exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 15 of 15 RSS Feed

Files Date: 2013-06-13

Mandriva Linux Security Advisory 2013-173
Posted Jun 13, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-173 - If a filename which contains a newline character is committed to a repository using the FSFS format, the resulting revision is corrupt. This can lead to disruption for users of the repository. Subversion's svnserve server process may exit when an incoming TCP connection is closed early in the connection process. This can lead to disruption for users of the server. This advisory provides the latest versions of subversion which is not vulnerable to these issues.

tags | advisory, tcp
systems | linux, mandriva
advisories | CVE-2013-1968, CVE-2013-2112
SHA-256 | 50c8c44f1eab2d1796f92a255fc5042d9727bfb18f38fae6d72dab763b883643
Debian Security Advisory 2707-1
Posted Jun 13, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2707-1 - Alexandru Cornea discovered a vulnerability in libdbus caused by an implementation bug in _dbus_printf_string_upper_bound(). This vulnerability can be exploited by a local user to crash system services that use libdbus, causing denial of service. Depending on the dbus services running, it could lead to complete system crash.

tags | advisory, denial of service, local
systems | linux, debian
advisories | CVE-2013-2168
SHA-256 | fb5bad9b488ef75a4798c0f7f03287659999cfefa71cf20cbca6fc3ee8f108ec
NextGEN Gallery 1.9.12 Shell Upload
Posted Jun 13, 2013
Authored by Marcos Aguero | Site s21sec.com

The NextGEN Gallery WordPress plugin version 1.9.12 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
advisories | CVE-2013-3684
SHA-256 | e4da0456940eac980ba66f39ac8327f978be1d3372621aac3b5a422f93502487
Apache OpenJPA 1.x / 2.x Code Execution
Posted Jun 13, 2013
Authored by Pierre Ernst

Deserialization of a maliciously crafted Apache OpenJPA object can result in an executable file being written to the file system. An attacker needs to discover an unprotected server program to exploit the vulnerability. It then needs to exploit another unprotected server program to execute the file and gain access to the system. OpenJPA usage by itself does not introduce the vulnerability.

tags | advisory
advisories | CVE-2013-1768
SHA-256 | 32303c32cb83248176a31128df26e37e6c705dd40e339118c8a2a427536a4fa1
WordPress 3.5.1 Denial Of Service
Posted Jun 13, 2013
Authored by Krzysztof Katowicz-Kowalewski

WordPress version 3.5.1 suffers from a denial of service vulnerability.

tags | advisory, denial of service
advisories | CVE-2013-2173
SHA-256 | 8e2c088a4ade7372a68b67aa23ce8a75e4e2b2019ed85bb2c3c7ff84c7f61988
TP-LINK TL-SC3171 Authentication Bypass
Posted Jun 13, 2013
Authored by Javier Repiso Sanchez, Eliezer Varad Lopez, Jonas Rapero Castillo

TP-LINK TL-SC3171 IP cameras suffer from an authentication bypass vulnerability.

tags | exploit, bypass
advisories | CVE-2013-3688
SHA-256 | f6d178a063dd3ed0597d4ff68aeb5b7ce510edc4d8a50b381af599f1db6c358c
Sony CH / DH Cross Site Request Forgery
Posted Jun 13, 2013
Authored by Jonas Rapero Castillo

Sony CH and DH series IP cameras suffer from a cross site request forgery vulnerability.

tags | exploit, csrf
advisories | CVE-2013-3964
SHA-256 | 9e658a5b83d50db1e5e4c948a459169998ff90278655f84b9593726e88a23faa
Samsung Series Cross Site Scripting
Posted Jun 13, 2013
Authored by Jonas Rapero Castillo

Samsung Series IP cameras suffer from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2013-3964
SHA-256 | 4c5b582e1c83bbe4a08f2d523174e2ff9cc7fe524dff9b42bca797c55f903609
Grandstream Backdoor / Cross Site Request Forgery / Cross Site Scripting
Posted Jun 13, 2013
Authored by Jonas Rapero Castillo

Grandstream Series IP cameras suffer from backdoor, cross site request forgery, and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
advisories | CVE-2013-3542, CVE-2013-3962, CVE-2013-3963
SHA-256 | c0ee4c59497c448a83542eeb8df6d6ae710b3a6d5d8f377a64d34ef028d08d25
Brickcom 100ap Series Authentication Bypass / CSRF
Posted Jun 13, 2013
Authored by Javier Repiso Sanchez, Eliezer Varad Lopez, Jonas Rapero Castillo

Brickcom 100ap Series IP cameras suffer from authentication bypass and cross site request forgery vulnerabilities.

