exploit the possibilities
Showing 1 - 20 of 20 RSS Feed

Files Date: 2013-05-15

Cisco Security Advisory 20130515-mse
Posted May 15, 2013
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Cisco TelePresence Supervisor MSE 8050 contains a vulnerability that may allow an unauthenticated, remote attacker to cause high CPU utilization and a reload of the affected system. Cisco has released free software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available.

tags | advisory, remote
systems | cisco
MD5 | 092aeed717026c277140788085653097
Red Hat Security Advisory 2013-0827-01
Posted May 15, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0827-01 - Openswan is a free implementation of Internet Protocol Security and Internet Key Exchange. IPsec uses strong cryptography to provide both authentication and encryption services. These services allow you to build secure tunnels through untrusted networks. When using Opportunistic Encryption, Openswan's pluto IKE daemon requests DNS TXT records to obtain public RSA keys of itself and its peers. A buffer overflow flaw was found in Openswan. If Opportunistic Encryption were enabled and an RSA key configured, an attacker able to cause a system to perform a DNS lookup for an attacker-controlled domain containing malicious records could cause Openswan's pluto IKE daemon to crash or, potentially, execute arbitrary code with root privileges. With "oe=yes" but no RSA key configured, the issue can only be triggered by attackers on the local network who can control the reverse DNS entry of the target system. Opportunistic Encryption is disabled by default.

tags | advisory, overflow, arbitrary, local, root, protocol
systems | linux, redhat
advisories | CVE-2013-2053
MD5 | b3c07189cee0208112193e6d9a99228c
Technical Cyber Security Alert 2013-134A
Posted May 15, 2013
Authored by US-CERT | Site us-cert.gov

Technical Cyber Security Alert 2013-134A - Select Microsoft software products contain multiple vulnerabilities. Microsoft has released updates to address these vulnerabilities.

tags | advisory, vulnerability
MD5 | 903f9d87d013a09efd68297099cc73bf
Drupal Google Authenticator Login 6.x / 7.x Access Bypass
Posted May 15, 2013
Authored by Ivo Van Geertruyen, Lode Vanstechelman | Site drupal.org

Drupal Google Authenticator Login versions 6.x and 7.x suffer from a couple of access bypass vulnerabilities.

tags | advisory, vulnerability
MD5 | 0e13192a1142614eceee7d0d99b3cd93
Mandriva Linux Security Advisory 2013-165
Posted May 15, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-165 - Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code. Security researcher Cody Crews reported a method to call a content level constructor that allows for this constructor to have chrome privileged access. This affects chrome object wrappers and allows for write actions on objects when only read actions should be allowed. This can lead to cross-site scripting attacks. Various other issues have also been addressed.

tags | advisory, arbitrary, xss
systems | linux, mandriva
advisories | CVE-2013-0801, CVE-2013-1670, CVE-2013-1674, CVE-2013-1675, CVE-2013-1676, CVE-2013-1677, CVE-2013-1678, CVE-2013-1679, CVE-2013-1680, CVE-2013-1681
MD5 | df90923add83086d47f2a6d3a872c86c
Ubuntu Security Notice USN-1828-1
Posted May 15, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1828-1 - An flaw was discovered in the Linux kernel's perf_events interface. A local user could exploit this flaw to escalate privileges on the system.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2013-2094
MD5 | d269aaa9de87de5df96c1241c585f48c
Red Hat Security Advisory 2013-0826-01
Posted May 15, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0826-01 - Adobe Reader allows users to view and print documents in Portable Document Format. This update fixes multiple security flaws in Adobe Reader. A specially-crafted PDF file could cause Adobe Reader to crash or, potentially, execute arbitrary code as the user running Adobe Reader when opened.

