exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 15 of 15 RSS Feed

Files Date: 2013-03-05

Raspberry Pi rpi-update Local Root
Posted Mar 5, 2013
Authored by Larry W. Cashdollar

Raspberry Pi rpi-update local root exploit.

tags | exploit, local, root
SHA-256 | eb425fb5dff9ccde638741a61ae7293c083ce15b1bae70498443b5f2d1266c53
mnoGoSearch 3.3.12 Arbitrary File Read
Posted Mar 5, 2013
Authored by Sergey Bobrov | Site ptsecurity.com

mnoGoSearch versions 3.3.12 and below suffer from a remote arbitrary file reading vulnerability.

tags | exploit, remote, arbitrary
SHA-256 | 4ce6391275ebcf82cc0d71269cc513d548d1524a7ada46989e6ad77b72ba5374
ipset_list 2.7
Posted Mar 5, 2013
Authored by AllKind | Site sourceforge.net

ipset_list is a wrapper script for listing sets of the netfilter ipset program. It allows you to match and display sets, headers, and elements in various ways. Optionally, the output can be colorized.

Changes: This release of ipset_list adds a new option (-Ca) to enable all counters at once. Also the -Mc option can now be used multiple time, to allow range matching with excludes (to build holes in the range) on the total amount of set members. The option '--' has been added to allow working with set names starting with a hyphen (-). Various bugs have been fixed. The programmable completion compspec has been rewritten.
tags | tool, firewall
systems | linux, unix
SHA-256 | 10eb834de2fa6982ccc269893a4471d82a6ce319bd2b9d1ec9ebaaa49e7348ed
Remote File Manager 1.2 XSS / Local File Inclusion
Posted Mar 5, 2013
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

Remote File Manager version 1.2 suffers from local file inclusion and cross site scripting vulnerabilities.

tags | exploit, remote, local, vulnerability, xss, file inclusion
SHA-256 | d4f323635cd134616fe6d6be7a379500bde929af4a526251741e9055b3ec049e
AirDrive HD 1.6 Shell Upload
Posted Mar 5, 2013
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

AirDrive HD version 1.6 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
SHA-256 | c95530599bb7854ae1c1a95d4c662b8df01f349e55a8c1ad9fdf91971d4c27dd
Apple Security Advisory 2013-03-04-1
Posted Mar 5, 2013
Authored by Apple | Site apple.com

Apple Security Advisory 2013-03-04-1 - Multiple vulnerabilities existed in Java 1.6.0_41, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox, have been addressed.

tags | advisory, java, arbitrary, vulnerability
systems | apple
advisories | CVE-2013-0809, CVE-2013-1493
SHA-256 | 486fbb59279643ffefc29cb9c279270f2e09f0a3061209f032b324a9f5df9eb3
Samsung S3 Full Lock Screen Bypass
Posted Mar 5, 2013
Authored by Sean McMillan

The Samsung S3 suffers from a full locked screen bypass vulnerability that leverages the emergency call functionality.

tags | exploit, bypass
SHA-256 | 07dbd817e19051a73e3b038f74ba358fa9d86ca04ef8533c04d05d153ed844eb
WordPress Count-Per-Day 3.2.5 Cross Site Scripting
Posted Mar 5, 2013
Authored by alejandr0.m0f0

WordPress Count-Per-Day plugin version 3.2.5 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | c901ea104dae7cd82bc27597ec9226df9dea2c49fd18096ba71ae48f547821b5
Conntrack Tools 1.4.1
Posted Mar 5, 2013
Authored by Pablo Neira Ayuso | Site conntrack-tools.netfilter.org

conntrack-tools is a set of userspace tools for Linux that allow system administrators to interact with the Connection Tracking System, the module which provides stateful packet inspection for iptables. It includes the userspace daemon conntrackd and the commandline interface conntrack.

