Exploit the possiblities
Showing 1 - 15 of 15 RSS Feed

Files Date: 2015-11-23

Red Hat Security Advisory 2015-2512-01
Posted Nov 23, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-2512-01 - Red Hat Ceph Storage is a massively scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system with a Ceph management platform, deployment tools, and support services. A feature in Ceph Object Gateway allows to return a specific HTTP header that contains the name of a bucket that was accessed. It was found that the returned HTTP headers were not sanitized. An unauthenticated attacker could use this flaw to craft HTTP headers in responses that would confuse the load balancer residing in front of RGW, potentially resulting in a denial of service.

tags | advisory, web, denial of service
systems | linux, redhat
advisories | CVE-2015-5245
MD5 | 046b161b0c573eaa01d35fbdcf998fc3
Red Hat Security Advisory 2015-2066-01
Posted Nov 23, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-2066-01 - Red Hat Ceph Storage is a massively scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system with a Ceph management platform, deployment tools, and support services. A feature in Ceph Object Gateway allows to return a specific HTTP header that contains the name of a bucket that was accessed. It was found that the returned HTTP headers were not sanitized. An unauthenticated attacker could use this flaw to craft HTTP headers in responses that would confuse the load balancer residing in front of RGW, potentially resulting in a denial of service.

tags | advisory, web, denial of service
systems | linux, redhat
advisories | CVE-2015-5245
MD5 | 4c57888d1e8155313602660460a4d067
Steam 2.10.91.91 Weak File Permissions Privilege Escalation
Posted Nov 23, 2015
Authored by Andrew J. Smith

A privilege escalation vulnerability has been identified in that the Steam Microsoft Windows client software is installed with weak default permissions. These permissions grant read and write access to the Windows Users group for the install folder. This includes Steam.exe which is launched upon user login. Version 2.10.91.91 is confirmed vulnerable.

tags | advisory
systems | windows
advisories | CVE-2015-7985
MD5 | 8901bf2b0c7dbfd4245530ccdd21f9ed
SAP Mobile Platform 2.3 XXE Injection
Posted Nov 23, 2015
Authored by Vahagn Vardanyan

SAP Mobile Platform version 2.3 suffers from an XML external entity injection vulnerability.

tags | exploit
advisories | CVE-2015-6664
MD5 | 1e8655bf060af42ce62fb1ed3ed35349
SAP Afaria 7 Cross Site Scripting
Posted Nov 23, 2015
Authored by Dmitry Chastukhin

SAP Afaria version 7 suffers from a stored cross site scripting vulnerability.

tags | advisory, xss
advisories | CVE-2015-6663
MD5 | 2ed6483e33178c933e611d439ad2525e
SAP NetWeaver 7.4 XXE Injection
Posted Nov 23, 2015
Authored by Roman Bezhan

SAP NetWeaver version 7.4 suffers from an XML external entity injection vulnerability.

tags | exploit
advisories | CVE-2015-6662
MD5 | cfa007a13361932a86fb9c46feac9f13
Celoxis 9.5 Cross Site Scripting
Posted Nov 23, 2015
Authored by Manuel Mancera

Celoxis versions 9.5 and below suffer from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 27eac79359f31553e84e28005ccfdfe0
Red Hat Security Advisory 2015-2504-01
Posted Nov 23, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-2504-01 - libreport provides an API for reporting different problems in applications to different bug targets, such as Bugzilla, FTP, and Trac. ABRT uses libreport. It was found that ABRT may have exposed unintended information to Red Hat Bugzilla during crash reporting. A bug in the libreport library caused changes made by a user in files included in a crash report to be discarded. As a result, Red Hat Bugzilla attachments may contain data that was not intended to be made public, including host names, IP addresses, or command line options.

tags | advisory
systems | linux, redhat
advisories | CVE-2015-5302
MD5 | 5709d81a29c770bb781d26ee1d524e7c
Red Hat Security Advisory 2015-2505-01
Posted Nov 23, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-2505-01 - ABRT is a tool to help users to detect defects in applications and to create a bug report with all the information needed by a maintainer to fix it. It uses a plug-in system to extend its functionality. libreport provides an API for reporting different problems in applications to different bug targets, such as Bugzilla, FTP, and Trac. It was found that the ABRT debug information installer did not use temporary directories in a secure way. A local attacker could use the flaw to create symbolic links and files at arbitrary locations as the abrt user.

