|
|
Colapse all |
Post message
[security bulletin] HPSBGN03251 rev.1 - HP Storage Essentials running SSLv3, Remote Disclosure of Information 2015-02-09 security-alert hp com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c04562179 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04562179 Version: 1 HPSBGN03251 re [ more ] [ reply ] [SECURITY] CVE-2014-0227 Apache Tomcat Request Smuggling 2015-02-09 Mark Thomas (markt apache org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CVE-2014-0227 Request Smuggling Severity: Important Vendor: The Apache Software Foundation Versions Affected: - - Apache Tomcat 8.0.0-RC1 to 8.0.8 - - Apache Tomcat 7.0.0 to 7.0.54 - - Apache Tomcat 6.0.0 to 6.0.41 Description: It was possible to cr [ more ] [ reply ] Cookie hijacking: Internet Explorer UXSS (CVE-2015-0072) 2015-02-09 bhdresh gmail com Cookie hijacking: Internet Explorer UXSS (CVE-2015-0072) Host below files on webserver (attacker.com) and share the exploit link with victims, exploit.php --- exploit link (Share with victim) redirect.php --- Script to redirect on target page (target page should not contain X-Frame-Options or it [ more ] [ reply ] Radexscript CMS 2.2.0 - SQL Injection vulnerability 2015-02-09 ITAS Team (itas team itas vn) #Vulnerability title: Radexscript CMS 2.2.0 - SQL Injection vulnerability #Vendor: http://redaxscript.com/ #Product: Radexscript CMS #Software link: http://redaxscript.com/download/releases #Affected version: Redaxscript 2.2.0 #Fixed version: Redaxscript 2.3.0 #CVE ID: CVE-2015-1518 #Author: Pham Ki [ more ] [ reply ] [SECURITY] [DSA 3156-1] liblivemedia security update 2015-02-07 Alessandro Ghedini (ghedo debian org) [security bulletin] HPSBGN03252 rev.1 - HP AppPulse Active running SSLv3, Remote Disclosure of Information 2015-02-09 security-alert hp com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c04565853 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04565853 Version: 1 HPSBGN03252 re [ more ] [ reply ] [security bulletin] HPSBMU03216 rev.2 - HP Service Manager running SSLv3, Multiple Remote Vulnerabilities 2015-02-07 security-alert hp com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c04512909 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04512909 Version: 2 HPSBMU03216 re [ more ] [ reply ] [security bulletin] HPSBGN03254 rev.1 - HP Service Health Analyzer running SSLv3, Remote Disclosure of Information 2015-02-07 security-alert hp com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c04565856 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04565856 Version: 1 HPSBGN03254 re [ more ] [ reply ] [security bulletin] HPSBMU03224 rev.1 - HP LoadRunner and Performance Center, Load Generator Virtual Machine Images, running Windows, Remote Elevation of Privilege 2015-02-07 security-alert hp com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c04526330 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04526330 Version: 1 HPSBMU03224 re [ more ] [ reply ] [security bulletin] HPSBGN03253 rev.1 - HP Business Process Insight (BPI) running SSLv3, Remote Disclosure of Information 2015-02-07 security-alert hp com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c04565855 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04565855 Version: 1 HPSBGN03253 re [ more ] [ reply ] [security bulletin] HPSBUX03235 SSRT101750 rev.2 - HP-UX Running BIND, Remote Denial of Service (DoS) 2015-02-06 security-alert hp com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c04550240 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04550240 Version: 2 HPSBUX03235 SS [ more ] [ reply ] [security bulletin] HPSBUX03166 SSRT101489 rev.2 - HP-UX running PAM libpam_updbe, Remote Authentication Bypass 2015-02-06 security-alert hp com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c04511778 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04511778 Version: 2 HPSBUX03166 SS [ more ] [ reply ] [SECURITY] [DSA 3155-1] postgresql-9.1 security update 2015-02-06 Luciano Bello (luciano debian org) BMC Footprints Service Core 11.5 - Multiple Cross Site Scripting Vulnerabilities (XSS) 2015-02-06 ayman abdelaziz helpag com About the Product: BMC FootPrints Service Core is an IT service and asset management platform used by many organizations to help the IT departments deliver more value to businesses. Advisory Details: During a Penetration testing, Help AG auditor (Ayman Abdelaziz) discovered the following: 1) Store [ more ] [ reply ] LG On Screen Phone authentication bypass (CVE-2014-8757) 2015-02-06 Imre Rad (imre rad search-lab hu) LG On Screen Phone authentication bypass vulnerability ------------------------------------------------------ SEARCH-LAB Ltd. discovered a serious security vulnerability in the On Screen Phone protocol used by LG Smart Phones. A malicious attacker is able to bypass the authentication phase of the ne [ more ] [ reply ] Re: [FD] Major Internet Explorer Vulnerability - NOT Patched 2015-02-06 David Leo (david leo deusen co uk) 'could you share the contents of "1.php"?' Sure: <?php sleep(2); header("Location: http://www.dailymail.co.uk/robots.txt"); ?> "I'm assuming it is a delayed re-direct to the target's domain?" Exactly. :-) "the cloudflare scripts" It's been tested without them. Kind Regards, On 2015/2/6 2:31, Bar [ more ] [ reply ] |
|
Privacy Statement |
########################################################################
##################
# Exploit Title: MooPlayer 1.3.0 'm3u' SEH Buffer Overflow POC
# Date Discovered: 09-02-2015
# Exploit Author: Samandeep Singh (@samanL33T )
# Vulnerable Software: Moo player 1.3.0
# Soft
[ more ] [ reply ]