tags | advisory, arbitrary
systems | linux, redhat
advisories | CVE-2013-2549, CVE-2013-2718, CVE-2013-2719, CVE-2013-2720, CVE-2013-2721, CVE-2013-2722, CVE-2013-2723, CVE-2013-2724, CVE-2013-2725, CVE-2013-2726, CVE-2013-2727, CVE-2013-2729, CVE-2013-2730, CVE-2013-2731, CVE-2013-2732, CVE-2013-2733, CVE-2013-2734, CVE-2013-2735, CVE-2013-2736, CVE-2013-2737, CVE-2013-3337, CVE-2013-3338, CVE-2013-3339, CVE-2013-3340, CVE-2013-3341
MD5 | af1d5a4ef65483ceb42609fb4a001f6e
SSH User Code Execution
Posted May 15, 2013
Authored by Spencer McIntyre | Site metasploit.com

This Metasploit module utilizes a stager to upload a base64 encoded binary which is then decoded, chmod'ed and executed from the command shell.

tags | exploit, shell
advisories | CVE-1999-0502
MD5 | c51d5809d74feb050ba211d2afd1170e
Ubuntu Security Notice USN-1827-1
Posted May 15, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1827-1 - An flaw was discovered in the Linux kernel's perf_events interface. A local user could exploit this flaw to escalate privileges on the system.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2013-2094
MD5 | c24bf0f6bebfcc7fe6ebe4da68713b04
Ubuntu Security Notice USN-1826-1
Posted May 15, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1826-1 - An flaw was discovered in the Linux kernel's perf_events interface. A local user could exploit this flaw to escalate privileges on the system.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2013-2094
MD5 | fe5799c50ce713068641d2af08bcdfba
Ubuntu Security Notice USN-1825-1
Posted May 15, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1825-1 - An flaw was discovered in the Linux kernel's perf_events interface. A local user could exploit this flaw to escalate privileges on the system.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2013-2094
MD5 | 2ea9c74054a80164c98dfb8b09bf22f1
Debian Security Advisory 2668-1
Posted May 15, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2668-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service, information leak or privilege escalation.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, debian
advisories | CVE-2012-2121, CVE-2012-3552, CVE-2012-4461, CVE-2012-4508, CVE-2012-6537, CVE-2012-6539, CVE-2012-6540, CVE-2012-6542, CVE-2012-6544, CVE-2012-6545, CVE-2012-6546, CVE-2012-6548, CVE-2012-6549, CVE-2013-0349, CVE-2013-0914, CVE-2013-1767, CVE-2013-1773, CVE-2013-1774, CVE-2013-1792, CVE-2013-1796, CVE-2013-1798, CVE-2013-1826, CVE-2013-1860, CVE-2013-1928, CVE-2013-1929, CVE-2013-2015, CVE-2013-2634, CVE-2013-3222
MD5 | 69ed02210da6379f74ba3e864f1a5078
HP Security Bulletin HPSBUX02859 SSRT101144 3
Posted May 15, 2013
Authored by HP | Site hp.com

HP Security Bulletin HPSBUX02859 SSRT101144 3 - A potential security vulnerability has been identified with HP-UX running XNTP. The vulnerability could be exploited remotely to create a Denial of Service (DoS) or execute arbitrary code. Revision 3 of this advisory.

tags | advisory, denial of service, arbitrary
systems | hpux
advisories | CVE-2009-0159, CVE-2009-3563
MD5 | a36827eaa3f689f695beb167449ff2b5
Ubuntu Security Notice USN-1824-1
Posted May 15, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1824-1 - Mathias Krause discovered an information leak in the Linux kernel's ISO 9660 CDROM file system driver. A local user could exploit this flaw to examine some of the kernel's heap memory. Mathias Krause discovered a flaw in xfrm_user in the Linux kernel. A local attacker with NET_ADMIN capability could potentially exploit this flaw to escalate privileges. A buffer overflow was discovered in the Linux Kernel's USB subsystem for devices reporting the cdc-wdm class. A specially crafted USB device when plugged-in could cause a denial of service (system crash) or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, overflow, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2012-6549, CVE-2013-1826, CVE-2013-1860, CVE-2013-1928, CVE-2013-2634, CVE-2012-6549, CVE-2013-1826, CVE-2013-1860, CVE-2013-1928, CVE-2013-2634
MD5 | a5165516df949c9f925382ac90b92f56
Red Hat Security Advisory 2013-0825-01
Posted May 15, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0825-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update fixes multiple vulnerabilities in Adobe Flash Player. Specially-crafted SWF content could cause flash-plugin to crash or, potentially, execute arbitrary code when a victim loads a page containing the malicious SWF content.

