exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 19 of 19 RSS Feed

Files Date: 2013-02-02

WordPress Flash News XSS / DoS / Path Disclosure / Shell Upload
Posted Feb 2, 2013
Authored by MustLive

The WordPress Flash News theme suffers from cross site scripting, denial of service, path disclosure, abuse of functionality, and remote shell upload vulnerabilities.

tags | exploit, remote, denial of service, shell, vulnerability, xss, info disclosure
SHA-256 | 1ac281bb3a53ce04e90aed1ef3e8ae9f688dadce3a18924247fb39aa0095c0a6
Apple Security Advisory 2013-02-01-1
Posted Feb 2, 2013
Authored by Apple | Site apple.com

Apple Security Advisory 2013-02-01-1 - Multiple vulnerabilities exist in Java 1.6.0_37, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues are addressed by updating to Java version 1.6.0_39.

tags | advisory, java, web, arbitrary, vulnerability, code execution
systems | apple
advisories | CVE-2012-3213, CVE-2012-3342, CVE-2013-0351, CVE-2013-0409, CVE-2013-0419, CVE-2013-0423, CVE-2013-0424, CVE-2013-0425, CVE-2013-0426, CVE-2013-0427, CVE-2013-0428, CVE-2013-0429, CVE-2013-0432, CVE-2013-0433, CVE-2013-0434, CVE-2013-0435, CVE-2013-0438, CVE-2013-0440, CVE-2013-0441, CVE-2013-0442, CVE-2013-0443, CVE-2013-0445, CVE-2013-0446, CVE-2013-0450, CVE-2013-1473, CVE-2013-1475, CVE-2013-1476, CVE-2013-1478
SHA-256 | c7879672067e4870f87d194d16149752cfcfc59a5ff6d331b4196e503807e190
FreeBSD 9.1 ftpd Remote Denial Of Service
Posted Feb 2, 2013
Authored by Maksymilian Arciemowicz | Site cxsecurity.com

FreeBSD version 9.1 suffers from a remote ftpd denial of service vulnerability.

tags | exploit, remote, denial of service
systems | linux, freebsd
advisories | CVE-2011-0418, CVE-2010-2632, CVE-2011-0418, CVE-2010-4051, CVE-2010-4052
SHA-256 | ee47445b28383e3aa5a3bd3988e583b7a429051d6f88bc8757efc1a780f4fbf8
Technical Cyber Security Alert 2013-32A
Posted Feb 2, 2013
Authored by US-CERT | Site us-cert.gov

Technical Cyber Security Alert 2013-32A - Multiple vulnerabilities in Java 7 could allow an attacker to execute arbitrary code on a vulnerable system.

tags | advisory, java, arbitrary, vulnerability
SHA-256 | 27df991b97e6432f067b4bcf73936870128f030ccdc0916250329d642d515379
AdaptCMS 2.0.4 SQL Injection
Posted Feb 2, 2013
Authored by kallimero

AdaptCMS versions 2.0.4 and below suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 10b28440296e69c4db952b068665c6894e07ffc6857babc5166dc7fe083cde72
ArrowChat 1.5.61 Cross Site Scripting / Local File Inclusion
Posted Feb 2, 2013
Authored by kallimero

ArrowChat versions 1.5.61 and below suffer from cross site scripting and local file inclusion vulnerabilities.

tags | exploit, local, vulnerability, xss, file inclusion
SHA-256 | f99d4cd6c8b68fda6b4411a581267736acdd1b484a1b4179f410efa7b644181c
easyXDM Library Cross Site Scripting
Posted Feb 2, 2013
Authored by Krzysztof Kotowicz

easyXDM library versions prior to 2.4.19 suffer from a cross site scripting vulnerability using the location.hash value.

tags | exploit, xss
advisories | CVE-2014-1403
SHA-256 | 32a34c0b9a458b9716a047d0c5d149f245276bb10610212af8490aca25078e1c
DC++ 0.802 Incorrectly Registers URI Schemes
Posted Feb 2, 2013
Authored by Fredrik Ullner

DC++ versions 0.802 and below incorrect registers URI schemes in Windows.

