all things security
Showing 1 - 25 of 425 RSS Feed

Files Date: 2013-04-01 to 2013-04-30

SAP ConfigServlet Remote Code Execution
Posted Apr 29, 2013
Authored by Dmitry Chastuhin, Andras Kabai | Site metasploit.com

This Metasploit module allows remote code execution via operating system commands through the SAP ConfigServlet without any authentication. This Metasploit module has been tested successfully with SAP NetWeaver 7.00 and 7.01 on Windows Server 2008 R2.

tags | exploit, remote, code execution
systems | windows
advisories | OSVDB-92704
MD5 | a7a37ad7f21c133224d6379292a884d8
phpMyAdmin Authenticated Remote Code Execution
Posted Apr 29, 2013
Authored by Janek Vind aka waraxe | Site metasploit.com

This Metasploit module exploits a PREG_REPLACE_EVAL vulnerability in phpMyAdmin's replace_prefix_tbl within libraries/mult_submits.inc.php via db_settings.php. This affects versions 3.5.x below 3.5.8.1 and 4.0.0 below 4.0.0-rc3. PHP versions greater than 5.4.6 are not vulnerable.

tags | exploit, php
advisories | CVE-2013-3238, OSVDB-92793
MD5 | 0f98ac49e2a0e97b78d728dd67072274
Wordpress W3 Total Cache PHP Code Execution
Posted Apr 29, 2013
Authored by H D Moore, juan vazquez, temp66, Christian Mehlmauer | Site metasploit.com

This Metasploit module exploits a PHP Code Injection vulnerability against Wordpress plugin W3 Total Cache for versions up to and including 0.9.2.8. WP Super Cache 1.2 or older is also reported as vulnerable. The vulnerability is due to the handling of certain macros such as mfunc, which allows arbitrary PHP code injection. A valid post ID is needed in order to add the malicious comment. If the POSTID option isn't specified, then the module will automatically bruteforce one. Also, if anonymous comments aren't allowed, then a valid username and password must be provided. In addition, the "A comment is held for moderation" option on Wordpress must be unchecked for successful exploitation. This Metasploit module has been tested against Wordpress 3.5 and W3 Total Cache 0.9.2.3 on a Ubuntu 10.04 system.

tags | exploit, arbitrary, php
systems | linux, ubuntu
advisories | OSVDB-92652
MD5 | 170014b6ed1d82d111127c7bec507a9d
D-Link IP Cameras Injection / Bypass
Posted Apr 29, 2013
Authored by Core Security Technologies, Nahuel Riva, Francisco Falcon, Pablo Santamaria, Juan Cotta, Martin Rocha | Site coresecurity.com

Core Security Technologies Advisory - D-Link IP Cameras suffer from OS command injection, authentication, information leak, and hard-coded credential vulnerabilities.

tags | exploit, vulnerability
advisories | CVE-2013-1599, CVE-2013-1600, CVE-2013-1601, CVE-2013-1602, CVE-2013-1603
MD5 | c9bc857db464de16f8f840ad447d5881
Vivotek IP Camera Buffer Overflow / Disclosure / Injection
Posted Apr 29, 2013
Authored by Core Security Technologies, Nahuel Riva, Francisco Falcon, Alejandro Leon Morales, Juan Cotta, Martin Rocha | Site coresecurity.com

Core Security Technologies Advisory - Vivotek IP Cameras suffer from information leak, buffer overflow, authentication, path traversal, and command injection vulnerabilities. Vulnerable are Vivotek PT7135 IP camera with firmware 0300a, Vivotek PT7135 IP camera with firmware 0400a, and possibly others.

tags | exploit, overflow, vulnerability
advisories | CVE-2013-1594, CVE-2013-1595, CVE-2013-1596, CVE-2013-1597, CVE-2013-1598
MD5 | b85b1ef6c99144cbd2edd7812d06158b
Cisco Linksys E1200 / N300 Cross Site Scripting
Posted Apr 29, 2013
Authored by Carl Benedict

Cisco Linksys E1200 and N300 routers version 2.0.04 suffer from a cross site scripting vulnerability.

tags | exploit, xss
systems | cisco
MD5 | 521831d1f3399f90f343ff1021e7d95e
HP Security Bulletin HPSBPI02869 SSRT100936
Posted Apr 29, 2013
Authored by HP | Site hp.com

HP Security Bulletin HPSBPI02869 SSRT100936 - A potential security vulnerability has been identified with HP LaserJet MFP printers, HP Color LaserJet MFP printers, and certain HP LaserJet printers. The vulnerability could be exploited remotely to gain unauthorized access to files. Revision 1 of this advisory.

tags | advisory
advisories | CVE-2012-5221
MD5 | b201067c605941cade500769e7768eae
HP Security Bulletin HPSBPI02868 SSRT101017
Posted Apr 29, 2013
Authored by HP | Site hp.com

