what you don't know can hurt you
Showing 1 - 15 of 15 RSS Feed

Files Date: 2013-04-17

Red Hat Security Advisory 2013-0751-01
Posted Apr 17, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0751-01 - These packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Software Development Kit. Multiple flaws were discovered in the font layout engine in the 2D component. An untrusted Java application or applet could possibly use these flaws to trigger Java Virtual Machine memory corruption. Multiple improper permission check issues were discovered in the Beans, Libraries, JAXP, and RMI components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2013-0401, CVE-2013-1488, CVE-2013-1518, CVE-2013-1537, CVE-2013-1557, CVE-2013-1558, CVE-2013-1569, CVE-2013-2383, CVE-2013-2384, CVE-2013-2415, CVE-2013-2417, CVE-2013-2419, CVE-2013-2420, CVE-2013-2421, CVE-2013-2422, CVE-2013-2423, CVE-2013-2424, CVE-2013-2426, CVE-2013-2429, CVE-2013-2430, CVE-2013-2431, CVE-2013-2436
MD5 | 23583147ef678ef4a9c9666faf94c71f
Samhain File Integrity Checker 3.0.11
Posted Apr 17, 2013
Authored by Rainer Wichmann | Site samhain.sourceforge.net

Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.

Changes: Log rotation can be handled more gracefully now. An option to ignore modifications of transient files during their lifetime has been added, and it is possible now to build a Debian client package with a preset password. A problem with large groups has been fixed, as well as reconnecting to a temporarily unavailable Oracle database.
tags | tool, tcp, intrusion detection
systems | linux, unix, solaris, aix, hpux, unixware
MD5 | 5db1ec45f958632cde82adc17c99dfd0
Cisco Security Advisory 20130417-tpi
Posted Apr 17, 2013
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Cisco TelePresence multipoint control unit (MCU) and Cisco TelePresence Server contain a vulnerability that could allow an unauthenticated, remote attacker to trigger the reload of an affected system. Cisco has released free software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available.

tags | advisory, remote
systems | cisco
MD5 | 069de7a7e3eec66388549dfe81236653
Oracle WebCenter / Fatwire Header Injection
Posted Apr 17, 2013
Authored by Kestutis Gudinavicius | Site sec-consult.com

Oracle WebCenter Sites Satellite Server versions 7.6.0 Patch1, 7.6.2,, and suffer from HTTP header injection and cache poisoning vulnerabilities.

tags | exploit, web, vulnerability
advisories | CVE-2013-1509
MD5 | f15a7cc185b99950a5fadaa62b83e669
Drupal elFinder File Mapper 6.x / 7.x CSRF
Posted Apr 17, 2013
Authored by Greg Knaddison | Site drupal.org

Drupal elFinder File Mapper third party module versions 6.x and 7.x suffer from a cross site request forgery vulnerability.

tags | advisory, csrf
MD5 | ec679eaf7a3cf99b031897154c60b315
KrisonAV CMS 3.0.1 CSRF / Cross Site Scripting
Posted Apr 17, 2013
Authored by High-Tech Bridge SA | Site htbridge.ch

KrisonAV CMS version 3.0.1 suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
advisories | CVE-2013-2712, CVE-2013-2713
MD5 | b8c5a855c7c922e1df3746fe0971fcb2
Apple Security Advisory 2013-04-16-2
Posted Apr 17, 2013
Authored by Apple | Site apple.com

Apple Security Advisory 2013-04-16-2 - Java for OS X 2013-003 and Mac OS X v10.6 Update 15 are now available and address many vulnerabilities in 1.6.0_43.

tags | advisory, java, vulnerability
systems | apple, osx
advisories | CVE-2013-1491, CVE-2013-1537, CVE-2013-1540, CVE-2013-1557, CVE-2013-1558, CVE-2013-1563, CVE-2013-1569, CVE-2013-2383, CVE-2013-2384, CVE-2013-2394, CVE-2013-2417, CVE-2013-2419, CVE-2013-2420, CVE-2013-2422, CVE-2013-2424, CVE-2013-2429, CVE-2013-2430, CVE-2013-2432, CVE-2013-2435, CVE-2013-2437, CVE-2013-2440
MD5 | 79f4521d6c7bc0cc8efbf4b3503456d5
Java Web Start Launcher Memory Corruption
Posted Apr 17, 2013
Authored by A. Antukh | Site sec-consult.com

