exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 23 of 23 RSS Feed

Files Date: 2013-03-21

Digital Satellite TV Platform Proof Of Concepts
Posted Mar 21, 2013
Authored by Adam Gowdiak | Site security-explorations.com

This archive contains proof of concept exploits from Security Explorations. They waited for over a year for vendors to fix the issues in various digital satellite TV platforms and were ignored.

tags | exploit, proof of concept
SHA-256 | 226671de37e4d85a2d62d0df29ac823cb5ba7b68f552e3d574a8e4642dcc0a49
Red Hat Security Advisory 2013-0671-01
Posted Mar 21, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0671-01 - PackStack is a command line utility that uses Puppet modules to support rapid deployment of OpenStack on existing servers over an SSH connection. PackStack is suitable for deploying both single node proof of concept installations and more complex multi-node installations. It was found that PackStack did not handle the answer file securely. In some environments, such as those using a non-default umask, a local attacker could possibly modify the answer file if PackStack was run in an attacker controlled directory, or attempted to create the answer file in "/tmp/", allowing the attacker to modify systems being deployed using OpenStack. Note: After applying this update, PackStack will create the answer file in the user's home directory by default. It will no longer create it in the current working directory or the "/tmp/" directory by default.

tags | advisory, local, proof of concept
systems | linux, redhat
advisories | CVE-2013-1815
SHA-256 | 85ac7dd9a04979cc15ea84e62d6594f4bb4612fd814eea5ea9893b169ddd1d78
Red Hat Security Advisory 2013-0670-01
Posted Mar 21, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0670-01 - The Django web framework is used by Horizon, the OpenStack Dashboard, which is a web interface for managing OpenStack services. A denial of service flaw was found in the Extensible Markup Language parser used by Django. A remote attacker could use this flaw to send a specially-crafted request to an Horizon API, causing Horizon to consume an excessive amount of CPU and memory. A flaw was found in the XML parser used by Django. If a remote attacker sent a specially-crafted request to an Horizon API, it could cause Horizon to connect to external entities, causing a large amount of system load, or allow an attacker to read files on the Horizon server that are accessible to the user running Horizon.

tags | advisory, remote, web, denial of service
systems | linux, redhat
advisories | CVE-2013-0305, CVE-2013-0306, CVE-2013-1664, CVE-2013-1665
SHA-256 | f43133ae695ecbbd6f834f905823dd891d699fa224d25328a2c8c1c9c98db579
Red Hat Security Advisory 2013-0669-01
Posted Mar 21, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0669-01 - Qt is a software toolkit that simplifies the task of writing and maintaining GUI applications for the X Window System. It was discovered that the QSharedMemory class implementation of the Qt toolkit created shared memory segments with insecure permissions. A local attacker could use this flaw to read or alter the contents of a particular shared memory segment, possibly leading to their ability to obtain sensitive information or influence the behavior of a process that is using the shared memory segment.

tags | advisory, local
systems | linux, redhat
advisories | CVE-2013-0254
SHA-256 | 0e67715652896aa6a5c89b1f944208d96234e81835c89b6e02a33a791946f822
Red Hat Security Advisory 2013-0668-01
Posted Mar 21, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0668-01 - The boost packages provide free, peer-reviewed, portable C++ source libraries with emphasis on libraries which work well with the C++ Standard Library. A flaw was found in the way the ordered_malloc() routine in Boost sanitized the 'next_size' and 'max_size' parameters when allocating memory. If an application used the Boost C++ libraries for memory allocation, and performed memory allocation based on user-supplied input, an attacker could use this flaw to crash the application or, potentially, execute arbitrary code with the privileges of the user running the application.

tags | advisory, arbitrary
systems | linux, redhat
advisories | CVE-2012-2677
SHA-256 | 177eeb143093a935b907879d3e2456e4d04a4b736b6f3edca5b2c328fd9975cf
Red Hat Security Advisory 2013-0658-01
Posted Mar 21, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0658-01 - The openstack-cinder packages provide OpenStack Volume, which provides services to manage and access block storage volumes for use by virtual machine instances. A denial of service flaw was found in the Extensible Markup Language parser used by Cinder. A remote attacker could use this flaw to send a specially-crafted request to a Cinder API, causing Cinder to consume an excessive amount of CPU and memory. A flaw was found in the XML parser used by Cinder. If a remote attacker sent a specially-crafted request to a Cinder API, it could cause Cinder to connect to external entities, causing a large amount of system load, or allow an attacker to read files on the Cinder server that are accessible to the user running Cinder.

