seeing is believing
Showing 1 - 19 of 19 RSS Feed

Files Date: 2013-05-06

RSA Archer GRC 5.x XSS / Shell Upload
Posted May 6, 2013
Site emc.com

RSA Archer GRC version 5.x suffers from improper authorization, remote shell upload, and cross site scripting vulnerabilities.

tags | advisory, remote, shell, vulnerability, xss
advisories | CVE-2013-0932, CVE-2013-0933, CVE-2013-0934
MD5 | b9f18a65ae552063103db09ed291914d
Red Hat Security Advisory 2013-0788-01
Posted May 6, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0788-01 - The subscription-manager packages provide programs and libraries to allow users to manage subscriptions and yum repositories from the Red Hat Entitlement platform. It was discovered that the rhn-migrate-classic-to-rhsm tool did not verify the Red Hat Network Classic server's X.509 certificate when migrating system profiles registered with Red Hat Network Classic to Certificate-based Red Hat Network. An attacker could use this flaw to conduct man-in-the-middle attacks, allowing them to obtain the user's Red Hat Network credentials.

tags | advisory
systems | linux, redhat
advisories | CVE-2012-6137
MD5 | 3b232f5e630611336829572452247a58
Mandriva Linux Security Advisory 2013-161
Posted May 6, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-161 - Multiple flaws were discovered in the font layout engine in the 2D component. An untrusted Java application or applet could possibly use these flaws to trigger Java Virtual Machine memory corruption. Multiple improper permission check issues were discovered in the Beans, Libraries, JAXP, and RMI components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. Various other issues were also addressed.

tags | advisory, java
systems | linux, mandriva
advisories | CVE-2013-0401, CVE-2013-1488, CVE-2013-1518, CVE-2013-1537, CVE-2013-1557, CVE-2013-1558, CVE-2013-1569, CVE-2013-2383, CVE-2013-2384, CVE-2013-2415, CVE-2013-2417, CVE-2013-2419, CVE-2013-2420, CVE-2013-2421, CVE-2013-2422, CVE-2013-2423, CVE-2013-2424, CVE-2013-2426, CVE-2013-2429, CVE-2013-2430, CVE-2013-2431, CVE-2013-2436
MD5 | f7269dcd0a010863d9cefed8a272c7e4
IBM SDK 7 New Security Issues
Posted May 6, 2013
Authored by Adam Gowdiak | Site security-explorations.com

Security Explorations discovered 7 additional security issues (#62-68) in the latest version of IBM SDK, Java Technology Edition software. A majority of the new flaws are due to insecure use or implementation of Java Reflection API.

tags | advisory, java
MD5 | 7e3988ce8ab0d956e0e2992c18faf34f
D-Link DSL-320B Authentication Bypass / Cross Site Scripting
Posted May 6, 2013
Authored by Michael Messner

D-Link DSL-320B suffers from persistent cross site scripting and multiple authentication bypass bypass vulnerabilities.

tags | exploit, vulnerability, xss, bypass
MD5 | 30151f38b7687f9a8d57465acb1e4192
Javascript Page Interaction History Leak
Posted May 6, 2013
Authored by Michal Zalewski | Site lcamtuf.coredump.cx

Michal Zalewski put together a really amusing asteroids proof of concept to demonstrate how a modified version of the javascript ":visited" attack can be leveraged based on visibility. Proof of concept js included.

tags | exploit, javascript, proof of concept
systems | linux
MD5 | 7f707a1dc148724de8ff400cb97b6407
Huawei SNMPv3 Buffer Overflow
Posted May 6, 2013
Authored by Roberto Paleari

The Huawei AR1220 SNMPv3 service suffers from multiple buffer overflow vulnerabilities. Proof of concept code included.

tags | exploit, overflow, vulnerability, proof of concept
MD5 | 86436e62359602a15af7fee2e49ba701
Webid 1.0.6 File Disclosure / SQL Injection
Posted May 6, 2013
Authored by Ahmed Aboul-Ela

Webid version 1.0.6 suffers from local file disclosure and remote SQL injection vulnerabilities.

tags | exploit, remote, local, vulnerability, sql injection, file inclusion
MD5 | f90fa657f12cf49373e247fe3de03aa4
GetSimpleCMS 3.2.1 Cross Site Scripting
Posted May 6, 2013
Authored by Ahmed Elhady Mohamed

GetSimpleCMS version 3.2.1 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | 5183f46fc3766be3a7ec75583aa52ac8
GetSimpleCMS 3.2.1 Arbitrary File Upload
Posted May 6, 2013
Authored by Ahmed Elhady Mohamed

GetSimpleCMS version 3.2.1 suffers from a remote arbitrary file upload vulnerability due to not using whitelisting.

tags | exploit, remote, arbitrary, file upload
MD5 | 77405ac7f86d6145d94c51360b1f03f1
3CX Phone 11 Outdated Libraries
Posted May 6, 2013
Authored by Stefan Kanthak

3CXPhoneSystem11.exe (for Windows) comes with vulnerable outdated third party libraries and components.

tags | advisory
systems | windows
MD5 | dc0132ab96a14b9d091a5d0281c26e88
3CX Phone 6 Outdated Libraries
Posted May 6, 2013
Authored by Stefan Kanthak

3CXPhone6.msi (for Windows) comes with vulnerable outdated third party libraries and components.

tags | advisory
systems | windows
MD5 | 4851a0bf8ee5952402c4523c30fab584
Apache VCL 2.x XSS / Denial Of Service
Posted May 6, 2013
Authored by Josh Thompson

Apache VCL versions 2.1, 2.2, 2.2.1, 2.3, and 2.3.1 suffer from denial of service and cross site scripting vulnerabilities due to missing input validation.

tags | advisory, denial of service, vulnerability, xss
advisories | CVE-2013-0267
MD5 | 5580ddf844721a419db633edd50a400a
Digital Whisper Electronic Magazine #41
Posted May 6, 2013
Authored by cp77fk4r, digitalwhisper

Digital Whisper Electronic Magazine issue 41. Written in Hebrew.

tags | magazine
MD5 | 88030ca94ab97fa332a593373f322736
JW Player / JW Player Pro 5.x Cross Site Scripting
Posted May 6, 2013
Authored by MustLive

JW Player and JW Player Pro versions prior to 5.10.2393 suffer from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 082f8844b182d077a557b8b3448673fc
NTDS Hash Decoder 01.b
Posted May 6, 2013
Authored by Kevin Devine

This application dumps LM and NTLM hashes from active accounts stored in an Active Directory database.

tags | tool
systems | windows
MD5 | 2d4cfd39278ff8334b340fefbbb220e3
VideoJS Cross Site Scripting
Posted May 6, 2013
Authored by MustLive

VideoJS suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | f319a28bea685c2c0f412e3e635697fb
MyBB Games Cross Site Scripting
Posted May 6, 2013
Authored by Darksnipper, Soul~inj3ctor, Dream.Killer

MyBB Games suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 54ec524b4ba27d7e9b1fa62fb4d390c9
Fujitsu Lifebook A512 Out Of Date
Posted May 6, 2013
Authored by Stefan Kanthak

The Fujitsu Lifebook A512 with Windows 8 Professional x64 factory preinstallation comes shipped with out of date vulnerability components and insecure installations.

tags | advisory
systems | windows
MD5 | de5d99bdb4fdb048013bb0ef1ec12d6f
Page 1 of 1
Back1Next

File Archive:

July 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    2 Files
  • 2
    Jul 2nd
    3 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    4 Files
  • 5
    Jul 5th
    15 Files
  • 6
    Jul 6th
    15 Files
  • 7
    Jul 7th
    10 Files
  • 8
    Jul 8th
    2 Files
  • 9
    Jul 9th
    10 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    15 Files
  • 12
    Jul 12th
    19 Files
  • 13
    Jul 13th
    16 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    3 Files
  • 16
    Jul 16th
    2 Files
  • 17
    Jul 17th
    8 Files
  • 18
    Jul 18th
    11 Files
  • 19
    Jul 19th
    15 Files
  • 20
    Jul 20th
    15 Files
  • 21
    Jul 21st
    15 Files
  • 22
    Jul 22nd
    7 Files
  • 23
    Jul 23rd
    2 Files
  • 24
    Jul 24th
    19 Files
  • 25
    Jul 25th
    28 Files
  • 26
    Jul 26th
    2 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close