This archive contains all of the 126 exploits added to Packet Storm in May, 2013.
c29831f658ed77c2534eddffe84f7ab2fbc633835a65c57ff018013e6ceac702This Metasploit module exploits a stack buffer overflow in the db_netserver process which is spawned by the Lianja SQL server. The issue is fixed in Lianja SQL 1.0.0RC5.2.
7e06bdae955716ffa265faef6d8a8657fd4b8897f76d0c56b6eba227f9c8cabdLogic Print 2013 suffers from a stack overflow vulnerability.
ba1216bc16af7f8d80b5c358f6e4541518b85fb4b8d3fc8150c331d6f1c6e2a1Intrasrv Simple Web Server version 1.0 SEH based remote code execution exploit.
912fd073e0d783dd318697693b042acb7b403d1ca339837fcfa75c842e5512b8When ModSecurity receives a request body with a size bigger than the value set by the "SecRequestBodyInMemoryLimit" and with a "Content-Type" that has no request body processor mapped to it, ModSecurity will systematically crash on every call to "forceRequestBodyVariable" (in phase 1). This is the proof of concept exploit. Versions prior to 2.7.4 are affected.
b4e14816e4c5cdc0de651f2cc750a97fa531e3a0c488cb71922a3bc534259845Monkey HTTPD version 1.1.1 suffers from a denial of service vulnerability.
9f43c0d9a2bd9b380f9c63f0e17d6265c76af43e959168f66ca0eb9c22f6dac0YeaLink IP Phone firmware versions 9.70.0.100 and below suffer from an unauthenticated phone call vulnerability.
22671d10a80df232f64150e4e78af6be36a8803fbdb6475a8eb01087172a3425TP-LINK WR842ND suffers from a remote directory traversal vulnerability.
ac4197fdb577b1dab807bec29d445b9cd6d5ff28f301aaac5ea7915033dfc735TP-Link IP cameras suffer from hard-coded credential and remote command execution vulnerabilities.
d96b583866927f2f59a08545c251d956a2dfef2c6512197cefb588c1ac39997bSIEMENS Solid Edge ST4 SEListCtrlX active-x control SetItemReadOnly suffers from an arbitrary memory rewrite remote code execution vulnerability. Proof of concept included.
6c6ea1a9c072ee2af175d48c30c8a9025b2eddad5dddcf7ee400ddb53f111796Core Security Technologies Advisory - MayGion IP cameras suffer from path traversal and buffer overflow vulnerabilities.
21e644d9151837b4ab263d654102bff96b1ab9d864c49f37c40e5bb8d1affef9This Metasploit module exploits a heap based buffer overflow in the C1Tab ActiveX control, while handling the TabCaption property. The affected control can be found in the c1sizer.ocx component as included with IBM SPSS SamplePower 3.0. This Metasploit module has been tested successfully on IE 6, 7 and 8 on Windows XP SP3 and IE 8 on Windows 7 SP1.
99fdd7d6b7ffc3bcb3ad029cfcdb362a9cb2e0bb387ffdddfabe715b79e167a0Barracuda SSL VPN 680 2.2.2.203 suffers from an open redirection vulnerability.
5740b1e5e5c9fc656d5fb5cfcb35cf011fa06b52f64e6aab8dc7973c32b15373Core Security Technologies Advisory - Zavio IP cameras based on firmware versions 1.6.03 and below suffer from bypass, hard-coded credential, and arbitrary command execution vulnerabilities.
78c356b2ffcb1e25d51e6592b9d5d73b842cdf1d53ab057c2850cde52d3c84c9PayPal's France site suffers from a remote SQL injection vulnerability.
d909644459dddf2b6cbe04e3ffd37a2c6cbdcb1c02e0db96d8b6c8ea94d96274The sitewide search functionality in PayPal suffers from a cross site scripting vulnerability.
ae6f81d653037a6970d54135bf3aa3926b4d02177b5fea9343cd38d0f832748aHP LaserJet Pro version P1606dn suffers from a direct access administrative password reset vulnerability.
1e0546a1b6c0fd44f287a4018259a51dd668ffc155e34387e618de9957eea8a8SIEMENS Solid Edge ST4 WebPartHelper active-x control RFMSsvs!JShellExecuteEx suffers from a remote command execution vulnerability. Proof of concept included.
bba4a31d339af5605fe114b27057d1acf37770767071972f2e917ba1e3684b20aCMS versions 1.0 and below suffer from cross site scripting, content spoofing, and information leakage vulnerabilities.
ae8043acb7b2da9c98837d31f51c47bde25e8182d74dffb82eb080368936bda9WordPress User Role Editor plugin version 3.12 suffers from a cross site request forgery vulnerability.
f881320e4a6513457ac1d19645502215a0dc771eccc30dd7bd787ce5cc531b2eADIF Log Search Widget version 1.0e suffers from a cross site scripting vulnerability.
bf0e8effce0aa1d22148afab86ac617ac9aa5103faece658ec9c15fcadf7e673Vanilla Forums version 2.0.18.8 suffers from cross site scripting and insecure permission vulnerabilities.
cc1d87f0dc1b0be146646d781abad9170ec4421ef9d3f355fdde9a8d86df9705LG Optimus G E973 suffers from a command injection vulnerability.
52c14a7776a3df48b367725a4f0a4d5cea76882a924fd60859316427d1ef5748PayPal.com suffers from a cross site scripting vulnerability.
c455574d672149e36625a44552fd8f9de3058a5512e438e175b6cb80fb8c2282The SASspk module (SASspk.dll) version 9.310.0.11307, has a function called 'RetrieveBinaryFile()' which has one parameter called 'bstrFileName' which takes arguments as strings as defined in the function itself as ISPKBinaryFile from the SASPackageRetrieve library. Stack-based buffer overflow was discovered in one of the fuzzing processes that could allow arbitrary code execution by an attacker when exploiting the non-sanitized 'bstrFileName' parameter.
520def5ba164f9a7f1d632ee1f23ece85df9bc7454425ba51968438158fe9eda
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed