iVault Private P&V version 1.1 for iOS suffers from a directory traversal vulnerability.
8475893b7d785b8003e63e90143355211736835b580d0d5262083f82440f2a15AppFish Offline Coder version 2.2 for iOS suffers from a persistent script insertion vulnerability.
2c1882b76fa726a744b7d1acaaefdc3d30d552e0f9c68a7c31b67f419b719f30The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing. ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually. Windows installer.
07a2506dfd6d9373dbb310c5f4e097293e9fda6957e846c06ca468f761518b57BlueMe Bluetooth version 5.0 for iOS suffers from a code execution vulnerability.
37d626f0020b96718d8daa286f2bae2c4ef35dbcc55bc04a265984572ffcd37aRed Hat Security Advisory 2014-0396-01 - The rhev-hypervisor6 package provides a Red Hat Enterprise Virtualization Hypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor is a dedicated Kernel-based Virtual Machine hypervisor. It includes everything necessary to run and manage virtual machines: a subset of the Red Hat Enterprise Linux operating environment and the Red Hat Enterprise Virtualization Agent. Important: This update is an emergency security fix being provided outside the scope of the published support policy for Red Hat Enterprise Virtualization listed in the References section. In accordance with the support policy for Red Hat Enterprise Virtualization, Red Hat Enterprise Virtualization Hypervisor 3.2 will not receive future security updates.
5a76bbf4a3610d00ea8756ca706bb91a0a601cf5a8ce2754e9d6a6368d853e8cMandriva Linux Security Advisory 2014-075 - The BEGIN regular expression in the awk script detector in magic/Magdir/commands in file before 5.15 uses multiple wildcards with unlimited repetitions, which allows context-dependent attackers to cause a denial of service via a crafted ASCII file that triggers a large amount of backtracking, as demonstrated via a file with many newline characters. The updated php packages have been upgraded to the 5.5.11 version which is not vulnerable to this issue. Also, the timezonedb PHP PECL module has been updated to the latest 2014.2 version. Additionally, the PECL packages which requires so has been rebuilt for php-5.5.11.
fb595704bf1a5db31728a370c03ddaa66c97a87c0e1c5e51815a3c50c8d74b66Debian Linux Security Advisory 2899-1 - Michael Meffie discovered that in OpenAFS, a distributed filesystem, an attacker with the ability to connect to an OpenAFS fileserver can trigger a buffer overflow, crashing the fileserver, and potentially permitting the execution of arbitrary code.
fda451e169f11c50c5bd1431928de7fa9eb124d78cf8ef704f6caebafb8779d9Sendy version 1.1.9.1 suffers from a remote SQL injection vulnerability.
5c4b65786f4fb604aa4f00e42148db5fe0e0eb20240a98bab3e4f6d30e44c8beCMS United suffers from a cross site scripting vulnerability.
c2a2ddf01cac17429386e56f8a4e8aa5d000c4d608d1954ca2ca1629f76bfaa7CMS eaZy suffers from a remote SQL injection vulnerability.
ae9c4b7f5c9fc1ad7a554a04ae7ceb2dcd688127fcff9dd2f4ec6515e639fa76The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing. ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually. Linux release.
7e08a9430c5b13656c33cca647f31e3f33c5a0968a0d585843b858fcfbe75d33The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing. ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually. Mac OS X release.
5894ede8bdaaf92fbf663540f2eb0ce00533ec40cad57f9fb4405e48e8492125Bleed Out is a command line tool written in C# for targeting instances of OpenSSL made vulnerable by the prolific "Heartbleed" bug. The tool aggressively exploits the OpenSSL vulnerability, dumping both ASCII and binary data to files. It also checks the uniqueness of each chunk before persisting it, to ensure that duplicate chunks are not saved.
8ac230f3902a7f35b6b76d9ad09ffa77ce032177754a06743c1ffa83672c1fcfsn00p is a modular tool written in bourne shell and designed to chain and automate security tools and tests. It parses target definitions from the command line and runs corresponding modules afterwards. sn00p can also parse a given nmap logfile for open tcp and udp ports. All results will be logged in specified directories and a report can subsequently be generated.
044af57e8efd34ecb97fc93bbe802ca9c3e1e81fc55902b3321653225f766ab5This Metasploit module implements the OpenSSL Heartbleed attack. The problem exists in the handling of heartbeat requests, where a fake length can be used to leak memory data in the response. Services that support STARTTLS may also be vulnerable.
81d080e43dc83f3e3ee46722a1679f1f403475e40beef0b849082092202ffa5cDNS Spider is a multithreaded bruteforcer of subdomains that leverages a wordlist and/or character permutation.
71f3eaaacf5ef1c85337ecc8988cf32788e6c5b8a3a0893669096eefc30b9354WebLife CMS suffers from a remote SQL injection vulnerability.
709bb5589b06fbb5733cc7479901b4ccf2e8568e0dc997680e6c166fa88f7beeBleed Out is a command line tool written in C# for targeting instances of OpenSSL made vulnerable by the prolific "Heartbleed" bug. The tool aggressively exploits the OpenSSL vulnerability, dumping both ASCII and binary data to files. It also checks the uniqueness of each chunk before persisting it, to ensure that duplicate chunks are not saved.
0154e0117391da9f265ff0a83bcd76a93f62d16f309e587ba789d69c8bbd8009
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed