exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 15 of 15 RSS Feed

Files Date: 2013-04-30

Breakpoint 2013 Call For Papers
Posted Apr 30, 2013
Authored by bpx | Site ruxconbreakpoint.com

The Breakpoint 2013 Call For Papers has been announced. It will take place at the Intercontinental Rialto in Melbourne, Australia October 24th through the 25th, 2013. Breakpoint showcases the work of expert security researchers from around the world on a wide range of topics. This conference is organized by the Ruxcon team and offers a specialized security conference to complement and lead into the larger and more casual Ruxcon weekend conference. Breakpoint caters towards security researchers and industry professionals alike, with a focus on cutting edge security research.

tags | paper, conference
SHA-256 | 08009c8fd4e78f803da53c08c7dd02afd1898a3a6d3b8189d616f027359c0912
IBM Lotus Notes 8.5.3 Code Execution
Posted Apr 30, 2013
Authored by Alexander Klink | Site nruns.com

The Lotus Notes mail client accepts applet tags inside HTML emails, making it possible to load Java applets from a remote location. Combined with known Java sandbox escape vulnerabilities, it can be used to fully compromise the user reading the email.

tags | advisory, java, remote, vulnerability
advisories | CVE-2013-0127
SHA-256 | 72507df8ce813a6baed8ae1404ff3467f4a3d09f17024073ea1c0b531c0f08c6
HP Security Bulletin HPSBMU02872 SSRT101185
Posted Apr 30, 2013
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU02872 SSRT101185 - Potential security vulnerabilities have been identified with HP Service Manager Web Tier running on Windows. Service Manager Web Tier is vulnerable to remote disclosure of information and cross site scripting (XSS). Revision 1 of this advisory.

tags | advisory, remote, web, vulnerability, xss
systems | windows
advisories | CVE-2012-5222, CVE-2013-2321
SHA-256 | cd6d67bc13e7d8b16182f157bf80b7b5c828bddb5dc432ce8035df4768b5b42a
Syslog Watcher Pro 2.8.0.812 Cross Site Scripting
Posted Apr 30, 2013
Authored by demonalex

Syslog Watcher Pro version 2.8.0.812 suffers from a cross site scripting vulnerability in the date parameter.

tags | exploit, xss
SHA-256 | 915406c2f87f0049bb8834fe22f3c1981d4e58f7034f1ecd7f678170203cf3db
WowzaMediaServer Properties Information Disclosure
Posted Apr 30, 2013
Authored by Michal J.

WowzaMediaServer allows for direct getting and setting of properties which in turn can enable an attacker the ability to mount further attacks.

tags | advisory, bypass
SHA-256 | 02061d65ffca3d12c102fcd83b76a8c46f938d8fefea6e170cb8ce387b7c0c9d
WowzaMediaServer StorageDir Constraint Bypass
Posted Apr 30, 2013
Authored by Michal J.

WowzaMediaServer suffers from a bypass vulnerability that allows for accessing of files outside of the allowed StorageDir directory.

tags | exploit, bypass
SHA-256 | f4564e946705fc60d5c17b51bebbe0c644dbb60355ce85b64a936c75bbf48ae6
Security Notice For CA ControlMinder - Update
Posted Apr 30, 2013
Authored by Kevin Kotas | Site www3.ca.com

CA Technologies support is alerting customers to a potential risk with CA ControlMinder. A vulnerability exists that can allow a remote attacker to execute arbitrary code. CA has issued remediation to address the vulnerability. The vulnerability occurs due to the default JBoss Application Server configuration not correctly enforcing authentication. A remote attacker can bypass authentication, which may result in arbitrary code execution and server compromise. This vulnerability only affects the server components.

tags | advisory, remote, arbitrary, code execution
advisories | CVE-2010-0738
SHA-256 | 64660f12f6dffd5ead18f692e26e016ebc3bd54a5bb79b9a73ea69407b74de6f
HP Security Bulletin HPSBMU02874 SSRT101184
Posted Apr 30, 2013
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU02874 SSRT101184 - Several potential security vulnerabilities have been identified with HP Service Manager for Windows, Linux, HP-UX, Solaris and AIX. The Java Runtime Environment (JRE) has been updated to correct these issues. Revision 1 of this advisory.

