the original cloud security
Showing 1 - 16 of 16 RSS Feed

Files Date: 2013-06-03

Netgear WPN824v3 Unauthorized Config Download
Posted Jun 3, 2013
Authored by Jens Regel

Netgear WPN824v3 allows for a remote party to download the configuration file unauthenticated.

tags | exploit, remote
MD5 | d55c0037ea595e02934c4ec94a8c58be
Open-Xchange Server 6 Cross Site Scripting
Posted Jun 3, 2013
Authored by Martin Braun

Multiple cross site scripting vulnerabilities have been addressed in Open-Xchange Server 6.

tags | advisory, vulnerability, xss
advisories | CVE-2013-3106
MD5 | 4d3328e39090478a86a5fc26789bef2e
Microsoft Visual C++ Runtime Libraries Out Of Date
Posted Jun 3, 2013
Authored by Stefan Kanthak

Many Microsoft products install outdated and vulnerable Microsoft Visual C++ Runtime Libraries MSVC?80.DLL version 8.0.50727.42.

tags | advisory
MD5 | cdb114237f15df97de4b22bc235ebc48
DS3 Authentication Server Command Execution
Posted Jun 3, 2013
Authored by Pedro Andujar

DS3 Authentication Server suffers from path disclosure and remote command execution vulnerabilities.

tags | exploit, remote, vulnerability
MD5 | 110e407d768209d2dec5f321f990ff01
Imperva SecureSphere Operations Manager Command Execution
Posted Jun 3, 2013
Authored by Pedro Andujar

Imperva SecureSphere Operations Manager version 9.0.0.5 Enterprise Edition suffers from path disclosure, command execution, and arbitrary file upload vulnerabilities.

tags | exploit, arbitrary, vulnerability, file upload
MD5 | cdf8dfe6404a22e697acbdbeb344e4ef
Netgear DGN Authentication Bypass / Command Execution
Posted Jun 3, 2013
Authored by Roberto Paleari

Netgear DGN1000 with firmware version prior to 1.1.00.48 and Netgear DGN2200 version 1 suffer from authentication bypass and command execution vulnerabilities.

tags | exploit, vulnerability, bypass
MD5 | e998700ff9d13aad687168abc14751dc
Debian Security Advisory 2702-1
Posted Jun 3, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2702-1 - Maksim Otstavnov discovered that the Wocky submodule used by telepathy-gabble, the Jabber/XMPP connection manager for the Telepathy framework, does not respect the tls-required flag on legacy Jabber servers. A network intermediary could use this vulnerability to bypass TLS verification and perform a man-in-the-middle attack.

tags | advisory
systems | linux, debian
advisories | CVE-2013-1431
MD5 | 1eb75a552782e4da122ba82cb84ce568
Red Hat Security Advisory 2013-0897-01
Posted Jun 3, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0897-01 - Mesa provides a 3D graphics API that is compatible with Open Graphics Library. It also provides hardware-accelerated drivers for many popular graphics chips. An out-of-bounds access flaw was found in Mesa. If an application using Mesa exposed the Mesa API to untrusted inputs, an attacker could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. It was found that Mesa did not correctly validate messages from the X server. A malicious X server could cause an application using Mesa to crash or, potentially, execute arbitrary code with the privileges of the user running the application.

tags | advisory, arbitrary
systems | linux, redhat
advisories | CVE-2013-1872, CVE-2013-1993
MD5 | 1103a905a28fee53ef4379900c1befe4
Red Hat Security Advisory 2013-0898-01
Posted Jun 3, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0898-01 - Mesa provides a 3D graphics API that is compatible with Open Graphics Library. It also provides hardware-accelerated drivers for many popular graphics chips. It was found that Mesa did not correctly validate messages from the X server. A malicious X server could cause an application using Mesa to crash or, potentially, execute arbitrary code with the privileges of the user running the application. All users of Mesa are advised to upgrade to these updated packages, which contain backported patches to correct these issues. All running applications linked against Mesa must be restarted for this update to take effect.

