what you don't know can hurt you
Showing 1 - 17 of 17 RSS Feed

Files Date: 2016-01-13

HP Security Bulletin HPSBHF03535 1
Posted Jan 13, 2016
Authored by HP | Site hp.com

HP Security Bulletin HPSBHF03535 1 - Potential security vulnerabilities have been identified with HPE iMC OSS and iMC Plat running Adobe Flash. The vulnerabilities could be exploited remotely resulting in execution of code, Denial of Service (DoS), or other impacts to affect confidentiality, integrity, and availability. Revision 1 of this advisory.

tags | advisory, denial of service, vulnerability
advisories | CVE-2015-5568, CVE-2015-5570, CVE-2015-5571, CVE-2015-5572, CVE-2015-5573, CVE-2015-5574, CVE-2015-5575, CVE-2015-5576, CVE-2015-5577, CVE-2015-5578, CVE-2015-5579, CVE-2015-5580, CVE-2015-5581, CVE-2015-5582, CVE-2015-5584, CVE-2015-5587, CVE-2015-5588, CVE-2015-6676, CVE-2015-6677, CVE-2015-6678, CVE-2015-6679, CVE-2015-6682
MD5 | ac6b7434c74ea60c1bb9e13a3d00923a
HP Security Bulletin HPSBGN03532 1
Posted Jan 13, 2016
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN03532 1 - Potential security vulnerabilities have been identified in Intellicus and the client certificate upload components of HPE ArcSight Logger. The vulnerabilities could be remotely exploited by unauthorized users to allow bypass of security restrictions resulting in arbitrary code execution, file upload, and file deletion. Revision 1 of this advisory.

tags | advisory, arbitrary, vulnerability, code execution, file upload
advisories | CVE-2015-6863, CVE-2015-6864
MD5 | b877f3d39c0aed80f7ee7a280a67a119
Cisco Security Advisory 20160113-ise
Posted Jan 13, 2016
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - A vulnerability in the Admin portal of devices running Cisco Identity Services Engine (ISE) software could allow an unauthenticated, remote attacker to gain unauthorized access to an affected device. An attacker who can connect to the Admin portal of an affected device could potentially exploit this vulnerability. A successful exploit may result in a complete compromise of the affected device. Customers are advised to apply a patch or upgrade to a version of Cisco ISE software that resolves this vulnerability. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

tags | advisory, remote
systems | cisco
MD5 | 6e6c7cc92d0cd06511153a328ea82217
Cisco Security Advisory 20160113-wlc
Posted Jan 13, 2016
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Devices running Cisco Wireless LAN Controller (WLC) software versions 7.6.120.0 or later, 8.0 or later, or 8.1 or later contain an unauthorized access vulnerability that could allow an unauthenticated, remote attacker to modify the configuration of the device. An attacker who can connect to an affected device could exploit this vulnerability. A successful exploit may compromise the device completely. Customers are advised to upgrade to a version of Cisco WLC software that addresses this vulnerability. There are no workarounds that address this vulnerability. Cisco has released software updates that address this vulnerability.

tags | advisory, remote
systems | cisco
MD5 | a6c26d5c12388063cd79c1162b7fe4af
Cisco Security Advisory 20160113-aironet
Posted Jan 13, 2016
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - A vulnerability in the IP ingress packet handler of Cisco Aironet 1800 Series Access Point devices could allow an unauthenticated, remote attacker to cause a complete denial of service (DoS) condition. The vulnerability is due to improper input validation of IP packet headers. An attacker could exploit this vulnerability by sending a crafted IP packet to an affected device. An successful exploit could allow the attacker to cause the device to reload unexpectedly. Cisco has released software updates that address this vulnerability. There are no workarounds that mitigate this vulnerability.

tags | advisory, remote, denial of service
systems | cisco
MD5 | 403a349cd058cf31a9f32680c9099252
Cisco Security Advisory 20160113-air
Posted Jan 13, 2016
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - A vulnerability in Cisco Aironet 1800 Series Access Point devices could allow an unauthenticated, remote attacker to log in to the device by using a default account that has a static password. By default, the account does not have full administrative privileges. The vulnerability is due to the presence of a default user account that is created when the device is installed. An attacker could exploit this vulnerability by logging in to the device by using the default account, which could allow the attacker to gain unauthorized access to the device. Cisco released software updates that address this vulnerability. There are no workarounds that mitigate this vulnerability.

tags | advisory, remote
systems | cisco
MD5 | 1e00a6dc095a497b5a57c02952ab3551
Debian Security Advisory 3442-1
Posted Jan 13, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3442-1 - It was discovered that a maliciously crafted packet can crash any of the isc-dhcp applications. This includes the DHCP client, relay, and server application. Only IPv4 setups are affected.

