what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 16 of 16 RSS Feed

Files Date: 2014-12-08 to 2014-12-09

Gentoo Linux Security Advisory 201412-04
Posted Dec 8, 2014
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201412-4 - Multiple vulnerabilities have been found in libvirt, worst of which allows context-dependent attackers to escalate privileges. Versions less than 1.2.9-r2 are affected.

tags | advisory, vulnerability
systems | linux, gentoo
advisories | CVE-2013-4292, CVE-2013-4296, CVE-2013-4297, CVE-2013-4399, CVE-2013-4400, CVE-2013-4401, CVE-2013-5651, CVE-2013-6436, CVE-2013-6456, CVE-2013-6457, CVE-2013-6458, CVE-2013-7336, CVE-2014-0028, CVE-2014-0179, CVE-2014-1447, CVE-2014-3633, CVE-2014-5177, CVE-2014-7823
SHA-256 | 04c111d3cb8f6077f1f1c216f9e56106ab6e31444d537f25d03e8ab04ca85eb1
Gentoo Linux Security Advisory 201412-03
Posted Dec 8, 2014
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201412-3 - A vulnerability in Dovecot could allow a remote attacker to create a Denial of Service condition. Versions less than 2.2.13 are affected.

tags | advisory, remote, denial of service
systems | linux, gentoo
advisories | CVE-2014-3430
SHA-256 | 3d75dd34d40e4219d0c2b708283b8f3aac32e24327f5de51520a41dbd3e58729
Gentoo Linux Security Advisory 201412-02
Posted Dec 8, 2014
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201412-2 - A vulnerability in nfs-utils might allow remote attackers to gain access to restricted information. Versions less than 1.2.8 are affected.

tags | advisory, remote
systems | linux, gentoo
advisories | CVE-2013-1923
SHA-256 | 6fa32705365924db0bf23d667bfe0ca7c69e8f1ae8052dbfa99f40c172c8be1a
Gentoo Linux Security Advisory 201412-01
Posted Dec 8, 2014
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201412-1 - Multiple vulnerabilities have been found in QEMU, the worst of which allows context dependent attackers to cause Denial of Service. Versions less than 2.1.2-r1 are affected.

tags | advisory, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2014-3471, CVE-2014-3615, CVE-2014-3640, CVE-2014-5263, CVE-2014-5388, CVE-2014-7815
SHA-256 | db1a5bd8e4e947de1f052c0efff6a9541782125b666407bd6f444a122ac0d75e
Apache Struts 2.3.20 Security Fixes
Posted Dec 8, 2014
Authored by Lukasz Lenart | Site struts.apache.org

Apache has released Struts version 2.3.20 which merges various security fixes and extends an existing security mechanism to block access to given Java packages and Classes.

tags | advisory, java
SHA-256 | 4edeb149fb5476c15913f77c9224f8266c491df7c2ab120e76888d96b6fcea29
InfoSec Southwest 2015 Call For Papers
Posted Dec 8, 2014
Authored by Tod Beardsley | Site 2015.infosecsouthwest.com

The InfoSec Southwest 2015 Call For Papers has been announced. The conference will be held April 11th through April 12th, 2015 in Austin, Texas.

tags | paper, conference
SHA-256 | 5f14ffe6e76678c0e63364b8dddcbf079f37ac0b1175373472a9f801fa2f74c6
Hydra Network Logon Cracker 8.1
Posted Dec 8, 2014
Authored by van Hauser, thc | Site thc.org

THC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.

Changes: Multiple patches added. The -M option is fixed. Various other small fixes and enhancements.
tags | tool, web, cracker, imap
systems | cisco, unix
SHA-256 | e4bc2fd11f97a8d985a38a31785c86d38cc60383e47a8f4a5c436351e5135f19
THC Smartbrute 1.0
Posted Dec 8, 2014
Authored by thc | Site thc.org

THC-smartbrute is a smart card instruction bruteforcing tool.

tags | tool
systems | unix
SHA-256 | 2e8df2bd892bb196f2e136b1ceb44c9edc3bd85377df0177e938b4a1187f7302
IceHrm 7.1 LFI / CSRF / XSS / Shell Upload
Posted Dec 8, 2014
Authored by LiquidWorm | Site zeroscience.mk

IceHrm versions 7.1 and below suffer from cross site request forgery, cross site scripting, local file inclusion, and code execution via remote shell upload vulnerabilities.

tags | exploit, remote, shell, local, vulnerability, code execution, xss, file inclusion, csrf
SHA-256 | 024f8950b2d8a7df093e5e5fcd5b56896e32300bcfc56a9697f9bf47fb17d0d4
Ubuntu Security Notice USN-2434-2
Posted Dec 8, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2434-2 - USN-2434-1 fixed a vulnerability in JasPer. This update provides the corresponding fix for the JasPer library embedded in the Ghostscript package. Jose Duart discovered that JasPer incorrectly handled certain malformed JPEG-2000 image files. If a user were tricked into opening a specially crafted JPEG-2000 image file, a remote attacker could cause JasPer to crash or possibly execute arbitrary code with user privileges. Various other issues were also addressed.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2014-9029
SHA-256 | 706b1ad7f27ce91c5966f7ae3849a42a2341d9ec5f87775a1aca0ee2b158be28
Ubuntu Security Notice USN-2434-1
Posted Dec 8, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2434-1 - Jose Duart discovered that JasPer incorrectly handled certain malformed JPEG-2000 image files. If a user were tricked into opening a specially crafted JPEG-2000 image file, a remote attacker could cause JasPer to crash or possibly execute arbitrary code with user privileges.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2014-9029
SHA-256 | 236ae488bc91f762c2f499ff3a0345d674e1e986a960676a8ae5ff555427d5c1
Debian Security Advisory 3091-1
Posted Dec 8, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3091-1 - Several vulnerabilities have been discovered in getmail4, a mail retriever with support for POP3, IMAP4 and SDPS, that could allow man-in-the-middle attacks.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2014-7273, CVE-2014-7274, CVE-2014-7275
SHA-256 | 5153fd330ed4f8ed72047acec7b1c308232db555c4b0e53712f0924e4413a16c
Debian Security Advisory 3092-1
Posted Dec 8, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3092-1 - Multiple security issues have been found in Icedove, Debian's version of errors, buffer overflows, use-after-frees and other implementation errors may lead to the execution of arbitrary code, the bypass of security restrictions or denial of service.

tags | advisory, denial of service, overflow, arbitrary
systems | linux, debian
advisories | CVE-2014-1587, CVE-2014-1590, CVE-2014-1592, CVE-2014-1593, CVE-2014-1594
SHA-256 | 60eeb4de66b7fe2e983fc257ad2a3b7695d590ac40919d44f1f85ddc2eeb8dd4
get3.adobe.com Cross Site Scripting
Posted Dec 8, 2014
Authored by Yann CAM

Adobe's get3.adobe.com site suffered from a reflective cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 5d5629ac99ef89b0f45c5ad8cfe201d0e1d75d982e7e15012c86a8b9be463662
Flat Calendar 1.1 HTML Injection
Posted Dec 8, 2014
Authored by ZoRLu

Flat Calendar version 1.1 suffers from an unauthenticated html injection vulnerability that allows for cross site scripting attacks.

tags | exploit, xss
SHA-256 | 2739adfe142265e44d392976dc64330944172a19f38bc3ac5a95414704828815
PBBoard CMS Cross Site Scripting
Posted Dec 8, 2014
Authored by Manish Tanwar

PBBoard CMS suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 3aae1355b65d98ebb4790fa14d3f10eb7b0d748fd10dda959c3e8deca35ca87a
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close