accept no compromises
Showing 1 - 16 of 16 RSS Feed

Files Date: 2013-03-20

Apple Security Advisory 2013-03-19-2
Posted Mar 20, 2013
Authored by Apple | Site apple.com

Apple Security Advisory 2013-03-19-2 - Apple TV 5.2.1 is now available and addresses multiple security issues such as execution of unsigned code and information disclosure issues.

tags | advisory, info disclosure
systems | apple
advisories | CVE-2013-0977, CVE-2013-0978, CVE-2013-0981
MD5 | e0d94d677f4c1a7d9e2fe164ceda55b9
Apple Security Advisory 2013-03-19-1
Posted Mar 20, 2013
Authored by Apple | Site apple.com

Apple Security Advisory 2013-03-19-1 - iOS 6.1.3 is now available and addresses multiple security issues such as execution of unsigned code, permission changes, and more.

tags | advisory
systems | cisco, apple
advisories | CVE-2013-0912, CVE-2013-0977, CVE-2013-0978, CVE-2013-0979, CVE-2013-0980, CVE-2013-0981
MD5 | 2864214caf5ce5fcbc88e7462bb3a120
BlazeVideo HDTV Player 6.6.0.2 Buffer Overflow
Posted Mar 20, 2013
Authored by metacom

BlazeVideo HDTV Player Standard version 6.6.0.2 SEH buffer overflow exploit that spawns calc.exe.

tags | exploit, overflow
MD5 | 1076abc392a05606195add333455d444
Sami FTP Server LIST Command Buffer Overflow
Posted Mar 20, 2013
Authored by superkojiman | Site metasploit.com

This Metasploit module exploits a stack based buffer overflow on Sami FTP Server 2.0.1. The vulnerability exists in the processing of LIST commands. In order to trigger the vulnerability, the "Log" tab must be viewed in the Sami FTP Server managing application, in the target machine. On the other hand, the source IP address used to connect with the FTP Server is needed. If the user can't provide it, the module will try to resolve it. This Metasploit module has been tested successfully on Sami FTP Server 2.0.1 over Windows XP SP3.

tags | exploit, overflow
systems | windows, xp
advisories | OSVDB-90815
MD5 | c3d2e5e1ea6648925419716085c1040f
Cool PDF Image Stream Buffer Overflow
Posted Mar 20, 2013
Authored by Francis Provencher, Chris Gabriel, juan vazquez | Site metasploit.com

This Metasploit module exploits a stack buffer overflow in Cool PDF Reader prior to version 3.0.2.256. The vulnerability is triggered when opening a malformed PDF file that contains a specially crafted image stream. This Metasploit module has been tested successfully on Cool PDF 3.0.2.256 over Windows XP SP3 and Windows 7 SP1.

tags | exploit, overflow
systems | windows, xp, 7
advisories | CVE-2012-4914, OSVDB-89349
MD5 | 888828d955c36487881a1513f9d37948
Security Notice For SiteMinder Products Using SAML
Posted Mar 20, 2013
Authored by Kevin Kotas | Site www3.ca.com

CA Technologies support is alerting customers to a potential risk with certain CA SiteMinder products that implement Security Assertion Markup Language (SAML). Multiple vulnerabilities exist that can possibly allow a remote attacker to gain additional privileges. The vulnerabilities concern the verification of XML signatures on SAML statements. An attacker can perform various attacks to impersonate another user in the single sign-on system.

tags | advisory, remote, vulnerability
advisories | CVE-2013-2279
MD5 | 2c05e064fcd55661b5a54708533261be
Microsoft Internet Explorer 10-9-8-7-6 OnMove Use-After-Free
Posted Mar 20, 2013
Authored by Nicolas Joly, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Internet Explorer. The vulnerability is caused by a use-after-free error within the MSHTML "CElement::EnsureRecalcNotify()" function when processing "onMove" events, which could be exploited by remote attackers to compromise a vulnerable system via a malicious web page.

tags | advisory, remote, web
advisories | CVE-2013-0087
MD5 | 4087513b3b33996112f927603b70f3d6
Photodex ProShow Producer 5.0.3310 Privilege Escalation
Posted Mar 20, 2013
Authored by Julien Ahrens | Site security.inshell.net

A local privilege escalation vulnerability has been identified in Photodex ProShow Producer version 5.0.3310. Insecure file permissions on the executable file "scsiaccess.exe", which is used by the application service "ScsiAccess" under the SYSTEM account, may allow a less privileged user to gain access to SYSTEM privileges. A local attacker or compromised process is able to replace the original application binary with a malicious application which will be executed by a victim user or after a ScsiAccess service restart.

