accept no compromises
Showing 1 - 16 of 16 RSS Feed

Files Date: 2013-04-03

Symphony 2.3.1 SQL Injection
Posted Apr 3, 2013
Authored by High-Tech Bridge SA | Site htbridge.ch

Symphony version 2.3.1 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2013-2559
MD5 | a2ffc8d19c621fb7099be1aa442052b7
FreeBSD Security Advisory - OpenSSL Weakness / Denial Of Service
Posted Apr 3, 2013
Site security.freebsd.org

FreeBSD Security Advisory - A flaw in the OpenSSL handling of OCSP response verification could be exploited to cause a denial of service attack. OpenSSL has a weakness in the handling of CBC ciphersuites in SSL, TLS and DTLS. The weakness could reveal plaintext in a timing attack.

tags | advisory, denial of service
systems | freebsd
advisories | CVE-2013-0166, CVE-2013-0169
MD5 | b724130dcb0b27fb331239a06cfbbf77
FreeBSD Security Advisory - BIND Denial Of Service
Posted Apr 3, 2013
Site security.freebsd.org

FreeBSD Security Advisory - A flaw in a library used by BIND allows an attacker to deliberately cause excessive memory consumption by the named(8) process. This affects both recursive and authoritative servers.

tags | advisory
systems | freebsd
advisories | CVE-2013-2266
MD5 | 42ee0db182faef9b1dc0e0ccc70fb236
Google Active Directory Sync (GADS) Tool 3.1.3 Information Disclosure
Posted Apr 3, 2013
Authored by Nathaniel Carew | Site senseofsecurity.com.au

Google Active Directory Sync (GADS) Tool versions 3.1.3 and below suffer from a local information disclosure vulnerability.

tags | exploit, local, info disclosure
MD5 | bb4561b5584f606e21113de38bc969a5
e107 CMS 1.0.2 Cross Site Scripting
Posted Apr 3, 2013
Authored by Simon Bieber

e107 CMS version 1.0.2 suffers from a reflective cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2013-2750
MD5 | e1ea4203776301647213683628c01960
Slackware Security Advisory - mozilla-thunderbird Updates
Posted Apr 3, 2013
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New mozilla-thunderbird packages are available for Slackware 13.37, 14.0, and -current to fix security issues.

tags | advisory
systems | linux, slackware
MD5 | 136dd3c2fc43b133673003c025e56393
Slackware Security Advisory - mozilla-firefox Updates
Posted Apr 3, 2013
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New mozilla-firefox packages are available for Slackware 13.37, 14.0, and -current to fix security issues.

tags | advisory
systems | linux, slackware
MD5 | ac6507a737df2fcabde34e054133f8a1
Sophos Web Protection Appliance 3.7.8.1 XSS / Command Execution
Posted Apr 3, 2013
Authored by Wolfgang Ettlinger | Site sec-consult.com

Sophos Web Protection Appliance version 3.7.8.1 suffers from OS command injection, cross site scripting, and file disclosure vulnerabilities.

tags | exploit, web, vulnerability, xss
advisories | CVE-2013-2641, CVE-2013-2642, CVE-2013-2643
MD5 | 01c4c0a97f30967135856c6d7e09d3fd
Novell GroupWise 12.0.0.8586 Untrusted Pointer Dereference
Posted Apr 3, 2013
Authored by High-Tech Bridge SA | Site htbridge.ch

Novell GroupWise version 12.0.0.8586 suffers form an untrusted pointer dereference vulnerability.

tags | advisory
advisories | CVE-2013-0804
MD5 | 35a8cc90e5cfcd73fbab14b6dc0c1b58
FUDforum 3.0.4 Code Injection
Posted Apr 3, 2013
Authored by High-Tech Bridge SA | Site htbridge.ch

FUDforum version 3.0.4 suffers from an arbitrary code execution vulnerability.

tags | exploit, arbitrary, code execution
advisories | CVE-2013-2267
MD5 | 97efea4444d0e38c52be249f7cf95cc1
IPTables Bash Completion 1.0 Beta 2
Posted Apr 3, 2013
Authored by AllKind | Site sourceforge.net

iptables-bash_completion provides programmable completion for the iptables and ip6tables programs from netfilter.org. Following the logic of iptables, options are shown only if they are valid at the current context. Additionally to the completion on options, matches and targets, it supports dynamic retrieval of data from the system i.e: chain-, set-names, interfaces, hostnames, etc. Environment variables allow to fine grade completion options. IP and MAC addresses can be fed by file.

