what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 16 of 16 RSS Feed

Files Date: 2013-06-03

Netgear WPN824v3 Unauthorized Config Download
Posted Jun 3, 2013
Authored by Jens Regel

Netgear WPN824v3 allows for a remote party to download the configuration file unauthenticated.

tags | exploit, remote
SHA-256 | 06e9758cc624e50c9ef6019e428d78a591a6733fb0bb99f6c0f03c6e3a08dc24
Open-Xchange Server 6 Cross Site Scripting
Posted Jun 3, 2013
Authored by Martin Braun

Multiple cross site scripting vulnerabilities have been addressed in Open-Xchange Server 6.

tags | advisory, vulnerability, xss
advisories | CVE-2013-3106
SHA-256 | 38f5d840701796b2a31696211c071436c988be8266dff7c81100c20207b476a2
Microsoft Visual C++ Runtime Libraries Out Of Date
Posted Jun 3, 2013
Authored by Stefan Kanthak

Many Microsoft products install outdated and vulnerable Microsoft Visual C++ Runtime Libraries MSVC?80.DLL version 8.0.50727.42.

tags | advisory
SHA-256 | 79d41b28c3cca91d28fadfcdc33dd2ddd6f4aeafcc354d1098eef8ce90448472
DS3 Authentication Server Command Execution
Posted Jun 3, 2013
Authored by Pedro Andujar

DS3 Authentication Server suffers from path disclosure and remote command execution vulnerabilities.

tags | exploit, remote, vulnerability
SHA-256 | d07d1f72f40c9b53f97cf062264dfb6ed349d318e2eea59c7eed003aced0fc18
Imperva SecureSphere Operations Manager Command Execution
Posted Jun 3, 2013
Authored by Pedro Andujar

Imperva SecureSphere Operations Manager version 9.0.0.5 Enterprise Edition suffers from path disclosure, command execution, and arbitrary file upload vulnerabilities.

tags | exploit, arbitrary, vulnerability, file upload
SHA-256 | eec04250ec48215aa48bf604cc560ffa6c8c039d2efdf01586190d7250bc757b
Netgear DGN Authentication Bypass / Command Execution
Posted Jun 3, 2013
Authored by Roberto Paleari

Netgear DGN1000 with firmware version prior to 1.1.00.48 and Netgear DGN2200 version 1 suffer from authentication bypass and command execution vulnerabilities.

tags | exploit, vulnerability, bypass
SHA-256 | cc4a79d89c492b5de9ab547904883302b794d0b6e6cd1cf1d61806ddfe1a4660
Debian Security Advisory 2702-1
Posted Jun 3, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2702-1 - Maksim Otstavnov discovered that the Wocky submodule used by telepathy-gabble, the Jabber/XMPP connection manager for the Telepathy framework, does not respect the tls-required flag on legacy Jabber servers. A network intermediary could use this vulnerability to bypass TLS verification and perform a man-in-the-middle attack.

tags | advisory
systems | linux, debian
advisories | CVE-2013-1431
SHA-256 | 6949abe285282ac5e2ae2ea127cf92f08bcd070215f0049630e67a6a6c5da94b
Red Hat Security Advisory 2013-0897-01
Posted Jun 3, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0897-01 - Mesa provides a 3D graphics API that is compatible with Open Graphics Library. It also provides hardware-accelerated drivers for many popular graphics chips. An out-of-bounds access flaw was found in Mesa. If an application using Mesa exposed the Mesa API to untrusted inputs, an attacker could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. It was found that Mesa did not correctly validate messages from the X server. A malicious X server could cause an application using Mesa to crash or, potentially, execute arbitrary code with the privileges of the user running the application.

tags | advisory, arbitrary
systems | linux, redhat
advisories | CVE-2013-1872, CVE-2013-1993
SHA-256 | 61e73b76a9599ec628e29d14931f81edeb1e8991e06be3eea1e54195f86ed1f7
Red Hat Security Advisory 2013-0898-01
Posted Jun 3, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0898-01 - Mesa provides a 3D graphics API that is compatible with Open Graphics Library. It also provides hardware-accelerated drivers for many popular graphics chips. It was found that Mesa did not correctly validate messages from the X server. A malicious X server could cause an application using Mesa to crash or, potentially, execute arbitrary code with the privileges of the user running the application. All users of Mesa are advised to upgrade to these updated packages, which contain backported patches to correct these issues. All running applications linked against Mesa must be restarted for this update to take effect.

