Red Hat Security Advisory 2013-0746-01 - An updated rhev-hypervisor6 package that fixes several security issues and various bugs is now available. A flaw was found in the way KVM handled guest time updates when the buffer the guest registered by writing to the MSR_KVM_SYSTEM_TIME machine state register crossed a page boundary. A privileged guest user could use this flaw to crash the host or, potentially, escalate their privileges, allowing them to execute arbitrary code at the host kernel level.
e0e7bdb5b0b9301124043a493b224b471c5939586c857ab5a5abc339a3c008e4
Red Hat Security Advisory 2013-0763-01 - The JBoss Web Framework Kit combines popular open source web frameworks into a single solution for Java applications. This release of JBoss Web Framework Kit 2.2.0 serves as a replacement for JBoss Web Framework Kit 2.1.0. It includes various bug fixes and enhancements which are detailed in the JBoss Web Framework Kit 2.2.0 Release Notes.
bcc552aba157e86f9f1f7fc557510c73040d4381d49dbca767a3b296f3e6298f
Mandriva Linux Security Advisory 2013-150 - Multiple unspecified vulnerabilities have been found and corrected in mysql. The updated packages provides the latest supported mysql version from the 5.1.x branch (5.1.69).
d4d7bca72d325bd859ddc3e3320a1e7ee2036885c89d19fce95b03494d4124c8
Mandriva Linux Security Advisory 2013-148 - Cross-site scripting vulnerability in Roundcube Webmail 0.8.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the signature in an email. A local file inclusion flaw was found in the way RoundCube Webmail, a browser-based multilingual IMAP client, performed validation of the 'generic_message_footer' value provided via web user interface in certain circumstances. A remote attacker could issue a specially-crafted request that, when processed by RoundCube Webmail could allow an attacker to obtain arbitrary file on the system, accessible with the privileges of the user running RoundCube Webmail client. The updated packages have been patched and upgraded to the 0.7.4 version which is not affected by these issues.
896d4871100444999e1e08ae677ad26796a59074a1228813d175f9baf91e96ca
tinc is a Virtual Private Network (VPN) daemon that uses tunneling and encryption to create a secure private network between multiple hosts on the Internet. This tunneling allows VPN sites to share information with each other over the Internet without exposing any information.
6ac15eab766c021629992053aa1a23f31a0c429eb0f3eb8f49c923476eea618b
pyClamd is a python interface to Clamd (Clamav daemon). By using pyClamd, you can add virus detection capabilities to your python software in an efficient and easy way. Instead of pyClamav which uses libclamav, pyClamd may be used by a closed source product.
bdf03e9b6f0815ad1875246f4b8d39d283d291b789b528d2a83ab6469bd69652
Red Hat Security Advisory 2013-0762-01 - In accordance with the Red Hat Enterprise MRG Life Cycle policy, the Red Hat Enterprise MRG products, which include the MRG-Messaging, MRG-Realtime, and MRG-Grid, Version 1 and Version 2 offerings for Red Hat Enterprise Linux 5, will be retired on March 31, 2014, and support will no longer be provided. Accordingly, Red Hat will no longer provide updated packages, including critical impact security patches or urgent priority bug fixes, for MRG-Messaging, MRG-Realtime, and MRG-Grid on Red Hat Enterprise Linux 5 after that date. In addition, after March 31, 2014, technical support through Red Hat's Global Support Services will no longer be provided for these products on Red Hat Enterprise Linux 5.
e69ac08569aeb344eec38301651729c60d6f3695e3d1f7856967ff15f269dc75
php_rshell is a ruby script which converts a binary backdoor to hex and creates a windows php reverse backdoor that will be executed on the server.
0fecd8cff34a4c706edcda435ad534f566cb1869bf12bb112959c918e6d7771c
Janissaries Joomla Civicrm component exploitation tool that uploads a shell.
a0d2608dc143c3c9606df7b7c625c70c510de3c71f8eee4f0a1e2f23601c835a
vBilling for FreeSWITCH suffers from multiple remote SQL injection vulnerabilities.
994b7109cb3e6f3b6c77edff6f1e8d54a0117e5090c812694dab17f3c64c0b94
This archive includes the source and a binary for a small Windows reverse shell.
90b4698c98d0968c39961359e2ce541617ee746a3f9d1e360bbc5deb166b3938
Java versions 1.7.0_21-b11 and below suffers from an arbitrary code execution vulnerability.
3158f404571528b94f1fbd702d6393ab7fee07d0e1316cf499dea137b946ebac