what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 17 of 17 RSS Feed

Files Date: 2016-01-13

HP Security Bulletin HPSBHF03535 1
Posted Jan 13, 2016
Authored by HP | Site hp.com

HP Security Bulletin HPSBHF03535 1 - Potential security vulnerabilities have been identified with HPE iMC OSS and iMC Plat running Adobe Flash. The vulnerabilities could be exploited remotely resulting in execution of code, Denial of Service (DoS), or other impacts to affect confidentiality, integrity, and availability. Revision 1 of this advisory.

tags | advisory, denial of service, vulnerability
advisories | CVE-2015-5568, CVE-2015-5570, CVE-2015-5571, CVE-2015-5572, CVE-2015-5573, CVE-2015-5574, CVE-2015-5575, CVE-2015-5576, CVE-2015-5577, CVE-2015-5578, CVE-2015-5579, CVE-2015-5580, CVE-2015-5581, CVE-2015-5582, CVE-2015-5584, CVE-2015-5587, CVE-2015-5588, CVE-2015-6676, CVE-2015-6677, CVE-2015-6678, CVE-2015-6679, CVE-2015-6682
SHA-256 | 595375a238aed5557e42803a578e2001676951037673cfc577db639bce0e8bbd
HP Security Bulletin HPSBGN03532 1
Posted Jan 13, 2016
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN03532 1 - Potential security vulnerabilities have been identified in Intellicus and the client certificate upload components of HPE ArcSight Logger. The vulnerabilities could be remotely exploited by unauthorized users to allow bypass of security restrictions resulting in arbitrary code execution, file upload, and file deletion. Revision 1 of this advisory.

tags | advisory, arbitrary, vulnerability, code execution, file upload
advisories | CVE-2015-6863, CVE-2015-6864
SHA-256 | 8fea13f8a3a9539a323de29199732978e32c08e9f617228082e378d4e7280c23
Cisco Security Advisory 20160113-ise
Posted Jan 13, 2016
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - A vulnerability in the Admin portal of devices running Cisco Identity Services Engine (ISE) software could allow an unauthenticated, remote attacker to gain unauthorized access to an affected device. An attacker who can connect to the Admin portal of an affected device could potentially exploit this vulnerability. A successful exploit may result in a complete compromise of the affected device. Customers are advised to apply a patch or upgrade to a version of Cisco ISE software that resolves this vulnerability. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

tags | advisory, remote
systems | cisco
SHA-256 | ac992d9883b10e34c66deba77b58a16df223551af899029c9112482eb1053436
Cisco Security Advisory 20160113-wlc
Posted Jan 13, 2016
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Devices running Cisco Wireless LAN Controller (WLC) software versions 7.6.120.0 or later, 8.0 or later, or 8.1 or later contain an unauthorized access vulnerability that could allow an unauthenticated, remote attacker to modify the configuration of the device. An attacker who can connect to an affected device could exploit this vulnerability. A successful exploit may compromise the device completely. Customers are advised to upgrade to a version of Cisco WLC software that addresses this vulnerability. There are no workarounds that address this vulnerability. Cisco has released software updates that address this vulnerability.

tags | advisory, remote
systems | cisco
SHA-256 | 05d2a7a9b828f546520e282399018f9eb91e523b31431b112f03c5ae6d0587dd
Cisco Security Advisory 20160113-aironet
Posted Jan 13, 2016
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - A vulnerability in the IP ingress packet handler of Cisco Aironet 1800 Series Access Point devices could allow an unauthenticated, remote attacker to cause a complete denial of service (DoS) condition. The vulnerability is due to improper input validation of IP packet headers. An attacker could exploit this vulnerability by sending a crafted IP packet to an affected device. An successful exploit could allow the attacker to cause the device to reload unexpectedly. Cisco has released software updates that address this vulnerability. There are no workarounds that mitigate this vulnerability.

tags | advisory, remote, denial of service
systems | cisco
SHA-256 | 5a7de60b10213ed639c86ff1ca2de6ae2e578ff47c798d1dadaead8a36218bb1
Cisco Security Advisory 20160113-air
Posted Jan 13, 2016
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - A vulnerability in Cisco Aironet 1800 Series Access Point devices could allow an unauthenticated, remote attacker to log in to the device by using a default account that has a static password. By default, the account does not have full administrative privileges. The vulnerability is due to the presence of a default user account that is created when the device is installed. An attacker could exploit this vulnerability by logging in to the device by using the default account, which could allow the attacker to gain unauthorized access to the device. Cisco released software updates that address this vulnerability. There are no workarounds that mitigate this vulnerability.

tags | advisory, remote
systems | cisco
SHA-256 | d5583bfcecbc2723568b382ec61b7b3479f17fffe95e3a8027c5557599344828
Debian Security Advisory 3442-1
Posted Jan 13, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3442-1 - It was discovered that a maliciously crafted packet can crash any of the isc-dhcp applications. This includes the DHCP client, relay, and server application. Only IPv4 setups are affected.