The Java active-x control in Java Web Start Launcher suffers from a memory corruption vulnerability.

tags | exploit, java, web, activex
advisories | CVE-2013-2416
MD5 | 65d29927757caf1ebc4312dda86ef003
Sitecom WLM-3500 Backdoor Accounts
Posted Apr 17, 2013
Authored by Roberto Paleari

Sitecom WLM-3500 routers contain an undocumented access backdoor that can be abused to bypass existing authentication mechanisms.

tags | exploit
MD5 | 6014d16e70c824da6e2c7ea844dd8977
Apple Security Advisory 2013-04-16-1
Posted Apr 17, 2013
Authored by Apple | Site apple.com

Apple Security Advisory 2013-04-16-1 - Safari 6.0.4 is now available and fixes one vulnerability. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution Description: An invalid cast issue existed in the handling of SVG files. This issue was addressed through improved type checking.

tags | advisory, arbitrary, code execution
systems | apple
advisories | CVE-2013-0912
MD5 | 97cc041701aab1c4a610000ce0c05266
Open-Xchange 6 / OX AppSuite Cross Site Scripting
Posted Apr 17, 2013
Authored by Martin Braun

Multiple security issues for Open-Xchange Server 6 and OX AppSuite have been discovered and fixed. These range from cross site scripting to header injection.

tags | advisory, xss
advisories | CVE-2013-2582, CVE-2013-2583
MD5 | cd926acbef92e170fa1fa8e61b2231cb
Drupal MP3 Players 6.x Cross Site Scripting
Posted Apr 17, 2013
Authored by Kyle Small | Site drupal.org

Drupal MP3 Player third party module version 6.x suffers from a cross site scripting vulnerability.

tags | advisory, xss
MD5 | 46d11172fdbf55fe6705df8fe50c49bc
Drupal AWTNF 6.x / 7.x Access Bypass
Posted Apr 17, 2013
Authored by Cash Williams | Site drupal.org

Drupal Autocomplete Widgets for Text and Number Fields third party module versions 6.x and 7.x suffer from an access bypass vulnerability.

tags | advisory, bypass
MD5 | a4dc5b667df2749aa02450c739cba37e
ZPanel Code Execution
Posted Apr 17, 2013
Authored by Sven Slootweg

ZPanel suffers from a remote PHP code execution vulnerability.

tags | exploit, remote, php, code execution
MD5 | 77c36c4719658b813d9b233163ef66ed
Sosci Survey 2.x Bypass / XSS / Command Execution
Posted Apr 17, 2013
Authored by V. Paulikas, T. Lazauninkas | Site sec-consult.com

Sosci Survey versions prior to 2.3.04a suffer from authorization issues, cross site scripting, and remote command execution vulnerabilities.

tags | exploit, remote, vulnerability, xss
MD5 | e0524b5a3364b9f57c6fe126fe51f71f
Page 1 of 1

File Archive:

February 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    33 Files
  • 2
    Feb 2nd
    30 Files
  • 3
    Feb 3rd
    15 Files
  • 4
    Feb 4th
    8 Files
  • 5
    Feb 5th
    11 Files
  • 6
    Feb 6th
    2 Files
  • 7
    Feb 7th
    1 Files
  • 8
    Feb 8th
    37 Files
  • 9
    Feb 9th
    15 Files
  • 10
    Feb 10th
    11 Files
  • 11
    Feb 11th
    26 Files
  • 12
    Feb 12th
    8 Files
  • 13
    Feb 13th
    1 Files
  • 14
    Feb 14th
    1 Files
  • 15
    Feb 15th
    9 Files
  • 16
    Feb 16th
    33 Files
  • 17
    Feb 17th
    6 Files
  • 18
    Feb 18th
    10 Files
  • 19
    Feb 19th
    20 Files
  • 20
    Feb 20th
    1 Files
  • 21
    Feb 21st
    1 Files
  • 22
    Feb 22nd
    17 Files
  • 23
    Feb 23rd
    15 Files
  • 24
    Feb 24th
    16 Files
  • 25
    Feb 25th
    28 Files
  • 26
    Feb 26th
    25 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2020 Packet Storm. All rights reserved.

Security Services
Hosting By