exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 21 of 21 RSS Feed

Files Date: 2015-03-23 to 2015-03-24

EMC Documentum xMS Sensitive Information Disclosure
Posted Mar 23, 2015
Site emc.com

EMC Documentum xMS contains a security fix to address a sensitive information disclosure vulnerability where Windows Service user credentials may potentially be exposed in plaintext within batch files during provisioning of EMC Documentum Platform or xCelerated Composition Platform (xCP).

tags | advisory, info disclosure
systems | windows
advisories | CVE-2015-0527
SHA-256 | de1811d915ed6d6d148c73b5867e80d6616a3e8e6d683f6fdb8a1a4b1a78bd7c
DokuWiki 2014-09-29c Cross Site Scripting
Posted Mar 23, 2015
Authored by Filippo Cavallarin

DokuWiki version 2014-09-29c suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | f3904c4b7095c2906f919c23af7958dffe8a653152cf6e88441674e356365afd
Ubuntu Security Notice USN-2540-1
Posted Mar 23, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2540-1 - It was discovered that GnuTLS did not perform date and time checks on CA certificates, contrary to expectations. This issue only affected Ubuntu 10.04 LTS. Nikos Mavrogiannopoulos discovered that GnuTLS incorrectly verified that signature algorithms matched. A remote attacker could possibly use this issue to downgrade to a disallowed algorithm. This issue only affected Ubuntu 10.04 LTS, Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. Various other issues were also addressed.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2014-8155, CVE-2015-0282, CVE-2015-0294
SHA-256 | faa3f38df2a778a2e8d6ecb02bc1d46cf098d1bce9d470cf79399514146a00c2
Ubuntu Security Notice USN-2539-1
Posted Mar 23, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2539-1 - Andrey Babak discovered that Django incorrectly handled strip_tags. A remote attacker could possibly use this issue to cause Django to enter an infinite loop, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS and Ubuntu 14.10. Daniel Chatfield discovered that Django incorrectly handled user-supplied redirect URLs. A remote attacker could possibly use this issue to perform a cross-site scripting attack. Various other issues were also addressed.

tags | advisory, remote, denial of service, xss
systems | linux, ubuntu
advisories | CVE-2015-2316, CVE-2015-2317
SHA-256 | 53680626ecb8e98f0161296b291449a4aafee68328f4c80fd4a94fb42720042a
Debian Security Advisory 3203-1
Posted Mar 23, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3203-1 - Several denial-of-service issues have been discovered in Tor, a connection-based low-latency anonymous communication system.

tags | advisory
systems | linux, debian
SHA-256 | f982ea3e2223a2551827b7656bffdf8e9f9e60e673b0057364629f70424d9398
Debian Security Advisory 3202-1
Posted Mar 23, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3202-1 - Researchers at INRIA and Xamarin discovered several vulnerabilities in mono, a platform for running and developing applications based on the ECMA/ISO Standards. Mono's TLS stack contained several problems that impersonation (via SKIP-TLS), SSLv2 fallback, and encryption weakening (via FREAK).

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2015-2318, CVE-2015-2319, CVE-2015-2320
SHA-256 | 78e5806120adde37c1de046b186252c04c44ae5d07e5fcbe085a7bc9e991000c
Debian Security Advisory 3201-1
Posted Mar 23, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3201-1 - Multiple security issues have been found in Iceweasel, Debian's version of the Mozilla Firefox web browser.

tags | advisory, web
systems | linux, debian
advisories | CVE-2015-0817, CVE-2015-0818
SHA-256 | eef6cafbaaa9b252c756e294b2fba9f996dbb1d9c0f913e32b9cbb45c024c477
Debian Security Advisory 3200-1
Posted Mar 23, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3200-1 - Multiple vulnerabilities have been found the Drupal content management framework.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2015-2559
SHA-256 | a5762218d705df594d18221d639a29bd5c5b1bcf466aa1154783cad00ccadb0b
Gentoo Linux Security Advisory 201503-12
Posted Mar 23, 2015
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201503-12 - Multiple vulnerabilities have been found in Chromium, the worst of which can allow remote attackers to cause Denial of Service or bypass security restrictions. Versions less than 41.0.2272.76 are affected.

tags | advisory, remote, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2015-1213, CVE-2015-1214, CVE-2015-1215, CVE-2015-1216, CVE-2015-1217, CVE-2015-1218, CVE-2015-1219, CVE-2015-1220, CVE-2015-1221, CVE-2015-1222, CVE-2015-1223, CVE-2015-1224, CVE-2015-1225, CVE-2015-1226, CVE-2015-1227, CVE-2015-1228, CVE-2015-1229, CVE-2015-1230, CVE-2015-1231, CVE-2015-1232
SHA-256 | e21a4857fac2b6be7dfa276ae891bfb47ee08a7c11c7130951a974443df0fd72
Ubuntu Security Notice USN-2538-1
Posted Mar 23, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2538-1 - A flaw was discovered in the implementation of typed array bounds checking in the Javascript just-in-time compilation. If a user were tricked in to opening a specially crafted website, an attacked could exploit this to execute arbitrary code with the privileges of the user invoking Firefox. Mariusz Mlynski discovered a flaw in the processing of SVG format content navigation. If a user were tricked in to opening a specially crafted website, an attacker could exploit this to run arbitrary script in a privileged context. Various other issues were also addressed.

