exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 21 of 21 RSS Feed

Files Date: 2013-03-11

Honeywell HSC Remote Deployer ActiveX Remote Code Execution
Posted Mar 11, 2013
Authored by juan vazquez | Site metasploit.com

This Metasploit modules exploits a vulnerability found in the Honeywell HSC Remote Deployer ActiveX. This control can be abused by using the LaunchInstaller() function to execute an arbitrary HTA from a remote location. This Metasploit module has been tested successfully with the HSC Remote Deployer ActiveX installed with HoneyWell EBI R410.1.

tags | exploit, remote, arbitrary, activex
advisories | CVE-2013-0108, OSVDB-90583
SHA-256 | 1f3cef2a50e87d41ca54ec3ec66187a9eab588ff63fb1178c75bc47d21f21a3c
Ubuntu 12.10 64bit Local Root
Posted Mar 11, 2013
Authored by Kacper Szczesniak

Local root exploit for Ubuntu 12.10 64bit that leverages the sock_diag_handlers[] vulnerability in Linux kernels before 3.7.10.

tags | exploit, kernel, local, root
systems | linux, ubuntu
advisories | CVE-2013-1763
SHA-256 | 8cb1664fe3e4114405f60c70992efc4583eb8c783e92650a7895c3f8aa6712b5
jforum 2.1.9 Cross Site Scripting
Posted Mar 11, 2013
Authored by A. Antukh | Site sec-consult.com

A module "pm" provided in the standard installation of jforum includes the action "sendSave", which suffers from a persistent cross site scripting vulnerability due to insufficient validation of user supplied data. Version 2.1.9 is affected.

tags | advisory, xss
SHA-256 | 944666c59ab432fd3568fdb4cda08fc25258fbede4ac47c9f5d8a1745ae087de
Privoxy 3.0.20-1 Credential Exposure
Posted Mar 11, 2013
Authored by Chris John Riley

Privoxy version 3.0.20-1 suffers from an authentication credential exposure vulnerability.

tags | exploit, info disclosure
advisories | CVE-2013-2503
SHA-256 | 64df167b1234ce7ef9560ad0dec948e6b6b51a7112712080b8c1c40e0cebdb89
TinyMCE 3.5.8 Cross Site Scripting
Posted Mar 11, 2013
Authored by Justin C. Klein Keane, Zach Alexander

TinyMCE version 3.5.8 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2012-4230
SHA-256 | f8c9ff61aa722eff9d8b70db05c7eb7538744c819d92adc412486e43a0c64c31
Asteriskguru Queue Statistics Cross Site Scripting
Posted Mar 11, 2013
Authored by Manuel Garcia Cardenas | Site isecauditors.com

Asteriskguru Queue Statistics suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | ca70d68877f3107fe540b91c1de6b16259fb738161d4b40961cb1d369d0785c9
Red Hat Security Advisory 2013-0631-01
Posted Mar 11, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0631-01 - JBoss Web is a web container based on Apache Tomcat. It provides a single deployment platform for the JavaServer Pages and Java Servlet technologies. Multiple weaknesses were found in the JBoss Web DIGEST authentication implementation, effectively reducing the security normally provided by DIGEST authentication. A remote attacker could use these flaws to perform replay attacks in some circumstances. Warning: Before applying this update, back up your existing JBoss Enterprise Web Platform installation.

tags | advisory, java, remote, web
systems | linux, redhat
advisories | CVE-2012-5885, CVE-2012-5886, CVE-2012-5887
SHA-256 | cafad259c945e4da918aa1a260813841d4d83a0a79ce7619bb2e04e4d592cacc
Red Hat Security Advisory 2013-0629-01
Posted Mar 11, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0629-01 - JBoss Web is the web container, based on Apache Tomcat, in JBoss Enterprise Application Platform. It provides a single deployment platform for the JavaServer Pages and Java Servlet technologies. Multiple weaknesses were found in the JBoss Web DIGEST authentication implementation, effectively reducing the security normally provided by DIGEST authentication. A remote attacker could use these flaws to perform replay attacks in some circumstances. Warning: Before applying this update, back up your existing JBoss Enterprise Application Platform installation.

tags | advisory, java, remote, web
systems | linux, redhat
advisories | CVE-2012-5885, CVE-2012-5886, CVE-2012-5887
SHA-256 | 6d1ed42069639bb8755b0de4f3a958401cae506def714140ef49ee518bfb9533
Red Hat Security Advisory 2013-0628-01
Posted Mar 11, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0628-01 - The 389 Directory Server is an LDAPv3 compliant server. The base packages include the Lightweight Directory Access Protocol server and command-line utilities for server administration. A flaw was found in the way LDAPv3 control data was handled by 389 Directory Server. If a malicious user were able to bind to the directory and send an LDAP request containing crafted LDAPv3 control data, they could cause the server to crash, denying service to the directory. The CVE-2013-0312 issue was discovered by Thierry Bordaz of Red Hat.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2013-0312
SHA-256 | 5add42f0c6a00574d7ac05556156c5e1ba2c7a7262aff97a3b7387b1ef2ac2c1
Red Hat Security Advisory 2013-0627-01
Posted Mar 11, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0627-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. A flaw was found in the processing of malformed content. Malicious content could cause Thunderbird to crash or execute arbitrary code with the privileges of the user running Thunderbird.

