the original cloud security
Showing 1 - 21 of 21 RSS Feed

Files Date: 2013-03-11

Honeywell HSC Remote Deployer ActiveX Remote Code Execution
Posted Mar 11, 2013
Authored by juan vazquez | Site metasploit.com

This Metasploit modules exploits a vulnerability found in the Honeywell HSC Remote Deployer ActiveX. This control can be abused by using the LaunchInstaller() function to execute an arbitrary HTA from a remote location. This Metasploit module has been tested successfully with the HSC Remote Deployer ActiveX installed with HoneyWell EBI R410.1.

tags | exploit, remote, arbitrary, activex
advisories | CVE-2013-0108, OSVDB-90583
MD5 | b1fd8d046d8eca6aa668e9a64beffa6c
Ubuntu 12.10 64bit Local Root
Posted Mar 11, 2013
Authored by Kacper Szczesniak

Local root exploit for Ubuntu 12.10 64bit that leverages the sock_diag_handlers[] vulnerability in Linux kernels before 3.7.10.

tags | exploit, kernel, local, root
systems | linux, ubuntu
advisories | CVE-2013-1763
MD5 | 5f673f27f9b0738cf2ccc7e04fdf9ac2
jforum 2.1.9 Cross Site Scripting
Posted Mar 11, 2013
Authored by A. Antukh | Site sec-consult.com

A module "pm" provided in the standard installation of jforum includes the action "sendSave", which suffers from a persistent cross site scripting vulnerability due to insufficient validation of user supplied data. Version 2.1.9 is affected.

tags | advisory, xss
MD5 | 6c251f44324c81032210a3676e841179
Privoxy 3.0.20-1 Credential Exposure
Posted Mar 11, 2013
Authored by Chris John Riley

Privoxy version 3.0.20-1 suffers from an authentication credential exposure vulnerability.

tags | exploit, info disclosure
advisories | CVE-2013-2503
MD5 | 12dbda38e1b50f339f1398705cc49d3c
TinyMCE 3.5.8 Cross Site Scripting
Posted Mar 11, 2013
Authored by Justin C. Klein Keane, Zach Alexander

TinyMCE version 3.5.8 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2012-4230
MD5 | c4415aebe3b26671b5804c094eba8298
Asteriskguru Queue Statistics Cross Site Scripting
Posted Mar 11, 2013
Authored by Manuel Garcia Cardenas | Site isecauditors.com

Asteriskguru Queue Statistics suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | b97c5ff41de908375bc174e0a5c1e2c9
Red Hat Security Advisory 2013-0631-01
Posted Mar 11, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0631-01 - JBoss Web is a web container based on Apache Tomcat. It provides a single deployment platform for the JavaServer Pages and Java Servlet technologies. Multiple weaknesses were found in the JBoss Web DIGEST authentication implementation, effectively reducing the security normally provided by DIGEST authentication. A remote attacker could use these flaws to perform replay attacks in some circumstances. Warning: Before applying this update, back up your existing JBoss Enterprise Web Platform installation.

tags | advisory, java, remote, web
systems | linux, redhat
advisories | CVE-2012-5885, CVE-2012-5886, CVE-2012-5887
MD5 | d1d64ea1721d275a197b2194dc37785f
Red Hat Security Advisory 2013-0629-01
Posted Mar 11, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0629-01 - JBoss Web is the web container, based on Apache Tomcat, in JBoss Enterprise Application Platform. It provides a single deployment platform for the JavaServer Pages and Java Servlet technologies. Multiple weaknesses were found in the JBoss Web DIGEST authentication implementation, effectively reducing the security normally provided by DIGEST authentication. A remote attacker could use these flaws to perform replay attacks in some circumstances. Warning: Before applying this update, back up your existing JBoss Enterprise Application Platform installation.

tags | advisory, java, remote, web
systems | linux, redhat
advisories | CVE-2012-5885, CVE-2012-5886, CVE-2012-5887
MD5 | ab18a07f835e5c7dc7178986ad58a8c3
Red Hat Security Advisory 2013-0628-01
Posted Mar 11, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0628-01 - The 389 Directory Server is an LDAPv3 compliant server. The base packages include the Lightweight Directory Access Protocol server and command-line utilities for server administration. A flaw was found in the way LDAPv3 control data was handled by 389 Directory Server. If a malicious user were able to bind to the directory and send an LDAP request containing crafted LDAPv3 control data, they could cause the server to crash, denying service to the directory. The CVE-2013-0312 issue was discovered by Thierry Bordaz of Red Hat.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2013-0312
MD5 | 87cf9754a3a1b5a1ef9b543cf10a4630
Red Hat Security Advisory 2013-0627-01
Posted Mar 11, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0627-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. A flaw was found in the processing of malformed content. Malicious content could cause Thunderbird to crash or execute arbitrary code with the privileges of the user running Thunderbird.