HP Security Bulletin HPSBPI02868 SSRT101017 - A potential security vulnerability has been identified with HP Managed Printing Administration (MPA). The vulnerability could be exploited remotely resulting in cross site scripting (XSS). Revision 1 of this advisory.

tags | advisory, xss
advisories | CVE-2012-5219
MD5 | 20db771c6d1359fea811b9a8da816ad5
Foe CMS 1.6.5 Cross Site Scripting / SQL Injection
Posted Apr 29, 2013
Authored by flux77

Foe CMS version 1.6.5 suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
MD5 | 8e1fd4c98807c68fa32dbf2e2d7722c6
Ipswitch IMail 11.01 Cross Site Scripting
Posted Apr 29, 2013
Authored by DaOne

Ipswitch IMail version 11.01 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 9a82a5c990e70a11b0aa7069fa78bef2
Memcached Remote Denial Of Service
Posted Apr 29, 2013
Authored by infodox

Memcached denial of service exploit for an issue disclosed on their bugtracker two years ago and was never patched.

tags | exploit, denial of service
MD5 | cbe9afa9cac634c26e0e326e408c06cc
EDSC 2013 Call For Papers
Posted Apr 29, 2013
Site edsconf.com

EDSC is a new security conference focusing on embedded systems, hardware, and anything behind the silicon curtain. Embedded testing is a rapidly expanding area of the security industry staying current is important for engineers, researchers, and testers alike. EDSC will be held this summer on the beach at Golden Gardens Park in the Bathhouse. The venue is 20 minutes from downtown Seattle, WA, USA. It will take place August 14th and 15th.

tags | paper, conference
MD5 | b57bad1bc19e8196d9fe6ec99ebfa755
Joomla! 3.0.3 PHP Object Injection
Posted Apr 29, 2013
Authored by EgiX

Joomla! versions 3.0.3 and below suffer from a PHP object injection vulnerability in remember.php.

tags | exploit, php
advisories | CVE-2013-3242
MD5 | f9684c84a5ee41372db90dbf26d495f7
Mandriva Linux Security Advisory 2013-154
Posted Apr 29, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-154 - An information disclosure flaw was found in the way the mount command reported errors. A local attacker could use this flaw to determine the existence of files and directories they do not have access to. Additionally for Mandriva Enterprise Server 5 a patch was added to support a new --no-canonicalize switch for mount to support the fix for in fuse. The updated packages have been patched to correct these issues.

tags | advisory, local, info disclosure
systems | linux, mandriva
advisories | CVE-2013-0157
MD5 | bed5e8519f2b1347bc63b28770e00b20
Mandriva Linux Security Advisory 2013-156
Posted Apr 29, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-156 - ModSecurity before 2.7.3 allows remote attackers to read arbitrary files, send HTTP requests to intranet servers, or cause a denial of service via an XML external entity declaration in conjunction with an entity reference, aka an XML External Entity vulnerability. The updated packages have been patched to correct this issue.

tags | advisory, remote, web, denial of service, arbitrary
systems | linux, mandriva
advisories | CVE-2013-1915
MD5 | 502ae6f452a8a57dce4b933af50d7fe7
Mandriva Linux Security Advisory 2013-155
Posted Apr 29, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-155 - FUSE, possibly 2.8.5 and earlier, allows local users to create mtab entries with arbitrary pathnames, and consequently unmount any filesystem, via a symlink attack on the parent directory of the mountpoint of a FUSE filesystem, a different vulnerability than CVE-2010-0789. The updated packages have been patched to correct this issue.

tags | advisory, arbitrary, local
systems | linux, mandriva
advisories | CVE-2010-3879
MD5 | a239ab511379018f676ab86a4be349b5
PayPal BillSafe Authentication Bypass
Posted Apr 29, 2013
Authored by Benjamin Kunz Mejri | Site vulnerability-lab.com

PayPal's Billsafe online payment service web application suffered from a remote authentication bypass session vulnerability.

tags | exploit, remote, web
MD5 | b3ba16ab33684a9484ff99ad1fe67e2b
TinyMCE Ajax File Manager Remote Code Execution
Posted Apr 29, 2013
Authored by onestree

TinyMCE Ajax File Manager suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
MD5 | f3424d1ce40a76c506652097317976f7
Mandriva Linux Security Advisory 2013-153
Posted Apr 28, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-153 - Subversion's mod_dav_svn Apache HTTPD server module will use excessive amounts of memory when a large number of properties are set or deleted on a node. This can lead to a DoS. There are no known instances of this problem being observed in the wild. Subversion's mod_dav_svn Apache HTTPD server module will crash when a LOCK request is made against activity URLs. This can lead to a DoS. There are no known instances of this problem being observed in the wild. Subversion's mod_dav_svn Apache HTTPD server module will crash in some circumstances when a LOCK request is made against a non-existent URL. This can lead to a DoS. There are no known instances of this problem being observed in the wild. Subversion's mod_dav_svn Apache HTTPD server module will crash when a PROPFIND request is made against activity URLs. This can lead to a DoS. There are no known instances of this problem being observed in the wild, but the details of how to exploit it have been disclosed on the full disclosure mailing list. Subversion's mod_dav_svn Apache HTTPD server module will crash when a log REPORT request receives a limit that is out of the allowed range. This can lead to a DoS. There are no known instances of this problem being used as a DoS in the wild. The updated packages have been upgraded to the 1.7.9 version which is not affected by these issues.

