all things security
Showing 1 - 20 of 20 RSS Feed

Files Date: 2013-06-11

WinRadius 2.11 Denial Of Service
Posted Jun 11, 2013
Authored by npn

WinRadius version 2.11 remote denial of service exploit.

tags | exploit, remote, denial of service
MD5 | f108cceb75c559b7638148d424c94999
Red Hat Security Advisory 2013-0928-01
Posted Jun 11, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0928-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A flaw was found in the way the vhost kernel module handled descriptors that spanned multiple regions. A privileged guest user in a KVM guest could use this flaw to crash the host or, potentially, escalate their privileges on the host.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2012-4542, CVE-2013-0311, CVE-2013-1767, CVE-2013-1773, CVE-2013-1796, CVE-2013-1797, CVE-2013-1798, CVE-2013-1848
MD5 | 4953415252d762a0acdefeaf6e7e51a7
Ubuntu Security Notice USN-1872-1
Posted Jun 11, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1872-1 - It was discovered that PHP incorrectly handled the quoted_printable_encode function. An attacker could use this flaw to cause PHP to crash, resulting in a denial of service, or to possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, php
systems | linux, ubuntu
advisories | CVE-2013-2110
MD5 | e07c477077c40c47d8402cd415ddb17f
IEEE SafeConfig 2013 Call For Papers
Posted Jun 11, 2013
Site safeconfig.org

The IEEE SafeConfig 2013 Call For Papers has been announced. It will take place on October 14th, 2013 in Washington D.C., USA.

tags | paper, conference
MD5 | 5e5dc3979083c1425681dfcad8ae553b
Slackware Security Advisory - php Updates
Posted Jun 11, 2013
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New php packages are available for Slackware 12.1, 12.2, 13.0, 13.1, 13.37, 14.0, and -current to fix a security issue. Related CVE Numbers: CVE-2013-2110.

tags | advisory, php
systems | linux, slackware
advisories | CVE-2013-2110
MD5 | 019eb15dee49beeab3a8683ae554a73a
WordPress WP-SendSMS 1.0 CSRF / XSS
Posted Jun 11, 2013
Authored by expl0i13r

WordPress WP-SendSMS plugin version 1.0 suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
MD5 | 9fd3561f1822ff6610c2be493cdfc901
Simple PHP Agenda 2.2.8 SQL Injection
Posted Jun 11, 2013
Authored by Anthony Dubuissez

Simple PHP Agenda version 2.2.8 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, php, sql injection
advisories | CVE-2013-3961
MD5 | 4471146bbb723e78337ea5a5bed6c17f
Linux perf_swevent_init Local Root
Posted Jun 11, 2013
Authored by Sorbo

perf_swevent_init local root exploit for the Linux kernel versions prior to 3.8.9 for x86_64. Based off of sd's exploit.

tags | exploit, kernel, local, root
systems | linux
advisories | CVE-2013-2094
MD5 | ea19349db46e7096d23a3d2d37aa2249
mkCMS 3.6 PHP Code Injection
Posted Jun 11, 2013
Authored by CWH Underground

mkCMS version 3.6 suffers from a remote PHP code injection vulnerability.

tags | exploit, remote, php
MD5 | 74275cea8b8850541a44b996a2ca0ab0
Fobuc Guestbook 0.9 SQL Injection
Posted Jun 11, 2013
Authored by CWH Underground

Fobuc Guestbook version 0.9 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 395cb6ce08f6ccb593b453a2666abc8c
Fail2ban 0.8.9 Denial Of Service
Posted Jun 11, 2013
Authored by Krzysztof Katowicz-Kowalewski

Fail2ban version 0.8.9 suffers from a denial of service vulnerability.

tags | advisory, denial of service
MD5 | 1f332ecb788ca80e684eab63240b72dd
Red Hat Security Advisory 2013-0888-01
Posted Jun 11, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0888-01 - Red Hat Enterprise Virtualization Manager is a visual tool for centrally managing collections of virtual servers running Red Hat Enterprise Linux and Microsoft Windows. This package also includes the Red Hat Enterprise Virtualization Manager API, a set of scriptable commands that give administrators the ability to perform queries and operations on Red Hat Enterprise Virtualization Manager. It was found that permission checks were not performed on the target storage domain when cloning a virtual machine from a snapshot. An attacker could use this flaw to perform a denial of service attack, exhausting free disk space on the target storage domain.

tags | advisory, denial of service
systems | linux, redhat, windows
advisories | CVE-2013-2144
MD5 | f9ed4b491f430805271b785af32c57b0
Red Hat Security Advisory 2013-0925-01
Posted Jun 11, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0925-01 - The rhev-guest-tools-iso package contains tools and drivers. These tools and drivers are required by supported Windows guest operating systems when installed as guests on Red Hat Enterprise Virtualization. An unquoted search path flaw was found in the way the Red Hat Enterprise Virtualization agent was installed on Windows. Depending on the permissions of the directories in the unquoted search path, a local, unprivileged user could use this flaw to have a binary of their choosing executed with SYSTEM privileges. An unquoted search path flaw was found in the way the SPICE service was installed on Windows. Depending on the permissions of the directories in the unquoted search path, a local, unprivileged user could use this flaw to have a binary of their choosing executed with SYSTEM privileges.

