accept no compromises
Showing 1 - 25 of 435 RSS Feed

Files Date: 2013-03-01 to 2013-03-31

Netgear WNR1000 Authentication Bypass
Posted Mar 30, 2013
Authored by Roberto Paleari

Netgear WNR1000 suffers from an authentication bypass vulnerability.

tags | exploit, bypass
MD5 | 1da8155c7c2e479cd819b6144972d9d0
PGP Individual UID Signer 2.0.10
Posted Mar 30, 2013
Authored by Phil Dibowitz | Site phildev.net

PGP Individual UID Signer makes signing all the UIDs on all of the keys at a PGP keysigning party much simpler. It prompts for verification fingerprints, and then signs each UID on each key separately and emails them to their recipients encrypted with PGP/MIME.

Changes: A variety of of bugfixes and changes to several default preferences to make it easier to use. This release is compatible with GnuPG2. All users are encouraged to upgrade.
tags | tool, encryption
MD5 | cd0a69df6cdf145191ca67906e6b0914
Technical Cyber Security Alert 2013-088A
Posted Mar 30, 2013
Authored by US-CERT | Site us-cert.gov

Technical Cyber Security Alert 2013-088A - A misconfigured Domain Name System (DNS) server can be exploited to participate in a Distributed Denial of Service (DDoS) attack.

tags | advisory, denial of service
MD5 | 4ca42cfab86018f9db32f526263fee25
Slackware Security Advisory - libssh Updates
Posted Mar 30, 2013
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New libssh packages are available for Slackware 14.0, and -current to fix a security issue.

tags | advisory
systems | linux, slackware
advisories | CVE-2013-0176
MD5 | a02c1c2ce7e9098a631e2d19024e955d
HP Security Bulletin HPSBUX02859 SSRT101144
Posted Mar 30, 2013
Authored by HP | Site hp.com

HP Security Bulletin HPSBUX02859 SSRT101144 - A potential security vulnerability has been identified with HP-UX running XNTP. The vulnerability could be exploited remotely create a Denial of Service (DoS) or Execute Arbitrary Code. Revision 1 of this advisory.

tags | advisory, denial of service, arbitrary
systems | hpux
advisories | CVE-2009-0158, CVE-2009-0159, CVE-2009-3563
MD5 | f111df3c200dc90354002b61f3ac8dfd
HP Security Bulletin HPSBUX02859 SSRT101144
Posted Mar 30, 2013
Site hp.com

HP Security Bulletin HPSBUX02859 SSRT101144 - A potential security vulnerability has been identified with HP-UX running XNTP. The vulnerability could be exploited remotely create a Denial of Service (DoS) or Execute Arbitrary Code. Revision 1 of this advisory.

advisories | CVE-2009-0158, CVE-2009-0159, CVE-2009-3563
MD5 | f111df3c200dc90354002b61f3ac8dfd
Ubuntu Security Notice USN-1783-1
Posted Mar 30, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1783-1 - Matthew Horsfall discovered that Bind incorrectly handled regular expression checking. A remote attacker could use this flaw to cause Bind to consume an excessive amount of memory, possibly resulting in a denial of service. This issue was corrected by disabling RDATA regular expression syntax checking.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2013-2266
MD5 | f835413ca1aa2bb19c321f078e829e68
Crossbow Exploit Development Framework
Posted Mar 30, 2013
Authored by Zachary Cutlip | Site shadow-file.blogspot.com

Crossbow is a framework built in Python whose purpose is to help make exploit development easier. It currently targets MIPS Linux systems but the plan is to expand it to support other architectures in the future.

tags | tool, python
systems | linux, unix
MD5 | c1ff3667cac2ac28564a6dcfbcc053f5
mRemote 1.50 Update Spoofing
Posted Mar 29, 2013
Authored by Janek Vind aka waraxe | Site waraxe.us

mRemote version 1.50 suffers from an update spoofing vulnerability.

tags | exploit, spoof
MD5 | 5f0a05105f4eac25a94fcdac8802592f
Royal TS 2.1.5 Update Spoofing
Posted Mar 29, 2013
Authored by Janek Vind aka waraxe | Site waraxe.us

Royal TS version 2.1.5 suffers from an update spoofing vulnerability.

tags | exploit, spoof
MD5 | 716632b0b203b43be35e845638c4c9b1
Daddy's File Hosting Cross Site Scripting
Posted Mar 29, 2013
Authored by Mr.0c3aN

Daddy's File Hosting version 2 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 0db64aecf4510c5ed6ebf7a988ddd54c
Parsing Binary File Formats With PowerShell
Posted Mar 29, 2013
Authored by Matt Graeber | Site exploit-monday.com

This archive includes a presentation and code samples. The presentation is called Parsing Binary File Formats with PowerShell.

tags | paper
systems | linux
MD5 | 11fae6f510557858aa55bb3d3098365d
STUNSHELL Web Shell PHP Eval
Posted Mar 29, 2013
Authored by bwall | Site metasploit.com

This Metasploit module exploits unauthenticated versions of the "STUNSHELL" web shell. This Metasploit module works when safe mode is enabled on the web server. This shell is widely used in automated RFI payloads.

tags | exploit, web, shell
MD5 | 14fe20dbc0bd59c275dc99df677548aa
STUNSHELL Web Shell Remote Code Execution
Posted Mar 29, 2013
Authored by bwall | Site metasploit.com

This Metasploit module exploits unauthenticated versions of the "STUNSHELL" web shell. This Metasploit module works when safe mode is disabled on the web server. This shell is widely used in automated RFI payloads.

tags | exploit, web, shell
MD5 | f26790bb1fd499aae352a4ad6c8754a0
WordPress podPress 8.8.10.13 Cross Site Scripting
Posted Mar 29, 2013
Authored by hip