tags | advisory
systems | linux, debian
advisories | CVE-2015-8605
MD5 | c888a649f13aeb6d025b6a4292a20ecb
Microsoft IExpress DLL Hijacking
Posted Jan 13, 2016
Authored by Stefan Kanthak

Microsoft IExpress suffers from a DLL hijacking vulnerability.

tags | exploit
systems | windows
advisories | CVE-2016-0014
MD5 | 2d260a7488cf5cc5e3b54bed9930f3b2
Ubuntu Security Notice USN-2868-1
Posted Jan 13, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2868-1 - Sebastian Poehn discovered that the DHCP server, client, and relay incorrectly handled certain malformed UDP packets. A remote attacker could use this issue to cause the DHCP server, client, or relay to stop responding, resulting in a denial of service.

tags | advisory, remote, denial of service, udp
systems | linux, ubuntu
advisories | CVE-2015-8605
MD5 | 2494531d339e3de06ea80f66fa3ffd9d
EasyDNNnews Cross Site Scripting
Posted Jan 13, 2016
Authored by Peter Lapp

EasyDNNnews versions prior to 7.5 suffer from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 8e920f94ce5c7af1be8d2c6e762f43a8
Ubuntu Security Notice USN-2859-1
Posted Jan 13, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2859-1 - Andrei Vaida, Jesse Ruderman, Bob Clary, and Jesse Ruderman discovered multiple memory safety issues in Thunderbird. If a user were tricked in to opening a specially crafted message, an attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Thunderbird. Ronald Crane discovered a buffer overflow through code inspection. If a user were tricked in to opening a specially crafted website in a browsing context, an attacker could potentially exploit this to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Thunderbird. Various other issues were also addressed.

tags | advisory, denial of service, overflow, arbitrary
systems | linux, ubuntu
advisories | CVE-2015-7201, CVE-2015-7205, CVE-2015-7212, CVE-2015-7213, CVE-2015-7214
MD5 | 9ed7bba3bcc505d563420cc4928b1eb8
WordPress Commentator 2.5.2 Cross Site Scripting
Posted Jan 13, 2016
Authored by Rahul Pratap Singh

WordPress Commentator plugin version 2.5.2 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 1af2555208af8f47ed3e59a5d4017f18
VMware Workstation 11.1 Vprintproxy.exe Stack Overflow
Posted Jan 13, 2016
Authored by Google Security Research, kostyak

Printer virtualization under VMware Workstation involves a vprintproxy.exe process launched by vmware-vmx.exe on the Host. It will receive and process EMFSPOOL files sent by a Guest on its COM1 port, if a virtual printer has been added to the VM hardware (default). Several vulnerabilities in this component allow an unprivileged Guest user to execute code on the Host.

tags | exploit, vulnerability
systems | linux
advisories | CVE-2012-0897
MD5 | 73ac33d0baf1c0329b29437d139dbf95
SAP HANA 4 Cross Site Scripting
Posted Jan 13, 2016
Authored by Shahmeer Baloch

SAP HANA 4 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 0dec99e9655c9e14ff7021ab5d037cc1
dolibarr HTML Injection
Posted Jan 13, 2016
Authored by NaxoneZ

dolibarr versions prior to 3.8.3 suffer from an html injection vulnerability.

tags | exploit
advisories | CVE-2015-8685
MD5 | dada5c2ff20ff9912460103b1e3215b4
WordPress No External Links 2.6.3 / 2.7.1 Open Redirect
Posted Jan 13, 2016
Authored by Ac!D

WordPress No External Links plugin versions 2.6.3 and 2.7.1 suffer from an open redirection vulnerability.

tags | exploit
MD5 | ef571d9d8943a86e68ec3ac1603ef0f6
WordPress Tubepress 2 Cross Site Scripting
Posted Jan 13, 2016
Authored by Ac!D

WordPress Tubepress plugin version 2 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | d0ca15ea35c219123a3727d46bb16ef6
Page 1 of 1
Back1Next

File Archive:

July 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    34 Files
  • 2
    Jul 2nd
    15 Files
  • 3
    Jul 3rd
    9 Files
  • 4
    Jul 4th
    8 Files
  • 5
    Jul 5th
    2 Files
  • 6
    Jul 6th
    3 Files
  • 7
    Jul 7th
    1 Files
  • 8
    Jul 8th
    15 Files
  • 9
    Jul 9th
    15 Files
  • 10
    Jul 10th
    20 Files
  • 11
    Jul 11th
    17 Files
  • 12
    Jul 12th
    16 Files
  • 13
    Jul 13th
    2 Files
  • 14
    Jul 14th
    1 Files
  • 15
    Jul 15th
    20 Files
  • 16
    Jul 16th
    27 Files
  • 17
    Jul 17th
    7 Files
  • 18
    Jul 18th
    5 Files
  • 19
    Jul 19th
    12 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close