exploit the possibilities
Showing 1 - 25 of 30 RSS Feed

Files Date: 2012-07-16

Libexif 0.6.20 Overflows / Denial Of Service
Posted Jul 16, 2012
Authored by Yunho Kim, Dan Fandrich, Mateusz Jurczyk

A large amount of heap and buffer overflows along with denial of service conditions have been addressed in libexif. Versions 0.6.20 and below are affected.

tags | advisory, denial of service, overflow
advisories | CVE-2012-2812, CVE-2012-2813, CVE-2012-2814, CVE-2012-2836, CVE-2012-2837, CVE-2012-2840, CVE-2012-2841, CVE-2012-2845
MD5 | 3d0be53cad6dcb0d57eb5cd82c6f485d
Red Hat Security Advisory 2012-1081-01
Posted Jul 16, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1081-01 - The sudo utility allows system administrators to give certain users the ability to run commands as root. A flaw was found in the way the network matching code in sudo handled multiple IP networks listed in user specification configuration directives. A user, who is authorized to run commands with sudo on specific hosts, could use this flaw to bypass intended restrictions and run those commands on hosts not matched by any of the network specifications. All users of sudo are advised to upgrade to this updated package, which contains a backported patch to correct this issue.

tags | advisory, root
systems | linux, redhat
advisories | CVE-2012-2337
MD5 | 58b8344d31be5f67afc14314a1c614ad
Red Hat Security Advisory 2012-1080-01
Posted Jul 16, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1080-01 - The IBM Java SE version 1.4.2 release includes the IBM Java 1.4.2 Runtime Environment and the IBM Java 1.4.2 Software Development Kit. This update fixes several vulnerabilities in the IBM Java 1.4.2 Runtime Environment and the IBM Java 1.4.2 Software Development Kit.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2011-3563, CVE-2012-0499, CVE-2012-0502, CVE-2012-0503, CVE-2012-0505, CVE-2012-0506
MD5 | 5e4221bf4a2430f43e8158bdce349a8d
HP Security Bulletin HPSBGN02787 SSRT100876
Posted Jul 16, 2012
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN02787 SSRT100876 - Potential security vulnerabilities have been identified with HP AssetManager. The vulnerabilities could be exploited remotely resulting in cross site scripting (XSS) or unauthorized data modification. Revision 1 of this advisory.

tags | advisory, vulnerability, xss
advisories | CVE-2012-2021
MD5 | 6aecbe6d3da0749e5a84c18b2b7414a0
Vivotek Cameras Data Configuration Disclosure
Posted Jul 16, 2012
Authored by Alejandro Leon Morales

Vivotek Cameras suffer from a configuration disclosure vulnerability that leaks password information.

tags | exploit, info disclosure
MD5 | 5e93d9030a49b7716a91b478b42a3d38
CakePHP 2.2.0-RC2 XXE Injection
Posted Jul 16, 2012
Authored by Pawel Wylecial

CakePHP versions 2.x through 2.2.0-RC2 suffer from a XXE injection vulnerability.

tags | exploit, xxe
MD5 | 32b7ba9f5425287d5becdaae440ebab2
Joomla Web Scanner 1.4
Posted Jul 16, 2012
Authored by Pepelux | Site enye-sec.org

Joomla web scanning perl script that gets the version, components and shows possible bugs.

Changes: Version 1.4 of JoomlaScan recognizes Joomla! versions 1.x, 1.5.x, 1.7.x, and 2.5.x and shows possible bugs in core and components.
tags | tool, web, scanner, perl
systems | unix
MD5 | c6cde9954f1120b9695532553128ba47
Flemish Television Cross Site Scripting
Posted Jul 16, 2012
Authored by Yvan Janssens

The site at http://eenmiljardseconden.frankdeboosere.be/ had a cross site scripting issue and resolved it. What makes this noteworthy is that they took the high road and rickrolled any future attempts. More sites should add humor to their fixes.

tags | advisory, web, xss
MD5 | f587237d02530ffee9a479ea9a650b48
DomsHttpd 1.0 Denial Of Service
Posted Jul 16, 2012
Authored by Jean Pascal Pereira

DomsHttpd versions 1.0 and below suffer from a remote denial of service vulnerability.

tags | exploit, remote, denial of service
MD5 | 6f5cee2a09eb16855de7886b51d6b81b
ALLMediaServer 0.8 Buffer Overflow
Posted Jul 16, 2012
Authored by modpr0be, juan vazquez, motaz reda | Site metasploit.com

This Metasploit module exploits a stack buffer overflow in ALLMediaServer 0.8. The vulnerability is caused due to a boundary error within the handling of HTTP request. While the exploit supports DEP bypass via ROP, on Windows 7 the stack pivoting isn't reliable across virtual (VMWare, VirtualBox) and physical environments. Because of this the module isn't using DEP bypass on the Windows 7 SP1 target, where by default DEP is OptIn and AllMediaServer won't run with DEP.

tags | exploit, web, overflow
systems | windows, 7
MD5 | 59ea30c205258988554bd473b89706e9
Cura 1.5
Posted Jul 16, 2012
Site github.com

Cura is a mobile phone application bundle of remote systems administration tools. It provides a personalized terminal emulator, a syslog module that allows for reading logs directly from a server, a SysMonitor module that visually graphs CPU and RAM usage percentages, access to Nmap, and Server Stats will offer general server information like its Vitals, Hardware information, Memory information, processes, and so on. A security feature will be implemented that allows users to have Cura's database completely wiped upon them sending the compromised phone a secret pattern of their choosing (e.g. send an SMS message containing "phone has been stolen!" to your Android phone to wipe Cura's database, and receive the location of the compromised phone as an SMS to your emergency phone number or as an email to your emergency email address).