tags | advisory, remote, denial of service
systems | linux, redhat
advisories | CVE-2013-1664, CVE-2013-1665
SHA-256 | 685dedeb4a1d9e24e68f572aa40addf6cf297350396926eb9e89d6cf3c150694
Red Hat Security Advisory 2013-0657-01
Posted Mar 21, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0657-01 - The openstack-nova packages provide OpenStack Compute, which provides services for provisioning, managing, and using virtual machine instances. A denial of service flaw was found in the Extensible Markup Language parser used by Nova. A remote attacker could use this flaw to send a specially-crafted request to a Nova API, causing Nova to consume an excessive amount of CPU and memory. A flaw was found in the XML parser used by Nova. If a remote attacker sent a specially-crafted request to a Nova API, it could cause Nova to connect to external entities, causing a large amount of system load, or allow an attacker to read files on the Nova server that are accessible to the user running Nova.

tags | advisory, remote, denial of service
systems | linux, redhat
advisories | CVE-2013-1664, CVE-2013-1665
SHA-256 | b588103f41924e1d9554e7745752d1e515b6a95f3de6329a3b36b9ae1c1af1ff
ICS-CERT Advisory - Siemens WinCC 7.0 SP3
Posted Mar 21, 2013
Authored by ICS-CERT | Site ics-cert.org

ICS-CERT Advisory 13-079-02 - This advisory provides mitigation details for vulnerabilities that impact the Siemens SIMATIC WinCC. Independent researcher Sergey Gordeychik of Positive Technologies and Siemens ProductCERT have identified multiple vulnerabilities in the Siemens SIMATIC WinCC, which is used to configure SIMATIC operator devices. Siemens has produced a software update that fully resolves these vulnerabilities. Exploitation of these vulnerabilities could allow a denial of service (DoS) condition, unauthorized read access to files, or remote code execution. This could affect multiple industries, including food and beverage, water and wastewater, oil and gas, and chemical sectors worldwide. These vulnerabilities could be exploited remotely.

tags | advisory, remote, denial of service, vulnerability, code execution
advisories | CVE-2013-0678, CVE-2013-0676, CVE-2013-0679, CVE-2013-0674, CVE-2013-0677, CVE-2013-0675
SHA-256 | e86d7625da69e96f25c03a09637a085e26ecba22b2bf0dd2a1cd0873bb1460d9
Siemens Security Advisory 714398
Posted Mar 21, 2013
Authored by Siemens ProductCERT | Site siemens.com

WinCC stores Windows user credentials (user names and passwords) in a database. Authenticated users can log into this database, break the existing obfuscation and extract passwords. Furthermore, the database permissions allowed unprivileged users to gain access to sensitive data. A third vulnerability was found in the WinCC web server, where authenticated users could browse the file system via URL manipulation and extract sensitive information. A fourth vulnerability was found in the ActiveX component "RegReader", which is vulnerable to a buffer overflow and possible remote code execution. Manipulated project files can trigger a fifth vulnerability, which can allow an attacker to take over the WinCC PC. Furthermore a communication component called CCEServer is vulnerable to a remote buffer overflow that can be triggered over the network.

tags | advisory, remote, web, overflow, code execution, activex
systems | windows
SHA-256 | 871db31131d047fe9c609554c28f03dc8cf0ca905160d6f028d4e6fe6945be60
Siemens Security Advisory 212483
Posted Mar 21, 2013
Authored by Siemens ProductCERT | Site siemens.com

This advisory treats seven different vulnerabilities that have been found in the software running on SIMATIC HMIs that are engineered with WinCC (TIA Portal) V11, partially impacting confidentiality, integrity and availability of the system. The vulnerabilities affect the web server of engineered HMIs and their internal password management. Possible attacks require either physical access to the HMI or an authenticated user, so an attacker must either have valid user credentials or must use social engineering on a legitimate user. When the vulnerabilities are exploited they allow password retrieval, web session hijacking, source code retrieval, display of false data and Denial-of-Service.

