exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 20 of 20 RSS Feed

Files Date: 2016-01-29

Gentoo Linux Security Advisory 201601-05
Posted Jan 29, 2016
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201601-5 - Multiple vulnerabilities have been found in OpenSSL, allowing remote attackers to disclose sensitive information and complete weak handshakes. Versions less than 1.0.2f are affected.

tags | advisory, remote, vulnerability
systems | linux, gentoo
advisories | CVE-2015-3197, CVE-2016-0701
SHA-256 | 3e4a19fb2f2cd2aa82d1304dd1ac46b284296f7ad05d6f86c70a3baddba1a5cb
OpenSSL Toolkit 1.0.2f
Posted Jan 29, 2016
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.

Changes: Multiple bug fixes.
tags | tool, encryption, protocol
systems | unix
advisories | CVE-2016-0701
SHA-256 | 932b4ee4def2b434f85435d9e3e19ca8ba99ce9a065a61524b429a9d5e9b2e9c
HP Security Bulletin HPSBHF03539 1
Posted Jan 29, 2016
Authored by HP | Site hp.com

HP Security Bulletin HPSBHF03539 1 - Vulnerabilities in OpenSSH and ISC BIND were addressed by HPE VCX. The vulnerabilities could be exploited remotely resulting in Denial of Service (DoS). Revision 1 of this advisory.

tags | advisory, denial of service, vulnerability
advisories | CVE-2015-5477, CVE-2015-5600, CVE-2015-5722
SHA-256 | 58fee4a06d3f5edda1809be66e0702659884cd9a5e2567b6665e9ab43eea6133
HP Security Bulletin HPSBGN03533 1
Posted Jan 29, 2016
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN03533 1 - A potential security vulnerability in the TLS protocol was addressed by the HPE Cloud Service Automation and Codar products. This vulnerability known as "Logjam" could be exploited remotely to allow unauthorized modification. Revision 1 of this advisory.

tags | advisory, protocol
advisories | CVE-2015-4000
SHA-256 | cf6069c0991822da440b819958e83439853f867586477a6e76b4e2c258ec3ece
HP Security Bulletin HPSBOV03540 1
Posted Jan 29, 2016
Authored by HP | Site hp.com

HP Security Bulletin HPSBOV03540 1 - Potential security vulnerabilities have been identified with the OpenVMS TCPIP Bind Services and OpenVMS TCPIP IPC Services for OpenVMS. These vulnerabilities could be exploited remotely resulting in execution of code with the privileges of Bind, disclosure of information, or cause a Denial of Service (DoS). Revision 1 of this advisory.

tags | advisory, denial of service, vulnerability
advisories | CVE-2007-0493, CVE-2007-0494, CVE-2008-0122, CVE-2009-4022, CVE-2010-0097, CVE-2012-1667, CVE-2012-4244, CVE-2012-5166
SHA-256 | 172ff73cf346da8d896484da1bbb74a962da41e89f917e23789840d3a1898675
HP Security Bulletin HPSBHF03510 1
Posted Jan 29, 2016
Authored by HP | Site hp.com

HP Security Bulletin HPSBHF03510 1 - A potential security vulnerability has been identified in HP Integrated Lights Out 2/3/4. The TLS vulnerability using US export-grade 512-bit keys in Diffie-Hellman key exchange known as "Logjam" could be exploited remotely to allow unauthorized modification. Unlike the TLS server-side version of Logjam, this vulnerability affects the client-side TLS connection on iLO, or when the iLO acts as a client in a client-server connection. Revision 1 of this advisory.

tags | advisory
advisories | CVE-2015-4000
SHA-256 | 199db3ee349f25e9e2fdaf21db7af5a54640ca7785affe30de49926d26d552e8
iScripts EasyCreate 3.0 Remote Code Execution
Posted Jan 29, 2016
Authored by Bikramaditya Guha | Site zeroscience.mk

iScripts EasyCreate version 3.0 remote code execution exploit.

