exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 16 of 16 RSS Feed

Files Date: 2013-03-20

Apple Security Advisory 2013-03-19-2
Posted Mar 20, 2013
Authored by Apple | Site apple.com

Apple Security Advisory 2013-03-19-2 - Apple TV 5.2.1 is now available and addresses multiple security issues such as execution of unsigned code and information disclosure issues.

tags | advisory, info disclosure
systems | apple
advisories | CVE-2013-0977, CVE-2013-0978, CVE-2013-0981
SHA-256 | bac45d77e98f0ec3e7850f59f1a70b6fb9040d3075c3956d8f3436076e7149bb
Apple Security Advisory 2013-03-19-1
Posted Mar 20, 2013
Authored by Apple | Site apple.com

Apple Security Advisory 2013-03-19-1 - iOS 6.1.3 is now available and addresses multiple security issues such as execution of unsigned code, permission changes, and more.

tags | advisory
systems | cisco, apple
advisories | CVE-2013-0912, CVE-2013-0977, CVE-2013-0978, CVE-2013-0979, CVE-2013-0980, CVE-2013-0981
SHA-256 | 824988d29933703818be3b608fa9c3b290c14c3e517b7be5711d61cbb336a117
BlazeVideo HDTV Player 6.6.0.2 Buffer Overflow
Posted Mar 20, 2013
Authored by metacom

BlazeVideo HDTV Player Standard version 6.6.0.2 SEH buffer overflow exploit that spawns calc.exe.

tags | exploit, overflow
SHA-256 | 9ce87967f87508842e8c3d72a010fd4c0fd87459ccdad80168c5778fa1f745e8
Sami FTP Server LIST Command Buffer Overflow
Posted Mar 20, 2013
Authored by superkojiman | Site metasploit.com

This Metasploit module exploits a stack based buffer overflow on Sami FTP Server 2.0.1. The vulnerability exists in the processing of LIST commands. In order to trigger the vulnerability, the "Log" tab must be viewed in the Sami FTP Server managing application, in the target machine. On the other hand, the source IP address used to connect with the FTP Server is needed. If the user can't provide it, the module will try to resolve it. This Metasploit module has been tested successfully on Sami FTP Server 2.0.1 over Windows XP SP3.

tags | exploit, overflow
systems | windows
advisories | OSVDB-90815
SHA-256 | f2ce755b550afa23d41b892e96930bfc4c6426f8a8a9869ab6859d2655918b0e
Cool PDF Image Stream Buffer Overflow
Posted Mar 20, 2013
Authored by Francis Provencher, Chris Gabriel, juan vazquez | Site metasploit.com

This Metasploit module exploits a stack buffer overflow in Cool PDF Reader prior to version 3.0.2.256. The vulnerability is triggered when opening a malformed PDF file that contains a specially crafted image stream. This Metasploit module has been tested successfully on Cool PDF 3.0.2.256 over Windows XP SP3 and Windows 7 SP1.

tags | exploit, overflow
systems | windows
advisories | CVE-2012-4914, OSVDB-89349
SHA-256 | b2cb27956204683b3f3b2b5177e1be282a14b7dbbf83dcb82f490a969c5a32f1
Security Notice For SiteMinder Products Using SAML
Posted Mar 20, 2013
Authored by Kevin Kotas | Site www3.ca.com

CA Technologies support is alerting customers to a potential risk with certain CA SiteMinder products that implement Security Assertion Markup Language (SAML). Multiple vulnerabilities exist that can possibly allow a remote attacker to gain additional privileges. The vulnerabilities concern the verification of XML signatures on SAML statements. An attacker can perform various attacks to impersonate another user in the single sign-on system.

tags | advisory, remote, vulnerability
advisories | CVE-2013-2279
SHA-256 | 0a14a948ab88ea32cc65eec67d7baeacc0cfda2caa0d678240891bf18319d013
Microsoft Internet Explorer 10-9-8-7-6 OnMove Use-After-Free
Posted Mar 20, 2013
Authored by Nicolas Joly, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Internet Explorer. The vulnerability is caused by a use-after-free error within the MSHTML "CElement::EnsureRecalcNotify()" function when processing "onMove" events, which could be exploited by remote attackers to compromise a vulnerable system via a malicious web page.

tags | advisory, remote, web
advisories | CVE-2013-0087
SHA-256 | 74cac2fd4680b3b10d2bd5cbfa550491862f2c557deb06f06b2b52ff1c26b695
Photodex ProShow Producer 5.0.3310 Privilege Escalation
Posted Mar 20, 2013
Authored by Julien Ahrens | Site security.inshell.net

A local privilege escalation vulnerability has been identified in Photodex ProShow Producer version 5.0.3310. Insecure file permissions on the executable file "scsiaccess.exe", which is used by the application service "ScsiAccess" under the SYSTEM account, may allow a less privileged user to gain access to SYSTEM privileges. A local attacker or compromised process is able to replace the original application binary with a malicious application which will be executed by a victim user or after a ScsiAccess service restart.

tags | exploit, local
SHA-256 | d3fa045e2673851c540274839e21d86b9ded844acad5b02695a52999b8f3dffd
OpenCart 1.5.5.1 Directory Traversal
Posted Mar 20, 2013
Authored by Janek Vind aka waraxe | Site waraxe.us

OpenCart version 1.5.5.1 suffers from a directory traversal vulnerability.

tags | exploit
SHA-256 | d4fb0138400954a2ffd3deaf9aa1b199b065826234b68bb121e49aa9e20d7686
OWASP Bricks Feni Release
Posted Mar 20, 2013
Site owasp.org

Bricks is a web application security learning platform built on PHP and MySQL. The project focuses on variations of commonly seen application security issues. Each 'Brick' has some sort of security issue which can be leveraged manually or using automated software tools. The mission is to 'Break the Bricks' and thus learn the various aspects of web application security. Bricks is a completely free and open source project brought to you by OWASP.

