Twenty Year Anniversary
Showing 1 - 16 of 16 RSS Feed

Files Date: 2013-03-27

AWS XMS 2.5 Path Traversal
Posted Mar 27, 2013
Authored by High-Tech Bridge SA | Site htbridge.ch

AWS XMS version 2.5 suffers from a path traversal vulnerability.

tags | exploit, file inclusion
advisories | CVE-2013-2474
MD5 | f6855dc4aed1bc18916b259a4b1d5966
McAfee Virtual Technician (MVT) 6.5.0.2101 Unsafe Active-X
Posted Mar 27, 2013
Authored by High-Tech Bridge SA | Site htbridge.ch

McAfee Virtual Technician (MVT) 6.5.0.2101 suffers from an exposed unsafe active-x method.

tags | exploit, activex
advisories | CVE-2012-5879
MD5 | 9daee446aada008191242f2e0649a9f5
BIND 9 Memory Consumption
Posted Mar 27, 2013
Authored by Matthew Horsfall | Site kb.isc.org

A critical defect in BIND 9 allows an attacker to cause excessive memory consumption in named or other programs linked to libdns.

tags | advisory
advisories | CVE-2013-2266
MD5 | b1a9786beb540cf0004195c55042aa2f
PsychoStats 3.2.2b Blind SQL Injection
Posted Mar 27, 2013
Authored by Mohamed from ALG

PsychoStats version 3.2.2b suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 4b152c35ec2b93500d04600917d3c06f
Konftel 300IP 2.1.2 Reboot Bypass
Posted Mar 27, 2013
Authored by Todor Donev

Konftel 300IP SIP-based conference phone versions 2.1.2 and below remote bypass reboot exploit.

tags | exploit, remote
MD5 | 465481eb9b9c69694a6fffeaccf80104
Slackware Security Advisory - dhcp Updates
Posted Mar 27, 2013
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New dhcp packages are available for Slackware 12.1, 12.2, 13.0, 13.1, 13.37, 14.0, and -current to fix a security issue. Related CVE Numbers: CVE-2013-2266.

tags | advisory
systems | linux, slackware
advisories | CVE-2013-2266
MD5 | 60a6a3d19246f3af5dde2ae7bc39fe17
Atmail WebMail 7.0.2 Cross Site Scripting
Posted Mar 27, 2013
Authored by Vicente Aguilera Diaz

Atmail WebMail versions 7.0.2 and below suffer from a reflective cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2013-2585
MD5 | d6636d238d75eee9ed6adbfb98cac7b6
HP Security Bulletin HPSBUX02857 SSRT101103
Posted Mar 27, 2013
Authored by HP | Site hp.com

HP Security Bulletin HPSBUX02857 SSRT101103 - Potential security vulnerabilities have been identified in Java Runtime Environment (JRE) and Java Developer Kit (JDK) running on HP-UX. These vulnerabilities could allow remote unauthorized access, disclosure of information, and other exploits. Revision 1 of this advisory.

tags | advisory, java, remote, vulnerability
systems | hpux
advisories | CVE-2012-1541, CVE-2012-3213, CVE-2012-3342, CVE-2013-0169, CVE-2013-0351, CVE-2013-0409, CVE-2013-0419, CVE-2013-0423, CVE-2013-0424, CVE-2013-0425, CVE-2013-0426, CVE-2013-0427, CVE-2013-0428, CVE-2013-0429, CVE-2013-0431, CVE-2013-0432, CVE-2013-0433, CVE-2013-0434, CVE-2013-0435, CVE-2013-0437, CVE-2013-0438, CVE-2013-0440, CVE-2013-0441, CVE-2013-0442, CVE-2013-0443, CVE-2013-0444, CVE-2013-0445, CVE-2013-0446
MD5 | 4547656db25c8fad939deb47d7516666
Joomla Component JCE File Upload Remote Code Execution
Posted Mar 27, 2013
Authored by temp66 | Site metasploit.com

This Metasploit module exploits a vulnerability in the JCE component for Joomla!, which could allow an unauthenticated remote attacker to upload arbitrary files, caused by the fails to sufficiently sanitize user-supplied input. Sending specially-crafted HTTP request, a remote attacker could exploit this vulnerability to upload a malicious PHP script, which could allow the attacker to execute arbitrary PHP code on the vulnerable system. This Metasploit module has been tested successfully on the JCE Editor 1.5.71 and Joomla 1.5.26.