tags | advisory
systems | linux, debian
advisories | CVE-2015-8605
SHA-256 | 730341f8f573e1e4f31a7553a2a1938ced94b7cb16fce0e25138b7b2dffe8b0a
Microsoft IExpress DLL Hijacking
Posted Jan 13, 2016
Authored by Stefan Kanthak

Microsoft IExpress suffers from a DLL hijacking vulnerability.

tags | exploit
systems | windows
advisories | CVE-2016-0014
SHA-256 | c046dc4fed92c22322d06496dfde0ad5b5847f6679318b23c0565d39a376a4ae
Ubuntu Security Notice USN-2868-1
Posted Jan 13, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2868-1 - Sebastian Poehn discovered that the DHCP server, client, and relay incorrectly handled certain malformed UDP packets. A remote attacker could use this issue to cause the DHCP server, client, or relay to stop responding, resulting in a denial of service.

tags | advisory, remote, denial of service, udp
systems | linux, ubuntu
advisories | CVE-2015-8605
SHA-256 | c5a7a3c159969f4761a1a33373c3d712d4644dd05a52df278088429555d95a96
EasyDNNnews Cross Site Scripting
Posted Jan 13, 2016
Authored by Peter Lapp

EasyDNNnews versions prior to 7.5 suffer from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | c301e8eddd3eb44f1d899c7ce2722b610bd164ac4b7e465bd2cb23277bc8e516
Ubuntu Security Notice USN-2859-1
Posted Jan 13, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2859-1 - Andrei Vaida, Jesse Ruderman, Bob Clary, and Jesse Ruderman discovered multiple memory safety issues in Thunderbird. If a user were tricked in to opening a specially crafted message, an attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Thunderbird. Ronald Crane discovered a buffer overflow through code inspection. If a user were tricked in to opening a specially crafted website in a browsing context, an attacker could potentially exploit this to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Thunderbird. Various other issues were also addressed.

tags | advisory, denial of service, overflow, arbitrary
systems | linux, ubuntu
advisories | CVE-2015-7201, CVE-2015-7205, CVE-2015-7212, CVE-2015-7213, CVE-2015-7214
SHA-256 | 82504a93e04e1ac80687aedcc6628b8bf98000bffd1c9cda341647ee185f09a2
WordPress Commentator 2.5.2 Cross Site Scripting
Posted Jan 13, 2016
Authored by Rahul Pratap Singh

WordPress Commentator plugin version 2.5.2 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 523e7fdeafa01597c47cd9c66c893c6ab2ef88aebc9fb1701358aaa160e507ba
VMware Workstation 11.1 Vprintproxy.exe Stack Overflow
Posted Jan 13, 2016
Authored by Google Security Research, kostyak

Printer virtualization under VMware Workstation involves a vprintproxy.exe process launched by vmware-vmx.exe on the Host. It will receive and process EMFSPOOL files sent by a Guest on its COM1 port, if a virtual printer has been added to the VM hardware (default). Several vulnerabilities in this component allow an unprivileged Guest user to execute code on the Host.

tags | exploit, vulnerability
systems | linux
advisories | CVE-2012-0897
SHA-256 | fec748c19dbac68964e8e4b5197912845973a2971377e9833bd31bde9ed4c3a1
SAP HANA 4 Cross Site Scripting
Posted Jan 13, 2016
Authored by Shahmeer Baloch

SAP HANA 4 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | a0daf36520fc56176d67238cb460461404b24b55ef1a82573fb40b74b8c00c63
dolibarr HTML Injection
Posted Jan 13, 2016
Authored by NaxoneZ

dolibarr versions prior to 3.8.3 suffer from an html injection vulnerability.

tags | exploit
advisories | CVE-2015-8685
SHA-256 | 15875b200a0e36f8a952cfdef4e70e93f25ab2063a0dce23b85d731ca4060b18
WordPress No External Links 2.6.3 / 2.7.1 Open Redirect
Posted Jan 13, 2016
Authored by Ac!D

WordPress No External Links plugin versions 2.6.3 and 2.7.1 suffer from an open redirection vulnerability.

tags | exploit
SHA-256 | 0d099a5a3dd7d27b7b589fa9b1e370c236585430dd00a0045adee0e345a47336
WordPress Tubepress 2 Cross Site Scripting
Posted Jan 13, 2016
Authored by Ac!D

WordPress Tubepress plugin version 2 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 07249b5b649b4b8a398d0f438306525211428fed75f9326abab4cb44384a3974
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    0 Files
  • 6
    Nov 6th
    0 Files
  • 7
    Nov 7th
    0 Files
  • 8
    Nov 8th
    0 Files
  • 9
    Nov 9th
    0 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    0 Files
  • 12
    Nov 12th
    0 Files
  • 13
    Nov 13th
    0 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    0 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close