the original cloud security
Showing 1 - 15 of 15 RSS Feed

Files Date: 2013-05-02

EMC NetWorker 8.0.1.3 / 7.6.5.2 Privilege Escalation
Posted May 2, 2013
Site emc.com

A vulnerability exists in EMC NetWorker that could result in elevation of privileges by an unauthorized user who has access to a local file system.

tags | advisory, local
advisories | CVE-2013-0940
MD5 | 44be59429ecf1fe57c605430ca3a953e
EMC Avamar Client Improper Certificate Validation
Posted May 2, 2013
Site emc.com

When the server to client certificate-based authentication is configured, the EMC Avamar Client does not correctly validate the values in the Common Name (CN) and Subject Alternative Name (SAN) field of the Avamar Server certificate. This could potentially allow spoofing attacks. Versions 6.x and below are affected.

tags | advisory, spoof
advisories | CVE-2013-0945
MD5 | d91f2b725e2147e8c966d6d8c1247f9e
Debian Security Advisory 2664-1
Posted May 2, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2664-1 - Stunnel, a program designed to work as an universal SSL tunnel for network daemons, is prone to a buffer overflow vulnerability when using the Microsoft NT LAN Manager (NTLM) authentication ("protocolAuthentication = NTLM") together with the 'connect' protocol method ("protocol = connect"). With these prerequisites and using stunnel4 in SSL client mode ("client = yes") on a 64bit host, an attacker could possibly execute arbitrary code with the privileges of the stunnel process, if the attacker can either control the specified proxy server or perform man-in-the-middle attacks on the tcp session between stunnel and the proxy sever.

tags | advisory, overflow, arbitrary, tcp, protocol
systems | linux, debian
advisories | CVE-2013-1762
MD5 | 956f891d263fe227dcf1ba18a3517e38
Red Hat Security Advisory 2013-0784-01
Posted May 2, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0784-01 - In accordance with the Red Hat Enterprise Linux Errata Support Policy, Extended Update Support for Red Hat Enterprise Linux 6.1 will be retired on May 31, 2013, and support will no longer be provided. Accordingly, Red Hat will no longer provide updated packages, including critical impact security patches or urgent priority bug fixes, for Red Hat Enterprise Linux 6.1 EUS after that date. In addition, after May 31, 2013, technical support through Red Hat's Global Support Services will no longer be provided. Note: This notification applies only to those customers with subscriptions to the Extended Update Support channels for Red Hat Enterprise Linux 6.1.

tags | advisory
systems | linux, redhat
MD5 | af5bb57821043a609f10c09d43cfea6f
EMC Avamar Improper Authorization
Posted May 2, 2013
Site emc.com

A vulnerability in the EMC Avamar web based file restore interface could potentially be exploited by a malicious user to access unauthorized files via URL manipulation.

tags | advisory, web
advisories | CVE-2013-0944
MD5 | 48258ec2fe62b24264718c95f3b3bc5b
Ubuntu Security Notice USN-1814-1
Posted May 2, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1814-1 - Mathias Krause discovered an information leak in the Linux kernel's UDF file system implementation. A local user could exploit this flaw to examine some of the kernel's heap memory. Mathias Krause discovered an information leak in the Linux kernel's ISO 9660 CDROM file system driver. A local user could exploit this flaw to examine some of the kernel's heap memory. An integer overflow was discovered in the Direct Rendering Manager (DRM) subsystem for the i915 video driver in the Linux kernel. A local user could exploit this flaw to cause a denial of service (crash) or potentially escalate privileges. Various other issues were also addressed.

tags | advisory, denial of service, overflow, kernel, local
systems | linux, ubuntu
advisories | CVE-2012-6548, CVE-2012-6549, CVE-2013-0913, CVE-2013-1848, CVE-2013-1860, CVE-2013-2634, CVE-2013-2635, CVE-2012-6548, CVE-2012-6549, CVE-2013-0913, CVE-2013-1848, CVE-2013-1860, CVE-2013-2634, CVE-2013-2635
MD5 | 5f96d08da16ee74bbecad376aae10d81
WordPress Advanced XML Reader 0.3.4 XXE Injection
Posted May 2, 2013
Authored by system_meltdown

WordPress Advanced XML Reader plugin version 0.3.4 suffers from a XXE (XML eXternal Entity) injection vulnerability.

tags | exploit
MD5 | 1d6749881b098ea321780fab4ae5db09
D-Link DNS-323 File Upload / Traversal / Command Execution
Posted May 2, 2013
Authored by sghctoma

D-Link DNS-323 suffers from remote arbitrary file upload, directory traversal, and command execution vulnerabilities.

