what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 29 RSS Feed

Files Date: 2013-05-28

TP-Link IP Camera Hardcoded Credentials / Command Injection
Posted May 28, 2013
Authored by Core Security Technologies, Nahuel Riva, Francisco Falcon | Site coresecurity.com

TP-Link IP cameras suffer from hard-coded credential and remote command execution vulnerabilities.

tags | exploit, remote, vulnerability
advisories | CVE-2013-2573, CVE-2013-2572
SHA-256 | d96b583866927f2f59a08545c251d956a2dfef2c6512197cefb588c1ac39997b
Red Hat Security Advisory 2013-0876-01
Posted May 28, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0876-01 - The Enterprise Web Platform is a slimmed down profile of the JBoss Enterprise Application Platform intended for mid-size workloads with light and rich Java applications. XML encryption backwards compatibility attacks were found against various frameworks, including Apache CXF. An attacker could force a server to use insecure, legacy cryptosystems, even when secure cryptosystems were enabled on endpoints. By forcing the use of legacy cryptosystems, flaws such as CVE-2011-1096 and CVE-2011-2487 would be exposed, allowing plain text to be recovered from cryptograms and symmetric keys. This issue affected both the JBoss Web Services CXF and JBoss Web Services Native stacks.

tags | advisory, java, web
systems | linux, redhat
advisories | CVE-2012-5575
SHA-256 | 771b5cf0baa142d36b61a35b2a17019a02dab759a5895fa85fdd606db24f172f
Red Hat Security Advisory 2013-0872-01
Posted May 28, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0872-01 - Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages technologies. A flaw was found in the way the tomcat5 and tomcat6 init scripts handled the tomcat5-initd.log and tomcat6-initd.log log files. A malicious web application deployed on Tomcat could use this flaw to perform a symbolic link attack to change the ownership of an arbitrary system file to that of the tomcat user, allowing them to escalate their privileges to root. Note: With this update, tomcat5-initd.log and tomcat6-initd.log have been moved to the /var/log/ directory.

tags | advisory, java, web, arbitrary, root
systems | linux, redhat
advisories | CVE-2013-1976
SHA-256 | 199cda86dd71068edbef06de9eb7dc337d73b17a508b1f3cec2cd3be13e4aafb
Red Hat Security Advisory 2013-0873-01
Posted May 28, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0873-01 - JBoss Enterprise Application Platform is a platform for Java applications, which integrates the JBoss Application Server with JBoss Hibernate and JBoss Seam. XML encryption backwards compatibility attacks were found against various frameworks, including Apache CXF. An attacker could force a server to use insecure, legacy cryptosystems, even when secure cryptosystems were enabled on endpoints. By forcing the use of legacy cryptosystems, flaws such as CVE-2011-1096 and CVE-2011-2487 would be exposed, allowing plain text to be recovered from cryptograms and symmetric keys. This issue affected both the JBoss Web Services CXF and JBoss Web Services Native stacks.

tags | advisory, java, web
systems | linux, redhat
advisories | CVE-2012-5575
SHA-256 | cecf1d51ed0c4262624e43b997afb2de10d940cea27df60955ecbe489b38f371
Red Hat Security Advisory 2013-0871-01
Posted May 28, 2013
Authored by Red Hat | Site access.redhat.com

Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies. A flaw was found in the way the tomcat6 and tomcat7 init scripts handled the tomcat6-initd.log and tomcat7-initd.log log files. A malicious web application deployed on Tomcat could use this flaw to perform a symbolic link attack to change the ownership of an arbitrary system file to that of the tomcat user, allowing them to escalate their privileges to root.

tags | advisory, java, web, arbitrary, root
systems | linux, redhat
advisories | CVE-2013-1976
SHA-256 | 0958d0cbed0050a16dec44ed62948999617eca534fb1b54edfe416b90c69c598
Red Hat Security Advisory 2013-0875-01
Posted May 28, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0875-01 - JBoss Enterprise Application Platform is a platform for Java applications, which integrates the JBoss Application Server with JBoss Hibernate and JBoss Seam. XML encryption backwards compatibility attacks were found against various frameworks, including Apache CXF. An attacker could force a server to use insecure, legacy cryptosystems, even when secure cryptosystems were enabled on endpoints. By forcing the use of legacy cryptosystems, flaws such as CVE-2011-1096 and CVE-2011-2487 would be exposed, allowing plain text to be recovered from cryptograms and symmetric keys. This issue affected both the JBoss Web Services CXF and JBoss Web Services Native stacks.