tags | advisory, web, vulnerability
advisories | CVE-2011-4515
SHA-256 | fcef520cab212f67c15a79e30fbeafb976f24f11b4ac5b85915fb347e72d7116
Ubuntu Security Notice USN-1774-1
Posted Mar 21, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1774-1 - Andrew Cooper of Citrix reported a Xen stack corruption in the Linux kernel. An unprivileged user in a 32bit PVOPS guest can cause the guest kernel to crash, or operate erroneously. A failure to validate input was discovered in the Linux kernel's Xen netback (network backend) driver. A user in a guest OS may exploit this flaw to cause a denial of service to the guest OS and other guest domains. Various other issues were also addressed.

tags | advisory, denial of service, kernel
systems | linux, ubuntu
advisories | CVE-2013-0190, CVE-2013-0216, CVE-2013-0217, CVE-2013-0231, CVE-2013-0290, CVE-2013-0311, CVE-2013-0190, CVE-2013-0216, CVE-2013-0217, CVE-2013-0231, CVE-2013-0290, CVE-2013-0311
SHA-256 | 807a9d69d5b620305fe70d63fac5c9ae75642fcf42a3495334beea6f81b38ab3
Ubuntu Security Notice USN-1773-1
Posted Mar 21, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1773-1 - Felix Groebert, Mateusz Jurczyk and Gynvael Coldwind discovered multiple security issues with ClamAV. An attacker could use these issues to cause ClamAV to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
SHA-256 | 23ca13bc7e11e5617b0d6a6409f501892e11d52ac824594d653506ec7f44dc4c
Debian Security Advisory 2651-1
Posted Mar 21, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2651-1 - A cross-site scripting vulnerability was discovered in smokeping, a latency logging and graphing system. Input passed to the "displaymode" parameter was not properly sanitized. An attacker could use this flaw to execute arbitrary HTML and script code in a user's browser session in the context of an affected site.

tags | advisory, arbitrary, xss
systems | linux, debian
advisories | CVE-2012-0790
SHA-256 | 904d86718938baf33fc8ef37007e11d16fda5e3dfeea69e30ca4ab280e6357b3
TP-Link TL-WR740N Wireless Router Remote Denial Of Service
Posted Mar 21, 2013
Authored by LiquidWorm | Site zeroscience.mk

The TP-Link WR740N Wireless N Router network device is exposed to a remote denial of service vulnerability when processing a HTTP request. This issue occurs when the web server (httpd) fails to handle a HTTP GET request over a given default TCP port 80. Sending a sequence of three dots (...) to the router will crash its httpd service denying the legitimate users access to the admin control panel management interface.

tags | exploit, remote, web, denial of service, tcp
SHA-256 | cbbd0a53dee5bb6b847b2838e2927422d0cb6a346a1da9cd0b99f3e7270507f5
Drupal Views 7.x Cross Site Scripting
Posted Mar 21, 2013
Authored by Francisco Jose Cruz Romanos | Site drupal.org

Drupal Views third party module version 7.x suffers from a cross site scripting vulnerability.

tags | advisory, xss
SHA-256 | d9a46daf1fa587cb49cb0d5e8dbd8e15df286f335ef2e3f9e09748ad007a5472
OpenSC.tokend Privacy Leak / File Creation
Posted Mar 21, 2013
Authored by Dirk-Willem van Gulik

OpenSC.tokend OS X module suffers from privacy leak and arbitrary file creation vulnerabilities.

tags | advisory, arbitrary, vulnerability, info disclosure
systems | apple, osx
advisories | CVE-2013-1866
SHA-256 | 602d9d00b3ecc95a349e687f708bdc0655d4cb1110af628d3b4a5bf21c04ed15
2013 Data Protection Maturity Survey Results
Posted Mar 21, 2013
Site lumension.com

This research paper presents survey findings and discusses the trends from this year's Data Protection Maturity survey performed by Lumension. They also look at how organizations can develop a best-practices approach to data privacy, and look at some trends for the upcoming year.

