exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 8 of 8 RSS Feed

Files Date: 2013-07-23

FOSCAM IP-Cameras Improper Access Restrictions
Posted Jul 23, 2013
Authored by Core Security Technologies, Andres Blanco, Flavio de Cristofaro | Site coresecurity.com

Core Security Technologies Advisory - Due to improper access restrictions, the FOSCAM FI8620 device allows a remote attacker the ability to browse and access arbitrary files from the directories '/tmpfs/' and '/log/' without requiring authentication. This could allow disclosure of access credentials and more.

tags | exploit, remote, arbitrary
advisories | CVE-2013-2574
SHA-256 | adaec8a2f891fe9f46be77e8f4377c1af9e6f99fbc5b6ffa63687d17c42b396c
Nginx 1.3.9 / 1.4.0 Exploit Documentation
Posted Jul 23, 2013
Authored by Kingcope

This whitepaper document how the brute forcing exploit works for a buffer overflow vulnerability in nginx versions 1.3.9 and 1.4.0 on x86.

tags | paper, overflow, x86
advisories | CVE-2013-2028
SHA-256 | 83e7a76cda024bdc1720e8569cb20218c76aa3c5b8a8f5ddfad4818e03f8afe9
Surge FTP 23c8 Buffer Overflow
Posted Jul 23, 2013
Authored by Anil Pazvant

Surge FTP server versions 23c8 and below suffer from a buffer overflow vulnerability.

tags | advisory, overflow
advisories | CVE-2013-4742
SHA-256 | 8371e4e6a2219b80f0cdd60273de6526a797aaa7f16bbda2d393ad1b7b415834
Juniper Secure Access Cross Site Scripting
Posted Jul 23, 2013
Authored by Anil Pazvant

Juniper Secure Access software suffers from a reflective cross site scripting vulnerability.

tags | advisory, xss
systems | juniper
advisories | CVE-2012-5460
SHA-256 | 1e91a40814ce854dfbc08417fc774b84fa293848396a5db20ca9b655cc2fc7d0
AISec2013 Call For Papers
Posted Jul 23, 2013
Site sites.google.com

The AISec2013 Call For Papers has been announced. It will take place on November 4, 2013 in Berlin, Germany held in conjunction with ACM CCS 2013.

tags | paper, conference
SHA-256 | 53efede4578c200fd9c576434367a341ae6f2db5816ac342f3f7e01796a79fd2
D-Link Devices UPnP SOAP Command Execution
Posted Jul 23, 2013
Authored by Michael Messner, juan vazquez | Site metasploit.com

Different D-Link Routers are vulnerable to OS command injection in the UPnP SOAP interface. Since it is a blind OS command injection vulnerability, there is no output for the executed command when using the CMD target. Additionally, two targets are included, to start a telnetd service and establish a session over it, or deploy a native mipsel payload. This Metasploit module has been tested successfully on DIR-300, DIR-600, DIR-645, DIR-845 and DIR-865. According to the vulnerability discoverer, more D-Link devices may affected.

tags | exploit
advisories | OSVDB-94924
SHA-256 | 01d435ac6d062114f47621077e0eb7f0d7eaf8b4b14cc6838696243a3e34377f
Foreman (Red Hat OpenStack/Satellite) Code Injection
Posted Jul 23, 2013
Authored by Ramon de C Valle | Site metasploit.com

This Metasploit module exploits a code injection vulnerability in the 'create' action of 'bookmarks' controller of Foreman and Red Hat OpenStack/Satellite (Foreman 1.2.0-RC1 and earlier).

tags | exploit
systems | linux, redhat
advisories | CVE-2013-2121, OSVDB-94671
SHA-256 | c5c9607b201bbed12138b9c01832cadc3f0585df9c929779954f3b1deff22316
VMware vCenter Chargeback Manager ImageUploadServlet Arbitrary File Upload
Posted Jul 23, 2013
Authored by Andrea Micalizzi, juan vazquez | Site metasploit.com

This Metasploit module exploits a code execution flaw in VMware vCenter Chargeback Manager, where the ImageUploadServlet servlet allows unauthenticated file upload. The files are uploaded to the /cbmui/images/ web path, where JSP code execution is allowed. The module has been tested successfully on VMware vCenter Chargeback Manager 2.0.1 on Windows 2003 SP2.

tags | exploit, web, code execution, file upload
systems | windows
advisories | CVE-2013-3520, OSVDB-94188
SHA-256 | b08962941512b5b8079fa8c0192f78e7fa07e4194e7eadc4c084e0b8ccd390a5
Page 1 of 1
Back1Next

File Archive:

June 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    0 Files
  • 2
    Jun 2nd
    0 Files
  • 3
    Jun 3rd
    18 Files
  • 4
    Jun 4th
    21 Files
  • 5
    Jun 5th
    0 Files
  • 6
    Jun 6th
    57 Files
  • 7
    Jun 7th
    6 Files
  • 8
    Jun 8th
    0 Files
  • 9
    Jun 9th
    0 Files
  • 10
    Jun 10th
    12 Files
  • 11
    Jun 11th
    27 Files
  • 12
    Jun 12th
    38 Files
  • 13
    Jun 13th
    16 Files
  • 14
    Jun 14th
    14 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    16 Files
  • 18
    Jun 18th
    26 Files
  • 19
    Jun 19th
    15 Files
  • 20
    Jun 20th
    18 Files
  • 21
    Jun 21st
    8 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close