tags | advisory, java, web
systems | linux, redhat
advisories | CVE-2012-5575
SHA-256 | 0e1d286cb3e931e03beb90fdc154faa85d586a8f0ce7a4262ff1b22ec07415f1
Red Hat Security Advisory 2013-0874-01
Posted May 28, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0874-01 - The Enterprise Web Platform is a slimmed down profile of the JBoss Enterprise Application Platform intended for mid-size workloads with light and rich Java applications. XML encryption backwards compatibility attacks were found against various frameworks, including Apache CXF. An attacker could force a server to use insecure, legacy cryptosystems, even when secure cryptosystems were enabled on endpoints. By forcing the use of legacy cryptosystems, flaws such as CVE-2011-1096 and CVE-2011-2487 would be exposed, allowing plain text to be recovered from cryptograms and symmetric keys. This issue affected both the JBoss Web Services CXF and JBoss Web Services Native stacks.

tags | advisory, java, web
systems | linux, redhat
advisories | CVE-2012-5575
SHA-256 | 762bc581736c0924210861060698681ac59d24483796a4a02c3339e661aeec62
Red Hat Security Advisory 2013-0870-01
Posted May 28, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0870-01 - Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages technologies. A flaw was found in the way the tomcat5 init script handled the catalina.out log file. A malicious web application deployed on Tomcat could use this flaw to perform a symbolic link attack to change the ownership of an arbitrary system file to that of the tomcat user, allowing them to escalate their privileges to root. Note: With this update, /var/log/tomcat5/catalina.out has been moved to the /var/log/tomcat5-initd.log file.

tags | advisory, java, web, arbitrary, root
systems | linux, redhat
advisories | CVE-2013-1976
SHA-256 | 73673139e2d79f38abef28de888a48c2d7dfbd4dd4f0af2607af87e6191be149
Red Hat Security Advisory 2013-0868-01
Posted May 28, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0868-01 - HAProxy provides high availability, load balancing, and proxying for TCP and HTTP-based applications. A buffer overflow flaw was found in the way HAProxy handled pipelined HTTP requests. A remote attacker could send pipelined HTTP requests that would cause HAProxy to crash or, potentially, execute arbitrary code with the privileges of the user running HAProxy. This issue only affected systems using all of the following combined configuration options: HTTP keep alive enabled, HTTP keywords in TCP inspection rules, and request appending rules.

tags | advisory, remote, web, overflow, arbitrary, tcp
systems | linux, redhat
advisories | CVE-2013-1912
SHA-256 | a13d26acaf53515c7f910526932accbd0e75fb1f4601b88631fed32c1a9ec19b
Red Hat Security Advisory 2013-0869-01
Posted May 28, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0869-01 - Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages technologies. A flaw was found in the way the tomcat6 init script handled the tomcat6-initd.log log file. A malicious web application deployed on Tomcat could use this flaw to perform a symbolic link attack to change the ownership of an arbitrary system file to that of the tomcat user, allowing them to escalate their privileges to root. Note: With this update, tomcat6-initd.log has been moved from /var/log/tomcat6/ to the /var/log/ directory.

tags | advisory, java, web, arbitrary, root
systems | linux, redhat
advisories | CVE-2013-1976, CVE-2013-2051
SHA-256 | 401e4a4f336235be1cf456c5a4ad7081526d207288121b04e31993f2bece5aaf
Ubuntu Security Notice USN-1841-1
Posted May 28, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1841-1 - It was discovered that Tomcat incorrectly handled certain requests submitted using chunked transfer encoding. A remote attacker could use this flaw to cause the Tomcat server to stop responding, resulting in a denial of service. This issue only affected Ubuntu 10.04 LTS and Ubuntu 12.04 LTS. It was discovered that Tomcat incorrectly handled certain authentication requests. A remote attacker could possibly use this flaw to inject a request that would get executed with a victim's credentials. This issue only affected Ubuntu 10.04 LTS, Ubuntu 12.04 LTS, and Ubuntu 12.10. Various other issues were also addressed.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2012-3544, CVE-2013-2067, CVE-2013-2071, CVE-2012-3544, CVE-2013-2067, CVE-2013-2071
SHA-256 | b002a0a0604129aab3c01f6d632495573ac355189b6d1b38e345b90d003d572a
SIEMENS Solid Edge ST4 SEListCtrlX Code Execution
Posted May 28, 2013
Authored by rgod | Site retrogod.altervista.org

