exploit the possibilities
Showing 1 - 25 of 33 RSS Feed

Files Date: 2012-12-19

IDA Pro 6.3 ELF Anti-Debugging / Reversing Patcher
Posted Dec 19, 2012
Authored by nitr0us

IDA Pro 6.3 ELF anti-debugging / reversing patcher that causes a crash.

tags | exploit
MD5 | 1de0f26f0578f20f9e72d01d89818cd0
Ubuntu Security Notice USN-1676-1
Posted Dec 19, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1676-1 - Dan Rosenberg discovered that the example AppArmor profile for chromium-browser could be escaped by calling xdg-settings with a crafted environment.

tags | advisory
systems | linux, ubuntu
MD5 | 8008ecef3e99057192c9a0174046f2ff
Mandriva Linux Security Advisory 2012-181
Posted Dec 19, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-181 - Multiple host header poisoning flaws were found and fixed in Django. The updated packages have been upgraded to the 1.3.5 version which is not affected by these issues.

tags | advisory
systems | linux, mandriva
advisories | CVE-2012-4520
MD5 | 14745dc9de7b6f92549630e1dde0ee9a
Ubuntu Security Notice USN-1675-1
Posted Dec 19, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1675-1 - It was discovered that FFmpeg incorrectly handled certain malformed media files. If a user were tricked into opening a crafted media file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2012-2777, CVE-2012-2784, CVE-2012-2788, CVE-2012-2801
MD5 | e68cf4130e52c7e376bf39d33f6a95f9
Ubuntu Security Notice USN-1674-1
Posted Dec 19, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1674-1 - It was discovered that Libav incorrectly handled certain malformed media files. If a user were tricked into opening a crafted media file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2012-2772, CVE-2012-2775, CVE-2012-2777, CVE-2012-2779, CVE-2012-2784, CVE-2012-2786, CVE-2012-2788, CVE-2012-2789, CVE-2012-2790, CVE-2012-2793, CVE-2012-2794, CVE-2012-2798, CVE-2012-2800, CVE-2012-2801
MD5 | 7c8bf495085df4326eb59c5d067e1e1a
Free Hosting Manager 2.0.2 Cross Site Scripting
Posted Dec 19, 2012
Authored by Lee Chung Eon

Free Hosting Manager version 2.0.2 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | 4b9dbbe8b8e7e5f722358ff611e0560d
DIMIN Viewer 5.4.0 Crash
Posted Dec 19, 2012
Authored by Lizhi Wang

DIMIN Viewer version 5.4.0 suffers from a GIF decode crash vulnerability.

tags | exploit
systems | linux
MD5 | 40930c85256adac52014fbd027d060fd
Kiwi Syslog Web Access 1.4.4 SQL Injection
Posted Dec 19, 2012
Authored by Mohd Izhar Ali | Site johncrackernet.blogspot.com

Kiwi Syslog Web Access version 1.4.4 suffers from remote SQL injection and blind SQL injection vulnerabilities.

tags | exploit, remote, web, vulnerability, sql injection
MD5 | 00ac33c79166273cb3eb3cd1a4388870
Joomla ZtAutoLink Local File Inclusion
Posted Dec 19, 2012
Authored by Xr0b0t

Joomla ZtAutoLink component suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
MD5 | 1e6b1010863225457dd950a898f1bdfd
Joomla Bit Local File Inclusion
Posted Dec 19, 2012
Authored by Xr0b0t

Joomla Bit component suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
MD5 | 19cb7ea5f365a1ce058c00502f27099e
EMC Avamar 6.1.100-402 File Overwrite
Posted Dec 19, 2012

EMC Avamar version 6.1.100-402 suffers from a world-writable cache file vulnerability that leverages /tmp.

tags | exploit
MD5 | 01f6da70590d3937c370fdb754eb3503
Cerberus FTP Server Cross Site Scripting
Posted Dec 19, 2012
Authored by catatonicprime

Cerberus FTP server suffers from a cross site scripting vulnerability in the web administration interface.

