what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 12 of 12 RSS Feed

Files Date: 2016-04-19 to 2016-04-20

EMC ViPR SRM Cross Site Request Forgery
Posted Apr 19, 2016
Site emc.com

EMC ViPR SRM versions prior to 3.7 suffer from multiple cross site request forgery vulnerabilities.

tags | advisory, vulnerability, csrf
advisories | CVE-2016-0891
SHA-256 | 1fb66dd03a74f0b38a6011bb95c1309b0b0f482a95d89477bba6f4236e08b3b0
Oliver 1.3.0 / 1.3.1 Cross Site Scripting
Posted Apr 19, 2016
Authored by Christian Catalano, Rv3Lab, Massimo Piccinno

Oliver versions 1.3.0 and 1.3.1 suffer from reflective cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2014-2710
SHA-256 | 432496911f1411e7822f0277e55dc6ffd1625b86f2ba47830b95a792365b7b98
SAP HANA 102.02 Denial Of Service
Posted Apr 19, 2016
Authored by Mathieu Geli

SAP HANA version 102.02 suffers from a denial of service vulnerability.

tags | advisory, denial of service
SHA-256 | 5fccc7675d88d83dae2c3a0c0c65e2fb0a98ab8777842e235044812b9b499f18
SAP NetWeaver J2EE Engine 7.40 Cross Site Scripting
Posted Apr 19, 2016
Authored by Vahagn Vardanyan

SAP NetWeaver J2EE Engine version 7.40 suffers from a cross site scripting vulnerability.

tags | advisory, xss
SHA-256 | 4655901da59fa913d5474f46ffc2314351dc96a7255647b287423117a2d864b4
Red Hat Security Advisory 2016-0561-02
Posted Apr 19, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0561-02 - In accordance with the Red Hat Enterprise Linux Errata Support Policy, support for Red Hat Enterprise Linux 5 will be retired on March 31, 2017, at the end of Production Phase 3. Until that date, customers will continue to receive Critical impact security patches and selected urgent priority bug fixes for RHEL 5.11. On that date, active support included with your RHEL Premium or Standard subscription will conclude. This means that customers will continue to have access to all previously released content.

tags | advisory
systems | linux, redhat
SHA-256 | 4366eac4b38f0f7fb9596ab285515ca6fc43211529f702b81367eceed768c2f8
HP Security Bulletin HPSBST03576 2
Posted Apr 19, 2016
Authored by HP | Site hp.com

HP Security Bulletin HPSBST03576 2 - A vulnerability in Apache Commons Collections (ACC) for handling Java object deserialization was addressed by HP P9000 and HP XP7 Command View Advanced Edition (CVAE) Suite including Device Manager and Tiered Storage Manager. The vulnerability could be exploited remotely to allow remote code execution. Revision 2 of this advisory.

tags | advisory, java, remote, code execution
advisories | CVE-2016-2003
SHA-256 | f606dc4dc388eed30004af41fb349d384fd9a13645b31d992d7cc1b0d2b4daae
HP Security Bulletin HPSBGN03555 1
Posted Apr 19, 2016
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN03555 1 - Potential security vulnerabilities have been identified with HPE Vertica Analytics Management Console. The vulnerabilities could be remotely exploited resulting in disclosure of sensitive information or execution of arbitrary code with root privileges. Revision 1 of this advisory.

tags | advisory, arbitrary, root, vulnerability
advisories | CVE-2016-2002
SHA-256 | 4f63819779cdddfebe33628e2067a2957a407f873004fdb0efdff6ac05524e30
Ubuntu Security Notice USN-2917-3
Posted Apr 19, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2917-3 - USN-2917-1 fixed vulnerabilities in Firefox. This update caused several web compatibility regressions. This update fixes the problem. Various other issues were also addressed.

tags | advisory, web, vulnerability
systems | linux, ubuntu
advisories | CVE-2016-1950, CVE-2016-1953, CVE-2016-1954, CVE-2016-1955, CVE-2016-1956, CVE-2016-1957, CVE-2016-1958, CVE-2016-1959, CVE-2016-1960, CVE-2016-1961, CVE-2016-1962, CVE-2016-1963, CVE-2016-1964, CVE-2016-1965, CVE-2016-1966, CVE-2016-1967, CVE-2016-1968, CVE-2016-1973, CVE-2016-1974, CVE-2016-2793, CVE-2016-2794, CVE-2016-2795, CVE-2016-2796, CVE-2016-2797, CVE-2016-2798, CVE-2016-2799, CVE-2016-2800, CVE-2016-2801
SHA-256 | 4f190a0b3a5329c140efe8e3eb4e0cb1f1beaabfa751c14f762b50fff0465e04
HP Security Bulletin HPSBMU03575 1
Posted Apr 19, 2016
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU03575 1 - HP Smart Update Manager (SUM) has addressed the following vulnerabilities: The Cross-protocol Attack on TLS using SSLv2 also known as "DROWN", which could be exploited remotely resulting in disclosure of information. Multiple OpenSSL vulnerabilities which could be remotely exploited resulting in Denial of Service (DoS) or other impacts. Revision 1 of this advisory.

tags | advisory, denial of service, vulnerability, protocol
advisories | CVE-2016-0705, CVE-2016-0799, CVE-2016-0800, CVE-2016-2842
SHA-256 | 951b9459376328c5cc2cb9fbe9d2e7233b6bd702b9e72e647dbe0a71bf95c52e
Avast! Sandbox Escape
Posted Apr 19, 2016
Authored by Kyriakos Economou

A design flaw in Avast Sandbox allows a potentially harmful program to escape the sandbox and infect the host by dropping its files out of it and/or by modifying existing legitimate files of any type. Affected products include Avast Internet Security v11.x.x, Avast Pro Antivirus v11.x.x, Avast Premier v11.x.x, Avast Free Antivirus v11.x.x, Avast Business Security v11.x.x, Avast Endpoint Protection v8.x.x, Avast Endpoint Protection Plus v8.x.x, Avast Endpoint Protection Suite v8.x.x, Avast Endpoint Protection Suite Plus v8.x.x, Avast File Server Security v8.x.x, and Avast Email Server Security v8.x.x.

tags | advisory
advisories | CVE-2016-4025
SHA-256 | 7fd3ef05288e1690d62a92d2e2d6b6fd6cc0392156eb537960ff2d8cc0ea7037
Samhain File Integrity Checker 4.1.3
Posted Apr 19, 2016
Authored by Rainer Wichmann | Site samhain.sourceforge.net

Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.

Changes: Various updates.
tags | tool, tcp, intrusion detection
systems | linux, unix, solaris, aix, hpux, unixware
SHA-256 | 5674e9a94fd929ae2cf7a99442b66a0fd91e5d4b0454a1924466b2d9ab2bb770
Windows Kernel DrawMenuBarTemp Wild Write
Posted Apr 19, 2016
Authored by Google Security Research, hawkes

The attached testcases crashes Windows 7 64-bit while attempting to write to an unmapped memory region. On 32-bit Windows 7 it triggers a null pointer read.

tags | exploit
systems | linux, windows
advisories | CVE-2016-0143
SHA-256 | d89d761020ed70dcb07f77ce385b34df9657da7e12a58b54828167ae00247fe1
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close