exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 15 of 15 RSS Feed

Files Date: 2013-06-12

Drupal Display Suite 7.x Cross Site Scripting
Posted Jun 12, 2013
Authored by Francisco Jose Cruz Romanos | Site drupal.org

Drupal Display Suite third party module version 7.x suffers from a cross site scripting vulnerability.

tags | advisory, xss
SHA-256 | 42d834b1dadb8fc09188220693cf275eaa243fd771053442e5a3a8e62de32f63
Dolphin 7.1.2 SQL Injection / CSRF
Posted Jun 12, 2013
Authored by High-Tech Bridge SA | Site htbridge.com

Dolphin version 7.1.2 suffers from cross site request forgery and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection, csrf
advisories | CVE-2013-3638
SHA-256 | 0cf057a272b2c86b15e073f837b8429da87c6ccef86e5c34f36b8068c5b35a0c
HP Security Bulletin HPSBMU02884
Posted Jun 12, 2013
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU02884 - Two potential security vulnerabilities have been identified with HP Service Manager and HP ServiceCenter running on AIX, HP-UX, intelLinux, sparcSOL, and Windows Server. The vulnerabilities could be exploited remotely resulting in the disclosure of information or via cross site scripting. Revision 1 of this advisory.

tags | advisory, vulnerability, xss
systems | windows, aix, hpux
advisories | CVE-2013-2336, CVE-2013-2337
SHA-256 | b1134fffaf395d5a36e4c6f30c2aba8571dd89faeaa74ddcc6a853593042c212
Ubuntu Security Notice USN-1873-1
Posted Jun 12, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1873-1 - Maksim Otstavnov discovered that telepathy-gabble incorrectly handled TLS when connecting to legacy jabber servers. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could be exploited to view sensitive information. It was discovered that telepathy-gabble incorrectly handled certain messages. A remote attacker could use this flaw to cause applications using telepathy-gabble to crash, resulting in a denial of service. This issue only affected Ubuntu 12.04 LTS and Ubuntu 12.10. Various other issues were also addressed.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2013-1431, CVE-2013-1769, CVE-2013-1431, CVE-2013-1769
SHA-256 | 475c147ea25f27fd09e417df761aac28b56130610bbc492d82ae1d721f2758b0
Red Hat Security Advisory 2013-0941-01
Posted Jun 12, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0941-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update fixes one vulnerability in Adobe Flash Player. This vulnerability is detailed in the Adobe Security bulletin APSB13-16, listed in the References section. Specially-crafted SWF content could cause flash-plugin to crash or, potentially, execute arbitrary code when a victim loads a page containing the malicious SWF content. All users of Adobe Flash Player should install this updated package, which upgrades Flash Player to version

tags | advisory, web, arbitrary
systems | linux, redhat
advisories | CVE-2013-3343
SHA-256 | 4fc56529520aea78f3ebc49895cc872cea037936e3a6c333145f00847a51b5c5
Red Hat Security Advisory 2013-0943-01
Posted Jun 12, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0943-01 - Red Hat JBoss SOA Platform is the next-generation ESB and business process automation infrastructure. Red Hat JBoss SOA Platform allows IT to leverage existing, modern, and future integration methodologies to dramatically improve business process execution speed and quality. This roll up patch serves as a cumulative upgrade for Red Hat JBoss SOA Platform 5.3.1. It includes various bug fixes. The following security issue is also fixed with this release: XML encryption backwards compatibility attacks were found against various frameworks, including Apache CXF. An attacker could force a server to use insecure, legacy cryptosystems, even when secure cryptosystems were enabled on endpoints. By forcing the use of legacy cryptosystems, flaws such as CVE-2011-1096 and CVE-2011-2487 would be exposed, allowing plain text to be recovered from cryptograms and symmetric keys. This issue affected both the JBoss Web Services CXF and JBoss Web Services Native stacks.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2012-5575
SHA-256 | 117d2f483b6238f72059bf5a05de7e975a965fd4e78951c51bd936c54048660d
Red Hat Security Advisory 2013-0944-01
Posted Jun 12, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0944-01 - Python-keystoneclient is the client library and command line utility for interacting with the OpenStack identity API. A flaw in Keystone allowed an attacker with access to the web and network interfaces of services utilizing python-keystoneclient to continue using PKI tokens that had expired. This would allow the attacker to continue using the PKI tokens despite the PKI tokens being expired, giving them continued access to OpenStack services. This issue was discovered by Eoghan Glynn of Red Hat.

