exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 21 of 21 RSS Feed

Files Date: 2015-01-05 to 2015-01-06

AdaptCMS 3.0.3 Remote Command Execution
Posted Jan 5, 2015
Authored by LiquidWorm | Site zeroscience.mk

AdaptCMS version 3.0.3 suffers from an authenticated arbitrary command execution vulnerability. The issue is caused due to the improper verification of uploaded files. This can be exploited to execute arbitrary PHP code by creating or uploading a malicious PHP script file that will be stored in '\app\webroot\uploads' directory.

tags | exploit, arbitrary, php
SHA-256 | 5b566183baf344d655c35712b81e46cf526107609f4fd7b1bd1927b963915827
AdaptCMS 3.0.3 HTTP Referer Header Open Redirect
Posted Jan 5, 2015
Authored by LiquidWorm | Site zeroscience.mk

AdaptCMS version 3.0.3 suffers from an open redirection vulnerability due to giving implied trust to the HTTP Referer header.

tags | exploit, web
SHA-256 | 0bae89972bb325d03e3e953fa608c002315df2ecd8d8f8c85d95edac75c9d692
AdaptCMS 3.0.3 Cross Site Scripting
Posted Jan 5, 2015
Authored by LiquidWorm | Site zeroscience.mk

AdaptCMS version 3.0.3 suffers from multiple persistent cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 6f9af3f51b4bdd59ee2d675c919d9ac43718212e55595b6445dfc42030c32c48
Open-Xchange Server 6 / OX AppSuite 7.6.1 Cross Site Scripting
Posted Jan 5, 2015
Authored by Martin Heiland, John de Kroon

Open-Xchange Server 6 / OX AppSuite versions 7.6.1 and below suffer from a cross site scripting vulnerability.

tags | advisory, xss
advisories | CVE-2014-8993
SHA-256 | 082a1460b2f65e6b4b3397a9ef978268baecb50e15bea63170fa4f7b077f109b
Mantis BugTracker 1.2.17 XSS / DoS / Redirect
Posted Jan 5, 2015
Authored by Mathias Karlsson, Paul Richards, Alejo Popovici, Ryan Giobbi, Shahee Mirza

Mantis BugTracker version 1.2.17 suffers from denial of service, potential cross site scripting, and arbitrary redirection vulnerabilities.

tags | advisory, denial of service, arbitrary, vulnerability, xss
advisories | CVE-2014-6316, CVE-2014-8987, CVE-2014-9117
SHA-256 | 73dc034d9a5622082847c13fa1d43e825d41a1ee7d9873124267bbb560c947f2
ManageEngine Shell Upload / Directory Traversal
Posted Jan 5, 2015
Authored by Pedro Ribeiro

ManageEngine products Service Desk Plus, Asset Explorer, Support Center, and IT360 suffer from file upload and directory traversal vulnerabilities.

tags | exploit, vulnerability, file inclusion, file upload
advisories | CVE-2014-5301, CVE-2014-5302
SHA-256 | b54ee8abb80c4bd0609677cf861ed3705c479b3f720f286b5441144adbe04dd3
HikaShop 2.3.3 Local File Inclusion
Posted Jan 5, 2015
Authored by HauntIT

This Metasploit module exploits a local file inclusion vulnerability in HikaShop version 2.3.3.

tags | exploit, local, file inclusion
SHA-256 | 330887e904358c968e0c5a9618e1a6ad9b321fb038a0dd04d60338680d8879b0
Red Hat Security Advisory 2015-0012-01
Posted Jan 5, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-0012-01 - Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. This update adds support for the TLS Fallback Signaling Cipher Suite Value, which can be used to prevent protocol downgrade attacks against applications which re-connect using a lower SSL/TLS protocol version when the initial connection indicating the highest supported protocol version fails. This can prevent a forceful downgrade of the communication to SSL 3.0. The SSL 3.0 protocol was found to be vulnerable to the padding oracle attack when using block cipher suites in cipher block chaining mode. This issue is identified as CVE-2014-3566, and also known under the alias POODLE. This SSL 3.0 protocol flaw will not be addressed in a future update; it is recommended that users configure their applications to require at least TLS protocol version 1.0 for secure communication.