tags | advisory, arbitrary
systems | linux, redhat
advisories | CVE-2013-1993
MD5 | 9e03ec6f10d72cf9d88cd82650e92065
Red Hat Security Advisory 2013-0791-01
Posted Jun 3, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0791-01 - KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm-rhev packages form the user-space component for running virtual machines using KVM. It was found that QEMU Guest Agent created certain files with world-writable permissions when run in daemon mode. An unprivileged guest user could use this flaw to consume all free space on the partition containing the qemu-ga log file, or modify the contents of the log. When a UNIX domain socket transport was explicitly configured to be used, an unprivileged guest user could potentially use this flaw to escalate their privileges in the guest. This update requires manual action.

tags | advisory
systems | linux, redhat, unix
advisories | CVE-2013-2007
MD5 | 2d273fa6deea156fce54c272d1abc380
Red Hat Security Advisory 2013-0896-01
Posted Jun 3, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0896-01 - KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. qemu-kvm is the user-space component for running virtual machines using KVM. It was found that QEMU Guest Agent created certain files with world-writable permissions when run in daemon mode. An unprivileged guest user could use this flaw to consume all free space on the partition containing the qemu-ga log file, or modify the contents of the log. When a UNIX domain socket transport was explicitly configured to be used, an unprivileged guest user could potentially use this flaw to escalate their privileges in the guest. This update requires manual action.

tags | advisory
systems | linux, redhat, unix
advisories | CVE-2013-2007
MD5 | eabdd99a4ebf2c7d5d35285e6193407b
Red Hat Security Advisory 2013-0895-01
Posted Jun 3, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0895-01 - In accordance with the Red Hat Enterprise Linux Errata Support Policy, Extended Update Support for Red Hat Enterprise Linux 6.1 was retired on May 31, 2013, and support is no longer provided. Accordingly, Red Hat will no longer provide updated packages, including critical impact security patches or urgent priority bug fixes, for Red Hat Enterprise Linux 6.1 EUS. In addition, technical support through Red Hat's Global Support Services is no longer provided. Note: This notification applies only to those customers with subscriptions to the Extended Update Support channels for Red Hat Enterprise Linux 6.1.

tags | advisory
systems | linux, redhat
MD5 | 61b8f296505c2c8f986f41c15fe18fbd
Balkan Computer Congress 2013 Call For Papers
Posted Jun 3, 2013
Authored by BalCCon

This is the announcement for the Balkan Computer Congress 2013 (BalCCon) Call For Papers. It will be held September 6th through the 7th in Novi Sad, Vojvodina, Serbia.

tags | paper, conference
MD5 | 79bff74c4220895ea7eb510fb85f049d
Shellcodecs Shellcoding Toolset
Posted Jun 3, 2013
Site blackhatlibrary.net

Shellcodecs is a collection of shellcodes, loaders, sources, and generators provided with documentation designed to ease the exploitation and shellcode programming process.

tags | tool, shellcode
systems | unix
MD5 | fc05b8518a3afeecdf9986548b50deec
Windows NT/2K/XP/2K3/VISTA/2K8/7/8 EPATHOBJ Local ring0
Posted Jun 3, 2013
Authored by Tavis Ormandy, progmboy

There is a pretty obvious bug in win32k!EPATHOBJ::pprFlattenRec where the PATHREC object returned by win32k!EPATHOBJ::newpathrec does not initialize the next list pointer. This is a local ring0 exploit for Microsoft Windows NT/2K/XP/2K3/VISTA/2K8/7/8.

tags | exploit, local
systems | windows, nt
MD5 | 200aada714abad7e48075d77ab64032f
Scriptalicious Pro Cross Site Scripting
Posted Jun 3, 2013
Authored by Nikhalesh Singh Bhadoria

Scriptalicious Pro suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 6e51cc9c2f83f0f0e054603832eb5f7f
Page 1 of 1
Back1Next

File Archive:

July 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    2 Files
  • 2
    Jul 2nd
    3 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    4 Files
  • 5
    Jul 5th
    15 Files
  • 6
    Jul 6th
    15 Files
  • 7
    Jul 7th
    10 Files
  • 8
    Jul 8th
    2 Files
  • 9
    Jul 9th
    10 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    15 Files
  • 12
    Jul 12th
    19 Files
  • 13
    Jul 13th
    16 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    3 Files
  • 16
    Jul 16th
    2 Files
  • 17
    Jul 17th
    8 Files
  • 18
    Jul 18th
    11 Files
  • 19
    Jul 19th
    15 Files
  • 20
    Jul 20th
    15 Files
  • 21
    Jul 21st
    15 Files
  • 22
    Jul 22nd
    7 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close