exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 15 of 15 RSS Feed

Files Date: 2015-02-17 to 2015-02-18

Red Hat Security Advisory 2015-0235-01
Posted Feb 17, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-0235-01 - Red Hat JBoss BRMS is a business rules management system for the management, storage, creation, modification, and deployment of JBoss Rules. This roll up patch serves as a cumulative upgrade for Red Hat JBoss BRMS 6.0.3, and includes bug fixes and enhancements. It includes various bug fixes, which are listed in the README file included with the patch files.

tags | advisory
systems | linux, redhat
advisories | CVE-2012-6153, CVE-2013-4002, CVE-2013-5855, CVE-2014-0005, CVE-2014-0075, CVE-2014-0096, CVE-2014-0099, CVE-2014-0119, CVE-2014-0193, CVE-2014-0227, CVE-2014-3472, CVE-2014-3490, CVE-2014-3530, CVE-2014-3558, CVE-2014-3577, CVE-2014-3578, CVE-2014-3625, CVE-2014-3682, CVE-2014-8114, CVE-2014-8115
SHA-256 | f64f2ca65fbace1e4788ea16f69ecf599345eb34f981247acfbecdcca41d5401
Red Hat Security Advisory 2015-0234-01
Posted Feb 17, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-0234-01 - Red Hat JBoss BPM Suite is a business rules and processes management system for the management, storage, creation, modification, and deployment of JBoss rules and BPMN2-compliant business processes. This roll up patch serves as a cumulative upgrade for Red Hat JBoss BPM Suite 6.0.3, and includes bug fixes and enhancements. It includes various bug fixes, which are listed in the README file included with the patch files.

tags | advisory
systems | linux, redhat
advisories | CVE-2012-6153, CVE-2013-4002, CVE-2013-5855, CVE-2014-0005, CVE-2014-0075, CVE-2014-0096, CVE-2014-0099, CVE-2014-0119, CVE-2014-0193, CVE-2014-0227, CVE-2014-3472, CVE-2014-3490, CVE-2014-3530, CVE-2014-3558, CVE-2014-3577, CVE-2014-3578, CVE-2014-3625, CVE-2014-3682, CVE-2014-8114, CVE-2014-8115
SHA-256 | 89d8125129242bfb26c8918f339b601f902009b742ed74af25c35427a3a89137
Gentoo Linux Security Advisory 201502-13
Posted Feb 17, 2015
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201502-13 - Multiple vulnerabilities have been found in Chromium, the worst of which can allow remote attackers to cause Denial of Service or gain escalated privileges. Versions less than 40.0.2214.111 are affected.

tags | advisory, remote, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2014-7923, CVE-2014-7924, CVE-2014-7925, CVE-2014-7926, CVE-2014-7927, CVE-2014-7928, CVE-2014-7929, CVE-2014-7930, CVE-2014-7931, CVE-2014-7932, CVE-2014-7933, CVE-2014-7934, CVE-2014-7935, CVE-2014-7936, CVE-2014-7937, CVE-2014-7938, CVE-2014-7939, CVE-2014-7940, CVE-2014-7941, CVE-2014-7942, CVE-2014-7943, CVE-2014-7944, CVE-2014-7945, CVE-2014-7946, CVE-2014-7947, CVE-2014-7948, CVE-2014-9646, CVE-2014-9647
SHA-256 | b141f2ae3308d17a9226400eb6145c29f4202b6063a681a62050f283b886aff1
Ubuntu Security Notice USN-2502-1
Posted Feb 17, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2502-1 - William Robinet discovered that unzip incorrectly handled certain malformed zip archives. If a user or automated system were tricked into processing a specially crafted zip archive, an attacker could possibly execute arbitrary code.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2015-1315
SHA-256 | 26a756ea3fbaeff19e1d0e0deb700676c0f98e2026f1ad3ff1168c507a5d3260
Ubuntu Security Notice USN-2501-1
Posted Feb 17, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2501-1 - Stefan Esser discovered that PHP incorrectly handled unserializing objects. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2015-0231) Brian Carpenter discovered that the PHP CGI component incorrectly handled invalid files. A local attacker could use this issue to obtain sensitive information, or possibly execute arbitrary code. This issue only affected Ubuntu 14.04 LTS and Ubuntu 14.10. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, local, cgi, php
systems | linux, ubuntu
advisories | CVE-2014-8142, CVE-2014-9427, CVE-2014-9652, CVE-2015-0231, CVE-2015-0232, CVE-2015-1351, CVE-2015-1352
SHA-256 | 87581be317b7551f9d11aa00fc90c8ccbf8b821794084bfafde6b9df107ac894
X360 VideoPlayer ActiveX Control Buffer Overflow
Posted Feb 17, 2015
Authored by Rh0, juan vazquez | Site metasploit.com

This Metasploit module exploits a buffer overflow in the VideoPlayer.ocx ActiveX installed with the X360 Software. By setting an overly long value to 'ConvertFile()',an attacker can overrun a .data buffer to bypass ASLR/DEP and finally execute arbitrary code.

tags | exploit, overflow, arbitrary, activex
SHA-256 | 4db85b31081245af192050fe8238d0162d228493f03b7b13875c3b7820cfcf47
Java JMX Server Insecure Configuration Java Code Execution
Posted Feb 17, 2015
Authored by Braden Thomas, juan vazquez | Site metasploit.com