tags | advisory, arbitrary
systems | linux, redhat
advisories | CVE-2013-1993
SHA-256 | f7195d024f57e7ff0c78661b7b3ba601407fbf382941f9034ca78bbb6209bfaa
Red Hat Security Advisory 2013-0791-01
Posted Jun 3, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0791-01 - KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm-rhev packages form the user-space component for running virtual machines using KVM. It was found that QEMU Guest Agent created certain files with world-writable permissions when run in daemon mode. An unprivileged guest user could use this flaw to consume all free space on the partition containing the qemu-ga log file, or modify the contents of the log. When a UNIX domain socket transport was explicitly configured to be used, an unprivileged guest user could potentially use this flaw to escalate their privileges in the guest. This update requires manual action.

tags | advisory
systems | linux, redhat, unix
advisories | CVE-2013-2007
SHA-256 | 3d0f63964a221be88b397d15513f4e055eed4a93d446220253423c80e54723d2
Red Hat Security Advisory 2013-0896-01
Posted Jun 3, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0896-01 - KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. qemu-kvm is the user-space component for running virtual machines using KVM. It was found that QEMU Guest Agent created certain files with world-writable permissions when run in daemon mode. An unprivileged guest user could use this flaw to consume all free space on the partition containing the qemu-ga log file, or modify the contents of the log. When a UNIX domain socket transport was explicitly configured to be used, an unprivileged guest user could potentially use this flaw to escalate their privileges in the guest. This update requires manual action.

tags | advisory
systems | linux, redhat, unix
advisories | CVE-2013-2007
SHA-256 | 78c09a27924b169fc35495ec7822a2252c1000ec9bf69ee699b081bcde3ba5e1
Red Hat Security Advisory 2013-0895-01
Posted Jun 3, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0895-01 - In accordance with the Red Hat Enterprise Linux Errata Support Policy, Extended Update Support for Red Hat Enterprise Linux 6.1 was retired on May 31, 2013, and support is no longer provided. Accordingly, Red Hat will no longer provide updated packages, including critical impact security patches or urgent priority bug fixes, for Red Hat Enterprise Linux 6.1 EUS. In addition, technical support through Red Hat's Global Support Services is no longer provided. Note: This notification applies only to those customers with subscriptions to the Extended Update Support channels for Red Hat Enterprise Linux 6.1.

tags | advisory
systems | linux, redhat
SHA-256 | 8f70af02177fabdc8086a91206b22ffeb3b894a3f84bc8438cf9c95ed106b6c5
Balkan Computer Congress 2013 Call For Papers
Posted Jun 3, 2013
Authored by BalCCon

This is the announcement for the Balkan Computer Congress 2013 (BalCCon) Call For Papers. It will be held September 6th through the 7th in Novi Sad, Vojvodina, Serbia.

tags | paper, conference
SHA-256 | 32cb05e249e1c1b4c0fb8b3bf79d7424fa8db9fa52648e96dd4f5f59a72ad216
Shellcodecs Shellcoding Toolset
Posted Jun 3, 2013
Site blackhatlibrary.net

Shellcodecs is a collection of shellcodes, loaders, sources, and generators provided with documentation designed to ease the exploitation and shellcode programming process.

tags | tool, shellcode
systems | unix
SHA-256 | 69a40e2afeb214b34568d99eb3bccf78671d4ef81484e96550e4d019f0942d35
Windows NT/2K/XP/2K3/VISTA/2K8/7/8 EPATHOBJ Local ring0
Posted Jun 3, 2013
Authored by Tavis Ormandy, progmboy

There is a pretty obvious bug in win32k!EPATHOBJ::pprFlattenRec where the PATHREC object returned by win32k!EPATHOBJ::newpathrec does not initialize the next list pointer. This is a local ring0 exploit for Microsoft Windows NT/2K/XP/2K3/VISTA/2K8/7/8.

tags | exploit, local
systems | windows
SHA-256 | 8cf6980d8150418310b84eb82f5ea9cd1af781bba12ccb9ac233cd2f50bba066
Scriptalicious Pro Cross Site Scripting
Posted Jun 3, 2013
Authored by Nikhalesh Singh Bhadoria

Scriptalicious Pro suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | b4de5bc88d1678157c2740d127d10c6a89ce46abaece60e55305241cd6ff9ecb
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close