tags | exploit, remote, arbitrary, vulnerability, file inclusion, file upload
MD5 | 3e766e0d5a451880553e6c37eda76916
Ubuntu Security Notice USN-1813-1
Posted May 2, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1813-1 - Mathias Krause discovered an information leak in the Linux kernel's UDF file system implementation. A local user could exploit this flaw to examine some of the kernel's heap memory. Mathias Krause discovered an information leak in the Linux kernel's ISO 9660 CDROM file system driver. A local user could exploit this flaw to examine some of the kernel's heap memory. An integer overflow was discovered in the Direct Rendering Manager (DRM) subsystem for the i915 video driver in the Linux kernel. A local user could exploit this flaw to cause a denial of service (crash) or potentially escalate privileges. Various other issues were also addressed.

tags | advisory, denial of service, overflow, kernel, local
systems | linux, ubuntu
advisories | CVE-2012-6548, CVE-2012-6549, CVE-2013-0913, CVE-2013-1796, CVE-2013-1797, CVE-2013-1798, CVE-2013-1848, CVE-2013-1860, CVE-2013-2634, CVE-2013-2635, CVE-2012-6548, CVE-2012-6549, CVE-2013-0913, CVE-2013-1796, CVE-2013-1797, CVE-2013-1798, CVE-2013-1848, CVE-2013-1860, CVE-2013-2634, CVE-2013-2635
MD5 | 8bfa7c697e5c6ccf2e8de19d4685e745
Ubuntu Security Notice USN-1815-1
Posted May 2, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1815-1 - Andy Lutomirski discover an error in the Linux kernel's credential handling on unix sockets. A local user could exploit this flaw to gain administrative privileges. Andy Lutomirski discovered a privilege escalation in the Linux kernel's user namespaces. A local user could exploit the flaw to gain administrative privileges.

tags | advisory, kernel, local
systems | linux, unix, ubuntu
advisories | CVE-2013-1979, CVE-2013-1959, CVE-2013-1959, CVE-2013-1979
MD5 | b9dc4c6c526eebaad4076cd8de3df6ab
Oracle Database 11g NULL Pointer
Posted May 2, 2013
Authored by Andy Davis | Site nccgroup.com

Oracle Database 11g suffers from a null pointer denial of service vulnerability. Unfortunately, as usual, the NCC group are withholding any details for three months.

tags | advisory, denial of service
MD5 | 0e46c993b4973de11b865c94e275eb78
Oracle Database 11g Denial Of Service
Posted May 2, 2013
Authored by Andy Davis | Site nccgroup.com

Oracle Database 11g suffers from a denial of service vulnerability. Unfortunately, as usual, the NCC group are withholding any details for three months.

tags | advisory, denial of service
MD5 | 9aa168aa118d0973123a61e2194b8c66
Oracle Retail Integration Bus 13.x Directory Traversal
Posted May 2, 2013
Authored by Andrew Davies | Site nccgroup.com

Oracle Retail Integration Bus versions 13.0, 13.1, and 13.2 suffer from a directory traversal vulnerability. Unfortunately, as usual, the NCC group are withholding any details for three months.

tags | advisory
MD5 | 39eb25a3ad6bf30bb45382d3e3a8eaad
Oracle Retail Central Office 13.x SQL Injection
Posted May 2, 2013
Authored by Andrew Davies | Site nccgroup.com

Oracle Retail Central Office versions 13.1, 13.2, 13.3, and 13.4 suffer from a remote SQL injection vulnerability. Unfortunately, as usual, the NCC group are withholding any details for three months.

tags | advisory, remote, sql injection
MD5 | 671eaf3da2c271cb534a2df2455f7cb8
Beat Websites 1.5 SQL Injection
Posted May 2, 2013
Authored by Ashiyane Digital Security Team

Beat Websites version 1.5 suffers from a remote SQL injection vulnerability. Note that this advisory has site-specific information.

tags | exploit, remote, sql injection
MD5 | f166e8ad00c8f6203b3966dc62528763
Page 1 of 1
Back1Next

File Archive:

July 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    2 Files
  • 2
    Jul 2nd
    3 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    4 Files
  • 5
    Jul 5th
    15 Files
  • 6
    Jul 6th
    15 Files
  • 7
    Jul 7th
    10 Files
  • 8
    Jul 8th
    2 Files
  • 9
    Jul 9th
    10 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    15 Files
  • 12
    Jul 12th
    19 Files
  • 13
    Jul 13th
    16 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    3 Files
  • 16
    Jul 16th
    2 Files
  • 17
    Jul 17th
    8 Files
  • 18
    Jul 18th
    11 Files
  • 19
    Jul 19th
    15 Files
  • 20
    Jul 20th
    15 Files
  • 21
    Jul 21st
    15 Files
  • 22
    Jul 22nd
    7 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close