WordPress podPress third party plugin version 8.8.10.13 suffers from a cross site scripting vulnerability via 1pixelout_player.swf.

tags | exploit, xss
advisories | CVE-2013-2714
MD5 | 23b3c8ff0f431cb3accef9a7a1caf12d
MailOrderWorks 5.907 Cross Site Scripting
Posted Mar 29, 2013
Authored by Ibrahim El-Sayed | Site vulnerability-lab.com

MailOrderWorks version 5.907 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 0416fc31d9a84249488a44c0f31e36f6
PayPal GP+ Cross Site Scripting
Posted Mar 29, 2013
Authored by Ibrahim El-Sayed | Site vulnerability-lab.com

The PayPal GP+ service application for analyzing websites suffered from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | 8b9b0ec34469b618d47df0ad6b1a69ef
PayPal Sellers CMS Cross Site Scripting
Posted Mar 29, 2013
Authored by Ibrahim El-Sayed | Site vulnerability-lab.com

The PayPal content manager system for sellers suffered from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | 5c3a52b8fea4e5a703b7d4fcd32502f4
ALLMediaServer 0.94 Buffer Overflow
Posted Mar 29, 2013
Authored by metacom | Site metasploit.com

This Metasploit module exploits a stack buffer overflow in ALLMediaServer version 0.94. The vulnerability is caused due to a boundary error within the handling of an HTTP request.

tags | exploit, web, overflow
MD5 | b3294c5e0ea33e94dc0aab374786f72e
Debian Security Advisory 2655-1
Posted Mar 29, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2655-1 - Several cross-site-scripting and denial of service vulnerabilities were discovered in Ruby on Rails, a Ruby framework for web application development.

tags | advisory, web, denial of service, vulnerability, ruby
systems | linux, debian
advisories | CVE-2011-2932, CVE-2012-3464, CVE-2012-3465, CVE-2013-1854, CVE-2013-1855, CVE-2013-1857
MD5 | 6e9a4c36a5c842bbc63f38cb0b1539e7
Red Hat Security Advisory 2013-0689-01
Posted Mar 29, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0689-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. A denial of service flaw was found in the libdns library. A remote attacker could use this flaw to send a specially-crafted DNS query to named that, when processed, would cause named to use an excessive amount of memory, or possibly crash. Note: This update disables the syntax checking of NAPTR resource records.

tags | advisory, remote, denial of service, protocol
systems | linux, redhat
advisories | CVE-2013-2266
MD5 | cf7e62f486d152619cd602cc94117fab
Red Hat Security Advisory 2013-0691-01
Posted Mar 29, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0691-01 - Red Hat Storage is a software only, scale-out storage solution that provides flexible and agile unstructured data storage for the enterprise. A flaw was found in the way the Swift component used Python pickle. This could lead to arbitrary code execution. With this update, the JSON format is used. Multiple insecure temporary file creation flaws were found in Red Hat Storage. A local user on the Red Hat Storage server could use these flaws to cause arbitrary files to be overwritten as the root user via a symbolic link attack.

tags | advisory, arbitrary, local, root, code execution, python
systems | linux, redhat
advisories | CVE-2012-4406, CVE-2012-5635, CVE-2012-5638
MD5 | 1dcd3fbb4f13f36f971ca73d88fd152c
Red Hat Security Advisory 2013-0690-01
Posted Mar 29, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0690-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. A denial of service flaw was found in the libdns library. A remote attacker could use this flaw to send a specially-crafted DNS query to named that, when processed, would cause named to use an excessive amount of memory, or possibly crash. Note: This update disables the syntax checking of NAPTR resource records.

tags | advisory, remote, denial of service, protocol
systems | linux, redhat
advisories | CVE-2013-2266
MD5 | fce351f8b68afdcd0216c43bbe76c25b
Red Hat Security Advisory 2013-0688-01
Posted Mar 29, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0688-01 - In accordance with the Red Hat Enterprise Linux Errata Support Policy, Advanced Mission Critical for Red Hat Enterprise Linux 5.3 will be retired on March 31, 2014, and support will no longer be provided. Accordingly, Red Hat will no longer provide updated packages, including critical impact security patches or urgent priority bug fixes, for Red Hat Enterprise Linux 5.3 AMC after that date.

tags | advisory
systems | linux, redhat
MD5 | d12d9b8cbe0651ec8215ee84714a89c9
Voila CMS Cross Site Scripting
Posted Mar 29, 2013
Authored by Darksnipper, Dr.v!ru$

Sites designed by Voila Syria suffer from a cross site scripting vulnerability. Note that this finding houses site-specific data.

tags | exploit, xss
MD5 | b87a2b1bc52c077fc56354268fe2bdd3
Page 1 of 18
Back12345Next

File Archive:

July 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    2 Files
  • 2
    Jul 2nd
    3 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    4 Files
  • 5
    Jul 5th
    15 Files
  • 6
    Jul 6th
    15 Files
  • 7
    Jul 7th
    10 Files
  • 8
    Jul 8th
    2 Files
  • 9
    Jul 9th
    10 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    15 Files
  • 12
    Jul 12th
    19 Files
  • 13
    Jul 13th
    16 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    3 Files
  • 16
    Jul 16th
    2 Files
  • 17
    Jul 17th
    8 Files
  • 18
    Jul 18th
    11 Files
  • 19
    Jul 19th
    15 Files
  • 20
    Jul 20th
    15 Files
  • 21
    Jul 21st
    15 Files
  • 22
    Jul 22nd
    7 Files
  • 23
    Jul 23rd
    2 Files
  • 24
    Jul 24th
    19 Files
  • 25
    Jul 25th
    28 Files
  • 26
    Jul 26th
    2 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close