exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 16 of 16 RSS Feed

Files Date: 2013-04-03

Symphony 2.3.1 SQL Injection
Posted Apr 3, 2013
Authored by High-Tech Bridge SA | Site htbridge.ch

Symphony version 2.3.1 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2013-2559
SHA-256 | 7e746f6f0becdb1c3bf1082b0fc80a06a0763df2b35b291a8f3a205d747948ae
FreeBSD Security Advisory - OpenSSL Weakness / Denial Of Service
Posted Apr 3, 2013
Site security.freebsd.org

FreeBSD Security Advisory - A flaw in the OpenSSL handling of OCSP response verification could be exploited to cause a denial of service attack. OpenSSL has a weakness in the handling of CBC ciphersuites in SSL, TLS and DTLS. The weakness could reveal plaintext in a timing attack.

tags | advisory, denial of service
systems | freebsd
advisories | CVE-2013-0166, CVE-2013-0169
SHA-256 | b53bfd66b506dafcb90c6c9516eb9205fffab27069d0f3a35836d94fab93d2fe
FreeBSD Security Advisory - BIND Denial Of Service
Posted Apr 3, 2013
Site security.freebsd.org

FreeBSD Security Advisory - A flaw in a library used by BIND allows an attacker to deliberately cause excessive memory consumption by the named(8) process. This affects both recursive and authoritative servers.

tags | advisory
systems | freebsd
advisories | CVE-2013-2266
SHA-256 | 1dd487d7a38a6be933444db11b02dd1e2e265a2e5fb5dd7875698187215034f8
Google Active Directory Sync (GADS) Tool 3.1.3 Information Disclosure
Posted Apr 3, 2013
Authored by Nathaniel Carew | Site senseofsecurity.com.au

Google Active Directory Sync (GADS) Tool versions 3.1.3 and below suffer from a local information disclosure vulnerability.

tags | exploit, local, info disclosure
SHA-256 | 5af6fac3359b45806a514cce9e316949ac1c763760a0a252335bc60361e5db98
e107 CMS 1.0.2 Cross Site Scripting
Posted Apr 3, 2013
Authored by Simon Bieber

e107 CMS version 1.0.2 suffers from a reflective cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2013-2750
SHA-256 | b0a7d7d19b1bf2785fccdbdb0f2175d28946b402c3fbfdcc3590de48c18ffc57
Slackware Security Advisory - mozilla-thunderbird Updates
Posted Apr 3, 2013
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New mozilla-thunderbird packages are available for Slackware 13.37, 14.0, and -current to fix security issues.

tags | advisory
systems | linux, slackware
SHA-256 | 3b58e8bd3a82e8c37c44eb2f52ee1833913d60800103e936466bbd2328c0a6dc
Slackware Security Advisory - mozilla-firefox Updates
Posted Apr 3, 2013
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New mozilla-firefox packages are available for Slackware 13.37, 14.0, and -current to fix security issues.

tags | advisory
systems | linux, slackware
SHA-256 | e4cabaa55b9baede126441bc2d835d83d47424d8b948c120e1c5c9b9c8012a2b
Sophos Web Protection Appliance 3.7.8.1 XSS / Command Execution
Posted Apr 3, 2013
Authored by Wolfgang Ettlinger | Site sec-consult.com

Sophos Web Protection Appliance version 3.7.8.1 suffers from OS command injection, cross site scripting, and file disclosure vulnerabilities.

tags | exploit, web, vulnerability, xss
advisories | CVE-2013-2641, CVE-2013-2642, CVE-2013-2643
SHA-256 | e23113a1748c2be870f5cf2ef66700daa14d3f01fcf098583228dcf13f1434ee
Novell GroupWise 12.0.0.8586 Untrusted Pointer Dereference
Posted Apr 3, 2013
Authored by High-Tech Bridge SA | Site htbridge.ch

Novell GroupWise version 12.0.0.8586 suffers form an untrusted pointer dereference vulnerability.

tags | advisory
advisories | CVE-2013-0804
SHA-256 | 47e0f623fea3a5ed097e984178caf98801bcbed84209598283926cafe7ba2d6e
FUDforum 3.0.4 Code Injection
Posted Apr 3, 2013
Authored by High-Tech Bridge SA | Site htbridge.ch

FUDforum version 3.0.4 suffers from an arbitrary code execution vulnerability.

