exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 33 RSS Feed

Files Date: 2014-03-25

Suricata IDPE 2.0
Posted Mar 25, 2014
Site openinfosecfoundation.org

Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and Barnyard2 tools.

Changes: HTTP support was much improved. CUDA support was updated. A DNS parser and logger were added. Lua support was improved. The stream engine was made more robust. IPS mode was improved. VLAN support was improved. Options were added for enabling and disabling protocol parsers. Protocol detection was improved. IPv6 improvements were made. Profiling options were expanded. Unified JSON output was added. VLAN handling was improved. QinQ support was added. A command line option for overriding configuration settings was added. An optimized NSM runmode was added. An SSH logger was added.
tags | tool, intrusion detection
systems | unix
SHA-256 | 6e30423d029452c6f0ec2be1241b76f9efe630b10e66439c25475891997decfa
Cart Engine 3.0.0 Remote Code Execution
Posted Mar 25, 2014
Authored by LiquidWorm | Site zeroscience.mk

Cart Engine suffers from an authenticated arbitrary code execution. The vulnerability is caused due to the improper verification of uploaded files in several modules thru several POST parameters. This can be exploited to execute arbitrary PHP code by uploading a malicious PHP script file that will be stored in '/public/image' directory. Version 3.0.0 is affected.

tags | exploit, arbitrary, php, code execution
SHA-256 | 96827d831045ae34ca4e250341d2bb5d34d2c393b7e1b2c30722378dcbb33018
Cart Engine 3.0.0 (task.php) Local File Inclusion
Posted Mar 25, 2014
Authored by LiquidWorm | Site zeroscience.mk

Cart Engine suffers from an authenticated file inclusion vulnerability (LFI) when input passed thru the 'run' parameter to task.php is not properly verified before being used to include files. This can be exploited to include files from local resources with directory traversal attacks. Version 3.0.0 is affected.

tags | exploit, local, php, file inclusion
SHA-256 | e6438c80cea51cd67f5b475b75797244bde2786c6699715eb2d377adccfcc5eb
Cart Engine 3.0.0 Database Backup Disclosure
Posted Mar 25, 2014
Authored by LiquidWorm | Site zeroscience.mk

Cart Engine version 3.0.0 suffers from a database backup disclosure vulnerability.

tags | exploit
SHA-256 | c7cf38ab11e6169d1cc1ba8f453fe47dd8768354389975edf2b1d86f00798b8a
Kemana Directory 1.5.6 Password Hash Disclosure
Posted Mar 25, 2014
Authored by LiquidWorm | Site zeroscience.mk

Kemana contains a flaw that is due to the 'kemana_admin_passwd' cookie storing user password SHA1 hashes. This may allow a remote MitM attacker to more easily gain access to password information. Version 1.5.6 is affected.

tags | exploit, remote
SHA-256 | a05a7aa326979bff6b52716919249f5f27c6dfe85a75b89136e3a0640f8527f4
Kemana Directory 1.5.6 Remote Code Execution
Posted Mar 25, 2014
Authored by LiquidWorm | Site zeroscience.mk

Kemana Directory suffers from an authenticated arbitrary code execution. The vulnerability is caused due to the improper verification of uploaded files in several modules thru several POST parameters. This can be exploited to execute arbitrary PHP code by uploading a malicious PHP script file that will be stored in '/public/image' directory. Version 1.5.6 is affected.

tags | exploit, arbitrary, php, code execution
SHA-256 | 0a9db43d181684d4b67300a7a8625d1771c50ac3101d708a1e0875bb7283adff
Kemana Directory 1.5.6 Local File Inclusion
Posted Mar 25, 2014
Authored by LiquidWorm | Site zeroscience.mk

Kemana Directory version 1.5.6 suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
SHA-256 | 8280cb54fa2414d97ddda5ca6dc643d446370afef4e1233e02d3910a6f6a12ce
Kemana Directory 1.5.6 Database Backup Disclosure
Posted Mar 25, 2014
Authored by LiquidWorm | Site zeroscience.mk

Kemana Directory version 1.5.6 suffers from a database backup disclosure vulnerability.

tags | exploit
SHA-256 | b881b2ca8151d4b9ced7f6b0bad082ecdb8a0d92afb40a6cb9b480ebe7e085d5
Kemana Directory 1.5.6 CAPTCHA Bypass
Posted Mar 25, 2014
Authored by LiquidWorm | Site zeroscience.mk

The CAPTCHA function for Kemana Directory is prone to a security bypass vulnerability that occurs in the CAPTCHA authentication routine. The function 'qvc_init()' in '/includes/function.php' sets a cookie with a SHA1-based hash value in the Response Header which can be replaced by a random SHA1 computed hash value using Cookie Poisoning attack. Successful exploit will allow attackers to bypass the CAPTCHA-based authentication challenge and perform brute-force attacks. Version 1.5.6 is vulnerable.

