exploit the possibilities
Showing 1 - 20 of 20 RSS Feed

Files Date: 2013-05-15

Cisco Security Advisory 20130515-mse
Posted May 15, 2013
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Cisco TelePresence Supervisor MSE 8050 contains a vulnerability that may allow an unauthenticated, remote attacker to cause high CPU utilization and a reload of the affected system. Cisco has released free software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available.

tags | advisory, remote
systems | cisco
MD5 | 092aeed717026c277140788085653097
Red Hat Security Advisory 2013-0827-01
Posted May 15, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0827-01 - Openswan is a free implementation of Internet Protocol Security and Internet Key Exchange. IPsec uses strong cryptography to provide both authentication and encryption services. These services allow you to build secure tunnels through untrusted networks. When using Opportunistic Encryption, Openswan's pluto IKE daemon requests DNS TXT records to obtain public RSA keys of itself and its peers. A buffer overflow flaw was found in Openswan. If Opportunistic Encryption were enabled and an RSA key configured, an attacker able to cause a system to perform a DNS lookup for an attacker-controlled domain containing malicious records could cause Openswan's pluto IKE daemon to crash or, potentially, execute arbitrary code with root privileges. With "oe=yes" but no RSA key configured, the issue can only be triggered by attackers on the local network who can control the reverse DNS entry of the target system. Opportunistic Encryption is disabled by default.

tags | advisory, overflow, arbitrary, local, root, protocol
systems | linux, redhat
advisories | CVE-2013-2053
MD5 | b3c07189cee0208112193e6d9a99228c
Technical Cyber Security Alert 2013-134A
Posted May 15, 2013
Authored by US-CERT | Site us-cert.gov

Technical Cyber Security Alert 2013-134A - Select Microsoft software products contain multiple vulnerabilities. Microsoft has released updates to address these vulnerabilities.

tags | advisory, vulnerability
MD5 | 903f9d87d013a09efd68297099cc73bf
Drupal Google Authenticator Login 6.x / 7.x Access Bypass
Posted May 15, 2013
Authored by Ivo Van Geertruyen, Lode Vanstechelman | Site drupal.org

Drupal Google Authenticator Login versions 6.x and 7.x suffer from a couple of access bypass vulnerabilities.

tags | advisory, vulnerability
MD5 | 0e13192a1142614eceee7d0d99b3cd93
Mandriva Linux Security Advisory 2013-165
Posted May 15, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-165 - Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code. Security researcher Cody Crews reported a method to call a content level constructor that allows for this constructor to have chrome privileged access. This affects chrome object wrappers and allows for write actions on objects when only read actions should be allowed. This can lead to cross-site scripting attacks. Various other issues have also been addressed.

tags | advisory, arbitrary, xss
systems | linux, mandriva
advisories | CVE-2013-0801, CVE-2013-1670, CVE-2013-1674, CVE-2013-1675, CVE-2013-1676, CVE-2013-1677, CVE-2013-1678, CVE-2013-1679, CVE-2013-1680, CVE-2013-1681
MD5 | df90923add83086d47f2a6d3a872c86c
Ubuntu Security Notice USN-1828-1
Posted May 15, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1828-1 - An flaw was discovered in the Linux kernel's perf_events interface. A local user could exploit this flaw to escalate privileges on the system.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2013-2094
MD5 | d269aaa9de87de5df96c1241c585f48c
Red Hat Security Advisory 2013-0826-01
Posted May 15, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0826-01 - Adobe Reader allows users to view and print documents in Portable Document Format. This update fixes multiple security flaws in Adobe Reader. A specially-crafted PDF file could cause Adobe Reader to crash or, potentially, execute arbitrary code as the user running Adobe Reader when opened.