tags | advisory
systems | windows
SHA-256 | 131c49c0e47e572eae845e2f81b8b15c415785066389e7b080aa18dcbb590fad
Secunia Security Advisory 52051
Posted Feb 2, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for mingw32-libxml2. This fixes multiple vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise an application using the library.

tags | advisory, denial of service, vulnerability
systems | linux, redhat
SHA-256 | fab1d8b617de64641d685ded145115800657ebede4e266471449305086475fdd
Secunia Security Advisory 52048
Posted Feb 2, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in HP Network Node Manager, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss
SHA-256 | e3290454723797b91a04bec8c7a341c8ae5411dd83983f56296dbe55da5ace3d
Secunia Security Advisory 52052
Posted Feb 2, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for xorg-x11-drv-qxl. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | linux, redhat
SHA-256 | b47839cebb2f30f6d0ec4b6504ea456da110fe14fea7dbebb54d418722b065c9
Secunia Security Advisory 51970
Posted Feb 2, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue has been reported in D-Link DCS-930L and DCS-932L, which can be exploited by malicious people to disclose sensitive information.

tags | advisory
SHA-256 | d7a1abb877b2186b0f1da3c8a161c4e1f464852ca3605a3ad6d6f345e2c496ae
Secunia Security Advisory 52050
Posted Feb 2, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for mysql. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to disclose sensitive information and manipulate data, by malicious users to cause a DoS (Denial of Service), disclose sensitive information, or manipulate data, and by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service, local, vulnerability
systems | linux, redhat
SHA-256 | 1a7f108a7e798cc51496c7e9414aeb21f3feed85568f92cef003ea9c78189200
Mandriva Linux Security Advisory 2013-006
Posted Feb 2, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-006 - A Null pointer de-reference flaw was found in the way Freetype font rendering engine handled Glyph bitmap distribution format fonts. A remote attacker could provide a specially-crafted BDF font file, which once processed in an application linked against FreeType would lead to that application crash. An out-of heap-based buffer read flaw was found in the way FreeType font rendering engine performed parsing of glyph information and relevant bitmaps for glyph bitmap distribution format. A remote attacker could provide a specially-crafted BDF font file, which once opened in an application linked against FreeType would lead to that application crash. The updated packages have been patched to correct these issues.