tags | advisory, arbitrary
systems | linux, redhat
advisories | CVE-2013-0787
SHA-256 | 5e3ce4f991544f7474f56d4ed784978aa17c34ef02757b9256b012bd087af2e7
Red Hat Security Advisory 2013-0625-01
Posted Mar 11, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0625-01 - IBM Java SE version 6 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2012-1541, CVE-2012-3213, CVE-2012-3342, CVE-2013-0351, CVE-2013-0409, CVE-2013-0419, CVE-2013-0423, CVE-2013-0424, CVE-2013-0425, CVE-2013-0426, CVE-2013-0427, CVE-2013-0428, CVE-2013-0432, CVE-2013-0433, CVE-2013-0434, CVE-2013-0435, CVE-2013-0438, CVE-2013-0440, CVE-2013-0441, CVE-2013-0442, CVE-2013-0443, CVE-2013-0445, CVE-2013-0446, CVE-2013-0450, CVE-2013-0809, CVE-2013-1473, CVE-2013-1476, CVE-2013-1478
SHA-256 | 1ca66d8c35de0807dc60e9a4a9cf02f2ef07d5d9c872f56c3f2ba4680cca6553
Red Hat Security Advisory 2013-0623-01
Posted Mar 11, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0623-01 - Apache Tomcat is a servlet container. It was found that when an application used FORM authentication, along with another component that calls request.setUserPrincipal() before the call to FormAuthenticator#authenticate(), it was possible to bypass the security constraint checks in the FORM authenticator by appending "/j_security_check" to the end of a URL. A remote attacker with an authenticated session on an affected application could use this flaw to circumvent authorization controls, and thereby access resources not permitted by the roles associated with their authenticated session.

tags | advisory, remote
systems | linux, redhat
advisories | CVE-2012-3546, CVE-2012-4534, CVE-2012-5885, CVE-2012-5886, CVE-2012-5887
SHA-256 | b7ea678c555beedbc297b1a1e6799654a1cb52d11728e7632582b7b2bee2b633
Red Hat Security Advisory 2013-0632-01
Posted Mar 11, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0632-01 - JBoss Web is the web container, based on Apache Tomcat, in JBoss Enterprise Application Platform. It provides a single deployment platform for the JavaServer Pages and Java Servlet technologies. Multiple weaknesses were found in the JBoss Web DIGEST authentication implementation, effectively reducing the security normally provided by DIGEST authentication. A remote attacker could use these flaws to perform replay attacks in some circumstances. Warning: Before applying this update, back up your existing JBoss Enterprise Application Platform installation .

tags | advisory, java, remote, web
systems | linux, redhat
advisories | CVE-2012-5885, CVE-2012-5886, CVE-2012-5887
SHA-256 | 3d4a1e27acafca95128434813e8a18cde8af4af1c6d99db781873c529265041a
Red Hat Security Advisory 2013-0633-01
Posted Mar 11, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0633-01 - JBoss Web is a web container based on Apache Tomcat. It provides a single deployment platform for the JavaServer Pages and Java Servlet technologies. Multiple weaknesses were found in the JBoss Web DIGEST authentication implementation, effectively reducing the security normally provided by DIGEST authentication. A remote attacker could use these flaws to perform replay attacks in some circumstances. Warning: Before applying this update, back up your existing JBoss Enterprise Web Platform installation .

