what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 15 of 15 RSS Feed

Files Date: 2013-04-17

Red Hat Security Advisory 2013-0751-01
Posted Apr 17, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0751-01 - These packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Software Development Kit. Multiple flaws were discovered in the font layout engine in the 2D component. An untrusted Java application or applet could possibly use these flaws to trigger Java Virtual Machine memory corruption. Multiple improper permission check issues were discovered in the Beans, Libraries, JAXP, and RMI components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2013-0401, CVE-2013-1488, CVE-2013-1518, CVE-2013-1537, CVE-2013-1557, CVE-2013-1558, CVE-2013-1569, CVE-2013-2383, CVE-2013-2384, CVE-2013-2415, CVE-2013-2417, CVE-2013-2419, CVE-2013-2420, CVE-2013-2421, CVE-2013-2422, CVE-2013-2423, CVE-2013-2424, CVE-2013-2426, CVE-2013-2429, CVE-2013-2430, CVE-2013-2431, CVE-2013-2436
SHA-256 | 3dd79f78440b623f915a9d88a18803f2cbd13f584293a3ef010118bc0dbab5b8
Samhain File Integrity Checker 3.0.11
Posted Apr 17, 2013
Authored by Rainer Wichmann | Site samhain.sourceforge.net

Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.

Changes: Log rotation can be handled more gracefully now. An option to ignore modifications of transient files during their lifetime has been added, and it is possible now to build a Debian client package with a preset password. A problem with large groups has been fixed, as well as reconnecting to a temporarily unavailable Oracle database.
tags | tool, tcp, intrusion detection
systems | linux, unix, solaris, aix, hpux, unixware
SHA-256 | 35a8d392b930b7db1ec9ff0c55bc89d2cfb08d13b8cb7937012dab776c36c89d
Cisco Security Advisory 20130417-tpi
Posted Apr 17, 2013
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Cisco TelePresence multipoint control unit (MCU) and Cisco TelePresence Server contain a vulnerability that could allow an unauthenticated, remote attacker to trigger the reload of an affected system. Cisco has released free software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available.

tags | advisory, remote
systems | cisco
SHA-256 | 119f45014590ba7857394b2b18f4cc8f0f389955b9862b725e9ebc23bf070330
Oracle WebCenter / Fatwire Header Injection
Posted Apr 17, 2013
Authored by Kestutis Gudinavicius | Site sec-consult.com

Oracle WebCenter Sites Satellite Server versions 7.6.0 Patch1, 7.6.2, 11.1.1.6.0, and 11.1.1.6.1 suffer from HTTP header injection and cache poisoning vulnerabilities.

tags | exploit, web, vulnerability
advisories | CVE-2013-1509
SHA-256 | b211d5ba79c2e4506fc8c437bbb356031d7bc5df5b5dceb6705801d00369973b
Drupal elFinder File Mapper 6.x / 7.x CSRF
Posted Apr 17, 2013
Authored by Greg Knaddison | Site drupal.org

Drupal elFinder File Mapper third party module versions 6.x and 7.x suffer from a cross site request forgery vulnerability.

tags | advisory, csrf
SHA-256 | 1b78014778f58c0e69085bc915cc9663c2fb554fe12306c3d14bff605cae1d2a
KrisonAV CMS 3.0.1 CSRF / Cross Site Scripting
Posted Apr 17, 2013
Authored by High-Tech Bridge SA | Site htbridge.ch

KrisonAV CMS version 3.0.1 suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
advisories | CVE-2013-2712, CVE-2013-2713
SHA-256 | 67fef60fe75255a54bdaa421e598033b564c3cd7f9a2ddc60ad14b24dcb74af4
Apple Security Advisory 2013-04-16-2
Posted Apr 17, 2013
Authored by Apple | Site apple.com

Apple Security Advisory 2013-04-16-2 - Java for OS X 2013-003 and Mac OS X v10.6 Update 15 are now available and address many vulnerabilities in 1.6.0_43.

tags | advisory, java, vulnerability
systems | apple, osx
advisories | CVE-2013-1491, CVE-2013-1537, CVE-2013-1540, CVE-2013-1557, CVE-2013-1558, CVE-2013-1563, CVE-2013-1569, CVE-2013-2383, CVE-2013-2384, CVE-2013-2394, CVE-2013-2417, CVE-2013-2419, CVE-2013-2420, CVE-2013-2422, CVE-2013-2424, CVE-2013-2429, CVE-2013-2430, CVE-2013-2432, CVE-2013-2435, CVE-2013-2437, CVE-2013-2440
SHA-256 | 729975cdb6190f6a342d07628259c73bcd3f36b80d4cc898f7e442db272605ac
Java Web Start Launcher Memory Corruption
Posted Apr 17, 2013
Authored by A. Antukh | Site sec-consult.com

