what you don't know can hurt you
Showing 1 - 24 of 24 RSS Feed

Files Date: 2012-05-25

Ubuntu Security Notice USN-1454-1
Posted May 25, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1454-1 - A flaw was found in the Linux's kernels ext4 file system when mounted with a journal. A local, unprivileged user could exploit this flaw to cause a denial of service.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2011-4086
MD5 | 669bfff032cd2b42bbdf149e5ef06a1d
WeBid converter.php Remote PHP Code Injection
Posted May 25, 2012
Authored by EgiX, juan vazquez | Site metasploit.com

This Metasploit module exploits a vulnerability found in WeBid version 1.0.2. By abusing the converter.php file, a malicious user can inject PHP code in the includes/currencies.php script without any authentication, which results in arbitrary code execution.

tags | exploit, arbitrary, php, code execution
advisories | OSVDB-73609
MD5 | 8dc19f398388284a81cf2ecae5005436
RabidHamster R4 Log Entry sprintf() Buffer Overflow
Posted May 25, 2012
Authored by Luigi Auriemma, sinn3r | Site metasploit.com

This Metasploit module exploits a vulnerability found in RabidHamster R4's web server. By supplying a malformed HTTP request, it is possible to trigger a stack-based buffer overflow when generating a log, which may result in arbitrary code execution under the context of the user.

tags | exploit, web, overflow, arbitrary, code execution
advisories | OSVDB-79007
MD5 | d5c7b728cc34e438d56471e6fbda49bd
GreHack 2012 Call For Papers
Posted May 25, 2012
Site ensiwiki.ensimag.fr

The GreHack 2012 Call For Papers has been announced. It will be held in Grenoble, France on October 19th, 2012.

tags | paper, conference
MD5 | 77c4584bf8b850f6540301a838dd4258
ResEdit 1.5.11-win32 Buffer Overflow
Posted May 25, 2012
Authored by Walied Assar

ResEdit version 1.5.11-win32 suffers from a buffer overflow. Proof of concept denial of service exploits included.

tags | exploit, denial of service, overflow, proof of concept
systems | linux, windows
MD5 | 6f23782d3add86957f122b199a5849ec
Kolkata Web Application Fingerprinting
Posted May 25, 2012
Authored by ErrProne | Site blackhatacademy.org

Kolkata is a tool for IDS evading web application fingerprinting. It is written in perl and uses LibWhisker.

tags | tool, web, scanner, perl
systems | linux, unix
MD5 | bb2c661a62752b3093161dc4ad3b29ba
DornCMS 1.4 (add_page.php) Arbitrary File Upload
Posted May 25, 2012
Authored by KedAns-Dz | Site metasploit.com

This Metasploit module exploits a vulnerability found in Dorn Content Management Script (CMS), version 1.4. By abusing the add_page.php file, the attacker can upload/add a new file (.php) to the /cms/pages/ directory without any authentication, which results in arbitrary code execution.

tags | exploit, arbitrary, php, code execution
MD5 | c93d65487a1c0efc12fc9a8a68adc5db
Hacktivity 2012 Call For Papers
Posted May 25, 2012
Site hacktivity.com

The Hacktivity 2012 Call For Papers has been announced. It will be held from October 12th through the 13th, 2012 in Budapest, Hungary.

tags | paper, conference
MD5 | c4e46f46fe62ec6961a307d6fb8167af
LogAnalyzer 3.4.2 Cross Site Scripting / SQL Injection / File Read
Posted May 25, 2012
Authored by Filippo Cavallarin

LogAnalyzer version 3.4.2 suffers from cross site scripting, arbitrary file reading, and remote SQL injection vulnerabilities.

tags | exploit, remote, arbitrary, vulnerability, xss, sql injection
MD5 | 2427d2cf98e92db38be0f21c58da1065
Pligg CMS 1.2.1 Cross Site Scripting / Local File Inclusion
Posted May 25, 2012
Authored by High-Tech Bridge SA | Site htbridge.com

Pligg CMS version 1.2.1 suffers from cross site scripting and local file inclusion vulnerabilities.

tags | exploit, local, vulnerability, xss, file inclusion
advisories | CVE-2012-2435, CVE-2012-2436
MD5 | 7b79d17eacb9df80bafc88ab8fbbdabc
pragmaMx 1.12.1 Cross Site Scripting
Posted May 25, 2012
Authored by High-Tech Bridge SA | Site htbridge.com