tags | advisory, java, remote, web
systems | linux, redhat
advisories | CVE-2012-5885, CVE-2012-5886, CVE-2012-5887
SHA-256 | aeb3d8be889b37400757fb6087503e44991c57a267b07e5a4bd9885ba954db26
Red Hat Security Advisory 2013-0626-01
Posted Mar 11, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0626-01 - IBM Java SE version 7 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2012-1541, CVE-2012-3174, CVE-2012-3213, CVE-2012-3342, CVE-2013-0351, CVE-2013-0409, CVE-2013-0419, CVE-2013-0422, CVE-2013-0423, CVE-2013-0424, CVE-2013-0425, CVE-2013-0426, CVE-2013-0427, CVE-2013-0428, CVE-2013-0431, CVE-2013-0432, CVE-2013-0433, CVE-2013-0434, CVE-2013-0435, CVE-2013-0437, CVE-2013-0438, CVE-2013-0440, CVE-2013-0441, CVE-2013-0442, CVE-2013-0443, CVE-2013-0444, CVE-2013-0445, CVE-2013-0446
SHA-256 | f4f979734ced34ea08a199c005459a072d122aafe489e9384d745e1e56724f37
Red Hat Security Advisory 2013-0624-01
Posted Mar 11, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0624-01 - IBM J2SE version 5.0 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2013-0409, CVE-2013-0424, CVE-2013-0425, CVE-2013-0426, CVE-2013-0427, CVE-2013-0428, CVE-2013-0432, CVE-2013-0433, CVE-2013-0434, CVE-2013-0440, CVE-2013-0442, CVE-2013-0443, CVE-2013-0445, CVE-2013-0450, CVE-2013-0809, CVE-2013-1476, CVE-2013-1478, CVE-2013-1480, CVE-2013-1481, CVE-2013-1486, CVE-2013-1493
SHA-256 | 1aa3a61ce84d8dfe3989766a7d64b1570da3b7bf518c863cc35cbbfe38e7ca3d
Red Hat Security Advisory 2013-0621-01
Posted Mar 11, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0621-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A flaw was found in the way file permission checks for the "/dev/cpu/[x]/msr" files were performed in restricted root environments. A local user with the ability to write to these files could use this flaw to escalate their privileges to kernel level, for example, by writing to the SYSENTER_EIP_MSR register.

tags | advisory, kernel, local, root
systems | linux, redhat
advisories | CVE-2013-0268, CVE-2013-0871
SHA-256 | 3af50f8d722db056bda205bf690bc55f30b1959317323e16c792a5698c6943f1
Red Hat Security Advisory 2013-0622-01
Posted Mar 11, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0622-01 - The kernel-rt packages contain the Linux kernel, the core of any Linux operating system. A flaw was found in the way file permission checks for the "/dev/cpu/[x]/msr" files were performed in restricted root environments. A local user with the ability to write to these files could use this flaw to escalate their privileges to kernel level, for example, by writing to the SYSENTER_EIP_MSR register.

tags | advisory, kernel, local, root
systems | linux, redhat
advisories | CVE-2012-4542, CVE-2013-0268, CVE-2013-0290, CVE-2013-0871, CVE-2013-1763
SHA-256 | 7b4d8f9b0aedc3ba78789f88554003b14e864d9333c5630695e6d2130b83ca4f
KindEditor 4.1.5 Shell Upload
Posted Mar 11, 2013
Authored by KedAns-Dz

KindEditor version 4.1.5 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
SHA-256 | d88c733d219132a2b1ee32a692f47acc95782683a3c055cf97d79c82150148cb
PHPBoost 4.0 Shell Upload
Posted Mar 11, 2013
Authored by KedAns-Dz

PHPBoost version 4.0 suffers from shell upload and information disclosure vulnerabilities.

tags | exploit, shell, vulnerability, info disclosure
SHA-256 | 57a0ed69df2dfe6a08556e979aa44517e786e8aafe00b57724d89f4f48485e75
SI6 Networks' IPv6 Toolkit 1.3.3
Posted Mar 11, 2013
Authored by Fernando Gont

This toolkit houses various IPv6 tools that have been tested to compile and run on Debian GNU/Linux 6.0, FreeBSD 9.0, NetBSD 5.1, OpenBSD 5.0, Mac OS 10.8.0, and Ubuntu 11.10.

Changes: This minor update incorporates the "--tgt-known-iids" option, which can be used to track systems across networks, even if they employ the so-called "Privacy Address" (and yes, that includes Microsoft Windows systems).
tags | tool, scanner
systems | linux, netbsd, unix, freebsd, openbsd, debian, ubuntu
SHA-256 | 8392ec6c2414194f839d154313ea7965a2c6503286828f22860c4c50a635d099
Page 1 of 1
Back1Next

File Archive:

January 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    0 Files
  • 2
    Jan 2nd
    13 Files
  • 3
    Jan 3rd
    5 Files
  • 4
    Jan 4th
    5 Files
  • 5
    Jan 5th
    9 Files
  • 6
    Jan 6th
    5 Files
  • 7
    Jan 7th
    0 Files
  • 8
    Jan 8th
    0 Files
  • 9
    Jan 9th
    18 Files
  • 10
    Jan 10th
    31 Files
  • 11
    Jan 11th
    30 Files
  • 12
    Jan 12th
    33 Files
  • 13
    Jan 13th
    25 Files
  • 14
    Jan 14th
    0 Files
  • 15
    Jan 15th
    0 Files
  • 16
    Jan 16th
    7 Files
  • 17
    Jan 17th
    25 Files
  • 18
    Jan 18th
    38 Files
  • 19
    Jan 19th
    6 Files
  • 20
    Jan 20th
    21 Files
  • 21
    Jan 21st
    0 Files
  • 22
    Jan 22nd
    0 Files
  • 23
    Jan 23rd
    24 Files
  • 24
    Jan 24th
    68 Files
  • 25
    Jan 25th
    22 Files
  • 26
    Jan 26th
    20 Files
  • 27
    Jan 27th
    17 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    20 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close