exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 30 RSS Feed

Files Date: 2012-07-16

Libexif 0.6.20 Overflows / Denial Of Service
Posted Jul 16, 2012
Authored by Yunho Kim, Dan Fandrich, Mateusz Jurczyk

A large amount of heap and buffer overflows along with denial of service conditions have been addressed in libexif. Versions 0.6.20 and below are affected.

tags | advisory, denial of service, overflow
advisories | CVE-2012-2812, CVE-2012-2813, CVE-2012-2814, CVE-2012-2836, CVE-2012-2837, CVE-2012-2840, CVE-2012-2841, CVE-2012-2845
SHA-256 | 7c6eb35c0114a47e761fa33fe4d24e97391d0ae94702f7a6c5114836348d9739
Red Hat Security Advisory 2012-1081-01
Posted Jul 16, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1081-01 - The sudo utility allows system administrators to give certain users the ability to run commands as root. A flaw was found in the way the network matching code in sudo handled multiple IP networks listed in user specification configuration directives. A user, who is authorized to run commands with sudo on specific hosts, could use this flaw to bypass intended restrictions and run those commands on hosts not matched by any of the network specifications. All users of sudo are advised to upgrade to this updated package, which contains a backported patch to correct this issue.

tags | advisory, root
systems | linux, redhat
advisories | CVE-2012-2337
SHA-256 | 2dfbfa43bde13f32ff7b638eeb910225f286b002c9fd10e5b654f6375bb16e10
Red Hat Security Advisory 2012-1080-01
Posted Jul 16, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1080-01 - The IBM Java SE version 1.4.2 release includes the IBM Java 1.4.2 Runtime Environment and the IBM Java 1.4.2 Software Development Kit. This update fixes several vulnerabilities in the IBM Java 1.4.2 Runtime Environment and the IBM Java 1.4.2 Software Development Kit.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2011-3563, CVE-2012-0499, CVE-2012-0502, CVE-2012-0503, CVE-2012-0505, CVE-2012-0506
SHA-256 | 91d7fea7aa7d7b39fe7a3a9a4e3d7288cafa175bf77962bef334da06bf3382aa
HP Security Bulletin HPSBGN02787 SSRT100876
Posted Jul 16, 2012
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN02787 SSRT100876 - Potential security vulnerabilities have been identified with HP AssetManager. The vulnerabilities could be exploited remotely resulting in cross site scripting (XSS) or unauthorized data modification. Revision 1 of this advisory.

tags | advisory, vulnerability, xss
advisories | CVE-2012-2021
SHA-256 | 3a95ced80b54f632acc33b495da9efb3cb17ee87e7e594f4fd56fadc39610792
Vivotek Cameras Data Configuration Disclosure
Posted Jul 16, 2012
Authored by Alejandro Leon Morales

Vivotek Cameras suffer from a configuration disclosure vulnerability that leaks password information.

tags | exploit, info disclosure
SHA-256 | d058e2a1787927c136f919f18b911e8101c71269a4d32b051967630ea19ce337
CakePHP 2.2.0-RC2 XXE Injection
Posted Jul 16, 2012
Authored by Pawel Wylecial

CakePHP versions 2.x through 2.2.0-RC2 suffer from a XXE injection vulnerability.

tags | exploit, xxe
SHA-256 | 54d1c4dda8e08667e5b5c0da52af3bfbbf429c685ad10b6ddb43edebd154ffb5
Joomla Web Scanner 1.4
Posted Jul 16, 2012
Authored by Pepelux | Site enye-sec.org

Joomla web scanning perl script that gets the version, components and shows possible bugs.

Changes: Version 1.4 of JoomlaScan recognizes Joomla! versions 1.x, 1.5.x, 1.7.x, and 2.5.x and shows possible bugs in core and components.
tags | tool, web, scanner, perl
systems | unix
SHA-256 | 0ab018e39405e6084e40c17103e2371d3366a4af2159ce098bae85b710b3f1ab
Flemish Television Cross Site Scripting
Posted Jul 16, 2012
Authored by Yvan Janssens

The site at http://eenmiljardseconden.frankdeboosere.be/ had a cross site scripting issue and resolved it. What makes this noteworthy is that they took the high road and rickrolled any future attempts. More sites should add humor to their fixes.

tags | advisory, web, xss
SHA-256 | fab0483fa163dbeb5095052167d50d9d23809032c0545626a35845f4b78fa07e
DomsHttpd 1.0 Denial Of Service
Posted Jul 16, 2012
Authored by Jean Pereira

DomsHttpd versions 1.0 and below suffer from a remote denial of service vulnerability.

tags | exploit, remote, denial of service
SHA-256 | df48c1ebd005e29be57fe7d977ca199ab00f6e3cc3896927df8c2e16e4d2d267
ALLMediaServer 0.8 Buffer Overflow
Posted Jul 16, 2012
Authored by modpr0be, juan vazquez, motaz reda | Site metasploit.com

This Metasploit module exploits a stack buffer overflow in ALLMediaServer 0.8. The vulnerability is caused due to a boundary error within the handling of HTTP request. While the exploit supports DEP bypass via ROP, on Windows 7 the stack pivoting isn't reliable across virtual (VMWare, VirtualBox) and physical environments. Because of this the module isn't using DEP bypass on the Windows 7 SP1 target, where by default DEP is OptIn and AllMediaServer won't run with DEP.

tags | exploit, web, overflow
systems | windows
SHA-256 | cd224eb091bd83cac2f6867238fdeea0e253250295ed9b0257c0173e71de0311
Cura 1.5
Posted Jul 16, 2012
Site github.com

Cura is a mobile phone application bundle of remote systems administration tools. It provides a personalized terminal emulator, a syslog module that allows for reading logs directly from a server, a SysMonitor module that visually graphs CPU and RAM usage percentages, access to Nmap, and Server Stats will offer general server information like its Vitals, Hardware information, Memory information, processes, and so on. A security feature will be implemented that allows users to have Cura's database completely wiped upon them sending the compromised phone a secret pattern of their choosing (e.g. send an SMS message containing "phone has been stolen!" to your Android phone to wipe Cura's database, and receive the location of the compromised phone as an SMS to your emergency phone number or as an email to your emergency email address).