SIEMENS Solid Edge ST4 SEListCtrlX active-x control SetItemReadOnly suffers from an arbitrary memory rewrite remote code execution vulnerability. Proof of concept included.

tags | exploit, remote, arbitrary, code execution, activex, proof of concept
systems | linux
SHA-256 | 6c6ea1a9c072ee2af175d48c30c8a9025b2eddad5dddcf7ee400ddb53f111796
MayGion IP Camera Path Traversal / Buffer Overflow
Posted May 28, 2013
Authored by Core Security Technologies | Site coresecurity.com

Core Security Technologies Advisory - MayGion IP cameras suffer from path traversal and buffer overflow vulnerabilities.

tags | exploit, overflow, vulnerability
advisories | CVE-2013-1604, CVE-2013-1605
SHA-256 | 21e644d9151837b4ab263d654102bff96b1ab9d864c49f37c40e5bb8d1affef9
IBM SPSS SamplePower C1Tab ActiveX Heap Overflow
Posted May 28, 2013
Authored by Alexander Gavrun, juan vazquez | Site metasploit.com

This Metasploit module exploits a heap based buffer overflow in the C1Tab ActiveX control, while handling the TabCaption property. The affected control can be found in the c1sizer.ocx component as included with IBM SPSS SamplePower 3.0. This Metasploit module has been tested successfully on IE 6, 7 and 8 on Windows XP SP3 and IE 8 on Windows 7 SP1.

tags | exploit, overflow, activex
systems | windows
advisories | CVE-2012-5946, OSVDB-92845
SHA-256 | 99fdd7d6b7ffc3bcb3ad029cfcdb362a9cb2e0bb387ffdddfabe715b79e167a0
Debian Security Advisory 2694-1
Posted May 28, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2694-1 - A privilege escalation vulnerability has been found in SPIP, a website engine for publishing, which allows anyone to take control of the website.

tags | advisory
systems | linux, debian
SHA-256 | fc4a611833f0a5eb9fe705374c4e9db33905e8cf726ffbe494a50eadf1b5b633
Ubuntu Security Notice USN-1839-1
Posted May 28, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1839-1 - A flaw was discovered in the Linux kernel's perf_events interface. A local user could exploit this flaw to escalate privileges on the system. Andy Lutomirski discover an error in the Linux kernel's credential handling on unix sockets. A local user could exploit this flaw to gain administrative privileges. A buffer overflow vulnerability was discovered in the Broadcom tg3 ethernet driver for the Linux kernel. A local user could exploit this flaw to cause a denial of service (crash the system) or potentially escalate privileges on the system. Various other issues were also addressed.

tags | advisory, denial of service, overflow, kernel, local
systems | linux, unix, ubuntu
advisories | CVE-2013-2094, CVE-2013-1979, CVE-2013-1929, CVE-2013-3301, CVE-2013-1929, CVE-2013-1979, CVE-2013-2094, CVE-2013-3301
SHA-256 | 86ed1e11ed9cf4931a18e84838efdd7f1f497b8d0f4b6080dd50c1bfa77d545d
Mandriva Linux Security Advisory 2013-168
Posted May 28, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-168 - httplib2 only validates SSL certificates on the first request to a connection, and doesn't report validation failures on subsequent requests.

tags | advisory
systems | linux, mandriva
advisories | CVE-2013-2037
SHA-256 | 3d461ed982ce73f57f0d9db3030c1093c61471b0bd761aa4a87ccc6a3d04a5e6
Debian Security Advisory 2675-2
Posted May 28, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2675-2 - A regression was discovered in the security update for libxvmc, causing segfaults with some applications. Updated packages are available to address this problem. For reference, the original advisory text follows.

