seeing is believing
Showing 1 - 15 of 15 RSS Feed

Files Date: 2013-04-18

Fork CMS Local File Inclusion
Posted Apr 18, 2013
Authored by Rafay Baloch

Fork CMS suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
MD5 | f39098732c9f6a7ef2625e750394cdc5
Fork CMS Cross Site Request Forgery
Posted Apr 18, 2013
Authored by Rafay Baloch

Fork CMS suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | a73123b9669b4cd3568f20dbaa343d51
Fork CMS Cross Site Scripting
Posted Apr 18, 2013
Authored by Rafay Baloch

Fork CMS suffers from a stored cross site scripting vulnerability.

tags | exploit, xss
MD5 | 1a99cada1fedfdf46f601f2cd6d1de65
SWFUpload CSRF / XSS / Object Injection
Posted Apr 18, 2013
Authored by KedAns-Dz

SWFUpload suffers from cross site scripting, cross site request forgery, and object injection vulnerabilities.

tags | exploit, vulnerability, xss, csrf
MD5 | c0eb003ec5c6e9aacc4023925ab89cf0
Oracle Java JavaFX Video Frame Decoding Remote Heap Overflow
Posted Apr 18, 2013
Authored by Florent Hochwelker | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Oracle Java. The vulnerability is caused by a heap overflow error within the JavaFX component when decoding certain video frames, which could be exploited by remote attackers to compromise a vulnerable system via a malicious web page.

tags | advisory, java, remote, web, overflow
MD5 | fd4898edb1e151b7997bdff773c0a0af
Matrix42 Service Store 5.3 SP3 Cross Site Scripting
Posted Apr 18, 2013
Authored by 43zsec

Matrix42 Service Store version 5.3 SP3 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | ee74f7c404a62241af532991871cb108
Technical Cyber Security Alert 2013-107A
Posted Apr 18, 2013
Authored by US-CERT | Site us-cert.gov

Technical Cyber Security Alert 2013-107A - Oracle has released a Critical Patch Update (CPU) for Java SE. Oracle strongly recommends that customers apply CPU fixes as soon as possible.

tags | advisory, java
MD5 | b6e7bfa5d6643b729888f0a9c5ff813f
Intercepter Sniffer 0.9.7
Posted Apr 18, 2013
Authored by Ares | Site sniff.su

Intercepter is a sniffer that offers various capabilities including sniffing for password hashes related to ICQ/IRC/AIM/FTP/IMAP/POP3/SMTP/LDAP/BNC/SOCKS/HTTP/WWW/NNTP/CVS/TELNET/MRA/DC++/VNC/MYSQL and ORACLE. It also sniffs ICQ/AIM/JABBER/YAHOO/MSN/GADU-GADU/IRC and MRA protocols. It has a built-in arp poisoning module, can change MAC addresses of LAN adapters, and has various other interesting functionality.

Changes: New versions provides the ability to sniff the login and password of the target user that connects to SSH server and intercepts the session data such as commands.
tags | tool, web, sniffer, imap, protocol
MD5 | 4f80a9d5158b3d1209b08f05b01bd2fe
Free Float FTP Server USER Command Buffer Overflow
Posted Apr 18, 2013
Authored by D35m0nd142 | Site metasploit.com

Freefloat FTP Server is prone to an overflow condition. It fails to properly sanitize user-supplied input resulting in a stack-based buffer overflow. With a specially crafted 'USER' command, a remote attacker can potentially have an unspecified impact.

tags | exploit, remote, overflow
advisories | OSVDB-69621
MD5 | 00357b62bc5996fa4aa0775a54bf6eec
Cisco Security Advisory 20130417-nac
Posted Apr 18, 2013
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Cisco Network Admission Control (NAC) Manager contains a vulnerability that could allow an unauthenticated remote attacker to execute arbitrary code and take full control of the vulnerable system. A successful attack could allow an unauthenticated attacker to access, create or modify any information in the NAC Manager database. Cisco has released free software updates that address this vulnerability. There are no workarounds for this vulnerability.

tags | advisory, remote, arbitrary
systems | cisco
MD5 | 749a17c81abe1244ac1dbf33db654012
SI6 Networks' IPv6 Toolkit 1.3.4
Posted Apr 18, 2013
Authored by Fernando Gont

This toolkit houses various IPv6 tools that have been tested to compile and run on Debian GNU/Linux 6.0, FreeBSD 9.0, NetBSD 5.1, OpenBSD 5.0, Mac OS 10.8.0, and Ubuntu 11.10.

