exploit the possibilities
Showing 1 - 12 of 12 RSS Feed

Files Date: 2013-05-21

Infotecs ViPNet Products Privilege Escalation
Posted May 21, 2013
Authored by Maksim Chudakov, Andrey Kurtasanov

A common local privilege escalation vulnerability has been discovered in multiple Infotecs ViPNet products. The affected versions include ViPNet Client version 3.2.10 (15632), ViPNet Coordinator version 3.2.10 (15632), ViPNet SafeDisk version 4.1 (0.5643), and ViPNet Personal Firewall version 3.1. Prior versions of these products are also affected.

tags | advisory, local
systems | windows
advisories | CVE-2013-3496
MD5 | 6074521c4d2334964c1d65fba194980c
Slackware Security Advisory - kernel Updates
Posted May 21, 2013
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New Linux kernel packages are available for Slackware 13.37 and 14.0 to fix a security issue.

tags | advisory, kernel
systems | linux, slackware
advisories | CVE-2013-2094
MD5 | e50f438e4b40cbc8413dc87b5c6904bb
Red Hat Security Advisory 2013-0847-01
Posted May 21, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0847-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A flaw was found in the way the Xen hypervisor AMD IOMMU driver handled interrupt remapping entries. By default, a single interrupt remapping table is used, and old interrupt remapping entries are not cleared, potentially allowing a privileged guest user in a guest that has a passed-through, bus-mastering capable PCI device to inject interrupt entries into others guests, including the privileged management domain, leading to a denial of service.

tags | advisory, denial of service, kernel
systems | linux, redhat
advisories | CVE-2013-0153
MD5 | 63ee7ee528f9f42d7c3ff3734baca265
Red Hat Security Advisory 2013-0848-01
Posted May 21, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0848-01 - Red Hat Network Satellite is a system management tool for Linux-based infrastructures. It allows for provisioning, monitoring, and remote management of multiple Linux deployments with a single, centralized tool. It was discovered that Red Hat Network Satellite did not fully check the authenticity of a client beyond the initial authentication check during an Inter-Satellite Sync operation. If a remote attacker were to modify the satellite-sync client to skip the initial authentication call, they could obtain all channel content from any Red Hat Network Satellite server that could be reached, even if Inter-Satellite Sync support was disabled.

tags | advisory, remote
systems | linux, redhat
advisories | CVE-2013-2056
MD5 | d6a5f302947c1aa2cbd86f92d8f95af1
Ubuntu Security Notice USN-1832-1
Posted May 21, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1832-1 - Emmanuel Bouillon discovered that LibTIFF incorrectly handled certain malformed images when using the tiff2pdf tool. If a user or automated system were tricked into opening a specially crafted TIFF image, a remote attacker could crash the application, leading to a denial of service, or possibly execute arbitrary code with user privileges.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2013-1960, CVE-2013-1961
MD5 | 917b5abea1b30ca3baa8d16089a87949
Mandriva Linux Security Advisory 2013-166
Posted May 21, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-166 - The kpasswd service provided by kadmind was vulnerable to a UDP ping-pong attack. The updated packages have been patched to correct this issue.

tags | advisory, udp
systems | linux, mandriva
advisories | CVE-2002-2443
MD5 | fb8357773777991ef6503f2b723f896e
Kimai 0.9.2.1306-3 SQL Injection
Posted May 21, 2013
Authored by drone | Site kimai.org

Kimai version 0.9.2.1306-3 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
systems | linux, windows
MD5 | ab547448d5e955197b1fe4c76b7432ea
Ophcrack 3.50 Buffer Overflow / Code Execution
Posted May 21, 2013
Authored by xis_one | Site ophcrack.sourceforge.net

Ophcrack version 3.5.0 suffers from stack based buffer overflow vulnerability that leads to local code execution.

tags | exploit, overflow, local, code execution
systems | windows
MD5 | a93ad9e8727db7e02b96e7be492f4360
Linksys WRT160n apply.cgi Remote Command Injection
Posted May 21, 2013
Authored by Michael Messner, juan vazquez | Site metasploit.com

Some Linksys Routers are vulnerable to an authenticated OS command injection on their web interface where default credentials are admin/admin or admin/password. Since it is a blind OS command injection vulnerability, there is no output for the executed command when using the cmd generic payload. This Metasploit module has been tested on a Linksys WRT160n version 2 - firmware version v2.0.03. A ping command against a controlled system could be used for testing purposes. The exploit uses the tftp client from the device to stage to native payloads from the command injection.

tags | exploit, web
advisories | OSVDB-90093
MD5 | c6c565057b83cf3f31573084b028cdd3
Sony PS3 Firmware 4.31 Code Execution
Posted May 21, 2013
Authored by Benjamin Kunz Mejri | Site vulnerability-lab.com

A local code execution vulnerability is detected in the official PlayStation 3 v4.31 Firmware. The vulnerability allows local attackers to inject and execute code out of vulnerable PlayStation 3 menu main web context.

tags | exploit, web, local, code execution
MD5 | 1c6c7a1403bf81dd46d269b7c8fde7e1
Trend Micro DirectPass 1.5.0.1060 Command Injection / Denial Of Service
Posted May 21, 2013
Authored by Benjamin Kunz Mejri | Site vulnerability-lab.com

Trend Micro DirectPass 1.5.0.1060 suffers from local command/path injection, persistent code injection, and a denial of service vulnerability.

tags | exploit, denial of service, local, code execution
MD5 | 509761d8b43ba89f7449452a39927283
Reverse Engineering Camera Firmware
Posted May 21, 2013
Authored by Prayas Kulshrestha

This paper provides a walk-through on using binwalk and gzip to get to the disk image contained within a Sercomm IP Camera .bin firmware update.

tags | paper
MD5 | 4e01a8c333dce3b11e0d3fab052044e2
Page 1 of 1
Back1Next

File Archive:

April 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    21 Files
  • 2
    Apr 2nd
    35 Files
  • 3
    Apr 3rd
    21 Files
  • 4
    Apr 4th
    16 Files
  • 5
    Apr 5th
    15 Files
  • 6
    Apr 6th
    1 Files
  • 7
    Apr 7th
    2 Files
  • 8
    Apr 8th
    23 Files
  • 9
    Apr 9th
    19 Files
  • 10
    Apr 10th
    15 Files
  • 11
    Apr 11th
    14 Files
  • 12
    Apr 12th
    11 Files
  • 13
    Apr 13th
    2 Files
  • 14
    Apr 14th
    5 Files
  • 15
    Apr 15th
    14 Files
  • 16
    Apr 16th
    19 Files
  • 17
    Apr 17th
    19 Files
  • 18
    Apr 18th
    8 Files
  • 19
    Apr 19th
    4 Files
  • 20
    Apr 20th
    5 Files
  • 21
    Apr 21st
    1 Files
  • 22
    Apr 22nd
    10 Files
  • 23
    Apr 23rd
    22 Files
  • 24
    Apr 24th
    11 Files
  • 25
    Apr 25th
    15 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close