Changes: The modules screen is now Tabular, providing a much better user experience in which all of Cura's modules are provided as tabs on the top of the screen.
tags | exploit, remote
SHA-256 | 1701fc58dc21a0ecb6c45f4836abb5e380f5e8214af1f3d389ec0e35ee46a019
Blackboard Mobile Learn 3.0 Cross Site Scripting
Posted Jul 16, 2012
Authored by Ibrahim El-Sayed, Vulnerability Laboratory | Site vulnerability-lab.com

Blackboard Mobile Learn version 3.0 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | b4e651e38bbb3294f231eb8e3bb086bfc5350b4b6edc00836d34547e9116fdee
PBBoard CMS 2.1.4 CSRF / Cross Site Scripting
Posted Jul 16, 2012
Authored by Ibrahim El-Sayed, Vulnerability Laboratory | Site vulnerability-lab.com

PBBoard CMS version 2.1.4 suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
SHA-256 | 3504eeef961d0a59f49c9ee08fb6ee83c790ce14364fa6fe2751a1e2eab9d1a9
SMF Board 2.0.2 Cross Site Scripting
Posted Jul 16, 2012
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

SMF Board version 2.0.2 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | c9ae40521ca14dc1b3769503b4731284c9910f6abe411ca09d1b0b085880e22c
Lepton CMS 1.2.0 Cross Site Scripting
Posted Jul 16, 2012
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

Lepton CMS version 1.2.0 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | a1950761b16455f0831bfaca8919628053e40986ef93c4860bbb883b3dd0f353
Event Calendar PHP 1.2 Cross Site Scripting / SQL Injection
Posted Jul 16, 2012
Authored by Hubert Wojciechowski, Vulnerability Laboratory | Site vulnerability-lab.com

Event Calendar PHP version 1.2 suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, php, vulnerability, xss, sql injection
SHA-256 | 3ad4f5c685a677a797142b6d779de69baf513ebfcb1464004b838916e0b78d0f
Secunia Security Advisory 49931
Posted Jul 16, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in ALLMediaServer, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
SHA-256 | 2d15928ca02a9e147baeb55fdf36818b8905cedb789ecfdf98da1ca1e2e82734
Siemens Simatic S7-1200 CPU START/STOP Module
Posted Jul 16, 2012
Authored by Dillon Beresford | Site metasploit.com

The Siemens Simatic S7-1200 S7 CPU start and stop functions over ISO-TSAP this modules allows an attacker to perform administrative commands without authentication. This Metasploit module allows a remote user to change the state of the PLC between STOP and START, allowing an attacker to end process control by the PLC.

tags | exploit, remote
SHA-256 | 209515171372e815da32934ab41fdd5f1c336d22022bec1c97308a5b5097d4c3
Siemens Simatic S7-300/400 CPU START/STOP Module
Posted Jul 16, 2012
Authored by Dillon Beresford | Site metasploit.com

The Siemens Simatic S7-300/400 S7 CPU start and stop functions over ISO-TSAP this modules allows an attacker to perform administrative commands without authentication. This Metasploit module allows a remote user to change the state of the PLC between STOP and START, allowing an attacker to end process control by the PLC.

tags | exploit, remote
SHA-256 | e012c156c46c53f51452c321377eed31d2bcff3d14db2c6ffe938003af648fc7
Secunia Security Advisory 49888
Posted Jul 16, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in the OS Property Component for Joomla!, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
SHA-256 | f9e3b1874472e88632b96d478e3b15d55c2bc5dd981e56f9f5d380567028a13e
Secunia Security Advisory 49899
Posted Jul 16, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been discovered in WebPagetest, which can be exploited by malicious people to disclose potentially sensitive and system information and compromise a vulnerable system.

tags | advisory, vulnerability
SHA-256 | fd87428f3682d8025364f39b019e7f5f799d316cd6e2f42d8e249ff3790a4c3c
Secunia Security Advisory 49945
Posted Jul 16, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Sammy Forgit has discovered a vulnerability in the Post Recommendations plugin for WordPress, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
SHA-256 | ca90b4ce831d56fc770f90865d0617bed25a593ba55ef043a73cd6249a2fc6cf
Secunia Security Advisory 49896
Posted Jul 16, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in the Resume Submissions & Job Postings plugin for WordPress, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
SHA-256 | 0d50d44a1244301017a1a9a8edfae0f73a36e58487abdfc53c1b891bc51e00b6
Secunia Security Advisory 49941
Posted Jul 16, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Sammy Forgit has discovered a vulnerability in EGallery, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
SHA-256 | 039d7bc31bf06b868c0631d46227b679112c5317d3c6f74977e7b9601f49c18e
Secunia Security Advisory 49926
Posted Jul 16, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been discovered in WaveSurfer, which can be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability
SHA-256 | 3741407959f58385cc03a82101cd9cc2c16bc53a310b3ef3a9b40dbf1bccd9c6
Page 1 of 2
Back12Next

File Archive:

December 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    0 Files
  • 2
    Dec 2nd
    41 Files
  • 3
    Dec 3rd
    25 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close