tags | advisory, arbitrary
systems | linux, redhat
advisories | CVE-2013-0787
MD5 | 1f45a852c9ff239e7b1b296dd3aa934a
Red Hat Security Advisory 2013-0625-01
Posted Mar 11, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0625-01 - IBM Java SE version 6 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2012-1541, CVE-2012-3213, CVE-2012-3342, CVE-2013-0351, CVE-2013-0409, CVE-2013-0419, CVE-2013-0423, CVE-2013-0424, CVE-2013-0425, CVE-2013-0426, CVE-2013-0427, CVE-2013-0428, CVE-2013-0432, CVE-2013-0433, CVE-2013-0434, CVE-2013-0435, CVE-2013-0438, CVE-2013-0440, CVE-2013-0441, CVE-2013-0442, CVE-2013-0443, CVE-2013-0445, CVE-2013-0446, CVE-2013-0450, CVE-2013-0809, CVE-2013-1473, CVE-2013-1476, CVE-2013-1478
MD5 | 4a6204362602b5e0a5bb6374f8ea3c62
Red Hat Security Advisory 2013-0623-01
Posted Mar 11, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0623-01 - Apache Tomcat is a servlet container. It was found that when an application used FORM authentication, along with another component that calls request.setUserPrincipal() before the call to FormAuthenticator#authenticate(), it was possible to bypass the security constraint checks in the FORM authenticator by appending "/j_security_check" to the end of a URL. A remote attacker with an authenticated session on an affected application could use this flaw to circumvent authorization controls, and thereby access resources not permitted by the roles associated with their authenticated session.

tags | advisory, remote
systems | linux, redhat
advisories | CVE-2012-3546, CVE-2012-4534, CVE-2012-5885, CVE-2012-5886, CVE-2012-5887
MD5 | 31025b6441baef70030da292ece0ed84
Red Hat Security Advisory 2013-0632-01
Posted Mar 11, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0632-01 - JBoss Web is the web container, based on Apache Tomcat, in JBoss Enterprise Application Platform. It provides a single deployment platform for the JavaServer Pages and Java Servlet technologies. Multiple weaknesses were found in the JBoss Web DIGEST authentication implementation, effectively reducing the security normally provided by DIGEST authentication. A remote attacker could use these flaws to perform replay attacks in some circumstances. Warning: Before applying this update, back up your existing JBoss Enterprise Application Platform installation .

tags | advisory, java, remote, web
systems | linux, redhat
advisories | CVE-2012-5885, CVE-2012-5886, CVE-2012-5887
MD5 | 792035170138434b6014f728112503bb
Red Hat Security Advisory 2013-0633-01
Posted Mar 11, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0633-01 - JBoss Web is a web container based on Apache Tomcat. It provides a single deployment platform for the JavaServer Pages and Java Servlet technologies. Multiple weaknesses were found in the JBoss Web DIGEST authentication implementation, effectively reducing the security normally provided by DIGEST authentication. A remote attacker could use these flaws to perform replay attacks in some circumstances. Warning: Before applying this update, back up your existing JBoss Enterprise Web Platform installation .

