files
  • 4
    Aug 4th
    55 Files
  • 5
    Aug 5th
    16 Files
  • 6
    Aug 6th
    0 Files
  • 7
    Aug 7th
    0 Files
  • 8
    Aug 8th
    13 Files
  • 9
    Aug 9th
    13 Files
  • 10
    Aug 10th
    34 Files
  • 11
    Aug 11th
    16 Files
  • 12
    Aug 12th
    5 Files
  • 13
    Aug 13th
    0 Files
  • 14
    Aug 14th
    0 Files
  • 15
    Aug 15th
    0 Files
  • 16
    Aug 16th
    0 Files
  • 17
    Aug 17th
    0 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close