Changes: IPv6-host tracking support in the scan6 tool. A new tool, address6, to analyze IPv6 addresses. Minor bug fixes.
tags | tool
systems | linux, netbsd, unix, freebsd, openbsd, debian, ubuntu
MD5 | 21fe4ecb93a9b4783be7b16d88b0ab81
Ubuntu Security Notice USN-1803-1
Posted Apr 18, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1803-1 - It was discovered that the X.Org X server did not properly clear input events in certain circumstances. A local attacker with physical access could use this flaw to capture keystrokes.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2013-1940
MD5 | afc261444d1396c10b83e29c29173965
Debian Security Advisory 2661-1
Posted Apr 18, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2661-1 - David Airlie and Peter Hutterer of Red Hat discovered that xorg-server, the Xorg X server was vulnerable to an information disclosure flaw related to input handling and devices hotplug.

tags | advisory, info disclosure
systems | linux, redhat, debian
advisories | CVE-2013-1940
MD5 | d87ff2ed7e30913a3cb4ec14b038e0ca
Red Hat Security Advisory 2013-0753-01
Posted Apr 18, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0753-01 - The IcedTea-Web project provides a Java web browser plug-in and an implementation of Java Web Start, which is based on the Netx project. It also contains a configuration tool for managing deployment settings for the plug-in and Web Start implementations. It was discovered that the IcedTea-Web plug-in incorrectly used the same class loader instance for applets with the same value of the codebase attribute, even when they originated from different domains. A malicious applet could use this flaw to gain information about and possibly manipulate applets from different domains currently running in the browser.

tags | advisory, java, web
systems | linux, redhat
advisories | CVE-2013-1926, CVE-2013-1927
MD5 | 7800fdf91c5466103b4c37139aa730e6
Red Hat Security Advisory 2013-0752-01
Posted Apr 18, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0752-01 - These packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Software Development Kit. Multiple flaws were discovered in the font layout engine in the 2D component. An untrusted Java application or applet could possibly use these flaws to trigger Java Virtual Machine memory corruption. Multiple improper permission check issues were discovered in the Beans, Libraries, JAXP, and RMI components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2013-0401, CVE-2013-1488, CVE-2013-1518, CVE-2013-1537, CVE-2013-1557, CVE-2013-1558, CVE-2013-1569, CVE-2013-2383, CVE-2013-2384, CVE-2013-2415, CVE-2013-2417, CVE-2013-2419, CVE-2013-2420, CVE-2013-2421, CVE-2013-2422, CVE-2013-2423, CVE-2013-2424, CVE-2013-2426, CVE-2013-2429, CVE-2013-2430, CVE-2013-2431, CVE-2013-2436
MD5 | 0da1e99c5d4c51a3d996a745c84ef616
Page 1 of 1
Back1Next

File Archive:

October 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    15 Files
  • 2
    Oct 2nd
    16 Files
  • 3
    Oct 3rd
    15 Files
  • 4
    Oct 4th
    15 Files
  • 5
    Oct 5th
    11 Files
  • 6
    Oct 6th
    6 Files
  • 7
    Oct 7th
    2 Files
  • 8
    Oct 8th
    1 Files
  • 9
    Oct 9th
    13 Files
  • 10
    Oct 10th
    16 Files
  • 11
    Oct 11th
    15 Files
  • 12
    Oct 12th
    23 Files
  • 13
    Oct 13th
    13 Files
  • 14
    Oct 14th
    12 Files
  • 15
    Oct 15th
    2 Files
  • 16
    Oct 16th
    16 Files
  • 17
    Oct 17th
    16 Files
  • 18
    Oct 18th
    14 Files
  • 19
    Oct 19th
    8 Files
  • 20
    Oct 20th
    7 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close