tags | advisory, arbitrary, javascript
systems | linux, ubuntu
advisories | CVE-2015-0817, CVE-2015-0818
SHA-256 | a0116195799207503ba79ca85d1479df4ac090ffbae10e606404c8c7a8ced0b4
Debian Security Advisory 3199-1
Posted Mar 23, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3199-1 - Anton Rager and Jonathan Brossard from the Salesforce.com Product Security Team and Ben Laurie of Google discovered a denial of service vulnerability in xerces-c, a validating XML parser library for C++. The parser mishandles certain kinds of malformed input documents, resulting in a segmentation fault during a parse operation. An unauthenticated attacker could use this flaw to cause an application using the xerces-c library to crash.

tags | advisory, denial of service
systems | linux, debian
advisories | CVE-2015-0252
SHA-256 | fe40402cd6a4bce3afcddae3aa6bb1ca5dc1d4a4c234a62b94defe6a4e6c221a
Debian Security Advisory 3198-1
Posted Mar 23, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3198-1 - Multiple vulnerabilities have been discovered in the PHP language.

tags | advisory, php, vulnerability
systems | linux, debian
advisories | CVE-2015-2301, CVE-2015-2331
SHA-256 | 8cafab0900e78603565824e82aa2ca060461427914bf7a8984033a69621dcf97
ManageEngine Network Configuration Management CSRF
Posted Mar 23, 2015
Authored by Kaustubh G. Padwad

ManageEngine Network Configuration Management suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | 92368df0e9e0f2127c3cd5b8c1a65d106c669a4abd4e4f69d29da58266507ffb
WordPress InBoundio Marketing Shell Upload
Posted Mar 23, 2015
Authored by KedAns-Dz

WordPress InBoundio Marketing plugin suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
SHA-256 | 7940c1bcc1be530b886d2e8945d3daedf9179235dd53a629eff265af18c5f93c
WordPress MP3-Jplayer 2.1 Local File Disclosure
Posted Mar 23, 2015
Authored by KedAns-Dz

WordPress MP3-Jplayer plugin version 2.3 suffers from a local file disclosure vulnerability.

tags | exploit, local, info disclosure
SHA-256 | 0029d652e04d0be61d22db15d7a2fc2394e42ed9f13fde78fd7c9d9c0ad7c71d
Manage Engine Device Expert 5.9.9.0 Cross Site Scripting
Posted Mar 23, 2015
Authored by Kaustubh G. Padwad

Manage Engine Device Expert version 5.9.9.0 suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
SHA-256 | f20cf3a5eeba6944bf7c8e0b8e41afd3a2af615be2ecf3373dad1c709980a353
WordPress AB Google Map Travel CSRF / XSS
Posted Mar 23, 2015
Authored by Kaustubh G. Padwad

WordPress AB Google Map Travel (AB-MAP) plugin suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
SHA-256 | d05ef630552b94fe4793abb6d6cfc370e265a055695867aac201a5912790ecfd
Manage Engine Device Expert 5.9.9.0 CSRF
Posted Mar 23, 2015
Authored by Kaustubh G. Padwad

Manage Engine Device Expert version 5.9.9.0 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | 335ed01164ea71ca9d0063fed4f8122e7d1025d09630c8e1c87867e47945498e
Joomla Spider FAQ SQL Injection
Posted Mar 23, 2015
Authored by Manish Tanwar

The Joomla Spider FAQ component suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 1e2762eb2b150084329622dc9717ba845a0ba6a848ed72061df848c3e499db2b
Apache Batik XXE Injection
Posted Mar 23, 2015
Authored by Kevin Schaller

Apache Batik suffers from an XML external entity (XXE) injection vulnerability.

tags | advisory, xxe
advisories | CVE-2015-0250
SHA-256 | 0d4ea687c6256b341e53f9d48115540d7d0aa060c1c7eeaef6476e26de6a2c49
Free MP3 CD Ripper Buffer Overflow
Posted Mar 23, 2015
Authored by TUNISIAN CYBER

Free MP3 CD Ripper local buffer overflow exploit that mints a malicious .wav file that will spawn calc.exe.

tags | exploit, overflow, local
SHA-256 | 291049aedfaf3aeb04da4a251afe8b0a963d533f7a6438b9918cdac181567059
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    0 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close