what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 15 of 15 RSS Feed

Files Date: 2016-05-25

HP Security Bulletin HPSBMU03600 1
Posted May 25, 2016
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU03600 1 - HPE Insight Control server provisioning has addressed security vulnerabilities in OpenSSL that could be exploited remotely resulting in Denial of Service (DoS). Revision 1 of this advisory.

tags | advisory, denial of service, vulnerability
advisories | CVE-2016-0705, CVE-2016-0799, CVE-2016-2842
SHA-256 | 341dae9f50ec43fb24b92ecde65911dbb8eba0c9ce6d5266796050698f106475
HP Security Bulletin HPSBUX03606 1
Posted May 25, 2016
Authored by HP | Site hp.com

HP Security Bulletin HPSBUX03606 1 - Potential security vulnerabilities have been identified in HP-UX running the Apache Tomcat 7 Servlet Engine. These vulnerabilities could be exploited remotely resulting in URL redirection, access restriction bypass, Cross-Site Request Forgery (CSRF), directory traversal, unauthorized read access to data, execution of arbitrary code with privilege elevation, or Denial of Service (DoS). Revision 1 of this advisory.

tags | advisory, denial of service, arbitrary, vulnerability, csrf
systems | hpux
advisories | CVE-2015-5174, CVE-2015-5345, CVE-2015-5346, CVE-2015-5351, CVE-2016-0706, CVE-2016-0714, CVE-2016-0763
SHA-256 | df62ff6655a43fb30ff150baa36bd88eeea1345a5f855edc60c502d45bb1d955
HP Security Bulletin HPSBMU03601 1
Posted May 25, 2016
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU03601 1 - HPE Insight Control server deployment has addressed the following security vulnerabilities: The Cross-protocol Attack on TLS using SSLv2 also known as "DROWN" which could be exploited remotely resulting in disclosure of information Multiple OpenSSL vulnerabilities which could be remotely exploited resulting in Denial of Service (DoS) Multiple vulnerabilities that can be exploited locally resulting in Cross-site scripting (XSS), and Information Disclosure. Revision 1 of this advisory.

tags | advisory, denial of service, vulnerability, protocol, xss, info disclosure
advisories | CVE-2016-0705, CVE-2016-0799, CVE-2016-0800, CVE-2016-2842
SHA-256 | 5d35db5021a3e1e977bf248f0f4d2e0973624f00926593096b12913d74b63dac
VMWare vSphere Web Client 6.0 Cross Site Scripting
Posted May 25, 2016
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

VMWare vSphere web client versions 5.1 through 6.0 suffer from a flash cross site scripting vulnerability.

tags | exploit, web, xss
advisories | CVE-2016-2078
SHA-256 | c8bcafc14366eb011661d7807d12b5eae2d46687efbe3ab82c1bfd0c94794b23
Cisco Security Advisory 20160525-ipv6
Posted May 25, 2016
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - A vulnerability in the IP Version 6 (IPv6) packet processing functions of Cisco IOS XR Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to stop processing IPv6 traffic, leading to a denial of service (DoS) condition on the device. The vulnerability is due to insufficient processing logic for crafted IPv6 packets that are sent to an affected device. An attacker could exploit this vulnerability by sending crafted IPv6 Neighbor Discovery packets to an affected device for processing. A successful exploit could allow the attacker to cause the device to stop processing IPv6 traffic, leading to a DoS condition on the device. Cisco will release software updates that address this vulnerability. There are no workarounds that address this vulnerability.

tags | advisory, remote, denial of service
systems | cisco, osx
SHA-256 | 422dd95ef9c0a22224d798a49ef218e76220a608771dbadde196bfc3eb0fb2fb
Ubuntu Security Notice USN-2950-5
Posted May 25, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2950-5 - USN-2950-1 fixed vulnerabilities in Samba. USN-2950-3 updated Samba to version 4.3.9, which introduced a regression when using the ntlm_auth tool. This update fixes the problem. Jouni Knuutinen discovered that Samba contained multiple flaws in the DCE/RPC implementation. A remote attacker could use this issue to perform a denial of service, downgrade secure connections by performing a man in the middle attack, or possibly execute arbitrary code. Stefan Metzmacher discovered that Samba contained multiple flaws in the NTLMSSP authentication implementation. A remote attacker could use this issue to downgrade connections to plain text by performing a man in the middle attack. Alberto Solino discovered that a Samba domain controller would establish a secure connection to a server with a spoofed computer name. A remote attacker could use this issue to obtain sensitive information. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, spoof, vulnerability
systems | linux, ubuntu
advisories | CVE-2015-5370, CVE-2016-2110, CVE-2016-2111, CVE-2016-2112, CVE-2016-2113, CVE-2016-2114, CVE-2016-2115, CVE-2016-2118
SHA-256 | a5115fbeb6574c22cf7909ecfb3b0b6ae9b4be9907873ac8ac4827c6e8dc2822
PHP CRUD 1.4 Backdoor Accounts
Posted May 25, 2016
Authored by indoushka

