exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 10 of 10 RSS Feed

Files Date: 2013-05-20

Red Hat Security Advisory 2013-0834-02
Posted May 20, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0834-02 - JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. This release serves as a replacement for JBoss Enterprise Application Platform 6.0.1, and includes bug fixes and enhancements.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2012-4529, CVE-2012-4572, CVE-2012-5575
SHA-256 | 42812111b5367c00eef416b3f3c2ba855b6e7ba4cd45f31231b60ec63dd1f999
Red Hat Security Advisory 2013-0829-01
Posted May 20, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0829-01 - Security fixes: It was found that the kernel-rt update RHBA-2012:0044 introduced an integer conversion issue in the Linux kernel's Performance Events implementation. This led to a user-supplied index into the perf_swevent_enabled array not being validated properly, resulting in out-of-bounds kernel memory access. A local, unprivileged user could use this flaw to escalate their privileges. A public exploit for CVE-2013-2094 that affects Red Hat Enterprise MRG 2 is available. Refer to Red Hat Knowledge Solution 373743, linked to in the References, for further information and mitigation instructions for users who are unable to immediately apply this update.

tags | advisory, kernel, local
systems | linux, redhat
advisories | CVE-2013-0913, CVE-2013-0914, CVE-2013-1767, CVE-2013-1774, CVE-2013-1792, CVE-2013-1819, CVE-2013-1848, CVE-2013-1860, CVE-2013-1929, CVE-2013-1979, CVE-2013-2094, CVE-2013-2546, CVE-2013-2547, CVE-2013-2548, CVE-2013-2634, CVE-2013-2635, CVE-2013-3076, CVE-2013-3222, CVE-2013-3224, CVE-2013-3225, CVE-2013-3231
SHA-256 | 00fadee46a5e7a81db412e709a930a32fe89a5061478a9d3640649e6c28b0cc4
Red Hat Security Advisory 2013-0833-01
Posted May 20, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0833-01 - JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. This release serves as a replacement for JBoss Enterprise Application Platform 6.0.1, and includes bug fixes and enhancements.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2012-4529, CVE-2012-4572, CVE-2012-5575, CVE-2013-0166, CVE-2013-0169, CVE-2013-0218
SHA-256 | be31d08c9fe7f87aab712804d7ac09b4cc70f365f6057bdf0d3725e94bc73d3c
Red Hat Security Advisory 2013-0839-02
Posted May 20, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0839-02 - JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. This release serves as a replacement for JBoss Enterprise Application Platform 6.0.1, and includes bug fixes and enhancements.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2012-4529, CVE-2012-4572, CVE-2012-5575
SHA-256 | e056078860802de187bd2c7ec491b0a22e970d1dca944807d105f32584f1656a
Red Hat Security Advisory 2013-0840-01
Posted May 20, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0840-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. It was found that the Red Hat Enterprise Linux 6.1 kernel update introduced an integer conversion issue in the Linux kernel's Performance Events implementation. This led to a user-supplied index into the perf_swevent_enabled array not being validated properly, resulting in out-of-bounds kernel memory access. A local, unprivileged user could use this flaw to escalate their privileges.

tags | advisory, kernel, local
systems | linux, redhat
advisories | CVE-2013-2094
SHA-256 | 8c4f3589decd256219ecbc2efd3813bcf9a320630af3098220eb094ba9a4ac81
Red Hat Security Advisory 2013-0841-01
Posted May 20, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0841-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. It was found that the Red Hat Enterprise Linux 6.1 kernel update introduced an integer conversion issue in the Linux kernel's Performance Events implementation. This led to a user-supplied index into the perf_swevent_enabled array not being validated properly, resulting in out-of-bounds kernel memory access. A local, unprivileged user could use this flaw to escalate their privileges.

tags | advisory, kernel, local
systems | linux, redhat
advisories | CVE-2013-2094
SHA-256 | 8236b51f3a442aea68c2b29e3ee3c4089f5d4682ea0e1005cba90cd48b1bf3cf
Meterpreter Swaparoo Windows Backdoor Method
Posted May 20, 2013
Authored by Un0wn_X

Swaparoo - Windows backdoor method for Windows Vista/7/8. This code sneaks a backdoor command shell in place of Sticky Keys prompt or Utilman assistant at login screen.

tags | shell
systems | windows
SHA-256 | a8cd0e00d51d3b5913e9d7c69e14520295b34ecc124cbe73c93f101a16b0bc53
Game Engines: A 0-Day's Tale
Posted May 20, 2013
Authored by Luigi Auriemma, Donato Ferrante | Site revuln.com

This paper details several issues affecting different game engines. All the vulnerabilities discussed in this paper are 0-days, at time of writing. This paper has been released as a companion paper along with the authors' talk Exploiting Game Engines For Fun And Profit presented at the NoSuchCon conference.

tags | paper, remote, local, vulnerability
SHA-256 | d6ecd8f4c602a765dcc75745f021e2021968f2607ffd8bafed3a506e1bda08ed
WordPress ProPlayer Plugin SQL Injection
Posted May 20, 2013
Authored by Ashiyane Digital Security Team

WordPress ProPlayer Plugin version 4.7.9.1 suffers from a remote SQL injection vulnerability. Note that this advisory has site-specific information.

tags | exploit, remote, sql injection
SHA-256 | cc97f9fb24702b00b0d44275e740d8353c7449cd7d2b62180d8d38729de371eb
D-Link DIR615h OS Command Injection
Posted May 20, 2013
Authored by Michael Messner, juan vazquez | Site metasploit.com

Some D-Link Routers are vulnerable to an authenticated OS command injection on their web interface, where default credentials are admin/admin or admin/password. Since it is a blind os command injection vulnerability, there is no output for the executed command when using the cmd generic payload. This Metasploit module was tested against a DIR-615 hardware revision H1 - firmware version 8.04. A ping command against a controlled system could be used for testing purposes. The exploit uses the wget client from the device to convert the command injection into an arbitrary payload execution.

tags | exploit, web, arbitrary
advisories | OSVDB-90174
SHA-256 | aad8c5ca69c9c88e6afefcbe2b486142c3227a0b49c91b9a4e140ec39830afb7
Page 1 of 1
Back1Next

File Archive:

December 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    2 Files
  • 2
    Dec 2nd
    12 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    14 Files
  • 6
    Dec 6th
    18 Files
  • 7
    Dec 7th
    11 Files
  • 8
    Dec 8th
    45 Files
  • 9
    Dec 9th
    9 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close