tags | advisory, local
systems | linux, redhat, windows
advisories | CVE-2013-2151, CVE-2013-2152
MD5 | 156ccc804841ec0c75d38991d0b207c5
Red Hat Security Advisory 2013-0924-01
Posted Jun 11, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0924-01 - spice-vdagent-win provides a service and an agent that can be installed and run on Windows guests. An unquoted search path flaw was found in the way the SPICE service was installed on Windows. Depending on the permissions of the directories in the unquoted search path, a local, unprivileged user could use this flaw to have a binary of their choosing executed with SYSTEM privileges.

tags | advisory, local
systems | linux, redhat, windows
advisories | CVE-2013-2152
MD5 | 16a012382e80c53ed61486a3057b683b
MobileIron Virtual Smartphone Platform Privilege Escalation
Posted Jun 11, 2013
Authored by prdelka

The MobileIron VSP appliance provides a restricted "clish" java application that can be used for performing a minimal amount of configuration and requires an "enable" password for elevated privileges. Probing under the hood of this shell indicates that certain commands are run in the native linux OS with sudo, by using the "show processes" command you can see the commands being used. Due to a lack of input sanitization, it is possible to run arbitrary commands as root.

tags | exploit, java, arbitrary, shell, root
systems | linux
MD5 | 0be013d55686cd5577023a981879beda
Red Hat Security Advisory 2013-0911-01
Posted Jun 11, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0911-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A flaw was found in the way KVM initialized a guest's registered pv_eoi indication flag when entering the guest. An unprivileged guest user could potentially use this flaw to crash the host. A missing sanity check was found in the kvm_set_memory_region() function in KVM, allowing a user-space process to register memory regions pointing to the kernel address space. A local, unprivileged user could use this flaw to escalate their privileges.

tags | advisory, kernel, local
systems | linux, redhat
advisories | CVE-2013-1935, CVE-2013-1943, CVE-2013-2017
MD5 | 062bd5614f74def51ab6be6bba288d8f
Red Hat Security Advisory 2013-0907-01
Posted Jun 11, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0907-01 - The rhev-hypervisor6 package provides a Red Hat Enterprise Virtualization Hypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor is a dedicated Kernel-based Virtual Machine hypervisor. It includes everything necessary to run and manage virtual machines: A subset of the Red Hat Enterprise Linux operating environment and the Red Hat Enterprise Virtualization Agent. Note: Red Hat Enterprise Virtualization Hypervisor is only available for the Intel 64 and AMD64 architectures with virtualization extensions. A flaw was found in the way KVM initialized a guest's registered pv_eoi indication flag when entering the guest. An unprivileged guest user could potentially use this flaw to crash the host.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2013-0167, CVE-2013-1935
MD5 | 199f4a7080a3a84773b89b921125adcc
Red Hat Security Advisory 2013-0886-01
Posted Jun 11, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0886-01 - VDSM is a management module that serves as a Red Hat Enterprise Virtualization Manager agent on Red Hat Enterprise Virtualization Hypervisor or Red Hat Enterprise Linux hosts. A flaw was found in the way unexpected fields in guestInfo dictionaries were processed. A privileged guest user could potentially use this flaw to make the host the guest is running on unavailable to the management server. The CVE-2013-0167 issue was discovered by Dan Kenigsberg of the Red Hat Enterprise Virtualization team.

tags | advisory
systems | linux, redhat
advisories | CVE-2013-0167
MD5 | 25a1cbda2767d3424bd484bcbacaa309
Debian Security Advisory 2706-1
Posted Jun 11, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2706-1 - Several vulnerabilities have been discovered in the chromium web browser.

tags | advisory, web, vulnerability
systems | linux, debian
advisories | CVE-2013-2855, CVE-2013-2856, CVE-2013-2857, CVE-2013-2858, CVE-2013-2859, CVE-2013-2860, CVE-2013-2861, CVE-2013-2862, CVE-2013-2863, CVE-2013-2865
MD5 | b4e118a96e6d41a458304f792367ac53
Debian Security Advisory 2705-1
Posted Jun 11, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2705-1 - Jibbers McGee discovered that pymongo, a high-performance schema-free document-oriented data store, is prone to a denial-of-service vulnerability. An attacker can remotely trigger a NULL pointer dereference causing MongoDB to crash.

tags | advisory
systems | linux, debian
advisories | CVE-2013-2132
MD5 | ca36f69baadc40df91648254703c2086
Page 1 of 1
Back1Next

File Archive:

July 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    2 Files
  • 2
    Jul 2nd
    3 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    4 Files
  • 5
    Jul 5th
    15 Files
  • 6
    Jul 6th
    15 Files
  • 7
    Jul 7th
    10 Files
  • 8
    Jul 8th
    2 Files
  • 9
    Jul 9th
    10 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    15 Files
  • 12
    Jul 12th
    19 Files
  • 13
    Jul 13th
    16 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    3 Files
  • 16
    Jul 16th
    2 Files
  • 17
    Jul 17th
    8 Files
  • 18
    Jul 18th
    11 Files
  • 19
    Jul 19th
    15 Files
  • 20
    Jul 20th
    15 Files
  • 21
    Jul 21st
    15 Files
  • 22
    Jul 22nd
    7 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close