tags | exploit, remote, code execution
SHA-256 | f9eba4403db1851e2983b19c6120edd812642398ce364387499ea02c62b073c8
iScripts EasyCreate 3.0 XSS / CSRF / SQL Injection
Posted Jan 29, 2016
Authored by Bikramaditya Guha | Site zeroscience.mk

iScripts EasyCreate version 3.0 suffers from cross site request forgery, cross site scripting, and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection, csrf
SHA-256 | 51ba21e8c993b54fdc5c2aaa20bde5026d37b022b8f86570e770abcecf88e995
ManageEngine Eventlog Analyzer 10 Privilege Escalation
Posted Jan 29, 2016
Authored by Nicholas Lehman

ManageEngine Eventlog Analyzer versions 4.0 through 10 suffer from a privilege escalation vulnerability.

tags | exploit
SHA-256 | 034c23483e09b9bbd65889d639878efb6d10683ad57d5d65f664f30bd1ef86d5
HP Security Bulletin HPSBHF03419 3
Posted Jan 29, 2016
Authored by HP | Site hp.com

HP Security Bulletin HPSBHF03419 3 - A potential security vulnerability has been identified in HPE Networking Products. This is a Virtual routing and forwarding (VRF) hopping vulnerability that could be exploited remotely resulting in Denial of Service (DoS) or unauthorized access. Note: This vulnerability could be exploited remotely as a result of the following network interface conditions: VRF (Virtual Routing and Forwarding) is enabled. MPLS (Multiprotocol Label Switching) is disabled. MPLS-labeled packets are received that match FIB (Forwarding Information Base) entries. When all the above conditions exist, the interface could incorrectly forward the MPLS-labeled packets. Revision 3 of this advisory.

tags | advisory, denial of service
advisories | CVE-2015-5434
SHA-256 | d12057a6756234c7135ccc5f772d5eb69b1f112e1fef08ddd290a77f5c0932b8
ManageEngine Network Configuration Management Build 11000 CSRF
Posted Jan 29, 2016
Authored by Kaustubh G. Padwad

ManageEngine Network Configuration Management build 11000 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | b4748784f8dee5785fb74729ebcd54c6263a9b3b6fefef6c72fb3f86e7114d00
Avira Cross Site Scripting
Posted Jan 29, 2016
Authored by RootByte

translate.avira.com suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | d71d8ff7e41f6aa75bf4b383a4ad84b35a924e19ee1f73dce983f4e1bc088f07
WordPress Simple Add Pages Or Posts 1.6 Cross Site Request Forgery
Posted Jan 29, 2016
Authored by ALIREZA_PROMIS

WordPress Simple Add Pages Or Posts plugin version 1.6 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | ab8bac74ee5d413168f78d2233fb3bb883e68e5e590064e748bff8fc30fba72a
HP Security Bulletin HPSBGN03542 1
Posted Jan 29, 2016
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN03542 1 - A vulnerability in Apache Commons Collections for handling Java object deserialization was addressed by HPE Operations Manager for Windows. The vulnerability could be exploited remotely to allow remote code execution. Revision 1 of this advisory.

tags | advisory, java, remote, code execution
systems | windows
advisories | CVE-2016-1985
SHA-256 | f393ae1ffb7884abbf8bc85c4778f72a5961128df05dd3cc435aec1682afd7eb
ProjectSend r582 Bypass / SQL Injection / File Read
Posted Jan 29, 2016
Authored by Filippo Cavallarin

ProjetSend version r582 suffers from authentication bypass, remote SQL injection, insecure direct object reference, and directory traversal / arbitrary file read vulnerabilities.

tags | exploit, remote, arbitrary, vulnerability, sql injection
SHA-256 | 30a7ef29c39349514e61a5f8a115ccf83f446d7245c39cf98e1cee88497c7dbe
Apache Hive 1.0.1 / 1.1.0 / 1.2.1 Authorization Bug Disclosure
Posted Jan 29, 2016
Authored by Sushanth Sowmyan, Olaf Flebbe

Some partition-level operations exist that do not explicitly also authorize privileges of the parent table. This can lead to issues when the parent table would have denied the operation, but no denial occurs because the partition-level privilege is not checked by the authorization framework, which defines authorization entities only from the table level upwards. This issue is known to affect Hive clusters protected by both Ranger as well as SqlStdHiveAuthorization. Apache Hive versions 1.0.0 through 1.0.1, 1.1.0 through 1.1.1, and 1.2.0 through 1.2.1 are affected.