tags | advisory, arbitrary
systems | linux, redhat
advisories | CVE-2013-2549, CVE-2013-2718, CVE-2013-2719, CVE-2013-2720, CVE-2013-2721, CVE-2013-2722, CVE-2013-2723, CVE-2013-2724, CVE-2013-2725, CVE-2013-2726, CVE-2013-2727, CVE-2013-2729, CVE-2013-2730, CVE-2013-2731, CVE-2013-2732, CVE-2013-2733, CVE-2013-2734, CVE-2013-2735, CVE-2013-2736, CVE-2013-2737, CVE-2013-3337, CVE-2013-3338, CVE-2013-3339, CVE-2013-3340, CVE-2013-3341
MD5 | af1d5a4ef65483ceb42609fb4a001f6e
SSH User Code Execution
Posted May 15, 2013
Authored by Spencer McIntyre | Site metasploit.com

This Metasploit module utilizes a stager to upload a base64 encoded binary which is then decoded, chmod'ed and executed from the command shell.

tags | exploit, shell
advisories | CVE-1999-0502
MD5 | c51d5809d74feb050ba211d2afd1170e
Ubuntu Security Notice USN-1827-1
Posted May 15, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1827-1 - An flaw was discovered in the Linux kernel's perf_events interface. A local user could exploit this flaw to escalate privileges on the system.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2013-2094
MD5 | c24bf0f6bebfcc7fe6ebe4da68713b04
Ubuntu Security Notice USN-1826-1
Posted May 15, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1826-1 - An flaw was discovered in the Linux kernel's perf_events interface. A local user could exploit this flaw to escalate privileges on the system.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2013-2094
MD5 | fe5799c50ce713068641d2af08bcdfba
Ubuntu Security Notice USN-1825-1
Posted May 15, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1825-1 - An flaw was discovered in the Linux kernel's perf_events interface. A local user could exploit this flaw to escalate privileges on the system.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2013-2094
MD5 | 2ea9c74054a80164c98dfb8b09bf22f1
Debian Security Advisory 2668-1
Posted May 15, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2668-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service, information leak or privilege escalation.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, debian
advisories | CVE-2012-2121, CVE-2012-3552, CVE-2012-4461, CVE-2012-4508, CVE-2012-6537, CVE-2012-6539, CVE-2012-6540, CVE-2012-6542, CVE-2012-6544, CVE-2012-6545, CVE-2012-6546, CVE-2012-6548, CVE-2012-6549, CVE-2013-0349, CVE-2013-0914, CVE-2013-1767, CVE-2013-1773, CVE-2013-1774, CVE-2013-1792, CVE-2013-1796, CVE-2013-1798, CVE-2013-1826, CVE-2013-1860, CVE-2013-1928, CVE-2013-1929, CVE-2013-2015, CVE-2013-2634, CVE-2013-3222
MD5 | 69ed02210da6379f74ba3e864f1a5078
HP Security Bulletin HPSBUX02859 SSRT101144 3
Posted May 15, 2013
Authored by HP | Site hp.com

HP Security Bulletin HPSBUX02859 SSRT101144 3 - A potential security vulnerability has been identified with HP-UX running XNTP. The vulnerability could be exploited remotely to create a Denial of Service (DoS) or execute arbitrary code. Revision 3 of this advisory.

tags | advisory, denial of service, arbitrary
systems | hpux
advisories | CVE-2009-0159, CVE-2009-3563
MD5 | a36827eaa3f689f695beb167449ff2b5
Ubuntu Security Notice USN-1824-1
Posted May 15, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1824-1 - Mathias Krause discovered an information leak in the Linux kernel's ISO 9660 CDROM file system driver. A local user could exploit this flaw to examine some of the kernel's heap memory. Mathias Krause discovered a flaw in xfrm_user in the Linux kernel. A local attacker with NET_ADMIN capability could potentially exploit this flaw to escalate privileges. A buffer overflow was discovered in the Linux Kernel's USB subsystem for devices reporting the cdc-wdm class. A specially crafted USB device when plugged-in could cause a denial of service (system crash) or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, overflow, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2012-6549, CVE-2013-1826, CVE-2013-1860, CVE-2013-1928, CVE-2013-2634, CVE-2012-6549, CVE-2013-1826, CVE-2013-1860, CVE-2013-1928, CVE-2013-2634
MD5 | a5165516df949c9f925382ac90b92f56
Red Hat Security Advisory 2013-0825-01
Posted May 15, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0825-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update fixes multiple vulnerabilities in Adobe Flash Player. Specially-crafted SWF content could cause flash-plugin to crash or, potentially, execute arbitrary code when a victim loads a page containing the malicious SWF content.