This Metasploit module takes advantage a Java JMX interface insecure configuration, which would allow loading classes from any remote (HTTP) URL. JMX interfaces with authentication disabled (com.sun.management.jmxremote.authenticate=false) should be vulnerable, while interfaces with authentication enabled will be vulnerable only if a weak configuration is deployed (allowing to use javax.management.loading.MLet, having a security manager allowing to load a ClassLoader MBean, etc.).

tags | exploit, java, remote, web
SHA-256 | 613d2a6ea0710e79632bd00382a3b337e054c8c877f492ee49389de90972e239
Ubuntu Security Notice USN-2500-1
Posted Feb 17, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2500-1 - Olivier Fourdan discovered that the X.Org X server incorrectly handled XkbSetGeometry requests resulting in an information leak. An attacker able to connect to an X server, either locally or remotely, could use this issue to possibly obtain sensitive information. It was discovered that the X.Org X server incorrectly handled certain trapezoids. An attacker able to connect to an X server, either locally or remotely, could use this issue to possibly crash the server. This issue only affected Ubuntu 12.04 LTS. Various other issues were also addressed.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2013-6424, CVE-2015-0255
SHA-256 | fe374163e95255581fae4cb946e899828286ba84ef6853a6cf93f337dfe7c699
GuppY CMS 5.0.9 / 5.00.10 CSRF / Shell Upload
Posted Feb 17, 2015
Authored by Brandon Murphy

GuppY CMS versions 5.0.9 and 5.00.10 suffer from cross site request forgery and remote shell upload vulnerabilities.

tags | exploit, remote, shell, vulnerability, csrf
SHA-256 | 9a3a91d62ffa8289884c5091a6ca64c976b4470ba86c18aec9bebc32fad89d18
GuppY CMS 5.0.9 / 5.00.10 Authentication Bypass / Change Email
Posted Feb 17, 2015
Authored by Brandon Murphy

GuppY CMS versions 5.0.9 and 5.00.10 remote authentication bypass and change email exploit.

tags | exploit, remote, bypass
SHA-256 | 36e3e2286e3151843a486f4cd508000884e24b197a7a6d028b671071e13baa93
WordPress Image Metadata Cruncher CSRF / XSS
Posted Feb 17, 2015
Authored by Kaustubh G. Padwad

WordPress Image Metadata Cruncher plugin suffers from cross site request forgery and stored cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
advisories | CVE-2015-1614
SHA-256 | a71d4db68d33bab99d72ce08102acacd4dc6e74c00da2d2005ee5a51028d788f
D-Link DSL-2640B Unauthenticated Remote DNS Changer
Posted Feb 17, 2015
Authored by Todor Donev

Remote exploit for changing DNS settings unauthenticated on the D-Link DSL-2640B.

tags | exploit, remote
SHA-256 | 16ab1d79cb7cf86f00b8d3d3e809b23c74f2de54632f5804f5f0d5dc9ed96331
Ebay Magento Script Insertion
Posted Feb 17, 2015
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

Ebay's Magento application suffers from a malicious script insertion vulnerability.

tags | exploit
SHA-256 | 98046449149e9e2050e711f04559c114518ccffa68815ddf7538d67d5a826afc
ES File Explorer 3.2.4.1 Path Traversal
Posted Feb 17, 2015
Authored by Hadji Samir, Vulnerability Laboratory | Site vulnerability-lab.com

ES File Explorer version 3.2.4.1 suffers from a path traversal vulnerability.

tags | exploit
advisories | CVE-2015-1876
SHA-256 | b664b0fa935a7e23700055f21d93485cc52bc04420786148ceb2c3350d171408
Samhain File Integrity Checker 3.1.4
Posted Feb 17, 2015
Authored by Rainer Wichmann | Site samhain.sourceforge.net

Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.

Changes: Added non-existent file to the regression test config. Multiple bug fixes.
tags | tool, tcp, intrusion detection
systems | linux, unix, solaris, aix, hpux, unixware
SHA-256 | cb45c5189b47e0f9d97bd9f565d89125a13b55a0c8e3c774fdf71d8e9345599a
Page 1 of 1
Back1Next

File Archive:

September 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    23 Files
  • 2
    Sep 2nd
    12 Files
  • 3
    Sep 3rd
    0 Files
  • 4
    Sep 4th
    0 Files
  • 5
    Sep 5th
    10 Files
  • 6
    Sep 6th
    8 Files
  • 7
    Sep 7th
    30 Files
  • 8
    Sep 8th
    14 Files
  • 9
    Sep 9th
    26 Files
  • 10
    Sep 10th
    0 Files
  • 11
    Sep 11th
    0 Files
  • 12
    Sep 12th
    5 Files
  • 13
    Sep 13th
    28 Files
  • 14
    Sep 14th
    15 Files
  • 15
    Sep 15th
    17 Files
  • 16
    Sep 16th
    9 Files
  • 17
    Sep 17th
    0 Files
  • 18
    Sep 18th
    0 Files
  • 19
    Sep 19th
    12 Files
  • 20
    Sep 20th
    15 Files
  • 21
    Sep 21st
    20 Files
  • 22
    Sep 22nd
    13 Files
  • 23
    Sep 23rd
    12 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    30 Files
  • 27
    Sep 27th
    27 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close