tags | paper
SHA-256 | 33c2d3667ad2d28eb3a49bac5d4cafa97a666a4bb16d7a5a005d070534e99dcf
Ubuntu Security Notice USN-1771-1
Posted Mar 21, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1771-1 - Loganathan Parthipan discovered that Nova did not properly validate VNC tokens after an instance was deleted. An authenticated attacker could exploit this to access other virtual machines under certain circumstances. This issue did not affect Ubuntu 11.10. Vish Ishaya discovered that Nova did not always enforce quotas on fixed IPs. An authenticated attacker could exploit this to cause a denial of service via resource consumption. Nova will now enforce a quota limit of 10 fixed IPs per instance, which is configurable via 'quota_fixed_ips' in /etc/nova/nova.conf. Various other issues were also addressed.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2013-0335, CVE-2013-1838, CVE-2013-0335, CVE-2013-1838
SHA-256 | fa145558c86a02448ee9a16b2027725b5e54bc17d094a144c43a0f6f2e65abe9
Debian Security Advisory 2641-2
Posted Mar 21, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2641-2 - The security fix applied to the perl package due to CVE-2013-1667 introduced a test failure in libapache2-mod-perl2 source package specific to the rehash mechanism in Perl.

tags | advisory, perl
systems | linux, debian
advisories | CVE-2013-1667
SHA-256 | 9110a5cd25bf6b009461ac1ef7158b28b213084bd41e72df243bc8995f0f12c0
Red Hat Security Advisory 2013-0665-01
Posted Mar 21, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0665-01 - JBoss Data Grid is a distributed in-memory data grid, based on Infinispan. This release of JBoss Data Grid 6.1.0 serves as a replacement for JBoss Data Grid 6.0.1. It includes various bug fixes and enhancements which are detailed in the JBoss Data Grid 6.1.0 Release Notes.

tags | advisory
systems | linux, redhat
advisories | CVE-2012-4431, CVE-2012-5629, CVE-2012-5885, CVE-2012-5886, CVE-2012-5887
SHA-256 | 86e2f99d5f2e98f7fd162cf083ac17e2a1498532e28600b423b7c876fb02fd90
Red Hat Security Advisory 2013-0666-01
Posted Mar 21, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0666-01 - Oracle Java SE version 6 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. Oracle Java SE 6 will not receive updates after February 28, 2013. The Oracle Java SE 6 packages on the Red Hat Enterprise Linux 5 and 6 Supplementary media and in Red Hat Network channels will continue to be available. Red Hat will continue to provide these packages only as a courtesy to customers. Red Hat will not provide updates to these packages after this date.

tags | advisory, java
systems | linux, redhat
SHA-256 | 81d4942b68d361aa7acd8ceba568654db66e22656126bc54aaccade38c647731
Ubuntu Security Notice USN-1772-1
Posted Mar 21, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1772-1 - Guang Yee discovered that Keystone would not always perform all verification checks when configured to use PKI. If the keystone server was configured to use PKI and services or users requested online verification, an attacker could potentially exploit this to bypass revocation checks. Keystone uses UUID tokens by default in Ubuntu.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2013-1865
SHA-256 | ceb9e627dfc7fc24517f095c2d2a6fdfd927cc33b6663449dfff627b3d66e9a0
Tokend Privacy Leak / Arbitrary File Creation
Posted Mar 21, 2013
Authored by Dirk-Willem van Gulik

The Tokend OS X module suffers from privacy leak and arbitrary file creation vulnerabilities.

tags | advisory, arbitrary, vulnerability, info disclosure
systems | apple, osx
advisories | CVE-2013-1867
SHA-256 | 469ed91a5c829ea148d876c4ee0888a851d1e1f010c8232c32f9caa78c95e92a
Page 1 of 1
Back1Next

File Archive:

August 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    20 Files
  • 2
    Aug 2nd
    4 Files
  • 3
    Aug 3rd
    6 Files
  • 4
    Aug 4th
    55 Files
  • 5
    Aug 5th
    16 Files
  • 6
    Aug 6th
    0 Files
  • 7
    Aug 7th
    0 Files
  • 8
    Aug 8th
    13 Files
  • 9
    Aug 9th
    13 Files
  • 10
    Aug 10th
    34 Files
  • 11
    Aug 11th
    16 Files
  • 12
    Aug 12th
    5 Files
  • 13
    Aug 13th
    0 Files
  • 14
    Aug 14th
    0 Files
  • 15
    Aug 15th
    25 Files
  • 16
    Aug 16th
    0 Files
  • 17
    Aug 17th
    0 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close