what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 14 of 14 RSS Feed

Files Date: 2015-05-14

Apache Tomcat Security Manager Bypass
Posted May 14, 2015
Authored by Mark Thomas | Site tomcat.apache.org

Malicious web applications could use expression language to bypass the protections of a Security Manager as expressions were evaluated within a privileged code section. This issue only affects installations that run web applications from untrusted sources. Apache Tomcat versions 8.0.0-RC1 to 8.0.15, 7.0.0 to 7.0.57, and 6.0.0 to 6.0.43 are affected.

tags | advisory, web, bypass
advisories | CVE-2014-7810
SHA-256 | ae7ea53034ada919480d439f340f0f86e63c7361e273e4d38ea3034409f7672b
Loxone Smart Home XSS / DoS / Access Control
Posted May 14, 2015
Authored by Johannes Greil | Site sec-consult.com

Loxone Smart Home versions prior to firmware 6.4.5.12 suffer from flaws including denial of service, cross site scripting, credential theft, header injection, and control of arbitrary devices.

tags | exploit, denial of service, arbitrary, xss
SHA-256 | ab5062f89708dd98a37da8e485f31600d093f6ecd77a9ddf38203d4670fb5690
Wireshark Heap Overflow
Posted May 14, 2015
Authored by Hanno Boeck | Site hboeck.de

Wireshark versions prior to 1.12.5 suffer from a heap overflow vulnerability.

tags | advisory, overflow
advisories | CVE-2015-3815
SHA-256 | 1ae5af42f7ef14100630d0010d301d92234b3bf167a0e4c7fedd8095c080e3c8
Websense Content Gateway 7.8.x Explicit Trust
Posted May 14, 2015
Authored by Steve Shockley

Websense Content Gateway versions 7.8.x explicitly trusts compromised certificate authorities.

tags | advisory
SHA-256 | cb0929e1d415d926a45e1ea7e6ee4fe7b60fdf18d7ab43644964d46477b4cb83
phpMyAdmin 4.4.6 Man-In-The-Middle
Posted May 14, 2015
Authored by Maksymilian Arciemowicz

phpMyAdmin version 4.4.6 suffers from a man-in-the-middle vulnerability when reaching out to github's API.

tags | advisory
advisories | CVE-2015-3903
SHA-256 | 7874bceeec1e2f481da195934ba9bcdbc30d95e33a128f5b75118b179e149a02
iFTP 2.21 Buffer Overflow
Posted May 14, 2015
Authored by dogo h@ck

iFTP version 2.21 buffer overflow crash proof of concept exploit.

tags | exploit, overflow, proof of concept
SHA-256 | 382191ce807dc79f171f5b0344774a48555d773f5c7122381be63607d9a2538f
WordPress Media File Manager Advanced 1.1.5 XSS / SQL Injection
Posted May 14, 2015
Authored by Evex

WordPress Media File Manager Advanced plugin versions 1.1.5 and below suffer from cross site scripting, various modification, and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
SHA-256 | 4166675e925816acdce6d734916fadfe5a205ce3a81f8404d06202ad9247bc71
VideoCharge 3.18.4.04 Buffer Overflow
Posted May 14, 2015
Authored by evil_comrade | Site softpedia.com

VideoCharge version 3.18.4.04 buffer overflow proof of concept.

tags | exploit, overflow, proof of concept
SHA-256 | e1a084ec49536ca70648e7612f0fc3bb3f79c650fb7f7461361e87546aeb66c7
Seditio CMS SQL Injection
Posted May 14, 2015
Authored by Ashiyane Digital Security Team

Seditio CMS suffers from a remote SQL injection vulnerability.

tags | advisory, remote, sql injection
SHA-256 | 6fc784c2cf8e3e4d887cd6dedcf27e1a498c707a3482103944a3459ad64cc1f4
BisonWare FTP Server 3.5 Buffer Overflow
Posted May 14, 2015
Authored by Bikash Dash

BisonWare FTP Server version 3.5 buffer overflow proof of concept exploit for Windows XP SP3.

tags | exploit, advisory, overflow, proof of concept
systems | windows
SHA-256 | 58e5810aae031a68cd432b034bb15b9f05ace289b4c03daf154387b45a18a446
WordPress Contact Form To Email Plugin CSRF / XSS
Posted May 14, 2015
Authored by Ashiyane Digital Security Team

WordPress Contact Form To Email Plugin suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | advisory, vulnerability, xss, csrf
SHA-256 | 2aca5d9a62624deeeede389712066d5e147d5a31e58641761cd32697cfcfbe4a
Webfactory N&P CMS Arbitrary File Upload
Posted May 14, 2015
Authored by Ashiyane Digital Security Team | Site n-p.at

Webfactory N&P CMS suffers from an arbitrary file upload vulnerability. Note that this advisory has site-specific information.

tags | advisory, arbitrary, file upload
SHA-256 | fc98fed6c5f6010a2337d399492011a87e1b1f46ed6a6e1a0a7dfebb279d616e
Ubuntu Security Notice USN-2602-1
Posted May 14, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2602-1 - Jesse Ruderman, Mats Palmgren, Byron Campen, Steve Fink, Gary Kwong, Andrew McCreight, Christian Holler, Jon Coppeard, and Milan Sreckovic discovered multiple memory safety issues in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Firefox. Atte Kettunen discovered a buffer overflow during the rendering of SVG content with certain CSS properties in some circumstances. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Firefox. Various other issues were also addressed.

tags | advisory, denial of service, overflow, arbitrary
systems | linux, ubuntu
advisories | CVE-2015-2708, CVE-2015-2709, CVE-2015-2710, CVE-2015-2711, CVE-2015-2712, CVE-2015-2713, CVE-2015-2715, CVE-2015-2716, CVE-2015-2717, CVE-2015-2718
SHA-256 | 29a3845fe005bc8068a27268e56834cbdf5aca8484a153d5db522b4aba1d1af4
Debian Security Advisory 3260-1
Posted May 14, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3260-1 - Multiple security issues have been found in Iceweasel, Debian's version buffer overflows and use-after-frees may lead to the execution of arbitrary code, privilege escalation or denial of service.

tags | advisory, denial of service, overflow, arbitrary
systems | linux, debian
advisories | CVE-2011-3079, CVE-2015-0797, CVE-2015-2708, CVE-2015-2710, CVE-2015-2713, CVE-2015-2716
SHA-256 | e925bc4975f6d50ce7232865517b0c78763151f5f3b392fbe9c739d2926be244
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    17 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close