exploit the possibilities
Showing 1 - 12 of 12 RSS Feed

Files Date: 2013-05-08

UMI.CMS 2.9 Cross Site Request Forgery
Posted May 8, 2013
Authored by High-Tech Bridge SA | Site htbridge.com

UMI.CMS version 2.9 suffers from a cross site request forgery vulnerability. Fixed in version 2.9 build 21905.

tags | exploit, csrf
advisories | CVE-2013-2754
MD5 | 8256cf4dbaef8ef63fe4f21e1e836d03
Ubuntu Security Notice USN-1820-1
Posted May 8, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1820-1 - It was discovered that gpsd incorrectly handled certain malformed GPS data. An attacker could use this issue to cause gpsd to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2013-2038
MD5 | e1c847ea1bfef731b68f700920767674
Linux Kernel open-time Capability file_ns_capable() Privilege Escalation
Posted May 8, 2013
Authored by Andy Lutomirski

Linux kernel open-time capability file_ns_capable() local root exploit.

tags | exploit, kernel, local, root
systems | linux
advisories | CVE-2013-1959
MD5 | 98bacb115164533f11b81c82c7df362d
Fujitsu Desktop Update Privilege Escalation
Posted May 8, 2013
Authored by Stefan Kanthak

Fujitsu's update utility "Fujitsu Desktop Update", which is factory-preinstalled on every Fujitsu (Siemens) PC with Windows, has a vulnerability which allows the execution of a rogue program in the security context of the current user.

tags | advisory
systems | windows
MD5 | eff9246e2ccac5e2d7cfb8192a7b0abc
AlienVault OSSIM 4.1.2 SQL Injection
Posted May 8, 2013
Authored by RunRunLevel

AlienVault OSSIM versions 4.1.2 and below suffer from remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
MD5 | 11ce13455ed474317c27640ba3d015dd
Joomla DJ Classifieds Extension 2.0 SQL Injection
Posted May 8, 2013
Authored by Napsterakos

Joomla DJ Classifieds Extension component version 2.0 suffers from a remote blind SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | ced70d0cf8ea0b71510792f28b6968fb
HP Security Bulletin HPSBUX02876 SSRT101148
Posted May 8, 2013
Authored by HP | Site hp.com

HP Security Bulletin HPSBUX02876 SSRT101148 - A potential security vulnerability has been identified with HP-UX running BIND. This vulnerability could be exploited remotely to create a Denial of Service (DoS). Revision 1 of this advisory.

tags | advisory, denial of service
systems | hpux
advisories | CVE-2013-2266
MD5 | 24aa34957c4a593adcbf15b08776fd5c
Flightgear 2.0 / 2.4 Format String
Posted May 8, 2013
Authored by Kurono

Flightgear versions 2.0 and 2.4 suffer from a remote format string vulnerability.

tags | exploit, remote
MD5 | d3c5ef43f496bf8adb4c064d7b998084
Nginx 1.3.9 / 1.4.0 Stack Buffer Overflow
Posted May 8, 2013
Authored by Greg MacManus, Maxim Dounin | Site nginx.org

Nginx versions 1.3.9 through 1.4.0 suffer from a stack-based buffer overflow vulnerability.

tags | advisory, overflow
advisories | CVE-2013-2028
MD5 | 2e30423ae67e1274fb9d93f6223e2154
Mandriva Linux Security Advisory 2013-163
Posted May 8, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-163 - Buffer overflow in the extend_buffers function in the regular expression matcher in glibc, possibly 2.17 and earlier, allows context-dependent attackers to cause a denial of service via crafted multibyte characters. Stack-based buffer overflow in the getaddrinfo function in sysdeps/posix/getaddrinfo.c in GNU C Library 2.17 and earlier allows remote attackers to cause a denial of service IP address that triggers a large number of domain conversion results. The updated packages have been patched to correct these issues.

tags | advisory, remote, denial of service, overflow
systems | linux, osx, mandriva
advisories | CVE-2013-0242, CVE-2013-1914
MD5 | 891a4b3eacecdc1b2344974e4ac0738d
Mandriva Linux Security Advisory 2013-162
Posted May 8, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-162 - Integer overflow in the vfprintf function in stdio-common/vfprintf.c in glibc 2.14 and other versions allows context-dependent attackers to bypass the FORTIFY_SOURCE protection mechanism, conduct format string attacks, and write to arbitrary memory via a large number of arguments. Multiple errors in glibc's formatted printing functionality could allow an attacker to bypass FORTIFY_SOURCE protections and execute arbitrary code using a format string flaw in an application, even though these protections are expected to limit the impact of such flaws to an application abort. Various other issues were also addressed. The updated packages have been patched to correct these issues.

tags | advisory, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2012-0864, CVE-2012-3404, CVE-2012-3405, CVE-2012-3406, CVE-2012-3480, CVE-2013-0242, CVE-2013-1914
MD5 | c79ae96e6d7bb965b8852b21324fc1d1
Brother MFC-9970CDW Firmware 0D Cross Site Scripting
Posted May 8, 2013
Authored by sqlhacker

Brother MFC-9970CDW Firmware 0D suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2013-2507, CVE-2013-2670, CVE-2013-2671, CVE-2013-2672, CVE-2013-2673, CVE-2013-2674, CVE-2013-2675, CVE-2013-2676
MD5 | 0d8bdb968553b01ecc76058a81ce535c
Page 1 of 1
Back1Next

File Archive:

June 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    35 Files
  • 2
    Jun 2nd
    14 Files
  • 3
    Jun 3rd
    40 Files
  • 4
    Jun 4th
    22 Files
  • 5
    Jun 5th
    1 Files
  • 6
    Jun 6th
    1 Files
  • 7
    Jun 7th
    19 Files
  • 8
    Jun 8th
    14 Files
  • 9
    Jun 9th
    39 Files
  • 10
    Jun 10th
    20 Files
  • 11
    Jun 11th
    22 Files
  • 12
    Jun 12th
    2 Files
  • 13
    Jun 13th
    1 Files
  • 14
    Jun 14th
    32 Files
  • 15
    Jun 15th
    34 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    0 Files
  • 18
    Jun 18th
    0 Files
  • 19
    Jun 19th
    0 Files
  • 20
    Jun 20th
    0 Files
  • 21
    Jun 21st
    0 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close