tags | exploit, arbitrary, code execution
advisories | CVE-2013-2267
SHA-256 | 36279cc79b9bb26cd0dfb7956cb4f1df702478b62a9a137f7cb48f7ac0e3c190
IPTables Bash Completion 1.0 Beta 2
Posted Apr 3, 2013
Authored by AllKind | Site sourceforge.net

iptables-bash_completion provides programmable completion for the iptables and ip6tables programs from netfilter.org. Following the logic of iptables, options are shown only if they are valid at the current context. Additionally to the completion on options, matches and targets, it supports dynamic retrieval of data from the system i.e: chain-, set-names, interfaces, hostnames, etc. Environment variables allow to fine grade completion options. IP and MAC addresses can be fed by file.

tags | tool, firewall
systems | linux, unix
SHA-256 | 5eb19e8d6cf7acaf5393a22e953b5672f0def1483e43ed8b95e6693b98ba0995
Red Hat Security Advisory 2013-0700-01
Posted Apr 3, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0700-01 - Jenkins is a continuous integration server. It was found that all SSL certificate checking was disabled by default in the Apache Maven Wagon plug-in of Jenkins. This would make it easy for an attacker to perform man-in-the-middle attacks. Users of Red Hat OpenShift Enterprise 1.1.3 are advised to upgrade to this updated package, which corrects this issue.

tags | advisory
systems | linux, redhat
advisories | CVE-2013-0253
SHA-256 | 2e1474d74bdc6d15346e98b54cdf58c4ef035856653a88200746b02f047d94db
Red Hat Security Advisory 2013-0701-01
Posted Apr 3, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0701-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to do system management tasks. A flaw in rubygem-json and ruby193-rubygem-json allowed remote attacks by creating different types of malicious objects. For example, it could initiate a denial of service attack through resource consumption by using a JSON document to create arbitrary Ruby symbols, which were never garbage collected. It could also be exploited to create internal objects which could allow a SQL injection attack. It was found that documentation created by rubygem-rdoc and ruby193-rubygem-rdoc was vulnerable to a cross-site scripting attack. If such documentation was accessible over a network, and a remote attacker could trick a user into visiting a specially-crafted URL, it would lead to arbitrary web script execution in the context of the user's session. As rubygem-rdoc and ruby193-rubygem-rdoc are used for creating documentation for Ruby source files, it is not a common scenario to make such documentation accessible over the network.

tags | advisory, remote, web, denial of service, arbitrary, xss, sql injection, ruby
systems | linux, redhat
advisories | CVE-2013-0256, CVE-2013-0269
SHA-256 | 21efbd85baf775bf343fbbe58aead019bee9fbcbd96c4e3f3a252fe9940c4e97
Ubuntu Security Notice USN-1787-1
Posted Apr 3, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1787-1 - Emese Revfy discovered that in the Linux kernel signal handlers could leak address information across an exec, making it possible to bypass ASLR (Address Space Layout Randomization). A local user could use this flaw to by pass ASLR to reliably deliver an exploit payload that would otherwise be stopped (by ASLR). A memory use after free error was discover in the Linux kernel's tmpfs filesystem. A local user could exploit this flaw to gain privileges or cause a denial of service (system crash). Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2013-0914, CVE-2013-1767, CVE-2013-1792, CVE-2013-0914, CVE-2013-1767, CVE-2013-1792
SHA-256 | e7193629413cdad2b463bf06a7df8e90528471a345357eea7d9c6807f31923fa
CUDA Cracking
Posted Apr 3, 2013
Authored by Rohit Shaw

This is a whitepaper that discusses using Compute Unified Device Architecture (CUDA) GPU cracking to crack passwords.

tags | paper
SHA-256 | 73c83fc3029646d3e3bb2f6758ef93e292ef63789d5c4c52472d85962bf1620e
SmallFTPd 1.0.3 Denial Of Service
Posted Apr 3, 2013
Authored by Akastep

SmallFTPd version 1.0.3 denial of service exploit that is written in AutoIT.

tags | exploit, denial of service
SHA-256 | 490e57206bbfaabcb311fd30eaeb013e30240b0f0f106cd454c6062b57aa06e9
Page 1 of 1
Back1Next

File Archive:

July 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    27 Files
  • 2
    Jul 2nd
    10 Files
  • 3
    Jul 3rd
    35 Files
  • 4
    Jul 4th
    27 Files
  • 5
    Jul 5th
    18 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    28 Files
  • 9
    Jul 9th
    44 Files
  • 10
    Jul 10th
    24 Files
  • 11
    Jul 11th
    25 Files
  • 12
    Jul 12th
    11 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    28 Files
  • 16
    Jul 16th
    6 Files
  • 17
    Jul 17th
    34 Files
  • 18
    Jul 18th
    6 Files
  • 19
    Jul 19th
    34 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    19 Files
  • 23
    Jul 23rd
    17 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close