tags | advisory, web, arbitrary, vulnerability
systems | linux, redhat
advisories | CVE-2013-2728, CVE-2013-3324, CVE-2013-3325, CVE-2013-3326, CVE-2013-3327, CVE-2013-3328, CVE-2013-3329, CVE-2013-3330, CVE-2013-3331, CVE-2013-3332, CVE-2013-3333, CVE-2013-3334, CVE-2013-3335
MD5 | 460b8cf691c596ed747fdf85c47efaac
Exponent CMS 2.2.0 Beta 3 LFI / SQL Injection
Posted May 15, 2013
Authored by High-Tech Bridge SA | Site htbridge.com

Exponent CMS version 2.2.0 beta 3 suffers from local file inclusion and remote SQL injection vulnerabilities.

tags | exploit, remote, local, vulnerability, sql injection, file inclusion
advisories | CVE-2013-3294, CVE-2013-3295
MD5 | f01f35dd69e543882b3c48d02800178e
Quick Search 1.1.0.189 Buffer Overflow
Posted May 15, 2013
Authored by ariarat

Quick Search version 1.1.0.189 suffers from a buffer overflow vulnerability.

tags | exploit, overflow
MD5 | bfdbf1043cdc56d9dede43e58d777390
Serva 32 TFTP 2.1.0 Denial Of Service
Posted May 15, 2013
Authored by Sapling

Serva 32 TFTP version 2.1.0 suffers from a buffer overflow that can lead to a denial of service vulnerability.

tags | exploit, denial of service, overflow
MD5 | c0197a306650971c0b5cddaad11e4356
WordPress wp-FileManager File Download
Posted May 15, 2013
Authored by ByEge

WordPress wp-FileManager plugin suffers from an arbitrary file download vulnerability.

tags | exploit, arbitrary, info disclosure
MD5 | 82d7dc2340f5b52e61ccd747f0c83601
Kloxo 6.1.12 Privilege Escalation
Posted May 15, 2013
Authored by juan vazquez, HTP | Site metasploit.com

Kloxo versions 6.1.12 and below contain two setuid root binaries. lxsuexec and lxrestart allow local privilege escalation to root from uid 48, Apache by default on CentOS 5.8, the operating system supported by Kloxo. This Metasploit module has been tested successfully with Kloxo 6.1.12 and 6.1.6.

tags | exploit, local, root
systems | linux, centos
MD5 | 92d51fc327b5cfd9ad14dad01aaf4e8e
Page 1 of 1
Back1Next

File Archive:

February 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    1 Files
  • 2
    Feb 2nd
    2 Files
  • 3
    Feb 3rd
    17 Files
  • 4
    Feb 4th
    15 Files
  • 5
    Feb 5th
    24 Files
  • 6
    Feb 6th
    16 Files
  • 7
    Feb 7th
    19 Files
  • 8
    Feb 8th
    1 Files
  • 9
    Feb 9th
    2 Files
  • 10
    Feb 10th
    15 Files
  • 11
    Feb 11th
    20 Files
  • 12
    Feb 12th
    12 Files
  • 13
    Feb 13th
    18 Files
  • 14
    Feb 14th
    17 Files
  • 15
    Feb 15th
    4 Files
  • 16
    Feb 16th
    4 Files
  • 17
    Feb 17th
    34 Files
  • 18
    Feb 18th
    15 Files
  • 19
    Feb 19th
    19 Files
  • 20
    Feb 20th
    20 Files
  • 21
    Feb 21st
    15 Files
  • 22
    Feb 22nd
    2 Files
  • 23
    Feb 23rd
    2 Files
  • 24
    Feb 24th
    16 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files
  • 29
    Feb 29th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close