exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 21 of 21 RSS Feed

Files Date: 2015-03-13

Jolla Phone URI Spoofing
Posted Mar 13, 2015
Authored by Nikolas Sotiriu

Jolla Phone with Sailfish OS versions 1.1.1.27 and below suffer from a telephone URI spoofing vulnerability.

tags | exploit, telephony, spoof
SHA-256 | 1e5ea6ababa53a368f6ee034d8c4f08f4e032acffd627cadd356717cfecfc988
X2Engine 5.0.4 Platinum Edition Cross Site Request Forgery
Posted Mar 13, 2015
Authored by Provensec

X2Engine version 5.0.4 Platinum Edition suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | f6273835fcbc357b84db088dd67b35d761e655a071f007034509965aad09b06b
Debian Security Advisory 3186-1
Posted Mar 13, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3186-1 - It was discovered that the Mozilla Network Security Service library (nss) incorrectly handled certain ASN.1 lengths. A remote attacker could possibly use this issue to perform a data-smuggling attack.

tags | advisory, remote
systems | linux, debian
advisories | CVE-2014-1569
SHA-256 | 7294ffa98790572d8f3abed1868667796a0c483dfdc3d3fb6c341a264192e061
HP Security Bulletin HPSBMU03262 1
Posted Mar 13, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU03262 1 - A potential security vulnerability has been identified with the HP Version Control Agent running OpenSSL on Linux and Windows. This vulnerability is the SSLv3 vulnerability known as "Padding Oracle on Downgraded Legacy Encryption" or "POODLE", which could be exploited remotely to allow disclosure of information. A second vulnerability could be exploited to cause a Denial of Service (Dos). Revision 1 of this advisory.

tags | advisory, denial of service
systems | linux, windows
advisories | CVE-2014-3566, CVE-2014-5139
SHA-256 | 3070c93bed6df14907b630c3ebe05a9126aa3b2daaf9c039c582f171e5459ee0
HP Security Bulletin HPSBMU03283 1
Posted Mar 13, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU03283 1 - Potential security vulnerabilities have been identified with the HP Virtual Connect Enterprise Manager SDK running OpenSSL on Windows. This vulnerability is the SSLv3 vulnerability known as "Padding Oracle on Downgraded Legacy Encryption" or "POODLE", which could be exploited remotely to allow disclosure of information. A second vulnerability could be exploited remotely to cause a Denial of Service (DoS). Revision 1 of this advisory.

tags | advisory, denial of service, vulnerability
systems | windows
advisories | CVE-2014-3566, CVE-2014-5139
SHA-256 | e27dcfd6cd09d50186dec0335d199a458b61fa56be2ef9e1fe57e6eb379a654a
HostingTakip 3.0 Cross Site Scripting
Posted Mar 13, 2015
Authored by KnocKout

HostingTakip version 3.0 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | e84df106491146ae09a5324d7fd4008af8c5914b682af96382f69c5222426db0
HP Security Bulletin HPSBMU03259 1
Posted Mar 13, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU03259 1 - A potential security vulnerability has been identified with the HP Version Control Repository Manager running OpenSSL on Linux and Windows. This vulnerability is the SSLv3 vulnerability known as "Padding Oracle on Downgraded Legacy Encryption" or "POODLE", which could be exploited remotely to allow disclosure of information. Revision 1 of this advisory.

tags | advisory
systems | linux, windows
advisories | CVE-2014-3566, CVE-2014-5139
SHA-256 | e66580f50053979a4ee06fd4efe139a4830d38cf5306fda4554c8a9b541a4454
HP Security Bulletin HPSBMU03267 1
Posted Mar 13, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU03267 1 - Potential security vulnerabilities have been identified with the HP Matrix Operating Environment and HP CloudSystem Matrix running OpenSSL. These vulnerabilities comprise the SSLv3 vulnerability known as "Padding Oracle on Downgraded Legacy Encryption" or "POODLE", which could be exploited remotely to allow disclosure of information. Revision 1 of this advisory.

tags | advisory, vulnerability
advisories | CVE-2014-3508, CVE-2014-3509, CVE-2014-3511, CVE-2014-3513, CVE-2014-3566, CVE-2014-3567, CVE-2014-3568, CVE-2014-5139
SHA-256 | 5570b2af5b9b8cf9e59116ff814ca6462db2c1e427ac11943e2afd22e6120ee4
Mandriva Linux Security Advisory 2015-058
Posted Mar 13, 2015
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2015-058 - Multiple vulnerabilities has been found and corrected in the Linux kernel. The Crypto API in the Linux kernel before 3.18.5 allows local users to load arbitrary kernel modules via a bind system call for an AF_ALG socket with a module name in the salg_name field, a different vulnerability than CVE-2014-9644. arch/x86/kvm/vmx.c in the KVM subsystem in the Linux kernel before 3.17.2 on Intel processors does not ensure that the value in the CR4 control register remains the same after a VM entry, which allows host OS users to kill arbitrary processes or cause a denial of service by leveraging /dev/kvm access, as demonstrated by PR_SET_TSC prctl calls within a modified copy of QEMU. Various other issues have also been addressed. The updated packages provides a solution for these security issues.