tags | exploit, local
MD5 | 3f2152fe90555b80a220424488115848
OpenCart 1.5.5.1 Directory Traversal
Posted Mar 20, 2013
Authored by Janek Vind aka waraxe | Site waraxe.us

OpenCart version 1.5.5.1 suffers from a directory traversal vulnerability.

tags | exploit
MD5 | 913e42fd7df4415a289dd82aa2d74ece
OWASP Bricks Feni Release
Posted Mar 20, 2013
Site owasp.org

Bricks is a web application security learning platform built on PHP and MySQL. The project focuses on variations of commonly seen application security issues. Each 'Brick' has some sort of security issue which can be leveraged manually or using automated software tools. The mission is to 'Break the Bricks' and thus learn the various aspects of web application security. Bricks is a completely free and open source project brought to you by OWASP.

Changes: A brand new challenge can be found under content pages section. Your mission is to break this challenge (Challenge #5, Content page #2).
tags | tool, web, php
systems | unix
MD5 | 2898868488cb2099f3204f5d38ae4da7
StarVedia IPCamera Remote Username / Password Disclosure
Posted Mar 20, 2013
Authored by Todor Donev

StarVedia IPCamera IC502w and IC502w+ version 020313 remote bypass username/password disclosure exploit.

tags | exploit, remote
MD5 | 3456c66ee7ac77c79c8546ae07929187
Microsoft Internet Explorer 10-9-8-7-6 OnResize Use-After-Free
Posted Mar 20, 2013
Authored by Nicolas Joly, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Internet Explorer. The vulnerability is caused by a use-after-free error within the MSHTML "CElement::EnsureRecalcNotify()" function when processing "onResize" events, which could be exploited by remote attackers to compromise a vulnerable system via a malicious web page.

tags | advisory, remote, web
advisories | CVE-2013-0087
MD5 | eccb02d789cd9a8a3692fc05de00c7bb
Red Hat Security Advisory 2013-0661-01
Posted Mar 20, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0661-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issue: A race condition was found in the way the Linux kernel's ptrace implementation handled PTRACE_SETREGS requests when the debuggee was woken due to a SIGKILL signal instead of being stopped. A local, unprivileged user could use this flaw to escalate their privileges.

tags | advisory, kernel, local
systems | linux, redhat
advisories | CVE-2013-0871
MD5 | 790eec66b364f2ed02ece7b992e4e0bd
Red Hat Security Advisory 2013-0663-01
Posted Mar 20, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0663-01 - SSSD provides a set of daemons to manage access to remote directories and authentication mechanisms. It provides NSS and PAM interfaces toward the system and a pluggable back end system to connect to multiple different account sources. When SSSD was configured as a Microsoft Active Directory client by using the new Active Directory provider, the Simple Access Provider did not handle access control correctly. If any groups were specified with the "simple_deny_groups" option, all users were permitted access.

tags | advisory, remote
systems | linux, redhat
advisories | CVE-2013-0287
MD5 | 06c4af61c77b3f0466f436d95e37e070
Ubuntu Security Notice USN-1770-1
Posted Mar 20, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1770-1 - Yves Orton discovered that Perl incorrectly handled hashing when using user-provided hash keys. An attacker could use this flaw to perform a denial of service attack against software written in Perl.

tags | advisory, denial of service, perl
systems | linux, ubuntu
advisories | CVE-2013-1667
MD5 | 1dd278f6a5a50703ca815c4f3e13de24
Red Hat Security Advisory 2013-0662-01
Posted Mar 20, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0662-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issue: A race condition was found in the way the Linux kernel's ptrace implementation handled PTRACE_SETREGS requests when the debuggee was woken due to a SIGKILL signal instead of being stopped. A local, unprivileged user could use this flaw to escalate their privileges.

tags | advisory, kernel, local
systems | linux, redhat
advisories | CVE-2013-0871
MD5 | 0b07094d6dcf5aabb6417a85d46a5ec9
Page 1 of 1
Back1Next

File Archive:

October 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    15 Files
  • 2
    Oct 2nd
    16 Files
  • 3
    Oct 3rd
    15 Files
  • 4
    Oct 4th
    15 Files
  • 5
    Oct 5th
    11 Files
  • 6
    Oct 6th
    6 Files
  • 7
    Oct 7th
    2 Files
  • 8
    Oct 8th
    1 Files
  • 9
    Oct 9th
    13 Files
  • 10
    Oct 10th
    16 Files
  • 11
    Oct 11th
    15 Files
  • 12
    Oct 12th
    23 Files
  • 13
    Oct 13th
    13 Files
  • 14
    Oct 14th
    12 Files
  • 15
    Oct 15th
    2 Files
  • 16
    Oct 16th
    16 Files
  • 17
    Oct 17th
    16 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close