exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 11 of 11 RSS Feed

Files Date: 2013-06-02

GNU Privacy Guard 2.0.28
Posted Jun 2, 2013

GnuPG (the GNU Privacy Guard or GPG) is GNU's tool for secure communication and data storage. It can be used to encrypt data and to create digital signatures. It includes an advanced key management facility and is compliant with the proposed OpenPGP Internet standard as described in RFC2440. As such, it is meant to be compatible with PGP from NAI, Inc. Because it does not use any patented algorithms, it can be used without any restrictions.

Changes: Multiple bug fixes.
tags | encryption
SHA-256 | ce092ee4ab58fd19b9fb34a460c07b06c348f4360dd5dd4886d041eb521a534c
Debian Security Advisory 2701-1
Posted Jun 2, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2701-1 - It was discovered that the kpasswd service running on UDP port 464 could respond to response packets, creating a packet loop and a denial of service condition.

tags | advisory, denial of service, udp
systems | linux, debian
advisories | CVE-2002-2443
SHA-256 | 0836cbd23bcc004f062506b46b562c4e1e8b8b1e57e4a9fe0c0aaa296d36348d
Packet Storm New Exploits For May, 2013
Posted Jun 2, 2013
Authored by Todd J. | Site packetstormsecurity.com

This archive contains all of the 126 exploits added to Packet Storm in May, 2013.

tags | exploit
systems | linux
SHA-256 | c29831f658ed77c2534eddffe84f7ab2fbc633835a65c57ff018013e6ceac702
Oracle WebCenter Content CheckOutAndOpen.dll ActiveX Remote Code Execution
Posted Jun 2, 2013
Authored by rgod, juan vazquez | Site metasploit.com

This Metasploit modules exploits a vulnerability found in the Oracle WebCenter Content CheckOutAndOpenControl ActiveX. This vulnerability exists in openWebdav(), where user controlled input is used to call ShellExecuteExW(). This Metasploit module abuses the control to execute an arbitrary HTA from a remote location. This Metasploit module has been tested successfully with the CheckOutAndOpenControl ActiveX installed with Oracle WebCenter Content 11.1.1.6.0.

tags | exploit, remote, arbitrary, activex
advisories | CVE-2013-1559, OSVDB-92386
SHA-256 | b0e1c2b4d5000f5d54ab03faad81b1e6f76cdaf93878521b78deb176531d5582
Apache Struts includeParams Remote Code Execution
Posted Jun 2, 2013
Authored by Douglas Rodrigues, Eric Kobrin | Site metasploit.com

This Metasploit module exploits a remote command execution vulnerability in Apache Struts versions prior to 2.3.14.2. A specifically crafted request parameter can be used to inject arbitrary OGNL code into the stack bypassing Struts and OGNL library protections. When targeting an action which requires interaction through GET the payload should be split having into account the uri limits. In this case, if the rendered jsp has more than one point of injection, it could result in payload corruption. It should happen only when the payload is larger than the uri length.

tags | exploit, remote, arbitrary
advisories | CVE-2013-2115, CVE-2013-1966, OSVDB-93645
SHA-256 | b8de09303f34b2ff81911d9ef267d142269251e15e41b38a2fb9e953d6b6f460
GNU Transport Layer Security Library 3.2.1
Posted Jun 2, 2013
Authored by Simon Josefsson, Nikos Mavrogiannopoulos | Site gnu.org

GnuTLS is a secure communications library implementing the SSL and TLS protocols and technologies around them. It provides a simple C language application programming interface (API) to access the secure communications protocols, as well as APIs to parse and write X.509, PKCS #12, OpenPGP, and other required structures. It is intended to be portable and efficient with a focus on security and interoperability.