tags | advisory, web, xss
advisories | CVE-2012-6339
MD5 | 9da50fabf2ed4db1efb87ac182ea7445
Microsoft Internet Explorer 9.x Stack Exhaustion
Posted Dec 19, 2012
Authored by Jean Pascal Pereira

Microsoft Internet Explorer 9.x suffers from a remote stack exhaustion vulnerability.

tags | exploit, remote, overflow
MD5 | e3001807c8b2fe485402a2a616a81170
Secunia Security Advisory 51607
Posted Dec 19, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for JBoss Enterprise Application Platform. This fixes multiple security issues and vulnerabilities, which can be exploited by malicious, local users to gain escalated privileges, by malicious users to disclose sensitive information and by malicious people to bypass certain security restrictions.

tags | advisory, local, vulnerability
systems | linux, redhat
MD5 | 7ecad2cc8c2f1848e354885c18d7e5ac
InduSoft Web Studio ISSymbol.ocx InternationalSeparator() Heap Overflow
Posted Dec 19, 2012
Authored by James Fitts, Dmitriy Pletnev, Alexander Gavrun, juan vazquez | Site metasploit.com

This Metasploit module exploits a heap overflow found in InduSoft Web Studio <= 61.6.00.00 SP6. The overflow exists in the ISSymbol.ocx, and can be triggered with a long string argument for the InternationalSeparator() method of the ISSymbol control. This Metasploit modules uses the msvcr71.dll form the Java JRE6 to bypass ASLR.

tags | exploit, java, web, overflow
advisories | CVE-2011-0340, OSVDB-72865
MD5 | 2216a012b1449bce904fb4b82548ae89
Haveged 1.6a
Posted Dec 19, 2012
Site issihosts.com

haveged is a daemon that feeds the /dev/random pool on Linux using an adaptation of the HArdware Volatile Entropy Gathering and Expansion algorithm invented at IRISA. The algorithm is self-tuning on machines with cpuid support, and has been tested in both 32-bit and 64-bit environments. The tarball uses the GNU build mechanism, and includes self test targets and a spec file for those who want to build an RPM.

Changes: This release corrects a config typo to fix building on generic architectures.
tags | tool
systems | linux, unix
MD5 | 8381b18cea2dceaf1c6d24dbb7fe17cc
Ubuntu Security Notice USN-1673-1
Posted Dec 19, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1673-1 - A flaw was discovered in the Linux kernel's handling of new hot-plugged memory. An unprivileged local user could exploit this flaw to cause a denial of service by crashing the system.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2012-5517
MD5 | 7a7174d8d3fe4dbe010abd7aabd156bb
Ubuntu Security Notice USN-1671-1
Posted Dec 19, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1671-1 - A flaw was discovered in the Linux kernel's handling of new hot-plugged memory. An unprivileged local user could exploit this flaw to cause a denial of service by crashing the system.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2012-5517
MD5 | d6f6a8969b3a7011b0fa0ab5b30f620c
Ubuntu Security Notice USN-1670-1
Posted Dec 19, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1670-1 - A flaw was discovered in the Linux kernel's handling of new hot plugged memory. An unprivileged local user could exploit this flaw to cause a denial of service by crashing the system.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2012-5517
MD5 | 71a9b69f08405a6dc16be4901fd3a634
Red Hat Security Advisory 2012-1589-01
Posted Dec 19, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1589-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issue: A flaw was found in the way the Linux kernel's dl2k driver, used by certain D-Link Gigabit Ethernet adapters, restricted IOCTLs. A local, unprivileged user could use this flaw to issue potentially harmful IOCTLs, which could cause Ethernet adapters using the dl2k driver to malfunction.