tags | advisory, java, vulnerability
systems | linux, windows, solaris, aix, hpux
advisories | CVE-2012-1541, CVE-2012-1543, CVE-2012-3213, CVE-2012-3342, CVE-2012-4301, CVE-2012-4305, CVE-2013-0169, CVE-2013-0351, CVE-2013-0409, CVE-2013-0419, CVE-2013-0423, CVE-2013-0424, CVE-2013-0425, CVE-2013-0426, CVE-2013-0427, CVE-2013-0428, CVE-2013-0429, CVE-2013-0430, CVE-2013-0431, CVE-2013-0432, CVE-2013-0433, CVE-2013-0434, CVE-2013-0435, CVE-2013-0436, CVE-2013-0437, CVE-2013-0438, CVE-2013-0439, CVE-2013-0440
SHA-256 | 6b8f577467e6e64a94ac9f1285bd24a8e75470238726cda299c3e72a719a8194
Personal File Share HTTP Server Remote Overflow
Posted Apr 30, 2013
Authored by demonalex

Personal File Share HTTP server suffers from a remote buffer overflow vulnerability. Proof of concept denial of service code included.

tags | exploit, remote, web, denial of service, overflow, proof of concept
SHA-256 | 35ab66e9b48e819eccea9de3c3b1264a3321487f6247141d750c465f46ab2f37
HP Security Bulletin HPSBMU02873 SSRT101182
Posted Apr 30, 2013
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU02873 SSRT101182 - Several potential security vulnerabilities have been identified with HP Service Manager for Windows, Linux, HP-UX, Solaris and AIX. The Apache Tomcat environment has been updated to correct these issues. Revision 1 of this advisory.

tags | advisory, vulnerability
systems | linux, windows, solaris, aix, hpux
advisories | CVE-2012-2733, CVE-2012-3546, CVE-2012-4431, CVE-2012-4534
SHA-256 | 3a9a3d4a425cbd20923f80d24ed414a8a63ec3c97cce49d888efcf082ada17c7
FreeBSD Security Advisory - NFS Server Input Validation
Posted Apr 30, 2013
Site security.freebsd.org

FreeBSD Security Advisory - When processing READDIR requests, the NFS server does not check that it is in fact operating on a directory node. An attacker can use a specially modified NFS client to submit a READDIR request on a file, causing the underlying filesystem to interpret that file as a directory.

tags | advisory
systems | freebsd
advisories | CVE-2013-3266
SHA-256 | bdaaa4f57ae7233f6c31b6eae202bb3c0468403f3d7945ce9f1166ffc3299396
Mandriva Linux Security Advisory 2013-159
Posted Apr 30, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-159 - ClamAV 0.97.8 addresses several reported potential security bugs.

tags | advisory
systems | linux, mandriva
advisories | CVE-2013-2020, CVE-2013-2021
SHA-256 | 68cc0cc22a4ed195526f56899d1de26e093221267702011cafeb39641c3d6282
Debian Security Advisory 2665-1
Posted Apr 30, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2665-1 - Kevin Wojtysiak discovered a vulnerability in strongSwan, an IPsec based VPN solution.

tags | advisory
systems | linux, debian
advisories | CVE-2013-2944
SHA-256 | 65b00d442f413e485656ff7783722662383ea7e9970c5242dd8e466594e29bcd
Mandriva Linux Security Advisory 2013-158
Posted Apr 30, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-158 - The prep_reprocess_req function in do_tgs_req.c in the Key Distribution Center before 1.10.5 does not properly perform service-principal realm referral, which allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted TGS-REQ request. The updated packages have been patched to correct this issue.

tags | advisory, remote, denial of service
systems | linux, mandriva
advisories | CVE-2013-1416
SHA-256 | 39cd223b2070c1e9da32d7df478ea030fc5680a222d44d15d868e6a8e52a7efa
Mandriva Linux Security Advisory 2013-157
Posted Apr 30, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-157 - The pkinit_check_kdc_pkid function in plugins/preauth/pkinit/pkinit_crypto_openssl.c in the PKINIT implementation in the Key Distribution Center in MIT Kerberos 5 before 1.10.4 and 1.11.x before 1.11.1 does not properly handle errors during extraction of fields from an X.509 certificate, which allows remote attackers to cause a denial of service via a malformed KRB5_PADATA_PK_AS_REQ AS-REQ request. The prep_reprocess_req function in do_tgs_req.c in the Key Distribution Center before 1.10.5 does not properly perform service-principal realm referral, which allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted TGS-REQ request. The updated packages have been patched to correct these issues.

tags | advisory, remote, denial of service
systems | linux, mandriva
advisories | CVE-2013-1415, CVE-2013-1416
SHA-256 | 199f5a10f9c3952ec28914507f3f5a6dc8411e3c44dfd7e08218fe1c6eb08789
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close