Changes: The modules screen is now Tabular, providing a much better user experience in which all of Cura's modules are provided as tabs on the top of the screen.
tags | exploit, remote
MD5 | 199eea14b1da9508876ff2a0c72ff8c5
Blackboard Mobile Learn 3.0 Cross Site Scripting
Posted Jul 16, 2012
Authored by Ibrahim El-Sayed | Site vulnerability-lab.com

Blackboard Mobile Learn version 3.0 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | fb7c2e7848132b28ab57b3ed2da2d085
PBBoard CMS 2.1.4 CSRF / Cross Site Scripting
Posted Jul 16, 2012
Authored by Ibrahim El-Sayed | Site vulnerability-lab.com

PBBoard CMS version 2.1.4 suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
MD5 | cd0745196b1f1e682aad0a9fee06682b
SMF Board 2.0.2 Cross Site Scripting
Posted Jul 16, 2012
Authored by Benjamin Kunz Mejri | Site vulnerability-lab.com

SMF Board version 2.0.2 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | ed9334af9c6e688b2176a678eacc1c6e
Lepton CMS 1.2.0 Cross Site Scripting
Posted Jul 16, 2012
Authored by Benjamin Kunz Mejri | Site vulnerability-lab.com

Lepton CMS version 1.2.0 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 9bdf64439afa082e5f33ca74d91feb5a
Event Calendar PHP 1.2 Cross Site Scripting / SQL Injection
Posted Jul 16, 2012
Authored by snup | Site vulnerability-lab.com

Event Calendar PHP version 1.2 suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, php, vulnerability, xss, sql injection
MD5 | caf790121c401f34fb104afa6eec8852
Secunia Security Advisory 49931
Posted Jul 16, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in ALLMediaServer, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
MD5 | d2ebc6272aa385fdf75980511112db27
Siemens Simatic S7-1200 CPU START/STOP Module
Posted Jul 16, 2012
Authored by Dillon Beresford | Site metasploit.com

The Siemens Simatic S7-1200 S7 CPU start and stop functions over ISO-TSAP this modules allows an attacker to perform administrative commands without authentication. This Metasploit module allows a remote user to change the state of the PLC between STOP and START, allowing an attacker to end process control by the PLC.

tags | exploit, remote
MD5 | a341cf2fac3b420d88e2f3a792a5a068
Siemens Simatic S7-300/400 CPU START/STOP Module
Posted Jul 16, 2012
Authored by Dillon Beresford | Site metasploit.com

The Siemens Simatic S7-300/400 S7 CPU start and stop functions over ISO-TSAP this modules allows an attacker to perform administrative commands without authentication. This Metasploit module allows a remote user to change the state of the PLC between STOP and START, allowing an attacker to end process control by the PLC.

tags | exploit, remote
MD5 | 1411a241bc03de698cd3e74a5ed68f7b
Secunia Security Advisory 49888
Posted Jul 16, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in the OS Property Component for Joomla!, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
MD5 | 29519de0717589cd3bf943e073bbec86
Secunia Security Advisory 49899
Posted Jul 16, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been discovered in WebPagetest, which can be exploited by malicious people to disclose potentially sensitive and system information and compromise a vulnerable system.

tags | advisory, vulnerability
MD5 | de5345a1ce07a2e6d9e983f7a031b218
Secunia Security Advisory 49945
Posted Jul 16, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Sammy Forgit has discovered a vulnerability in the Post Recommendations plugin for WordPress, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
MD5 | b9d3763d247e5c57590cd5e0954108be
Secunia Security Advisory 49896
Posted Jul 16, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in the Resume Submissions & Job Postings plugin for WordPress, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
MD5 | f442c38d6d136b82f826f5179d3504ab
Secunia Security Advisory 49941
Posted Jul 16, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Sammy Forgit has discovered a vulnerability in EGallery, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
MD5 | 90de434f8db71e58ea9d7b055bac15b0
Secunia Security Advisory 49926
Posted Jul 16, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been discovered in WaveSurfer, which can be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability
MD5 | e4e15a9bbc48301cbfa52dc8cd261d9b
Page 1 of 2
Back12Next

File Archive:

June 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    1 Files
  • 2
    Jun 2nd
    2 Files
  • 3
    Jun 3rd
    19 Files
  • 4
    Jun 4th
    21 Files
  • 5
    Jun 5th
    15 Files
  • 6
    Jun 6th
    12 Files
  • 7
    Jun 7th
    11 Files
  • 8
    Jun 8th
    1 Files
  • 9
    Jun 9th
    1 Files
  • 10
    Jun 10th
    15 Files
  • 11
    Jun 11th
    15 Files
  • 12
    Jun 12th
    15 Files
  • 13
    Jun 13th
    8 Files
  • 14
    Jun 14th
    16 Files
  • 15
    Jun 15th
    2 Files
  • 16
    Jun 16th
    1 Files
  • 17
    Jun 17th
    18 Files
  • 18
    Jun 18th
    15 Files
  • 19
    Jun 19th
    22 Files
  • 20
    Jun 20th
    15 Files
  • 21
    Jun 21st
    15 Files
  • 22
    Jun 22nd
    2 Files
  • 23
    Jun 23rd
    1 Files
  • 24
    Jun 24th
    23 Files
  • 25
    Jun 25th
    19 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close