tags | advisory
systems | linux, debian
advisories | CVE-2013-1990, CVE-2013-1999
SHA-256 | d3a0bc1632e466760dad2950464a69652889c77f4fe59d25b1370341024f0a59
Mandriva Linux Security Advisory 2013-167
Posted May 28, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-167 - OpenVPN 2.3.0 and earlier running in UDP mode are subject to chosen ciphertext injection due to a non-constant-time HMAC comparison function. Plaintext recovery may be possible using a padding oracle attack on the CBC mode cipher implementation of the crypto library, optimistically at a rate of about one character per 3 hours. PolarSSL seems vulnerable to such an attack; the vulnerability of OpenSSL has not been verified or tested.

tags | advisory, udp, cryptography
systems | linux, mandriva
advisories | CVE-2013-2061
SHA-256 | a75cb3960da77a15622808e7278771f10cebd019788136fc247c9d95fda3ffab
Debian Security Advisory 2693-1
Posted May 28, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2693-1 - Ilja van Sprundel of IOActive discovered several security issues in multiple components of the X.org graphics stack and the related conversions, buffer overflows, memory corruption and missing input sanitising may lead to privilege escalation or denial of service.

tags | advisory, denial of service, overflow
systems | linux, debian
advisories | CVE-2013-1981, CVE-2013-1997, CVE-2013-2004
SHA-256 | 45c896ecb29d7dd8c9d97225ffcb5169c2a16957a4861b7cc2f87deb1771927c
aidSQL SQL Injection Detection And Exploitation Tool 20130527
Posted May 28, 2013
Authored by Federico Stange | Site code.google.com

aidSQL SQL injection detection and exploitation tool is a modular PHP scanner that allows you to develop your own plugins for use.

Changes: This version improves --interactive mode and adds MS SQL SERVER 2000 injection and reverse engineer support.
tags | tool, scanner, php, sql injection
systems | linux, unix
SHA-256 | ede98363826326ac8e65d9fb102f11c06147d57f5417e955d5fa2422c49f5e89
Apache Struts 2 XSS / Command Execution
Posted May 28, 2013
Authored by Rene Gielen | Site struts.apache.org

Apache Struts has released version 2.3.14.2. This version addresses a security issue. A vulnerability introduced by forcing parameter inclusion in the URL and Anchor Tag allows remote command execution, session access and manipulation and XSS attacks.

tags | advisory, remote, xss
advisories | CVE-2013-2115
SHA-256 | 997e378c4b860d1aa2a155b1337c65add2fa61cfb34c8b401dbef4cd54ad9b69
Barracuda SSL VPN 680 2.2.2.203 Open Redirect
Posted May 28, 2013
Authored by Chokri Ben Achor, Dave Farrow, Vulnerability Laboratory | Site vulnerability-lab.com

Barracuda SSL VPN 680 2.2.2.203 suffers from an open redirection vulnerability.

tags | exploit
SHA-256 | 5740b1e5e5c9fc656d5fb5cfcb35cf011fa06b52f64e6aab8dc7973c32b15373
Zavio IP Camera Command Injection / Bypass
Posted May 28, 2013
Authored by Core Security Technologies, Nahuel Riva, Francisco Falcon | Site coresecurity.com

Core Security Technologies Advisory - Zavio IP cameras based on firmware versions 1.6.03 and below suffer from bypass, hard-coded credential, and arbitrary command execution vulnerabilities.

tags | exploit, arbitrary, vulnerability
advisories | CVE-2013-2567, CVE-2013-2568, CVE-2013-2569, CVE-2013-2570
SHA-256 | 78c356b2ffcb1e25d51e6592b9d5d73b842cdf1d53ab057c2850cde52d3c84c9
Firewall Log Watch 1.4
Posted May 28, 2013
Authored by Boris Wesslowski | Site kyb.uni-stuttgart.de

fwlogwatch is a packet filter and firewall log analyzer with support for Linux ipchains, Linux netfilter/iptables, Solaris/BSD/HP-UX/IRIX ipfilter, Cisco IOS, Cisco PIX/ASA, Netscreen, Elsa Lancom router, and Snort IDS log files. It can output its summaries in text and HTML and has a lot of options. fwlogwatch also features a realtime anomaly response capability with a Web interface.

Changes: This release adds IPv6 support for ipfilter and includes fixes for the netfilter parser and forward DNS resolution.
tags | tool, web, firewall
systems | cisco, linux, unix, solaris, irix, bsd, hpux, ios
SHA-256 | 784c667fc4b2cb45a551290aa31e176a98eedf87686e8f45e5e50794aa951c79
Page 1 of 2
Back12Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close