tags | exploit, php, bypass
SHA-256 | 0bbff6971475a515bf53c4adad31d393da5d381a7dab0bd0af11b3b1eca540c9
Haihaisoft HUPlayer 1.0.4.8 Buffer Overflow
Posted Mar 25, 2014
Authored by Gabor Seljan

Haihaisoft HUPlayer version 1.0.48 buffer overflow exploit.

tags | exploit, overflow
SHA-256 | 312f190b56156e4a5cc161186004f6f6ab66d996805794fdfcf9a134f23fdba0
Haihaisoft Universal Player 1.5.8 Buffer Overflow
Posted Mar 25, 2014
Authored by Gabor Seljan

Haihaisoft Universal Player version 1.5.8 buffer overflow exploit.

tags | exploit, overflow
SHA-256 | 1eb1a1c521bb6b91b7db8e8b5979e0d6f55e3c47414fda473f5fffc0a00327af
Xalan-Java 2.7.0 Insufficient Secure Processing
Posted Mar 25, 2014
Authored by Andrea Barisani, Nicolas Gregoire, Open Source CERT

The Xalan-Java library is a popular XSLT processor from the Apache Software Foundation. The library implements the Java API for XML Processing (JAXP) which supports a secure processing feature for interpretive and XSLCT processors. The intent of this feature is to limit XSLT/XML processing behaviours to "make the XSLT processor behave in a secure fashion". It has been discovered that the secure processing features suffers from several limitations that undermine its purpose. Versions 2.7.0 and above are affected.

tags | advisory, java
advisories | CVE-2014-0107
SHA-256 | 2661a94be4bbc4822c2a0c9ff839ec7aafe7ef60fc89113bfb792b62e32262d9
OpenCart 1.5.6.1 SQL Injection
Posted Mar 25, 2014
Authored by Saadat Ullah

OpenCart versions 1.5.6.1 and below suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 703149d4078abdc95ff0f473bd181a93a4f3386cdce4320a2ca8744e981ee3f6
Katello (Red Hat Satellite) users/update_roles Missing Authorization
Posted Mar 25, 2014
Authored by Ramon de C Valle | Site metasploit.com

This Metasploit module exploits a missing authorization vulnerability in the "update_roles" action of "users" controller of Katello and Red Hat Satellite (Katello 1.5.0-14 and earlier) by changing the specified account to an administrator account.

tags | exploit
systems | linux, redhat
advisories | CVE-2013-2143
SHA-256 | e0371216c7f1d8860897ca9e5f3d083fc1371c2aca741321b8cb6ff295f73dbf
HP Security Bulletin HPSBMU02967 2
Posted Mar 25, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU02967 2 - A potential security vulnerability has been identified with HP Unified Functional Testing Running on Windows. This vulnerability could be remotely exploited to allow execution of arbitrary code. Revision 2 of this advisory.

tags | advisory, arbitrary
systems | windows
advisories | CVE-2013-6210
SHA-256 | 2f6821a2bbe5c89e9584369176f1507af47b959c73828363027e25e99bb9a72a
Diskstation Manager 4.3-3810 Data Append / Code Execution
Posted Mar 25, 2014
Authored by tiamat451

webman/imageSelector.cgi in Synology DiskStation Manager (DSM) 4.0 before 4.0-2259, 4.2 before 4.2-3243, and 4.3 before 4.3-3810 Update 1 allows remote attackers to append data to arbitrary files, and consequently execute arbitrary code, via a pathname in the SLICEUPLOAD X-TMP-FILE HTTP header.

tags | advisory, remote, web, arbitrary, cgi
advisories | CVE-2013-6955, CVE-2013-6987
SHA-256 | d20d6eda27bee2e48fd7dddd353b5841c8f19f449a5657951a591227c486e56e
InterWorx 5.0.13 Build 574 SQL Injection
Posted Mar 25, 2014
Authored by Eric Flokstra

InterWorx Web Control Panel version 5.0.13 build 574 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, web, sql injection
advisories | CVE-2014-2531
SHA-256 | afe204bd4b2997915e002624fe94d4bf76d844faa9571607108500b7840dbc16
EDITStuff 6 Command Execution
Posted Mar 25, 2014
Authored by Felipe Andrian Peixoto

EDITStuff version 6 suffers from a remote command execution vulnerability.