Changes: This release adds small fixes to DTLS client hello verify handling, packet overhead size calculation, and a workaround for an issue with implementations which negotiate ECC under SSL 3.0.
tags | protocol, library
SHA-256 | abfa8165947837ada2363355ada25d913f48e6bb261f0a67f20d2fb6079e22fe
Debian Security Advisory 2700-1
Posted Jun 2, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2700-1 - Multiple vulnerabilities were discovered in the Wireshark dissectors for GTPv2, ASN.1 BER, PPP CCP, DCP ETSI, MPEG DSM-CC and Websocket, which could result in denial of service or the execution of arbitrary code.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, debian
advisories | CVE-2013-3555, CVE-2013-3557, CVE-2013-3558, CVE-2013-3559, CVE-2013-3560, CVE-2013-3562
SHA-256 | ff03f8b24b1d41d37d4162fb29bafcd76ce613db1a1674f295db2eae979d897a
Debian Security Advisory 2699-1
Posted Jun 2, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2699-1 - Multiple security issues have been found in Iceweasel, Debian's version of the Mozilla Firefox web browser. These issues include multiple memory safety errors, missing input sanitizing vulnerabilities, use-after-free vulnerabilities, buffer overflows and other programming errors which may lead to the execution of arbitrary code, privilege escalation, information leaks or cross site scripting.

tags | advisory, web, overflow, arbitrary, vulnerability, xss
systems | linux, debian
advisories | CVE-2013-0773, CVE-2013-0775, CVE-2013-0776, CVE-2013-0780, CVE-2013-0782, CVE-2013-0783, CVE-2013-0787, CVE-2013-0788, CVE-2013-0793, CVE-2013-0795, CVE-2013-0796, CVE-2013-0800, CVE-2013-0801, CVE-2013-1670, CVE-2013-1674, CVE-2013-1675, CVE-2013-1676, CVE-2013-1677, CVE-2013-1678, CVE-2013-1679, CVE-2013-1680, CVE-2013-1681
SHA-256 | 0c8d95ee21c71cdad274d263f5504e4aa7ef4314c41cc7e9044a6c7ce9603f81
BOINC Manager 7.0.64 Buffer Overflow
Posted Jun 2, 2013
Authored by xis_one

BOINC Manager (SETI at Home) version 7.0.64 Field stack based buffer overflow exploit.

tags | exploit, overflow
SHA-256 | 9a68f8632644c25c3db7ebc94abb6b9bcd6204f3cab0bd2f03d079a774d30a30
AntiVirus For WordPress 1.0 Path Disclosure / Bypass
Posted Jun 2, 2013
Authored by MustLive

AntiVirus for WordPress version 1.0 suffers from security bypass and path disclosure vulnerabilities.

tags | advisory, vulnerability, bypass
SHA-256 | 0271b9f61209e7bc28bc04692baa01327ddec0b5dac9ef1d98f84af5b58aa72f
Windows Credential Editor 1.4 Beta
Posted Jun 2, 2013
Authored by Hernan Ochoa | Site ampliasecurity.com

Windows Credentials Editor (WCE) allows you to list logon sessions and add, change, list and delete associated credentials (ex.: LM/NT hashes). This can be used, for example, to perform pass-the-hash on Windows and also obtain NT/LM hashes from memory (credentials not stored locally including domain credentials from interactive logons, services, remote desktop connections, etc.) which can be used in further attacks. This is the universal binary.

Changes: Several bug fixes.
tags | remote
systems | windows
SHA-256 | 285b752a5654ebc12d1cdde6a34f79438f321b1ba9e23e9ca345f7cd9739587b
Page 1 of 1
Back1Next

File Archive:

September 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    23 Files
  • 2
    Sep 2nd
    12 Files
  • 3
    Sep 3rd
    0 Files
  • 4
    Sep 4th
    0 Files
  • 5
    Sep 5th
    10 Files
  • 6
    Sep 6th
    8 Files
  • 7
    Sep 7th
    30 Files
  • 8
    Sep 8th
    14 Files
  • 9
    Sep 9th
    26 Files
  • 10
    Sep 10th
    0 Files
  • 11
    Sep 11th
    0 Files
  • 12
    Sep 12th
    5 Files
  • 13
    Sep 13th
    28 Files
  • 14
    Sep 14th
    15 Files
  • 15
    Sep 15th
    17 Files
  • 16
    Sep 16th
    9 Files
  • 17
    Sep 17th
    0 Files
  • 18
    Sep 18th
    0 Files
  • 19
    Sep 19th
    12 Files
  • 20
    Sep 20th
    15 Files
  • 21
    Sep 21st
    20 Files
  • 22
    Sep 22nd
    13 Files
  • 23
    Sep 23rd
    12 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close