tags | advisory, kernel, local
systems | linux, redhat
advisories | CVE-2012-2313
MD5 | 51191b24971d6130ee4e4c487b70e6dd
Red Hat Security Advisory 2012-1594-01
Posted Dec 19, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1594-01 - JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. This release serves as a replacement for JBoss Enterprise Application Platform 6.0.0, and includes bug fixes and enhancements.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2008-0455, CVE-2012-0883, CVE-2012-2378, CVE-2012-2379, CVE-2012-2672, CVE-2012-2687, CVE-2012-3428, CVE-2012-3451, CVE-2012-4549, CVE-2012-4550
MD5 | 42e49bb5dd6e4f6c7cd74b27fa57aa47
Red Hat Security Advisory 2012-1591-01
Posted Dec 19, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1591-01 - JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. This release serves as a replacement for JBoss Enterprise Application Platform 6.0.0, and includes bug fixes and enhancements.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2008-0455, CVE-2012-2378, CVE-2012-2379, CVE-2012-2672, CVE-2012-2687, CVE-2012-3428, CVE-2012-3451, CVE-2012-4549, CVE-2012-4550
MD5 | 87d249d70f63b6d69f05e377d13c62a8
Red Hat Security Advisory 2012-1593-01
Posted Dec 19, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1593-01 - JBoss Enterprise SOA Platform is the next-generation ESB and business process automation infrastructure. JBoss Enterprise SOA Platform allows IT to leverage existing, modern, and future integration methodologies to dramatically improve business process execution speed and quality. This roll up patch serves as a cumulative upgrade for JBoss Enterprise SOA Platform 5.3.0. It includes various bug fixes. The following security issue is also fixed with this release: A flaw was found in the way Apache CXF verified that XML elements were signed or encrypted by a particular Supporting Token. Apache CXF checked to ensure these elements were signed or encrypted by a Supporting Token, but not whether the correct token was used. A remote attacker could use this flaw to transmit confidential information without the appropriate security, and potentially circumvent access controls on web services exposed via Apache CXF.

tags | advisory, remote, web
systems | linux, redhat
advisories | CVE-2012-2379
MD5 | 26c1ebec73b08d3e1f9bcd8c201a7bf4
Red Hat Security Advisory 2012-1590-01
Posted Dec 19, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1590-01 - The libtiff packages contain a library of functions for manipulating Tagged Image File Format files. A heap-based buffer overflow flaw was found in the way libtiff processed certain TIFF images using the Pixar Log Format encoding. An attacker could create a specially-crafted TIFF file that, when opened, could cause an application using libtiff to crash or, possibly, execute arbitrary code with the privileges of the user running the application. A stack-based buffer overflow flaw was found in the way libtiff handled DOTRANGE tags. An attacker could use this flaw to create a specially-crafted TIFF file that, when opened, would cause an application linked against libtiff to crash or, possibly, execute arbitrary code.

tags | advisory, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2012-3401, CVE-2012-4447, CVE-2012-4564, CVE-2012-5581
MD5 | d3762786b7f703b144e4328bbe0acb69
Red Hat Security Advisory 2012-1592-01
Posted Dec 19, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1592-01 - JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. This release serves as a replacement for JBoss Enterprise Application Platform 6.0.0, and includes bug fixes and enhancements.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2008-0455, CVE-2012-2378, CVE-2012-2379, CVE-2012-2672, CVE-2012-2687, CVE-2012-3428, CVE-2012-3451, CVE-2012-4549, CVE-2012-4550
MD5 | bab95dd47be373e29e59937403784008
Page 1 of 2
Back12Next

File Archive:

May 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    16 Files
  • 2
    May 2nd
    8 Files
  • 3
    May 3rd
    8 Files
  • 4
    May 4th
    2 Files
  • 5
    May 5th
    1 Files
  • 6
    May 6th
    15 Files
  • 7
    May 7th
    22 Files
  • 8
    May 8th
    16 Files
  • 9
    May 9th
    17 Files
  • 10
    May 10th
    16 Files
  • 11
    May 11th
    3 Files
  • 12
    May 12th
    4 Files
  • 13
    May 13th
    25 Files
  • 14
    May 14th
    24 Files
  • 15
    May 15th
    78 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    12 Files
  • 18
    May 18th
    2 Files
  • 19
    May 19th
    1 Files
  • 20
    May 20th
    2 Files
  • 21
    May 21st
    16 Files
  • 22
    May 22nd
    13 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close