tags | advisory, java, remote, web
systems | linux, redhat
advisories | CVE-2012-5885, CVE-2012-5886, CVE-2012-5887
MD5 | 46540d5f95513b3831dbf9ff6271dce9
Red Hat Security Advisory 2013-0626-01
Posted Mar 11, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0626-01 - IBM Java SE version 7 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2012-1541, CVE-2012-3174, CVE-2012-3213, CVE-2012-3342, CVE-2013-0351, CVE-2013-0409, CVE-2013-0419, CVE-2013-0422, CVE-2013-0423, CVE-2013-0424, CVE-2013-0425, CVE-2013-0426, CVE-2013-0427, CVE-2013-0428, CVE-2013-0431, CVE-2013-0432, CVE-2013-0433, CVE-2013-0434, CVE-2013-0435, CVE-2013-0437, CVE-2013-0438, CVE-2013-0440, CVE-2013-0441, CVE-2013-0442, CVE-2013-0443, CVE-2013-0444, CVE-2013-0445, CVE-2013-0446
MD5 | 0f590ef93e5b1fe8930581f4a9520167
Red Hat Security Advisory 2013-0624-01
Posted Mar 11, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0624-01 - IBM J2SE version 5.0 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2013-0409, CVE-2013-0424, CVE-2013-0425, CVE-2013-0426, CVE-2013-0427, CVE-2013-0428, CVE-2013-0432, CVE-2013-0433, CVE-2013-0434, CVE-2013-0440, CVE-2013-0442, CVE-2013-0443, CVE-2013-0445, CVE-2013-0450, CVE-2013-0809, CVE-2013-1476, CVE-2013-1478, CVE-2013-1480, CVE-2013-1481, CVE-2013-1486, CVE-2013-1493
MD5 | bb5bbbd5af6224724a0f59929af0e47e
Red Hat Security Advisory 2013-0621-01
Posted Mar 11, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0621-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A flaw was found in the way file permission checks for the "/dev/cpu/[x]/msr" files were performed in restricted root environments. A local user with the ability to write to these files could use this flaw to escalate their privileges to kernel level, for example, by writing to the SYSENTER_EIP_MSR register.

tags | advisory, kernel, local, root
systems | linux, redhat
advisories | CVE-2013-0268, CVE-2013-0871
MD5 | 045b34d2120785c77b90c802233ee097
Red Hat Security Advisory 2013-0622-01
Posted Mar 11, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0622-01 - The kernel-rt packages contain the Linux kernel, the core of any Linux operating system. A flaw was found in the way file permission checks for the "/dev/cpu/[x]/msr" files were performed in restricted root environments. A local user with the ability to write to these files could use this flaw to escalate their privileges to kernel level, for example, by writing to the SYSENTER_EIP_MSR register.

tags | advisory, kernel, local, root
systems | linux, redhat
advisories | CVE-2012-4542, CVE-2013-0268, CVE-2013-0290, CVE-2013-0871, CVE-2013-1763
MD5 | a1843242502a05a5aeacfc1142749011
KindEditor 4.1.5 Shell Upload
Posted Mar 11, 2013
Authored by KedAns-Dz

KindEditor version 4.1.5 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
MD5 | 186795a4f7c86dbf4674631f448b3511
PHPBoost 4.0 Shell Upload
Posted Mar 11, 2013
Authored by KedAns-Dz

PHPBoost version 4.0 suffers from shell upload and information disclosure vulnerabilities.

tags | exploit, shell, vulnerability, info disclosure
MD5 | a2c943967ceeb167e099b3d244b48433
SI6 Networks' IPv6 Toolkit 1.3.3
Posted Mar 11, 2013
Authored by Fernando Gont

This toolkit houses various IPv6 tools that have been tested to compile and run on Debian GNU/Linux 6.0, FreeBSD 9.0, NetBSD 5.1, OpenBSD 5.0, Mac OS 10.8.0, and Ubuntu 11.10.

Changes: This minor update incorporates the "--tgt-known-iids" option, which can be used to track systems across networks, even if they employ the so-called "Privacy Address" (and yes, that includes Microsoft Windows systems).
tags | tool, scanner
systems | linux, netbsd, unix, freebsd, openbsd, debian, ubuntu
MD5 | 2c7f9cfc0a8845694439a2bbdb6b9446
Page 1 of 1
Back1Next

File Archive:

July 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    2 Files
  • 2
    Jul 2nd
    3 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    4 Files
  • 5
    Jul 5th
    15 Files
  • 6
    Jul 6th
    15 Files
  • 7
    Jul 7th
    10 Files
  • 8
    Jul 8th
    2 Files
  • 9
    Jul 9th
    10 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    15 Files
  • 12
    Jul 12th
    19 Files
  • 13
    Jul 13th
    16 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    3 Files
  • 16
    Jul 16th
    2 Files
  • 17
    Jul 17th
    8 Files
  • 18
    Jul 18th
    11 Files
  • 19
    Jul 19th
    15 Files
  • 20
    Jul 20th
    15 Files
  • 21
    Jul 21st
    15 Files
  • 22
    Jul 22nd
    7 Files
  • 23
    Jul 23rd
    2 Files
  • 24
    Jul 24th
    19 Files
  • 25
    Jul 25th
    28 Files
  • 26
    Jul 26th
    2 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close