tags | advisory, java, protocol
systems | linux, redhat
SHA-256 | ca083b01c8f9a7386f261b92ac080ab69b47dc6bf027c764a270dba716ad344a
Red Hat Security Advisory 2015-0011-01
Posted Jan 5, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-0011-01 - Red Hat JBoss Enterprise Web Platform is a platform for Java applications, which integrates the JBoss Web Server with JBoss Hibernate and JBoss Seam. This update adds support for the TLS Fallback Signaling Cipher Suite Value, which can be used to prevent protocol downgrade attacks against applications which re-connect using a lower SSL/TLS protocol version when the initial connection indicating the highest supported protocol version fails. This can prevent a forceful downgrade of the communication to SSL 3.0. The SSL 3.0 protocol was found to be vulnerable to the padding oracle attack when using block cipher suites in cipher block chaining mode. This issue is identified as CVE-2014-3566, and also known under the alias POODLE. This SSL 3.0 protocol flaw will not be addressed in a future update; it is recommended that users configure their applications to require at least TLS protocol version 1.0 for secure communication.

tags | advisory, java, web, protocol
systems | linux, redhat
SHA-256 | fd8bba75431eec14cb15cd179b80b5fef21f643a50bf4c2b87cb5e5fbc057246
Red Hat Security Advisory 2015-0010-01
Posted Jan 5, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-0010-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications, which integrates the JBoss Application Server with JBoss Hibernate and JBoss Seam. This update adds support for the TLS Fallback Signaling Cipher Suite Value, which can be used to prevent protocol downgrade attacks against applications which re-connect using a lower SSL/TLS protocol version when the initial connection indicating the highest supported protocol version fails. This can prevent a forceful downgrade of the communication to SSL 3.0. The SSL 3.0 protocol was found to be vulnerable to the padding oracle attack when using block cipher suites in cipher block chaining mode. This issue is identified as CVE-2014-3566, and also known under the alias POODLE. This SSL 3.0 protocol flaw will not be addressed in a future update; it is recommended that users configure their applications to require at least TLS protocol version 1.0 for secure communication.

tags | advisory, java, protocol
systems | linux, redhat
SHA-256 | bb7fe5af8bc53be9282da58dc56e621d1e140c0fe69dae1bca6991990e0a5efa
Red Hat Security Advisory 2015-0008-01
Posted Jan 5, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-0008-01 - The libvirt library is a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. In addition, libvirt provides tools for remote management of virtualized systems. It was found that when the VIR_DOMAIN_XML_MIGRATABLE flag was used, the QEMU driver implementation of the virDomainGetXMLDesc() function could bypass the restrictions of the VIR_DOMAIN_XML_SECURE flag. A remote attacker able to establish a read-only connection to libvirtd could use this flaw to leak certain limited information from the domain XML data.

tags | advisory, remote
systems | linux, redhat
advisories | CVE-2014-7823
SHA-256 | 47b92016c37dad05ce4e73dd6d9ea1d07fed20f3ca473108ec23899b17cbe915
Red Hat Security Advisory 2015-0009-01
Posted Jan 5, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-0009-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A flaw was found in the way the Linux kernel handled GS segment register base switching when recovering from a #SS fault on an erroneous return to user space. A local, unprivileged user could use this flaw to escalate their privileges on the system.

tags | advisory, kernel, local
systems | linux, redhat
advisories | CVE-2014-9322
SHA-256 | 20792dd2a836323ed4aa16764c419880226793382ed4a49bcd87a4f9128bf365
Mandriva Linux Security Advisory 2015-001
Posted Jan 5, 2015
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2015-001 - Several vulnerabilities were found in c-icap, which could allow a remote attacker to cause c-icap to crash, or have other, unspecified impacts.

tags | advisory, remote, vulnerability
systems | linux, mandriva
advisories | CVE-2013-7401, CVE-2013-7402
SHA-256 | 0f1dea29e268a7f4a77c6e776111c3f9721118763c213c2c9168cb99163161a7
Mandriva Linux Security Advisory 2015-002
Posted Jan 5, 2015
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2015-002 - A flaw was found in the way PCRE handled certain malformed regular expressions. This issue could cause an application linked against PCRE to crash while parsing malicious regular expressions.