pragmaMx version 1.12.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2012-2452
MD5 | 5433c6278bfe6b6212f911b0a46eda42
Ubuntu Security Notice USN-1453-1
Posted May 25, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1453-1 - A flaw was found in the Linux's kernels ext4 file system when mounted with a journal. A local, unprivileged user could exploit this flaw to cause a denial of service. A flaw was found in the Linux kernel's KVM (Kernel Virtual Machine) virtual cpu setup. An unprivileged local user could exploit this flaw to crash the system leading to a denial of service. Steve Grubb reported a flaw with Linux fscaps (file system base capabilities) when used to increase the permissions of a process. For application on which fscaps are in use a local attacker can disable address space randomization to make attacking the process with raised privileges easier. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2011-4086, CVE-2012-1601, CVE-2012-2123, CVE-2011-4086, CVE-2012-1601, CVE-2012-2123
MD5 | e3d9015d666d8f4b4efc27aeb34e081a
Ubuntu Security Notice USN-1452-1
Posted May 25, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1452-1 - A flaw was found in the Linux kernel's KVM (Kernel Virtual Machine) virtual cpu setup. An unprivileged local user could exploit this flaw to crash the system leading to a denial of service. Steve Grubb reported a flaw with Linux fscaps (file system base capabilities) when used to increase the permissions of a process. For application on which fscaps are in use a local attacker can disable address space randomization to make attacking the process with raised privileges easier. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2012-1601, CVE-2012-2123, CVE-2012-1601, CVE-2012-2123
MD5 | b2abab8c59bf6aa71b07833130a15467
Ubuntu Security Notice USN-1451-1
Posted May 25, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1451-1 - Ivan Nestlerode discovered that the Cryptographic Message Syntax (CMS) and PKCS #7 implementations in OpenSSL returned early if RSA decryption failed. This could allow an attacker to expose sensitive information via a Million Message Attack (MMA). It was discovered that an integer underflow was possible when using TLS 1.1, TLS 1.2, or DTLS with CBC encryption. This could allow a remote attacker to cause a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2012-0884, CVE-2012-2333, CVE-2012-0884, CVE-2012-2333
MD5 | b8cc47d8f5416ce1152fba137dfd8f1a
DynPage 1.0 Cross Site Request Forgery / Shell Upload
Posted May 25, 2012
Authored by KedAns-Dz

DynPage version 1.0 suffers from cross site request forgery and shell upload vulnerabilities.

tags | exploit, shell, vulnerability, csrf
MD5 | 476adc1bf90918f7ad3741caca2d770e
Secunia Security Advisory 49222
Posted May 25, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Astaro has issued an update for IPsec. This fixes a vulnerability with an unknown impact.

tags | advisory
MD5 | 07be0c82609287b9fdf2b6bf5520d6fb
Secunia Security Advisory 49263
Posted May 25, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A weakness has been reported in PyCrypto, which can be exploited by malicious people to conduct brute force attacks.

tags | advisory
MD5 | 1de7de996fc4de218889855034c150c1
Secunia Security Advisory 49276
Posted May 25, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in dotCMS, which can be exploited by malicious users to compromise a vulnerable system.

tags | advisory
MD5 | ff29c82b9de64d53f8b7fb4fe3013810
Secunia Security Advisory 49271
Posted May 25, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Tiago Natel de Moura has discovered multiple vulnerabilities in SocialEngine, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to conduct cross-site scripting and request forgery attacks.

tags | advisory, vulnerability, xss
MD5 | dfa667da3b23fc383980816fa1e979ca
Secunia Security Advisory 49236
Posted May 25, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in the Search API module for Drupal, which can be exploited by malicious users to conduct script insertion attacks.

tags | advisory, vulnerability
MD5 | 64cd85dfc63076208536e81786bf9a24
Secunia Security Advisory 49255
Posted May 25, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Apache Commons Compress, which can be exploited by malicious people to cause a DoS (Denial of Service) in an application using the library.

tags | advisory, denial of service
MD5 | 47846757ee661dbed11a60ed1c997afd
Secunia Security Advisory 49286
Posted May 25, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Apache has acknowledged a vulnerability in Ant, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
MD5 | 44ff17dda22f0f079c26183df2d44450
Secunia Security Advisory 49277
Posted May 25, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in Google Chrome, where some have unknown impacts and others can be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability
MD5 | b38f21580908a7f8e1dc9f21b4e1cbcf
Secunia Security Advisory 49265
Posted May 25, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for cobbler. This fixes two vulnerabilities, which can be exploited by malicious users to compromise a vulnerable system and by malicious people to conduct cross-site request forgery attacks.

tags | advisory, vulnerability, csrf
systems | linux, suse
MD5 | 7b58cfcf9357201c95c515ae89cfba30
Page 1 of 1
Back1Next

File Archive:

October 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    24 Files
  • 2
    Oct 2nd
    15 Files
  • 3
    Oct 3rd
    7 Files
  • 4
    Oct 4th
    4 Files
  • 5
    Oct 5th
    10 Files
  • 6
    Oct 6th
    1 Files
  • 7
    Oct 7th
    21 Files
  • 8
    Oct 8th
    19 Files
  • 9
    Oct 9th
    5 Files
  • 10
    Oct 10th
    20 Files
  • 11
    Oct 11th
    17 Files
  • 12
    Oct 12th
    4 Files
  • 13
    Oct 13th
    4 Files
  • 14
    Oct 14th
    15 Files
  • 15
    Oct 15th
    19 Files
  • 16
    Oct 16th
    19 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close