what you don't know can hurt you
Showing 1 - 12 of 12 RSS Feed

Files Date: 2013-05-21

Infotecs ViPNet Products Privilege Escalation
Posted May 21, 2013
Authored by Maksim Chudakov, Andrey Kurtasanov

A common local privilege escalation vulnerability has been discovered in multiple Infotecs ViPNet products. The affected versions include ViPNet Client version 3.2.10 (15632), ViPNet Coordinator version 3.2.10 (15632), ViPNet SafeDisk version 4.1 (0.5643), and ViPNet Personal Firewall version 3.1. Prior versions of these products are also affected.

tags | advisory, local
systems | windows
advisories | CVE-2013-3496
MD5 | 6074521c4d2334964c1d65fba194980c
Slackware Security Advisory - kernel Updates
Posted May 21, 2013
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New Linux kernel packages are available for Slackware 13.37 and 14.0 to fix a security issue.

tags | advisory, kernel
systems | linux, slackware
advisories | CVE-2013-2094
MD5 | e50f438e4b40cbc8413dc87b5c6904bb
Red Hat Security Advisory 2013-0847-01
Posted May 21, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0847-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A flaw was found in the way the Xen hypervisor AMD IOMMU driver handled interrupt remapping entries. By default, a single interrupt remapping table is used, and old interrupt remapping entries are not cleared, potentially allowing a privileged guest user in a guest that has a passed-through, bus-mastering capable PCI device to inject interrupt entries into others guests, including the privileged management domain, leading to a denial of service.

tags | advisory, denial of service, kernel
systems | linux, redhat
advisories | CVE-2013-0153
MD5 | 63ee7ee528f9f42d7c3ff3734baca265
Red Hat Security Advisory 2013-0848-01
Posted May 21, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0848-01 - Red Hat Network Satellite is a system management tool for Linux-based infrastructures. It allows for provisioning, monitoring, and remote management of multiple Linux deployments with a single, centralized tool. It was discovered that Red Hat Network Satellite did not fully check the authenticity of a client beyond the initial authentication check during an Inter-Satellite Sync operation. If a remote attacker were to modify the satellite-sync client to skip the initial authentication call, they could obtain all channel content from any Red Hat Network Satellite server that could be reached, even if Inter-Satellite Sync support was disabled.

tags | advisory, remote
systems | linux, redhat
advisories | CVE-2013-2056
MD5 | d6a5f302947c1aa2cbd86f92d8f95af1
Ubuntu Security Notice USN-1832-1
Posted May 21, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1832-1 - Emmanuel Bouillon discovered that LibTIFF incorrectly handled certain malformed images when using the tiff2pdf tool. If a user or automated system were tricked into opening a specially crafted TIFF image, a remote attacker could crash the application, leading to a denial of service, or possibly execute arbitrary code with user privileges.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2013-1960, CVE-2013-1961
MD5 | 917b5abea1b30ca3baa8d16089a87949
Mandriva Linux Security Advisory 2013-166
Posted May 21, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-166 - The kpasswd service provided by kadmind was vulnerable to a UDP ping-pong attack. The updated packages have been patched to correct this issue.

tags | advisory, udp
systems | linux, mandriva
advisories | CVE-2002-2443
MD5 | fb8357773777991ef6503f2b723f896e
Kimai SQL Injection
Posted May 21, 2013
Authored by drone | Site kimai.org

Kimai version suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
systems | linux, windows
MD5 | ab547448d5e955197b1fe4c76b7432ea
Ophcrack 3.50 Buffer Overflow / Code Execution
Posted May 21, 2013
Authored by xis_one | Site ophcrack.sourceforge.net

Ophcrack version 3.5.0 suffers from stack based buffer overflow vulnerability that leads to local code execution.

tags | exploit, overflow, local, code execution
systems | windows
MD5 | a93ad9e8727db7e02b96e7be492f4360
Linksys WRT160n apply.cgi Remote Command Injection
Posted May 21, 2013
Authored by Michael Messner, juan vazquez | Site metasploit.com

Some Linksys Routers are vulnerable to an authenticated OS command injection on their web interface where default credentials are admin/admin or admin/password. Since it is a blind OS command injection vulnerability, there is no output for the executed command when using the cmd generic payload. This Metasploit module has been tested on a Linksys WRT160n version 2 - firmware version v2.0.03. A ping command against a controlled system could be used for testing purposes. The exploit uses the tftp client from the device to stage to native payloads from the command injection.

tags | exploit, web
advisories | OSVDB-90093
MD5 | c6c565057b83cf3f31573084b028cdd3
Sony PS3 Firmware 4.31 Code Execution
Posted May 21, 2013
Authored by Benjamin Kunz Mejri | Site vulnerability-lab.com

A local code execution vulnerability is detected in the official PlayStation 3 v4.31 Firmware. The vulnerability allows local attackers to inject and execute code out of vulnerable PlayStation 3 menu main web context.

tags | exploit, web, local, code execution
MD5 | 1c6c7a1403bf81dd46d269b7c8fde7e1
Trend Micro DirectPass Command Injection / Denial Of Service
Posted May 21, 2013
Authored by Benjamin Kunz Mejri | Site vulnerability-lab.com

Trend Micro DirectPass suffers from local command/path injection, persistent code injection, and a denial of service vulnerability.

tags | exploit, denial of service, local, code execution
MD5 | 509761d8b43ba89f7449452a39927283
Reverse Engineering Camera Firmware
Posted May 21, 2013
Authored by Prayas Kulshrestha

This paper provides a walk-through on using binwalk and gzip to get to the disk image contained within a Sercomm IP Camera .bin firmware update.

tags | paper
MD5 | 4e01a8c333dce3b11e0d3fab052044e2
Page 1 of 1

File Archive:

June 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    35 Files
  • 2
    Jun 2nd
    14 Files
  • 3
    Jun 3rd
    40 Files
  • 4
    Jun 4th
    22 Files
  • 5
    Jun 5th
    1 Files
  • 6
    Jun 6th
    1 Files
  • 7
    Jun 7th
    19 Files
  • 8
    Jun 8th
    14 Files
  • 9
    Jun 9th
    39 Files
  • 10
    Jun 10th
    20 Files
  • 11
    Jun 11th
    22 Files
  • 12
    Jun 12th
    2 Files
  • 13
    Jun 13th
    1 Files
  • 14
    Jun 14th
    32 Files
  • 15
    Jun 15th
    34 Files
  • 16
    Jun 16th
    9 Files
  • 17
    Jun 17th
    33 Files
  • 18
    Jun 18th
    0 Files
  • 19
    Jun 19th
    0 Files
  • 20
    Jun 20th
    0 Files
  • 21
    Jun 21st
    0 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2020 Packet Storm. All rights reserved.

Security Services
Hosting By