tags | advisory
systems | linux, mandriva
advisories | CVE-2014-8964
SHA-256 | 2ffcd11f97716e4151519925f517a82754da69cdc9cadec64fd85a07d8718635
Ubuntu Security Notice USN-2450-1
Posted Jan 5, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2450-1 - Mike Daskalakis discovered that strongSwan incorrectly handled IKEv2 payloads that contained the Diffie-Hellman group 1025. A remote attacker could use this issue to cause the IKE daemon to crash, resulting in a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2014-9221
SHA-256 | e073ae358688cdb0a21ed9905fb080eec7a566c02c4544015e7bbc5c380b8632
Debian Security Advisory 3118-1
Posted Jan 5, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3118-1 - Mike Daskalakis reported a denial of service vulnerability in charon, the IKEv2 daemon for strongSwan, an IKE/IPsec suite used to establish IPsec protected links.

tags | advisory, denial of service
systems | linux, debian
advisories | CVE-2014-9221
SHA-256 | 91576f7385c43a747a2bfef670107ce781eb7b9078e1d06556b956c390322cd6
Mandriva Linux Security Advisory 2015-003
Posted Jan 5, 2015
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2015-003 - If no authentication key is defined in the ntp.conf file, a cryptographically-weak default key is generated. ntp-keygen before 4.2.7p230 uses a non-cryptographic random number generator with a weak seed to generate symmetric keys. A remote unauthenticated attacker may craft special packets that trigger buffer overflows in the ntpd functions crypto_recv() (when using autokey authentication), ctl_putdata(), and configure(). The resulting buffer overflows may be exploited to allow arbitrary malicious code to be executed with the privilege of the ntpd process. A section of code in ntpd handling a rare error is missing a return statement, therefore processing did not stop when the error was encountered. This situation may be exploitable by an attacker. The ntp package has been patched to fix these issues.

tags | advisory, remote, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2014-9293, CVE-2014-9294, CVE-2014-9295, CVE-2014-9296
SHA-256 | e84745145e8e44d6f35dc2a132bbaf18a67dbe74926eba9217d0cebc264f9899
Mandriva Linux Security Advisory 2015-004
Posted Jan 5, 2015
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2015-004 - A use-after-free flaw was found in PHP unserialize(). An untrusted input could cause PHP interpreter to crash or, possibly, execute arbitrary code when processed using unserialize(). PHP has been updated to version 5.5.20, which fixes these issues and other bugs.

tags | advisory, arbitrary, php
systems | linux, mandriva
advisories | CVE-2014-8142
SHA-256 | 058189a3c8209a4c39aaad536bbf8fd7b6a01b3209d632a837900d21828a87c1
ASUSWRT 3.0.0.4.376_1071 LAN Backdoor Command Execution
Posted Jan 5, 2015
Authored by Friedrich Postelstorfer

ASUSWRT version 3.0.0.4.376_1071 suffers from a remote command execution vulnerability. A service called "infosvr" listens on port 9999 on the LAN bridge. Normally this service is used for device discovery using the "ASUS Wireless Router Device Discovery Utility", but this service contains a feature that allows an unauthenticated user on the LAN to execute commands less than or equal to 237 bytes as root. Source code is in asuswrt/release/src/router/infosvr. "iboxcom.h" is in asuswrt/release/src/router/shared.

tags | exploit, remote, root
SHA-256 | 19b4ec9b8aeb757d1ba6967c45ecef08879b6f6af70c1229a469d514f5078599
Online Airline Booking System Authentication Bypass
Posted Jan 5, 2015
Authored by WICS

Online Airline Booking System suffers from bypass and reinstall vulnerabilities.

tags | exploit, vulnerability, bypass
SHA-256 | c25e70d42baed35df5a941281bf8b4ec570df7d62671ceb53bdd18fff866eaaa
ZTE Datacard MF19 Privilege Escalation / DLL Hijacking
Posted Jan 5, 2015
Authored by Hadji Samir

ZTE Datacard MF19 suffers from privilege escalation and DLL hijacking vulnerabilities.

tags | exploit, vulnerability
systems | windows
advisories | CVE-2015-0974
SHA-256 | 0a58cb293ab6ca5b7c6dd277d515cac9ffd400d28d730f8ccc40983565e47648
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    0 Files
  • 7
    Nov 7th
    0 Files
  • 8
    Nov 8th
    0 Files
  • 9
    Nov 9th
    0 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    0 Files
  • 12
    Nov 12th
    0 Files
  • 13
    Nov 13th
    0 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    0 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close