tags | advisory, info disclosure
advisories | CVE-2015-7521
SHA-256 | 1e3f7eddd341045ea6ba03ec5ed1a303d3cb2b39f09dc8a24cf4afaabbfcad13
HP Security Bulletin HPSBHF03538 1
Posted Jan 29, 2016
Authored by HP | Site hp.com

HP Security Bulletin HPSBHF03538 1 - Potential security vulnerabilities in Adobe Flash have been addressed with HPE iMC Service Health Manager (SHM), and iMC PLAT. The vulnerabilities could be exploited remotely resulting in execution of code or Denial of Service (DoS). Revision 1 of this advisory.

tags | advisory, denial of service, vulnerability
advisories | CVE-2015-3113, CVE-2015-5122
SHA-256 | 021fafb148eaa7499368e2f492a72e294ccb2bb8b74ab1e934650ab7292fb145
HP Security Bulletin HPSBHF03535 3
Posted Jan 29, 2016
Authored by HP | Site hp.com

HP Security Bulletin HPSBHF03535 3 - Potential security vulnerabilities in Adobe Flash have been addressed with HPE iMC Service Health Manager (SHM) and iMC PLAT. The vulnerabilities could be exploited remotely resulting in execution of code, Denial of Service (DoS), or other impacts to affect confidentiality, integrity, and availability. Revision 3 of this advisory.

tags | advisory, denial of service, vulnerability
advisories | CVE-2015-5568, CVE-2015-5570, CVE-2015-5571, CVE-2015-5572, CVE-2015-5573, CVE-2015-5574, CVE-2015-5575, CVE-2015-5576, CVE-2015-5577, CVE-2015-5578, CVE-2015-5579, CVE-2015-5580, CVE-2015-5581, CVE-2015-5582, CVE-2015-5584, CVE-2015-5587, CVE-2015-5588, CVE-2015-6676, CVE-2015-6677, CVE-2015-6678, CVE-2015-6679, CVE-2015-6682
SHA-256 | f3a3c76102909b14ccbb8a9688572e5d7ba30e69104f6f891e6671e9e131ecfe
Linux TCP Reverse Shell Shellcode
Posted Jan 29, 2016
Authored by Sathish Kumar

122 bytes small Linux/x64 TCP reverse shell with password. Polymorphic version.

tags | shell, tcp, shellcode
systems | linux
SHA-256 | e8424d124c151ace53fdcbf7276880cb684cf019d4f630594c5daae15d6852d4
Netlife Photosuite Pro Cross Site Scripting
Posted Jan 29, 2016
Authored by Vulnerability Laboratory, Iran Cyber Security Group | Site vulnerability-lab.com

Netlife Photosuite Pro suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 0c7c875acadcc0098213a235d881dab365901c71f67c44cdafe87717db941b99
Page 1 of 1
Back1Next

File Archive:

February 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    11 Files
  • 2
    Feb 2nd
    9 Files
  • 3
    Feb 3rd
    5 Files
  • 4
    Feb 4th
    0 Files
  • 5
    Feb 5th
    0 Files
  • 6
    Feb 6th
    9 Files
  • 7
    Feb 7th
    32 Files
  • 8
    Feb 8th
    0 Files
  • 9
    Feb 9th
    0 Files
  • 10
    Feb 10th
    0 Files
  • 11
    Feb 11th
    0 Files
  • 12
    Feb 12th
    0 Files
  • 13
    Feb 13th
    0 Files
  • 14
    Feb 14th
    0 Files
  • 15
    Feb 15th
    0 Files
  • 16
    Feb 16th
    0 Files
  • 17
    Feb 17th
    0 Files
  • 18
    Feb 18th
    0 Files
  • 19
    Feb 19th
    0 Files
  • 20
    Feb 20th
    0 Files
  • 21
    Feb 21st
    0 Files
  • 22
    Feb 22nd
    0 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close