all things security
Showing 1 - 11 of 11 RSS Feed

Files Date: 2013-03-22

Ubuntu Security Notice USN-1778-1
Posted Mar 22, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1778-1 - Andrew Jones discovered a flaw with the xen_iret function in Linux kernel's Xen virtualizeation. In the 32-bit Xen paravirt platform an unprivileged guest OS user could exploit this flaw to cause a denial of service (crash the system) or gain guest OS privilege. A flaw was reported in the permission checks done by the Linux kernel for /dev/cpu/*/msr. A local root user with all capabilities dropped could exploit this flaw to execute code with full root capabilities. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local, root
systems | linux, ubuntu
advisories | CVE-2013-0228, CVE-2013-0268, CVE-2013-0311, CVE-2013-0349, CVE-2013-1773, CVE-2013-0228, CVE-2013-0268, CVE-2013-0311, CVE-2013-0349, CVE-2013-1773
MD5 | be3270398506e6ff2a7824cd4e5ef20b
Ubuntu Security Notice USN-1776-1
Posted Mar 22, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1776-1 - A flaw was reported in the permission checks done by the Linux kernel for /dev/cpu/*/msr. A local root user with all capabilities dropped could exploit this flaw to execute code with full root capabilities. A flaw was discovered in the Linux kernels handling of memory ranges with PROT_NONE when transparent hugepages are in use. An unprivileged local user could exploit this flaw to cause a denial of service (crash the system). Various other issues were also addressed.

tags | advisory, denial of service, kernel, local, root
systems | linux, ubuntu
advisories | CVE-2013-0268, CVE-2013-0309, CVE-2013-1773, CVE-2013-0268, CVE-2013-0309, CVE-2013-1773
MD5 | 852743fc8ba22415a2196a235c48eb52
Ubuntu Security Notice USN-1775-1
Posted Mar 22, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1775-1 - A flaw was reported in the permission checks done by the Linux kernel for /dev/cpu/*/msr. A local root user with all capabilities dropped could exploit this flaw to execute code with full root capabilities. A flaw was discovered in the Linux kernels handling of memory ranges with PROT_NONE when transparent hugepages are in use. An unprivileged local user could exploit this flaw to cause a denial of service (crash the system). Various other issues were also addressed.

tags | advisory, denial of service, kernel, local, root
systems | linux, ubuntu
advisories | CVE-2013-0268, CVE-2013-0309, CVE-2013-1773, CVE-2013-0268, CVE-2013-0309, CVE-2013-1773
MD5 | 8a65e5c014300775df25851febb8669a
HP Security Bulletin HPSBUX02856 SSRT101104
Posted Mar 22, 2013
Authored by HP | Site hp.com

HP Security Bulletin HPSBUX02856 SSRT101104 - Potential security vulnerabilities have been identified with HP-UX OpenSSL. These vulnerabilities could be exploited remotely to create a Denial of Service (DoS) or allow unauthorized disclosure of information. Revision 1 of this advisory.

tags | advisory, denial of service, vulnerability
systems | hpux
advisories | CVE-2013-0166, CVE-2013-0169
MD5 | 057792c36a6a689869cadbb04367a0c9
Mageia Release 2 sock_diag_handlers Local Root
Posted Mar 22, 2013
Authored by y3dips | Site echo.or.id

Local root exploit for Mageia release 2 (32bit) using the sock_diag_handlers[] vulnerability.

tags | exploit, local, root
advisories | CVE-2013-1763
MD5 | 648c2b7a3c5dea075a27635c8d38f3ff
GnuTLS libgnutls Double-Free Remote Denial Of Service
Posted Mar 22, 2013
Authored by Shawn the R0ck

GnuTLS libgnutls double-free certificate list parsing remote denial of service proof of concept exploit. Versions affected are 3.0.13 and below.

tags | exploit, remote, denial of service, proof of concept
systems | linux
advisories | CVE-2012-1663
MD5 | 8bb756e17da0733c992e6f3abebd86fd
WordPress IndiaNIC FAQS Manager 1.0 XSS / CSRF
Posted Mar 22, 2013
Authored by m3tamantra

WordPress IndiaNIC FAQS Manager third party plugin version 1.0 suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
MD5 | 869282f708dda7feeb376b61fdad37af
WordPress IndiaNIC FAQS Manager 1.0 SQL Injection
Posted Mar 22, 2013
Authored by m3tamantra

WordPress IndiaNIC FAQS Manager third party plugin version 1.0 suffers from a remote blind SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 1560959ca6b86f47a39206dd2b32bdf2
Apache Struts ParametersInterceptor Remote Code Execution
Posted Mar 22, 2013
Authored by Meder Kydyraliev | Site metasploit.com

This Metasploit module exploits a remote command execution vulnerability in Apache Struts versions < 2.3.1.2. This issue is caused because the ParametersInterceptor allows for the use of parentheses which in turn allows it to interpret parameter values as OGNL expressions during certain exception handling for mismatched data types of properties which allows remote attackers to execute arbitrary Java code via a crafted parameter.

tags | exploit, java, remote, arbitrary
advisories | CVE-2011-3923, OSVDB-78501
MD5 | 029499dd57638b7e9ea3532fd62dd326
LibreOffice 4.0.1.2 Update Spoofing
Posted Mar 22, 2013
Authored by Janek Vind aka waraxe | Site waraxe.us

LibreOffice version 4.0.1.2 suffers from an update spoofing vulnerability due to not using a secure channel nor digital signatures.

tags | exploit, spoof
MD5 | 645d9184c722c4ebf8a8cd85e7f54810
EastFTP Active-X Code Execution
Posted Mar 22, 2013
Authored by Dr_IDE

EastFTP Active-X control version 4.6.02 code execution exploit.

tags | exploit, code execution, activex
MD5 | 511aeafa23744b085ad01574f55df3a7
Page 1 of 1
Back1Next

File Archive:

July 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    2 Files
  • 2
    Jul 2nd
    3 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    4 Files
  • 5
    Jul 5th
    15 Files
  • 6
    Jul 6th
    15 Files
  • 7
    Jul 7th
    10 Files
  • 8
    Jul 8th
    2 Files
  • 9
    Jul 9th
    10 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    15 Files
  • 12
    Jul 12th
    19 Files
  • 13
    Jul 13th
    16 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    3 Files
  • 16
    Jul 16th
    2 Files
  • 17
    Jul 17th
    8 Files
  • 18
    Jul 18th
    11 Files
  • 19
    Jul 19th
    15 Files
  • 20
    Jul 20th
    15 Files
  • 21
    Jul 21st
    15 Files
  • 22
    Jul 22nd
    7 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close