tags | advisory, remote
systems | linux, mandriva
advisories | CVE-2012-5668, CVE-2012-5669
SHA-256 | 3f10268fde1e677b8cbb611e28561f80e5c2be5b061f2d205fa851bda91c106c
Ubuntu Security Notice USN-1704-2
Posted Feb 2, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1704-2 - USN-1704-1 fixed vulnerabilities in the Linux kernel. Due to an unrelated regression inotify/fanotify stopped working after upgrading. This update fixes the problem. Brad Spengler discovered a flaw in the Linux kernel's uname system call. An unprivileged user could exploit this flaw to read kernel stack memory. Jon Howell reported a flaw in the Linux kernel's KVM (Kernel-based virtual machine) subsystem's handling of the XSAVE feature. On hosts, using qemu userspace, without the XSAVE feature an unprivileged local attacker could exploit this flaw to crash the system. Dmitry Monakhov reported a race condition flaw the Linux ext4 filesystem that can expose stale data. An unprivileged user could exploit this flaw to cause an information leak. A flaw was discovered in the Linux kernel's handling of script execution when module loading is enabled. A local attacker could exploit this flaw to cause a leak of kernel stack contents. Rodrigo Freire discovered a flaw in the Linux kernel's TCP illinois congestion control algorithm. A local attacker could use this to cause a denial of service. A flaw was discovered in the Linux kernel's handling of new hot-plugged memory. An unprivileged local user could exploit this flaw to cause a denial of service by crashing the system. Florian Weimer discovered that hypervkvpd, which is distributed in the Linux kernel, was not correctly validating source addresses of netlink packets. An untrusted local user can cause a denial of service by causing hypervkvpd to exit. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local, tcp, vulnerability
systems | linux, ubuntu
advisories | CVE-2012-0957, CVE-2012-4461, CVE-2012-4508, CVE-2012-4530, CVE-2012-4565, CVE-2012-5517, CVE-2012-5532
SHA-256 | e9e792aadc97786927427c783a1b1572627f4f272916fcaa582f0780c5890272
Ubuntu Security Notice USN-1698-2
Posted Feb 2, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1698-2 - USN-1698-1 fixed vulnerabilities in the Linux kernel. Due to an unrelated regression inotify/fanotify stopped working after upgrading. This update fixes the problem. A flaw was discovered in the Linux kernel's handling of script execution when module loading is enabled. A local attacker could exploit this flaw to cause a leak of kernel stack contents. Florian Weimer discovered that hypervkvpd, which is distributed in the Linux kernel, was not correctly validating source addresses of netlink packets. An untrusted local user can cause a denial of service by causing hypervkvpd to exit. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2012-4530, CVE-2012-5532
SHA-256 | c46a8944c6adf5f34311710cc344aabe4f1d2d9345df52ca204adc9b0c6bdfc1
Ubuntu Security Notice USN-1696-2
Posted Feb 2, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1696-2 - USN-1696-1 fixed vulnerabilities in the Linux kernel. Due to an unrelated regression inotify/fanotify stopped working after upgrading. This update fixes the problem. Jon Howell reported a flaw in the Linux kernel's KVM (Kernel-based virtual machine) subsystem's handling of the XSAVE feature. On hosts, using qemu userspace, without the XSAVE feature an unprivileged local attacker could exploit this flaw to crash the system. A flaw was discovered in the Linux kernel's handling of script execution when module loading is enabled. A local attacker could exploit this flaw to cause a leak of kernel stack contents. Florian Weimer discovered that hypervkvpd, which is distributed in the Linux kernel, was not correctly validating source addresses of netlink packets. An untrusted local user can cause a denial of service by causing hypervkvpd to exit. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2012-4461, CVE-2012-4530, CVE-2012-5532
SHA-256 | e408a3102f01f5fccf4da6ee68f082b7cb946810d6adaf4f91a34a0cd7d733ac
Ubuntu Security Notice USN-1700-2
Posted Feb 2, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1700-2 - USN-1700-1 fixed vulnerabilities in the Linux kernel. Due to an unrelated regression inotify/fanotify stopped working after upgrading. This update fixes the problem. A flaw was discovered in the Linux kernel's handling of script execution when module loading is enabled. A local attacker could exploit this flaw to cause a leak of kernel stack contents. Florian Weimer discovered that hypervkvpd, which is distributed in the Linux kernel, was not correctly validating source addresses of netlink packets. An untrusted local user can cause a denial of service by causing hypervkvpd to exit. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2012-4530, CVE-2012-5532
SHA-256 | 21c11ff5e2b4a56b072c318b8324099c90ae3de4a7b9f266fe9b4e164e3ad3aa
Ubuntu Security Notice USN-1699-2
Posted Feb 2, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1699-2 - USN-1699-1 fixed vulnerabilities in the Linux kernel. Due to an unrelated regression inotify/fanotify stopped working after upgrading. This update fixes the problem. Jon Howell reported a flaw in the Linux kernel's KVM (Kernel-based virtual machine) subsystem's handling of the XSAVE CPU feature. On hosts without the XSAVE CPU feature, using qemu userspace, an unprivileged local attacker could exploit this flaw to crash the system. A flaw was discovered in the Linux kernel's handling of script execution when module loading is enabled. A local attacker could exploit this flaw to cause a leak of kernel stack contents. Florian Weimer discovered that hypervkvpd, which is distributed in the Linux kernel, was not correctly validating source addresses of netlink packets. An untrusted local user can cause a denial of service by causing hypervkvpd to exit. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2012-4461, CVE-2012-4530, CVE-2012-5532
SHA-256 | dd6ff2e0e516de16930d5650c1e19da4171a897ed4034dbca85ee945498d6aae
Page 1 of 1
Back1Next

File Archive:

July 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    27 Files
  • 2
    Jul 2nd
    10 Files
  • 3
    Jul 3rd
    35 Files
  • 4
    Jul 4th
    27 Files
  • 5
    Jul 5th
    18 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    28 Files
  • 9
    Jul 9th
    44 Files
  • 10
    Jul 10th
    24 Files
  • 11
    Jul 11th
    25 Files
  • 12
    Jul 12th
    11 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    28 Files
  • 16
    Jul 16th
    6 Files
  • 17
    Jul 17th
    34 Files
  • 18
    Jul 18th
    0 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close