PHP CRUD version 1.4 comes installed with weakly protected backdoor accounts.

tags | exploit, php
SHA-256 | afbdbdccb8b0070e88719f96bce319853dcec0ef7e570a7a2e94806aad01a7d8
Teampass 2.1.25 Arbitrary File Download
Posted May 25, 2016
Authored by Vulnerability Laboratory, Peter Kok | Site vulnerability-lab.com

Teampass version 2.1.25 suffers from an arbitrary file download.

tags | exploit, arbitrary
SHA-256 | 3edaa0800807b1b4d192d83a6f21a5419b3a9c8e2a27038d5ad01c3ecbf88d59
Teampass 2.1.25 Unauthenticated Access
Posted May 25, 2016
Authored by Vulnerability Laboratory, Peter Kok | Site vulnerability-lab.com

Teampass version 2.1.25 suffers from an unauthenticated access vulnerability.

tags | exploit
SHA-256 | fecc638060588bca639b8060b787f342bada3e6c58c51e9584c086a6cc319278
Open-Xchange OX AppSuite 7.8.0 XSS / Open Redirect
Posted May 25, 2016
Authored by Satish Bommisetty

Open-Xchange OX AppSuite versions 7.8.0 and below suffer from cross site scripting, open redirection, and argument injection vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2016-3173, CVE-2016-3174
SHA-256 | be81227b99ff680bacfa0f6ca34d199f06524971f330e92cb21190ca6a661f2f
dotCMS Email Header Injection
Posted May 25, 2016
Authored by Elar Lang

dotCMS versions prior to 3.5 and 3.3.2 suffers from an email header injection vulnerability.

tags | exploit
advisories | CVE-2016-4803
SHA-256 | 8a2aa086022ce89bb40306dc783a8bd835f0e4f8c1d80ad34fa487953fa9ea7b
Slackware Security Advisory - libarchive Updates
Posted May 25, 2016
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New libarchive packages are available for Slackware 14.1 and -current to fix a security issue.

tags | advisory
systems | linux, slackware
advisories | CVE-2016-1541
SHA-256 | 8dcafe00750b08175eab4172d9b1dd6a10111253f455b4ecf54c3eee62f4cdbb
Red Hat Security Advisory 2016-1106-01
Posted May 25, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1106-01 - jq is a lightweight and flexible command-line JSON processor. jq is like sed for JSON data. You can use it to slice, filter, map, or transform structured data with the same ease that sed, awk, grep, or similar applications allow you to manipulate text. Security Fix: A heap-based buffer overflow flaw was found in jq's tokenadd() function. By tricking a victim into processing a specially crafted JSON file, an attacker could use this flaw to crash jq or, potentially, execute arbitrary code on the victim's system.

tags | advisory, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2015-8863
SHA-256 | 4b8ac741815c3c26582c6c9cb2f86adad564f8ed4ceabcfdafdb836b6ab307c1
Bugcrowd Persistent Script Injection / Filter Bypass
Posted May 25, 2016
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

Bugcrowd's web application suffered from a filter bypass and malicious script insertion vulnerability.

tags | exploit, web
SHA-256 | 0319346452cc49b60abff62b532b7229e6158e1cfd2951b03b793951d0f38e0e
Dounia Creation 1.4 Weak Password / SQL Injection
Posted May 25, 2016
Authored by indoushka

Dounia Creation version 1.4 suffers from remote SQL injection and weak default password vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
SHA-256 | 86d6f70b5e494f3c5826be9dac233fac905a3201a90ce9a807f69878d5a9fc37
Page 1 of 1
Back1Next

File Archive:

December 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    0 Files
  • 2
    Dec 2nd
    41 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close