The Java active-x control in Java Web Start Launcher suffers from a memory corruption vulnerability.

tags | exploit, java, web, activex
advisories | CVE-2013-2416
SHA-256 | bda67853310f31100eb0d7eabe5f41ccba0af48ed6d9d0588dbc627b879ca5c2
Sitecom WLM-3500 Backdoor Accounts
Posted Apr 17, 2013
Authored by Roberto Paleari

Sitecom WLM-3500 routers contain an undocumented access backdoor that can be abused to bypass existing authentication mechanisms.

tags | exploit
SHA-256 | f2ecdb133a910caba3fe823da7e97c6b19b3cd08e31d2581b74733a09d7fc2c9
Apple Security Advisory 2013-04-16-1
Posted Apr 17, 2013
Authored by Apple | Site apple.com

Apple Security Advisory 2013-04-16-1 - Safari 6.0.4 is now available and fixes one vulnerability. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution Description: An invalid cast issue existed in the handling of SVG files. This issue was addressed through improved type checking.

tags | advisory, arbitrary, code execution
systems | apple
advisories | CVE-2013-0912
SHA-256 | 3a89ff7462c5244bed37bf3530980d2b9d9ba36623eb4725d574dfba20f33962
Open-Xchange 6 / OX AppSuite Cross Site Scripting
Posted Apr 17, 2013
Authored by Martin Braun

Multiple security issues for Open-Xchange Server 6 and OX AppSuite have been discovered and fixed. These range from cross site scripting to header injection.

tags | advisory, xss
advisories | CVE-2013-2582, CVE-2013-2583
SHA-256 | e2706921a9718e5f1888014c099073f64e4fae60be06edb06264c9b991a2542e
Drupal MP3 Players 6.x Cross Site Scripting
Posted Apr 17, 2013
Authored by Kyle Small | Site drupal.org

Drupal MP3 Player third party module version 6.x suffers from a cross site scripting vulnerability.

tags | advisory, xss
SHA-256 | 2931075252225a999b92df8d82e9a2f8c28184385f1e001b9b5203c4e7a1ce8f
Drupal AWTNF 6.x / 7.x Access Bypass
Posted Apr 17, 2013
Authored by Cash Williams | Site drupal.org

Drupal Autocomplete Widgets for Text and Number Fields third party module versions 6.x and 7.x suffer from an access bypass vulnerability.

tags | advisory, bypass
SHA-256 | f18968b9cd445e48ab19924ba4ec5903416dee4fa2067746d5a3b81b696ee5b6
ZPanel Code Execution
Posted Apr 17, 2013
Authored by Sven Slootweg

ZPanel suffers from a remote PHP code execution vulnerability.

tags | exploit, remote, php, code execution
SHA-256 | cb33afd179e83c86b0ed86861357632fc5c668bcaac89201cd95e4351ee00eaf
Sosci Survey 2.x Bypass / XSS / Command Execution
Posted Apr 17, 2013
Authored by V. Paulikas, T. Lazauninkas | Site sec-consult.com

Sosci Survey versions prior to 2.3.04a suffer from authorization issues, cross site scripting, and remote command execution vulnerabilities.

tags | exploit, remote, vulnerability, xss
SHA-256 | 2688b19fa954cb3f1486c7c46ca8d36690ad27229d60a36c584a5f2d3a45c7aa
Page 1 of 1
Back1Next

File Archive:

May 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    44 Files
  • 2
    May 2nd
    5 Files
  • 3
    May 3rd
    11 Files
  • 4
    May 4th
    0 Files
  • 5
    May 5th
    0 Files
  • 6
    May 6th
    28 Files
  • 7
    May 7th
    3 Files
  • 8
    May 8th
    4 Files
  • 9
    May 9th
    54 Files
  • 10
    May 10th
    12 Files
  • 11
    May 11th
    0 Files
  • 12
    May 12th
    0 Files
  • 13
    May 13th
    17 Files
  • 14
    May 14th
    11 Files
  • 15
    May 15th
    17 Files
  • 16
    May 16th
    13 Files
  • 17
    May 17th
    22 Files
  • 18
    May 18th
    0 Files
  • 19
    May 19th
    0 Files
  • 20
    May 20th
    0 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close