Exploit the possiblities
Showing 1 - 15 of 15 RSS Feed

Files Date: 2016-05-25

HP Security Bulletin HPSBMU03600 1
Posted May 25, 2016
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU03600 1 - HPE Insight Control server provisioning has addressed security vulnerabilities in OpenSSL that could be exploited remotely resulting in Denial of Service (DoS). Revision 1 of this advisory.

tags | advisory, denial of service, vulnerability
advisories | CVE-2016-0705, CVE-2016-0799, CVE-2016-2842
MD5 | 88aaa7080f31da431044f8c771743758
HP Security Bulletin HPSBUX03606 1
Posted May 25, 2016
Authored by HP | Site hp.com

HP Security Bulletin HPSBUX03606 1 - Potential security vulnerabilities have been identified in HP-UX running the Apache Tomcat 7 Servlet Engine. These vulnerabilities could be exploited remotely resulting in URL redirection, access restriction bypass, Cross-Site Request Forgery (CSRF), directory traversal, unauthorized read access to data, execution of arbitrary code with privilege elevation, or Denial of Service (DoS). Revision 1 of this advisory.

tags | advisory, denial of service, arbitrary, vulnerability, csrf
systems | hpux
advisories | CVE-2015-5174, CVE-2015-5345, CVE-2015-5346, CVE-2015-5351, CVE-2016-0706, CVE-2016-0714, CVE-2016-0763
MD5 | 2d4f0d75b28dab3f3725099b29d0b4b3
HP Security Bulletin HPSBMU03601 1
Posted May 25, 2016
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU03601 1 - HPE Insight Control server deployment has addressed the following security vulnerabilities: The Cross-protocol Attack on TLS using SSLv2 also known as "DROWN" which could be exploited remotely resulting in disclosure of information Multiple OpenSSL vulnerabilities which could be remotely exploited resulting in Denial of Service (DoS) Multiple vulnerabilities that can be exploited locally resulting in Cross-site scripting (XSS), and Information Disclosure. Revision 1 of this advisory.

tags | advisory, denial of service, vulnerability, protocol, xss, info disclosure
advisories | CVE-2016-0705, CVE-2016-0799, CVE-2016-0800, CVE-2016-2842
MD5 | 6904493bcef8837ba9fbdfa70126e03f
VMWare vSphere Web Client 6.0 Cross Site Scripting
Posted May 25, 2016
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

VMWare vSphere web client versions 5.1 through 6.0 suffer from a flash cross site scripting vulnerability.

tags | exploit, web, xss
advisories | CVE-2016-2078
MD5 | 63a316e8e0f0e3527463fd761f293579
Cisco Security Advisory 20160525-ipv6
Posted May 25, 2016
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - A vulnerability in the IP Version 6 (IPv6) packet processing functions of Cisco IOS XR Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to stop processing IPv6 traffic, leading to a denial of service (DoS) condition on the device. The vulnerability is due to insufficient processing logic for crafted IPv6 packets that are sent to an affected device. An attacker could exploit this vulnerability by sending crafted IPv6 Neighbor Discovery packets to an affected device for processing. A successful exploit could allow the attacker to cause the device to stop processing IPv6 traffic, leading to a DoS condition on the device. Cisco will release software updates that address this vulnerability. There are no workarounds that address this vulnerability.

tags | advisory, remote, denial of service
systems | cisco, osx
MD5 | f4102beddffceeda6a5fbc5b637ee0f9
Ubuntu Security Notice USN-2950-5
Posted May 25, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2950-5 - USN-2950-1 fixed vulnerabilities in Samba. USN-2950-3 updated Samba to version 4.3.9, which introduced a regression when using the ntlm_auth tool. This update fixes the problem. Jouni Knuutinen discovered that Samba contained multiple flaws in the DCE/RPC implementation. A remote attacker could use this issue to perform a denial of service, downgrade secure connections by performing a man in the middle attack, or possibly execute arbitrary code. Stefan Metzmacher discovered that Samba contained multiple flaws in the NTLMSSP authentication implementation. A remote attacker could use this issue to downgrade connections to plain text by performing a man in the middle attack. Alberto Solino discovered that a Samba domain controller would establish a secure connection to a server with a spoofed computer name. A remote attacker could use this issue to obtain sensitive information. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, spoof, vulnerability
systems | linux, ubuntu
advisories | CVE-2015-5370, CVE-2016-2110, CVE-2016-2111, CVE-2016-2112, CVE-2016-2113, CVE-2016-2114, CVE-2016-2115, CVE-2016-2118
MD5 | 7f2849110fcafc453c4992ae1b5c5912
PHP CRUD 1.4 Backdoor Accounts
Posted May 25, 2016
Authored by indoushka