Changes: This release adds support to dump the "dying" and "unconfirmed" list via ctnetlink. A deadlock due to wrong nested signal blocking was resolved.
systems | linux
SHA-256 | d4b0f42a9e814e9f2c95bb5dbaa7bd02a418114e019d6fa85d6b22ff20c95b6a
Viscosity setuid-set ViscosityHelper Privilege Escalation
Posted Mar 5, 2013
Authored by juan vazquez, Jason A. Donenfeld | Site metasploit.com

This Metasploit module exploits a vulnerability in Viscosity 1.4.1 on Mac OS X. The vulnerability exists in the setuid ViscosityHelper, where an insufficient validation of path names allows execution of arbitrary python code as root. This Metasploit module has been tested successfully on Viscosity 1.4.1 over Mac OS X 10.7.5.

tags | exploit, arbitrary, root, python
systems | apple, osx
advisories | CVE-2012-4284, OSVDB-84709
SHA-256 | 6327eb13b7e692d86e8bb599155a99f74615d2b9fede67b7da69c91955b632d0
Setuid Tunnelblick Privilege Escalation
Posted Mar 5, 2013
Authored by juan vazquez, Jason A. Donenfeld | Site metasploit.com

This Metasploit module exploits a vulnerability in Tunnelblick 3.2.8 on Mac OS X. The vulnerability exists in the setuid openvpnstart, where an insufficient validation of path names allows execution of arbitrary shell scripts as root. This Metasploit module has been tested successfully on Tunnelblick 3.2.8 build 2891.3099 over Mac OS X 10.7.5.

tags | exploit, arbitrary, shell, root
systems | apple, osx
advisories | CVE-2012-3485
SHA-256 | 507856bf61b21ad51655751579b11e6da1882fa1c03d6e1c87ca1f635ed4b4ad
Debian Security Advisory 2637-1
Posted Mar 5, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2637-1 - Several vulnerabilities have been found in the Apache HTTPD server.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2012-3499, CVE-2012-4558, CVE-2013-1048
SHA-256 | df4a25fbca27c25ef035e661c510b7163133d490ce4c001639ad8fc981090c93
Debian Security Advisory 2638-1
Posted Mar 5, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2638-1 - Multiple buffer overflows were discovered in OpenAFS, the implementation of the distributed filesystem AFS, which might result in denial of service or the execution of arbitrary code.

tags | advisory, denial of service, overflow, arbitrary
systems | linux, debian
advisories | CVE-2013-1794, CVE-2013-1795
SHA-256 | beec56a1ae79f00e06c17c220389314f0f1c195350e1f8166cdca4a953c9035c
Red Hat Security Advisory 2013-0590-01
Posted Mar 5, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0590-01 - The nss-pam-ldapd packages provide the nss-pam-ldapd daemon, which uses a directory server to lookup name service information on behalf of a lightweight nsswitch module. An array index error, leading to a stack-based buffer overflow flaw, was found in the way nss-pam-ldapd managed open file descriptors. An attacker able to make a process have a large number of open file descriptors and perform name lookups could use this flaw to cause the process to crash or, potentially, execute arbitrary code with the privileges of the user running the process.

tags | advisory, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2013-0288
SHA-256 | 5d8ce3bf3e429d0588efc5bb523f1d11034fee2fa34e9de097579a469ee0704d
Red Hat Security Advisory 2013-0589-01
Posted Mar 5, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0589-01 - Git is a fast, scalable, distributed revision control system. It was discovered that Git's git-imap-send command, a tool to send a collection of patches from standard input to an IMAP folder, did not properly perform SSL X.509 v3 certificate validation on the IMAP server's certificate, as it did not ensure that the server's hostname matched the one provided in the CN field of the server's certificate. A rogue server could use this flaw to conduct man-in-the-middle attacks, possibly leading to the disclosure of sensitive information.

tags | advisory, imap
systems | linux, redhat
advisories | CVE-2013-0308
SHA-256 | 996ad81aae9b46cd0dd95179cc78371f204748f453aacb1506117a71af891611
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close