tags | exploit, remote, web, arbitrary, php
MD5 | 351613b5116036e2b99d0dac802e3947
EMC Smarts NCM Improper Authentication
Posted Mar 27, 2013
Site emc.com

EMC Smarts Network Configuration Manager (NCM) version 9.2 contains fix for a vulnerability that could allow a malicious user to call certain supported Java Remote Method Invocation methods remotely without authentication. In addition, NCM System Management (SysAdmin) Console has known security vulnerabilities and EMC strongly advises customers to disable and not use this console until there is alternative solution from EMC.

tags | advisory, java, remote, vulnerability
advisories | CVE-2013-0935
MD5 | 4bedd0ab99887eaf000f5e60e4a72256
Ruby Thumbshooter Gem 0.1.5 Remote Command Execution
Posted Mar 27, 2013
Authored by Larry W. Cashdollar

Ruby Thumbshooter Gem version 0.1.5 suffers from a remote command execution vulnerability due to passing unsanitized user-supplied data to the shell.

tags | exploit, remote, shell, ruby
MD5 | a1cba85e9724f097a54a9ce7b26faec5
HP Security Bulletin HPSBOV02852 SSRT101108
Posted Mar 27, 2013
Authored by HP | Site hp.com

HP Security Bulletin HPSBOV02852 SSRT101108 - Potential security vulnerabilities have been identified in HP SSL for OpenVMS. These vulnerabilities could allow remote Denial of Service (DoS), unauthorized disclosure of information, unauthorized modification. Revision 1 of this advisory.

tags | advisory, remote, denial of service, vulnerability
advisories | CVE-2012-2333, CVE-2013-0166, CVE-2013-0169
MD5 | c6ca634abae7aeb27ae6d371250e92d7
KNet Web Server Buffer Overflow
Posted Mar 27, 2013
Authored by Myo Soe | Site yehg.net

KNet Web Server remote buffer overflow structure exception handler (SEH) exploit that binds a shell to port 4444.

tags | exploit, remote, web, overflow, shell
MD5 | 3b266e29cd27c52d90d1f8b1b6907194
Lotus Domino 8.5.4 Cross Site Scripting
Posted Mar 27, 2013
Authored by MustLive

Lotus Domino versions 8.5.4 and below suffer from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 799b84b98273542594c1796d59efdfab
GoldenEye HTTP Denial Of Service Tool
Posted Mar 27, 2013
Authored by Jan Seidl | Site wroot.org

GoldenEye is a python script that is meant for testing HTTP denial of service conditions leveraging HTTP Keep Alive and NoCache.

tags | web, denial of service, python
MD5 | e05acac95594427bcc65edecba01e444
Usernamer 0.2
Posted Mar 27, 2013
Authored by Jan Seidl | Site wroot.org

Usernamer is a penetration testing tool to generate a list of possible usernames/logins (ex: John Doe Doeson) for user enumeration or bruteforcing. This tool also supports text-files with one name per line as input.

Changes: Bug fix release.
tags | tool, rootkit
systems | unix
MD5 | d37bd669eda20b8bde0c61548568da30
Page 1 of 1
Back1Next

Want To Donate?


Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

File Archive:

July 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    1 Files
  • 2
    Jul 2nd
    26 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    11 Files
  • 5
    Jul 5th
    13 Files
  • 6
    Jul 6th
    4 Files
  • 7
    Jul 7th
    4 Files
  • 8
    Jul 8th
    1 Files
  • 9
    Jul 9th
    16 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    32 Files
  • 12
    Jul 12th
    22 Files
  • 13
    Jul 13th
    15 Files
  • 14
    Jul 14th
    1 Files
  • 15
    Jul 15th
    1 Files
  • 16
    Jul 16th
    21 Files
  • 17
    Jul 17th
    15 Files
  • 18
    Jul 18th
    15 Files
  • 19
    Jul 19th
    17 Files
  • 20
    Jul 20th
    11 Files
  • 21
    Jul 21st
    1 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close