tags | advisory, arbitrary, local
systems | linux, redhat
advisories | CVE-2015-5273, CVE-2015-5287, CVE-2015-5302
MD5 | cd51bd692fcb49b600230de27aa95a2a
Red Hat Security Advisory 2015-2507-01
Posted Nov 23, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-2507-01 - IBM Java SE version 7 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2015-4734, CVE-2015-4803, CVE-2015-4805, CVE-2015-4806, CVE-2015-4810, CVE-2015-4835, CVE-2015-4840, CVE-2015-4842, CVE-2015-4843, CVE-2015-4844, CVE-2015-4860, CVE-2015-4871, CVE-2015-4872, CVE-2015-4882, CVE-2015-4883, CVE-2015-4893, CVE-2015-4902, CVE-2015-4903, CVE-2015-5006
MD5 | f2ba066aff926ee422e533313a4d7396
Red Hat Security Advisory 2015-2509-01
Posted Nov 23, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-2509-01 - IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2015-4734, CVE-2015-4803, CVE-2015-4805, CVE-2015-4806, CVE-2015-4810, CVE-2015-4835, CVE-2015-4840, CVE-2015-4842, CVE-2015-4843, CVE-2015-4844, CVE-2015-4860, CVE-2015-4871, CVE-2015-4872, CVE-2015-4882, CVE-2015-4883, CVE-2015-4893, CVE-2015-4902, CVE-2015-4903, CVE-2015-5006
MD5 | ea4137e093ca9bf352eb3ac8142ad66f
Red Hat Security Advisory 2015-2508-01
Posted Nov 23, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-2508-01 - IBM Java SE version 6 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2015-4734, CVE-2015-4803, CVE-2015-4805, CVE-2015-4806, CVE-2015-4835, CVE-2015-4842, CVE-2015-4843, CVE-2015-4844, CVE-2015-4860, CVE-2015-4872, CVE-2015-4882, CVE-2015-4883, CVE-2015-4893, CVE-2015-4902, CVE-2015-4903, CVE-2015-5006
MD5 | a33f52ed4355bbc11f279695a87c77a8
Red Hat Security Advisory 2015-2506-01
Posted Nov 23, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-2506-01 - IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2015-4734, CVE-2015-4803, CVE-2015-4805, CVE-2015-4806, CVE-2015-4810, CVE-2015-4835, CVE-2015-4840, CVE-2015-4842, CVE-2015-4843, CVE-2015-4844, CVE-2015-4860, CVE-2015-4871, CVE-2015-4872, CVE-2015-4882, CVE-2015-4883, CVE-2015-4893, CVE-2015-4902, CVE-2015-4903, CVE-2015-5006
MD5 | 5fa5924fe63b77c63bf8bf4277540bb7
Apache Flex BlazeDS 4.7.1 SSRF
Posted Nov 23, 2015
Authored by Christofer Dutz

Apache Flex BlazeDS versions 4.7.0 and 4.7.1 suffer from a server-side request forgery vulnerability.

tags | exploit
advisories | CVE-2015-5255
MD5 | 03912801af436c1d72132730affd2917
vBulletin 5.x Remote Code Execution
Posted Nov 23, 2015
Authored by Mohammad Reza Espargham

vBulletin version 5.x suffers from a code execution vulnerability.

tags | exploit, code execution
MD5 | 1150ff8ec81cb11f0c691d0fab8e7f5e
Page 1 of 1
Back1Next

File Archive:

December 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    15 Files
  • 2
    Dec 2nd
    2 Files
  • 3
    Dec 3rd
    1 Files
  • 4
    Dec 4th
    15 Files
  • 5
    Dec 5th
    15 Files
  • 6
    Dec 6th
    18 Files
  • 7
    Dec 7th
    17 Files
  • 8
    Dec 8th
    15 Files
  • 9
    Dec 9th
    13 Files
  • 10
    Dec 10th
    4 Files
  • 11
    Dec 11th
    41 Files
  • 12
    Dec 12th
    44 Files
  • 13
    Dec 13th
    25 Files
  • 14
    Dec 14th
    15 Files
  • 15
    Dec 15th
    28 Files
  • 16
    Dec 16th
    3 Files
  • 17
    Dec 17th
    13 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close