Changes: A brand new challenge can be found under content pages section. Your mission is to break this challenge (Challenge #5, Content page #2).
tags | tool, web, php
systems | unix
SHA-256 | 4bc6a2b43238aab095f750762d8f713073bb420e282d34aa3cba0de32e5274a2
StarVedia IPCamera Remote Username / Password Disclosure
Posted Mar 20, 2013
Authored by Todor Donev

StarVedia IPCamera IC502w and IC502w+ version 020313 remote bypass username/password disclosure exploit.

tags | exploit, remote
SHA-256 | b2e1e754ab46c85bc8c173378b2b272899f11b8f2b489f6d503525cd01b556aa
Microsoft Internet Explorer 10-9-8-7-6 OnResize Use-After-Free
Posted Mar 20, 2013
Authored by Nicolas Joly, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Internet Explorer. The vulnerability is caused by a use-after-free error within the MSHTML "CElement::EnsureRecalcNotify()" function when processing "onResize" events, which could be exploited by remote attackers to compromise a vulnerable system via a malicious web page.

tags | advisory, remote, web
advisories | CVE-2013-0087
SHA-256 | e7dd1c9d022b3a29ac08d671f377d6068705d06e27996f487998ab6b3c9df55b
Red Hat Security Advisory 2013-0661-01
Posted Mar 20, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0661-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issue: A race condition was found in the way the Linux kernel's ptrace implementation handled PTRACE_SETREGS requests when the debuggee was woken due to a SIGKILL signal instead of being stopped. A local, unprivileged user could use this flaw to escalate their privileges.

tags | advisory, kernel, local
systems | linux, redhat
advisories | CVE-2013-0871
SHA-256 | cc332c567ec53f844d282fad86bf4fc64a5d4cae3d7c28f12c483b7e799e4d88
Red Hat Security Advisory 2013-0663-01
Posted Mar 20, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0663-01 - SSSD provides a set of daemons to manage access to remote directories and authentication mechanisms. It provides NSS and PAM interfaces toward the system and a pluggable back end system to connect to multiple different account sources. When SSSD was configured as a Microsoft Active Directory client by using the new Active Directory provider, the Simple Access Provider did not handle access control correctly. If any groups were specified with the "simple_deny_groups" option, all users were permitted access.

tags | advisory, remote
systems | linux, redhat
advisories | CVE-2013-0287
SHA-256 | dead9317699f5089b93d69eff067de302f0ed4046e9544a10ea4072f333332b9
Ubuntu Security Notice USN-1770-1
Posted Mar 20, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1770-1 - Yves Orton discovered that Perl incorrectly handled hashing when using user-provided hash keys. An attacker could use this flaw to perform a denial of service attack against software written in Perl.

tags | advisory, denial of service, perl
systems | linux, ubuntu
advisories | CVE-2013-1667
SHA-256 | 160400c43f751227a821754c592c2c0991ab85529006ea92b840a9c891041806
Red Hat Security Advisory 2013-0662-01
Posted Mar 20, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0662-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issue: A race condition was found in the way the Linux kernel's ptrace implementation handled PTRACE_SETREGS requests when the debuggee was woken due to a SIGKILL signal instead of being stopped. A local, unprivileged user could use this flaw to escalate their privileges.

tags | advisory, kernel, local
systems | linux, redhat
advisories | CVE-2013-0871
SHA-256 | 48754598ed6c117f477241e7b5f7a1fae284fda03e08d5877005bb2b1ec2c11f
Page 1 of 1
Back1Next

File Archive:

November 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    16 Files
  • 2
    Nov 2nd
    17 Files
  • 3
    Nov 3rd
    17 Files
  • 4
    Nov 4th
    11 Files
  • 5
    Nov 5th
    0 Files
  • 6
    Nov 6th
    0 Files
  • 7
    Nov 7th
    3 Files
  • 8
    Nov 8th
    59 Files
  • 9
    Nov 9th
    12 Files
  • 10
    Nov 10th
    6 Files
  • 11
    Nov 11th
    11 Files
  • 12
    Nov 12th
    1 Files
  • 13
    Nov 13th
    0 Files
  • 14
    Nov 14th
    9 Files
  • 15
    Nov 15th
    33 Files
  • 16
    Nov 16th
    53 Files
  • 17
    Nov 17th
    11 Files
  • 18
    Nov 18th
    14 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    26 Files
  • 22
    Nov 22nd
    22 Files
  • 23
    Nov 23rd
    10 Files
  • 24
    Nov 24th
    9 Files
  • 25
    Nov 25th
    11 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    20 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close