tags | advisory
systems | linux, mandriva
advisories | CVE-2013-1845, CVE-2013-1846, CVE-2013-1847, CVE-2013-1849, CVE-2013-1884
MD5 | 1b76fc8f8318d05662cbd8772ebffd21
Mandriva Linux Security Advisory 2013-152
Posted Apr 28, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-152 - Subversion's mod_dav_svn Apache HTTPD server module will use excessive amounts of memory when a large number of properties are set or deleted on a node. This can lead to a DoS. There are no known instances of this problem being observed in the wild. Subversion's mod_dav_svn Apache HTTPD server module will crash when a LOCK request is made against activity URLs. This can lead to a DoS. There are no known instances of this problem being observed in the wild. Subversion's mod_dav_svn Apache HTTPD server module will crash in some circumstances when a LOCK request is made against a non-existent URL. This can lead to a DoS. There are no known instances of this problem being observed in the wild. Subversion's mod_dav_svn Apache HTTPD server module will crash when a PROPFIND request is made against activity URLs. This can lead to a DoS. There are no known instances of this problem being observed in the wild, but the details of how to exploit it have been disclosed on the full disclosure mailing list. The updated packages have been upgraded to the 1.6.21 version which is not affected by these issues.

tags | advisory
systems | linux, mandriva
advisories | CVE-2013-1845, CVE-2013-1846, CVE-2013-1847, CVE-2013-1849
MD5 | c3b21ed8e4e56f1c3eadff4fafb24404
Mandriva Linux Security Advisory 2013-151
Posted Apr 28, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-151 - libcurl is vulnerable to a cookie leak vulnerability when doing requests across domains with matching tails. This vulnerability can be used to hijack sessions in targetted attacks since registering domains using a known domain's name as an ending is trivial.

tags | advisory
systems | linux, mandriva
advisories | CVE-2013-1944
MD5 | 4d4a3d293c2bcde61e955cf16eed1506
FreePBX 2.9 Remote Command Execution
Posted Apr 27, 2013
Authored by Ahmed Aboul-Ela

FreePBX version 2.9 suffers from a backup module remote command execution vulnerability.

tags | exploit, remote
MD5 | 582fa2e5544c8c4da6487f4ceb1b05ba
PHPValley Micro Jobs Site Script 1.01 Account Takeover
Posted Apr 27, 2013
Authored by Jason Whelan

PHPValley Micro Jobs Site Script version 1.01 allows for a logged in user to spoof another user and take over their account.

tags | exploit, spoof
MD5 | 834d645a5dc51daf527af3a9fcffe379
Elecard MPEG Player 5.8 Buffer Overflow
Posted Apr 27, 2013
Authored by metacom

Elecard MPEG Player version 5.8 proof of concept local buffer overflow exploit.

tags | exploit, overflow, local, proof of concept
MD5 | 12f837ba24f7408f16dc7fcf1e68d290
Iron Lava Corp Shell Upload / SQL Injection
Posted Apr 27, 2013
Authored by Ashiyane Digital Security Team

Sites designed by Iron Lava Corp suffer from remote shell upload and remote SQL injection vulnerabilities. Note that this advisory has site-specific information.

tags | exploit, remote, shell, vulnerability, sql injection
MD5 | 9baea165241efbff031a26023050f4cf
Page 1 of 17
Back12345Next

File Archive:

October 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    15 Files
  • 2
    Oct 2nd
    16 Files
  • 3
    Oct 3rd
    15 Files
  • 4
    Oct 4th
    15 Files
  • 5
    Oct 5th
    11 Files
  • 6
    Oct 6th
    6 Files
  • 7
    Oct 7th
    2 Files
  • 8
    Oct 8th
    1 Files
  • 9
    Oct 9th
    13 Files
  • 10
    Oct 10th
    16 Files
  • 11
    Oct 11th
    15 Files
  • 12
    Oct 12th
    23 Files
  • 13
    Oct 13th
    13 Files
  • 14
    Oct 14th
    12 Files
  • 15
    Oct 15th
    2 Files
  • 16
    Oct 16th
    16 Files
  • 17
    Oct 17th
    16 Files
  • 18
    Oct 18th
    14 Files
  • 19
    Oct 19th
    8 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close