tags | advisory, web, arbitrary, vulnerability
systems | linux, redhat
advisories | CVE-2013-2728, CVE-2013-3324, CVE-2013-3325, CVE-2013-3326, CVE-2013-3327, CVE-2013-3328, CVE-2013-3329, CVE-2013-3330, CVE-2013-3331, CVE-2013-3332, CVE-2013-3333, CVE-2013-3334, CVE-2013-3335
MD5 | 460b8cf691c596ed747fdf85c47efaac
Exponent CMS 2.2.0 Beta 3 LFI / SQL Injection
Posted May 15, 2013
Authored by High-Tech Bridge SA | Site htbridge.com

Exponent CMS version 2.2.0 beta 3 suffers from local file inclusion and remote SQL injection vulnerabilities.

tags | exploit, remote, local, vulnerability, sql injection, file inclusion
advisories | CVE-2013-3294, CVE-2013-3295
MD5 | f01f35dd69e543882b3c48d02800178e
Quick Search 1.1.0.189 Buffer Overflow
Posted May 15, 2013
Authored by ariarat

Quick Search version 1.1.0.189 suffers from a buffer overflow vulnerability.

tags | exploit, overflow
MD5 | bfdbf1043cdc56d9dede43e58d777390
Serva 32 TFTP 2.1.0 Denial Of Service
Posted May 15, 2013
Authored by Sapling

Serva 32 TFTP version 2.1.0 suffers from a buffer overflow that can lead to a denial of service vulnerability.

tags | exploit, denial of service, overflow
MD5 | c0197a306650971c0b5cddaad11e4356
WordPress wp-FileManager File Download
Posted May 15, 2013
Authored by ByEge

WordPress wp-FileManager plugin suffers from an arbitrary file download vulnerability.

tags | exploit, arbitrary, info disclosure
MD5 | 82d7dc2340f5b52e61ccd747f0c83601
Kloxo 6.1.12 Privilege Escalation
Posted May 15, 2013
Authored by juan vazquez, HTP | Site metasploit.com

Kloxo versions 6.1.12 and below contain two setuid root binaries. lxsuexec and lxrestart allow local privilege escalation to root from uid 48, Apache by default on CentOS 5.8, the operating system supported by Kloxo. This Metasploit module has been tested successfully with Kloxo 6.1.12 and 6.1.6.

tags | exploit, local, root
systems | linux, centos
MD5 | 92d51fc327b5cfd9ad14dad01aaf4e8e
Page 1 of 1
Back1Next

File Archive:

May 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    16 Files
  • 2
    May 2nd
    8 Files
  • 3
    May 3rd
    8 Files
  • 4
    May 4th
    2 Files
  • 5
    May 5th
    1 Files
  • 6
    May 6th
    15 Files
  • 7
    May 7th
    22 Files
  • 8
    May 8th
    16 Files
  • 9
    May 9th
    17 Files
  • 10
    May 10th
    16 Files
  • 11
    May 11th
    3 Files
  • 12
    May 12th
    4 Files
  • 13
    May 13th
    25 Files
  • 14
    May 14th
    24 Files
  • 15
    May 15th
    78 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    16 Files
  • 18
    May 18th
    2 Files
  • 19
    May 19th
    1 Files
  • 20
    May 20th
    11 Files
  • 21
    May 21st
    21 Files
  • 22
    May 22nd
    20 Files
  • 23
    May 23rd
    36 Files
  • 24
    May 24th
    2 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close