tags | tool, firewall
systems | linux, unix
MD5 | 4d211d18d1337cd96d4e397d42243572
Red Hat Security Advisory 2013-0700-01
Posted Apr 3, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0700-01 - Jenkins is a continuous integration server. It was found that all SSL certificate checking was disabled by default in the Apache Maven Wagon plug-in of Jenkins. This would make it easy for an attacker to perform man-in-the-middle attacks. Users of Red Hat OpenShift Enterprise 1.1.3 are advised to upgrade to this updated package, which corrects this issue.

tags | advisory
systems | linux, redhat
advisories | CVE-2013-0253
MD5 | 57e3654e3cef75b01b49fec078911d23
Red Hat Security Advisory 2013-0701-01
Posted Apr 3, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0701-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to do system management tasks. A flaw in rubygem-json and ruby193-rubygem-json allowed remote attacks by creating different types of malicious objects. For example, it could initiate a denial of service attack through resource consumption by using a JSON document to create arbitrary Ruby symbols, which were never garbage collected. It could also be exploited to create internal objects which could allow a SQL injection attack. It was found that documentation created by rubygem-rdoc and ruby193-rubygem-rdoc was vulnerable to a cross-site scripting attack. If such documentation was accessible over a network, and a remote attacker could trick a user into visiting a specially-crafted URL, it would lead to arbitrary web script execution in the context of the user's session. As rubygem-rdoc and ruby193-rubygem-rdoc are used for creating documentation for Ruby source files, it is not a common scenario to make such documentation accessible over the network.

tags | advisory, remote, web, denial of service, arbitrary, xss, sql injection, ruby
systems | linux, redhat
advisories | CVE-2013-0256, CVE-2013-0269
MD5 | 55334c6a44648d0bc2a498654ea33a91
Ubuntu Security Notice USN-1787-1
Posted Apr 3, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1787-1 - Emese Revfy discovered that in the Linux kernel signal handlers could leak address information across an exec, making it possible to bypass ASLR (Address Space Layout Randomization). A local user could use this flaw to by pass ASLR to reliably deliver an exploit payload that would otherwise be stopped (by ASLR). A memory use after free error was discover in the Linux kernel's tmpfs filesystem. A local user could exploit this flaw to gain privileges or cause a denial of service (system crash). Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2013-0914, CVE-2013-1767, CVE-2013-1792, CVE-2013-0914, CVE-2013-1767, CVE-2013-1792
MD5 | 5d69a7e39d85cbd534595cdd5e39c456
CUDA Cracking
Posted Apr 3, 2013
Authored by Rohit Shaw

This is a whitepaper that discusses using Compute Unified Device Architecture (CUDA) GPU cracking to crack passwords.

tags | paper
MD5 | 88b5b63ab5a021be6ede8b93b7d52a17
SmallFTPd 1.0.3 Denial Of Service
Posted Apr 3, 2013
Authored by Akastep

SmallFTPd version 1.0.3 denial of service exploit that is written in AutoIT.

tags | exploit, denial of service
MD5 | f1fd56651b0f35bf3e1a37fa38d9b07a
Page 1 of 1
Back1Next

File Archive:

July 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    2 Files
  • 2
    Jul 2nd
    3 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    4 Files
  • 5
    Jul 5th
    15 Files
  • 6
    Jul 6th
    15 Files
  • 7
    Jul 7th
    10 Files
  • 8
    Jul 8th
    2 Files
  • 9
    Jul 9th
    10 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    15 Files
  • 12
    Jul 12th
    19 Files
  • 13
    Jul 13th
    16 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    3 Files
  • 16
    Jul 16th
    2 Files
  • 17
    Jul 17th
    8 Files
  • 18
    Jul 18th
    11 Files
  • 19
    Jul 19th
    15 Files
  • 20
    Jul 20th
    15 Files
  • 21
    Jul 21st
    15 Files
  • 22
    Jul 22nd
    7 Files
  • 23
    Jul 23rd
    2 Files
  • 24
    Jul 24th
    19 Files
  • 25
    Jul 25th
    28 Files
  • 26
    Jul 26th
    2 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close