tags | advisory, denial of service, arbitrary, x86, kernel, local, cryptography, vulnerability
systems | linux, mandriva
advisories | CVE-2013-7421, CVE-2014-3690, CVE-2014-8133, CVE-2014-8160, CVE-2014-8989, CVE-2014-9419, CVE-2014-9420, CVE-2014-9428, CVE-2014-9529, CVE-2014-9584, CVE-2014-9585, CVE-2014-9644, CVE-2014-9683, CVE-2015-0239
SHA-256 | 9e3286645b07ba09497f299f4db502238c2d94c89713da2d000ee34aeb276a28
IPass Control Pipe Remote Command Execution
Posted Mar 13, 2015
Authored by Matthias Kaiser | Site metasploit.com

This Metasploit module exploits a vulnerability in the IPass Client service. This service provides a named pipe which can be accessed by the user group BUILTIN\Users. This pipe can be abused to force the service to load a DLL from a SMB share.

tags | exploit
advisories | CVE-2015-0925
SHA-256 | b5d8f54940bc4ede44feb2e40c9032e54af84e76987e017af72d9a90a42d3fda
Alkacon OpenCms 9.5.1 Cross Site Scripting
Posted Mar 13, 2015
Authored by Rehan Ahmed

Alkacon OpenCms version 9.5.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 41e618a34618c4ea7f427c631a2d3cceb9a56206a46ab3e6be6915dfa1f435af
WordPress SEO By Yoast 1.7.3.3 SQL Injection
Posted Mar 13, 2015
Authored by Ryan Dewhurst

WordPress SEO by Yoast plugin versions 1.7.3.3 and below suffer from a remote blind SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 89502f8d9383075084f39e19b7cba82ec0e7453af24a56aba620e367db699048
WordPress WPML XSS / Deletion / SQL Injection
Posted Mar 13, 2015
Authored by Jouko Pynnonen | Site klikki.fi

WordPress WPML plugin versions prior to 3.1.9.1 suffer from remote SQL injection, cross site scripting, and page/post/menu deletion vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
SHA-256 | ba54a3b1a46db6292b5bd15e0b1a454fed02128f7e7bf7ce3995d4fa7d872962
Codiad 2.5.3 Local File Inclusion
Posted Mar 13, 2015
Authored by TUNISIAN CYBER

Codiad version 2.5.3 suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
SHA-256 | 138cade715f049322ab7684bf6eca673c9ae52712b00162f8344967ae914782b
iPass Mobile Client 2.4.2.15122 Privilege Escalation
Posted Mar 13, 2015
Authored by Hans-Martin Muench

iPass Mobile Client version 2.4.2.15122 suffers from a local privilege escalation vulnerability.

tags | exploit, local
SHA-256 | bd007d26621d154125e049c9012e6a55d1250112d7f68cf635a95297806bc04a
Ckeditor 4.4.7 Shell Upload / Cross Site Scripting
Posted Mar 13, 2015
Authored by KedAns-Dz

Ckeditor version 4.4.7.x suffers from cross site scripting and remote shell upload vulnerabilities.

tags | exploit, remote, shell, vulnerability, xss
SHA-256 | ff9f0475f02a2da2c698414df7fb0c688da73c1d1cf63ce8051b290f339e9813
Debian Security Advisory 3185-1
Posted Mar 13, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3185-1 - Multiple vulnerabilities were discovered in libgcrypt.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2014-3591, CVE-2015-0837
SHA-256 | 6ce9b887c204b8096051a3210b40087e29d2d0a48576ee311154e2278f174168
Debian Security Advisory 3184-1
Posted Mar 13, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3184-1 - Multiple vulnerabilities were discovered in GnuPG, the GNU Privacy Guard.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2014-3591, CVE-2015-0837, CVE-2015-1606
SHA-256 | 13c6d025c2d9c1babbfd6860c323e1e6fb7e4b31a5784250a5d788a74db32f6d
HP Security Bulletin HPSBMU02895 SSRT101253 5
Posted Mar 13, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU02895 SSRT101253 5 - Potential security vulnerabilities have been identified with HP Data Protector. These vulnerabilities could be remotely exploited to allow an increase of privilege, create a Denial of Service (DoS), or execute arbitrary code. Revision 5 of this advisory.

tags | advisory, denial of service, arbitrary, vulnerability
advisories | CVE-2013-2344, CVE-2013-2345, CVE-2013-2346, CVE-2013-2347, CVE-2013-2348, CVE-2013-2349, CVE-2013-2350, CVE-2013-6194, CVE-2013-6195
SHA-256 | e50dd995f1f6f713a3f3629e34b81f5ba16eeee02fe373e72089093cdf4ec49d
HP Security Bulletin HPSBGN03249 1
Posted Mar 13, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN03249 1 - Potential security vulnerabilities has been identified with HP ArcSight Enterprise Security Manager (ESM) and HP ArcSight Logger. These vulnerabilities could be exploited remotely resulting in multiple vulnerabilities. Revision 1 of this advisory.

tags | advisory, vulnerability
advisories | CVE-2014-7884, CVE-2014-7885
SHA-256 | a1fcb6710194bea41a6157ec927e5e7a8625608e6de1114603ab1e43103da423
Debian Security Advisory 3183-1
Posted Mar 13, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3183-1 - Multiple vulnerabilities have been discovered in Movable Type, a blogging system.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2013-2184, CVE-2014-9057, CVE-2015-1592
SHA-256 | 592285dca6bd1637579875edf0125b54ba6eea6444a6e82c168ebfdfbaf2fa79
Page 1 of 1
Back1Next

File Archive:

December 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    0 Files
  • 2
    Dec 2nd
    41 Files
  • 3
    Dec 3rd
    25 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close