tags | exploit, remote
SHA-256 | 06f370fb97a0e7da39a9a0cbebd48d7b55eb97d5f9bebf21fd64712e2f49061e
Red Hat Security Advisory 2014-0330-01
Posted Mar 25, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-0330-01 - Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. It was found that certain Samba configurations did not enforce the password lockout mechanism. A remote attacker could use this flaw to perform password guessing attacks on Samba user accounts. Note: this flaw only affected Samba when deployed as a Primary Domain Controller. A flaw was found in the way the pam_winbind module handled configurations that specified a non-existent group as required. An authenticated user could possibly use this flaw to gain access to a service using pam_winbind in its PAM configuration when group restriction was intended for access to the service.

tags | advisory, remote, protocol
systems | linux, redhat
advisories | CVE-2012-6150, CVE-2013-4496
SHA-256 | 4ccb4fc6b11f92b846e743e89d1a56c9ca11c685ff04515006ad01325ecf4870
Red Hat Security Advisory 2014-0328-01
Posted Mar 25, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-0328-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A flaw was found in the way the get_rx_bufs() function in the vhost_net implementation in the Linux kernel handled error conditions reported by the vhost_get_vq_desc() function. A privileged guest user could use this flaw to crash the host. A flaw was found in the way the Linux kernel processed an authenticated COOKIE_ECHO chunk during the initialization of an SCTP connection. A remote attacker could use this flaw to crash the system by initiating a specially crafted SCTP handshake in order to trigger a NULL pointer dereference on the system.

tags | advisory, remote, kernel
systems | linux, redhat
advisories | CVE-2013-1860, CVE-2014-0055, CVE-2014-0069, CVE-2014-0101
SHA-256 | 89d9790834be4c375db2c9b80b34a6a4d366543a7220b333921532be2e3a6db5
Ubuntu Security Notice USN-2155-1
Posted Mar 25, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2155-1 - Jann Horn discovered that OpenSSH incorrectly handled wildcards in AcceptEnv lines. A remote attacker could use this issue to possibly bypass certain intended environment variable restrictions.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2014-2532
SHA-256 | bdab8f1f7c649a8126f6b3e5005887d52b74e90bdcf86a7ec2876e9b2f3169bb
iThoughtsHD 4.19 DoS / XSS / File Upload
Posted Mar 25, 2014
Authored by Justin C. Klein Keane, James P Davis

iThoughtsHD version 4.19 suffers from cross site scripting, denial of service, and null byte injection file upload vulnerabilities.

tags | exploit, denial of service, vulnerability, xss, file upload
advisories | CVE-2014-1826, CVE-2014-1827, CVE-2014-1828
SHA-256 | b199b6f0f1f8a2eca6898cd60ae8f911d2ac84d212c86fb60f88639298107746
WinRAR 4.20 File Extension Spoofing
Posted Mar 25, 2014
Authored by Danor Cohen

WinRAR version 4.20 suffers from a file extension spoofing vulnerability.

tags | advisory, spoof
SHA-256 | 82cbbc5f4144a0fc90c9e134c84a23a3de5dbc828d91d37dafd7aa754218b05c
LifeSize UVC Authenticated Remote Command Execution
Posted Mar 25, 2014
Authored by Brandon Perry | Site metasploit.com

When authenticated as an administrator on LifeSize UVC 1.2.6, an attacker can abuse the ping diagnostic functionality to achieve remote command execution as the www-data user (or equivalent).

tags | exploit, remote
SHA-256 | efca4edbd5362527ab761c155c785c794bfe447ad8520c997f75d88b0393b019
FreePBX config.php Remote Code Execution
Posted Mar 25, 2014
Authored by i-Hmx, 0x00string | Site metasploit.com

This Metasploit module exploits a vulnerability found in FreePBX version 2.9, 2.10, and 2.11. It's possible to inject arbitrary PHP functions and commands in the "/admin/config.php" parameters "function" and "args".

tags | exploit, arbitrary, php
advisories | CVE-2014-1903
SHA-256 | 1c02024d4a3f7042c08772f0fe212d3e817f272a686805a55db99a37717d3b29
Page 1 of 2
Back12Next

File Archive:

June 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    0 Files
  • 2
    Jun 2nd
    0 Files
  • 3
    Jun 3rd
    18 Files
  • 4
    Jun 4th
    21 Files
  • 5
    Jun 5th
    0 Files
  • 6
    Jun 6th
    57 Files
  • 7
    Jun 7th
    6 Files
  • 8
    Jun 8th
    0 Files
  • 9
    Jun 9th
    0 Files
  • 10
    Jun 10th
    12 Files
  • 11
    Jun 11th
    27 Files
  • 12
    Jun 12th
    38 Files
  • 13
    Jun 13th
    16 Files
  • 14
    Jun 14th
    0 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    0 Files
  • 18
    Jun 18th
    0 Files
  • 19
    Jun 19th
    0 Files
  • 20
    Jun 20th
    0 Files
  • 21
    Jun 21st
    0 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close