tags | advisory, web, python
systems | linux, redhat
advisories | CVE-2013-2104
SHA-256 | 6a10372c8aecfb3cc13a430908942c01b308ed0bef169925ff80a306f8a72dbc
Red Hat Security Advisory 2013-0942-01
Posted Jun 12, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0942-01 - Kerberos is a network authentication system which allows clients and servers to authenticate to each other using symmetric encryption and a trusted third-party, the Key Distribution Center. It was found that kadmind's kpasswd service did not perform any validation on incoming network packets, causing it to reply to all requests. A remote attacker could use this flaw to send spoofed packets to a kpasswd service that appear to come from kadmind on a different server, causing the services to keep replying packets to each other, consuming network bandwidth and CPU.

tags | advisory, remote, spoof
systems | linux, redhat
advisories | CVE-2002-2443
SHA-256 | 324d902438b6d9e19ed4e06eebdbd7e2f42306f58b641d1caa7d9302b9b0633f
Mandriva Linux Security Advisory 2013-172
Posted Jun 12, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-172 - Multiple vulnerabilities have been found and corrected in wireshark.

tags | advisory, vulnerability
systems | linux, mandriva
advisories | CVE-2013-3557, CVE-2013-4074, CVE-2013-4081, CVE-2013-4083
SHA-256 | b09beca8d9f64555bd3598eeb06a46f0112c9470f0565aaa8c8178eaa85876bd
Syslog Server 1.2.3 Denial Of Service
Posted Jun 12, 2013
Authored by npn

Syslog Server version 1.2.3. remote crash proof of concept exploit.

tags | exploit, remote, denial of service, proof of concept
SHA-256 | 7840be2362d7313da0aed2f95529e0f8f22236a41d838c5556c811de6f255da0
230 CMS 1.1.2012 PHP Code Injection
Posted Jun 12, 2013
Authored by CWH Underground

230 CMS version 1.1.2012 suffers from a remote PHP code injection vulnerability.

tags | exploit, remote, php
SHA-256 | f7997f1b21b5cccdfda0c6e183d786c03dfe34dec04e28c420e044c913f2003a
Ubiquiti airCam RTSP Service Buffer Overflow
Posted Jun 12, 2013
Authored by Core Security Technologies, Andres Blanco | Site coresecurity.com

Core Security Technologies Advisory - The Ubiquiti airCam RTSP service 'ubnt-streamer' has a buffer overflow when parsing the URI of a RTSP request message. This bug allows remote attackers to execute arbitrary code via RTSP request message.

tags | exploit, remote, overflow, arbitrary
advisories | CVE-2013-1606
SHA-256 | 3c57ac195ad89b3237ed4bcc728deeb2fada4feba9b26315e05d5e1048e8ba71
Microsoft Security Bulletin Summary For June, 2013
Posted Jun 12, 2013
Site microsoft.com

This bulletin summary lists 5 released Microsoft security bulletins for June, 2013.

tags | advisory
SHA-256 | bcd2474c5fd958405bda316e229be260bdda335cba1a9038ee71fd2d0d5145ee
t2'13 Call For Papers
Posted Jun 12, 2013
Site t2.fi

The t2'13 Call For Papers has been announced. It will take place October 24th through the 25th, 2013 in Helsinki, Finland.

tags | paper, conference
SHA-256 | 092d70174c3a2ff1eca2786b4909687622e6f0467c8bc7df487003869d6de34f
HP Security Bulletin HPSBHF02885
Posted Jun 12, 2013
Authored by HP | Site hp.com

HP Security Bulletin HPSBHF02885 - A potential security vulnerability has been identified with HP Integrated Lights-Out iLO3 and iLO4 using Single-Sign-On (SSO). The vulnerability could be remotely exploited resulting in unauthorized access. Revision 1 of this advisory.

tags | advisory
advisories | CVE-2013-2338
SHA-256 | 89973d7098050d58960fc1694e7e08e01ea4289ddc3d393195224d347bc19aaa
Page 1 of 1

File Archive:

May 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    15 Files
  • 2
    May 2nd
    16 Files
  • 3
    May 3rd
    38 Files
  • 4
    May 4th
    15 Files
  • 5
    May 5th
    35 Files
  • 6
    May 6th
    0 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    8 Files
  • 9
    May 9th
    65 Files
  • 10
    May 10th
    19 Files
  • 11
    May 11th
    27 Files
  • 12
    May 12th
    8 Files
  • 13
    May 13th
    0 Files
  • 14
    May 14th
    1 Files
  • 15
    May 15th
    19 Files
  • 16
    May 16th
    66 Files
  • 17
    May 17th
    28 Files
  • 18
    May 18th
    32 Files
  • 19
    May 19th
    13 Files
  • 20
    May 20th
    0 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    23 Files
  • 23
    May 23rd
    15 Files
  • 24
    May 24th
    49 Files
  • 25
    May 25th
    20 Files
  • 26
    May 26th
    13 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    11 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2022 Packet Storm. All rights reserved.

Security Services
Hosting By