PHP CRUD version 1.4 comes installed with weakly protected backdoor accounts.

tags | exploit, php
MD5 | fb011d806339b2d1e6b0bedc665aec51
Teampass 2.1.25 Arbitrary File Download
Posted May 25, 2016
Authored by Peter Kok | Site vulnerability-lab.com

Teampass version 2.1.25 suffers from an arbitrary file download.

tags | exploit, arbitrary
MD5 | 66bcae2816a4a1b4b24d92fe56efbb95
Teampass 2.1.25 Unauthenticated Access
Posted May 25, 2016
Authored by Peter Kok | Site vulnerability-lab.com

Teampass version 2.1.25 suffers from an unauthenticated access vulnerability.

tags | exploit
MD5 | 0785996004e4fb3dc4dc4f99a2048af0
Open-Xchange OX AppSuite 7.8.0 XSS / Open Redirect
Posted May 25, 2016
Authored by Satish Bommisetty

Open-Xchange OX AppSuite versions 7.8.0 and below suffer from cross site scripting, open redirection, and argument injection vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2016-3173, CVE-2016-3174
MD5 | 4cbd115a598b5ec4bbcdf20e9d320320
dotCMS Email Header Injection
Posted May 25, 2016
Authored by Elar Lang

dotCMS versions prior to 3.5 and 3.3.2 suffers from an email header injection vulnerability.

tags | exploit
advisories | CVE-2016-4803
MD5 | 01e1c665f4835c234b4e4b03a6dad311
Slackware Security Advisory - libarchive Updates
Posted May 25, 2016
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New libarchive packages are available for Slackware 14.1 and -current to fix a security issue.

tags | advisory
systems | linux, slackware
advisories | CVE-2016-1541
MD5 | 189763e2c001d95383342942878e8c96
Red Hat Security Advisory 2016-1106-01
Posted May 25, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1106-01 - jq is a lightweight and flexible command-line JSON processor. jq is like sed for JSON data. You can use it to slice, filter, map, or transform structured data with the same ease that sed, awk, grep, or similar applications allow you to manipulate text. Security Fix: A heap-based buffer overflow flaw was found in jq's tokenadd() function. By tricking a victim into processing a specially crafted JSON file, an attacker could use this flaw to crash jq or, potentially, execute arbitrary code on the victim's system.

tags | advisory, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2015-8863
MD5 | 6a099f9d667d0f06edd6ca2458e8bd62
Bugcrowd Persistent Script Injection / Filter Bypass
Posted May 25, 2016
Authored by Benjamin Kunz Mejri | Site vulnerability-lab.com

Bugcrowd's web application suffered from a filter bypass and malicious script insertion vulnerability.

tags | exploit, web
MD5 | 26ea2fadae6cead7b72a7082f7981ffc
Dounia Creation 1.4 Weak Password / SQL Injection
Posted May 25, 2016
Authored by indoushka

Dounia Creation version 1.4 suffers from remote SQL injection and weak default password vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
MD5 | 7f162e0b170abe67bb21784c93a8a67f
Page 1 of 1
Back1Next

File Archive:

November 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    22 Files
  • 2
    Nov 2nd
    28 Files
  • 3
    Nov 3rd
    10 Files
  • 4
    Nov 4th
    1 Files
  • 5
    Nov 5th
    5 Files
  • 6
    Nov 6th
    15 Files
  • 7
    Nov 7th
    15 Files
  • 8
    Nov 8th
    13 Files
  • 9
    Nov 9th
    9 Files
  • 10
    Nov 10th
    9 Files
  • 11
    Nov 11th
    3 Files
  • 12
    Nov 12th
    2 Files
  • 13
    Nov 13th
    15 Files
  • 14
    Nov 14th
    17 Files
  • 15
    Nov 15th
    19 Files
  • 16
    Nov 16th
    15 Files
  • 17
    Nov 17th
    19 Files
  • 18
    Nov 18th
    4 Files
  • 19
    Nov 19th
    2 Files
  • 20
    Nov 20th
    9 Files
  • 21
    Nov 21st
    14 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close