tags | exploit, vulnerability, bypass, csrf
advisories | CVE-2013-3689, CVE-2013-3690
SHA-256 | d7701a35ff508516595ba457e8080c4cc4d6d2153918179e97536a7ee0671226
AXIS Media Control Active-X File Corruption
Posted Jun 13, 2013
Authored by Javier Repiso Sanchez

AXIS Media Control suffers from an ActiveX file corruption vulnerability. The vulnerability exists due to the ActiveX control including insecure "StartRecord()", "SaveCurrentIm age()" and "StartRecordMedia()" methods in "AxisMediaControlEmb.dll" DLL. This can be exploited to corrupt or create arbitrary files in the context of the current user.

tags | exploit, arbitrary, activex
advisories | CVE-2013-3543
SHA-256 | 2c7f0f9dc413f306ab4175eaf1c5a26e6f9f46c26e980683a1c746fe13d1344a
Airlive CSRF / Traversal / Disclosure / Denial Of Service
Posted Jun 13, 2013
Authored by Javier Repiso Sanchez, Eliezer Varad Lopez, Jonas Rapero Castillo

Airlive IP cameras suffers from information disclosure, clear text storage of sensitive information, cross site request forgery, denial of service, and path traversal vulnerabilities.

tags | exploit, denial of service, vulnerability, file inclusion, info disclosure, csrf
advisories | CVE-2013-3541, CVE-2013-3686, CVE-2013-3540, CVE-2013-3687, CVE-2013-3540, CVE-2013-3541, CVE-2013-3686, CVE-2013-3687
SHA-256 | 8baad92f7fdb0f5d591127fce7424949455fbfbf4e26902a240495904f81868f
PHP Secure Communications Library 0.3.5
Posted Jun 13, 2013
Authored by Jim Wigginton | Site phpseclib.sourceforge.net

PHP Secure Communications Library is a set of pure PHP implementations of DES, 3DES, RC4, Rijndael, AES, RSA (PKCS#1 compliant [v2.1]), SSH-1, SSH-2, and SFTP.

Changes: This release adds lots of SFTP changes (the new functions touch, chown, chgrp, and truncate, improved file type detection, put() which can write to the middle of a file, mkdir which accepts the same parameters which PHP's mkdir does, the ability to upload/download 2GB files, and an (internal) redo _realpath function), across-the-board speedups for the various encryption algorithms, multi-factor authentication support for Net_SSH2, a $callback parameter for Net_SSH2::exec \, and Net_SFTP_StreamWrapper, Net_SCP, Crypt_Twofish, and Crypt_Blowfish.
tags | php, library
SHA-256 | 810e7c0f6802c95bb2891c4d7239b4781d0dccd2f5d6b8ee3a87c09f0d9bae08
Sun Java Web Start Double Quote Injection
Posted Jun 13, 2013
Authored by Rh0 | Site metasploit.com

This Metasploit module exploits a flaw in the Web Start component of the Sun Java Runtime Environment. Parameters intial-heap-size and max-heap-size in a JNLP file can contain a double quote which is not properly sanitized when creating the command line for javaw.exe. This allows the injection of the -XXaltjvm option to load a jvm.dll from a remote UNC path into the java process. Thus an attacker can execute arbitrary code in the context of a browser user. This flaw was fixed in Oct. 2012 and affects JRE <= 1.6.35 and <= 1.7.07. In order for this module to work, it must be ran as root on a server that does not serve SMB. Additionally, the target host must have the WebClient service (WebDAV Mini-Redirector) enabled. Alternatively an UNC path containing a jvm.dll can be specified with an own SMB server.

tags | exploit, java, remote, web, arbitrary, root
advisories | CVE-2012-1533, OSVDB-86348
SHA-256 | 03e81d85cf7b77c63f98b9875e24d7c92e3dd03261f33f78773cc25fedd945f5
MS13-009 Microsoft Internet Explorer COALineDashStyleArray Integer Overflow
Posted Jun 13, 2013
Authored by Nicolas Joly, juan vazquez, 4B5F5F4B | Site metasploit.com

This Metasploit module exploits an integer overflow vulnerability on Internet Explorer. The vulnerability exists in the handling of the dashstyle.array length for vml shapes on the vgx.dll module. This Metasploit module has been tested successfully on Windows 7 SP1 with IE8. It uses the the JRE6 to bypass ASLR by default. In addition a target to use an info leak to disclose the ntdll.dll base address is provided. This target requires ntdll.dll v6.1.7601.17514 (the default dll version on a fresh Windows 7 SP1 installation) or ntdll.dll v6.1.7601.17725 (version installed after apply MS12-001).

tags | exploit, overflow
systems | windows
advisories | CVE-2013-2551, OSVDB-91197
SHA-256 | f2191edac3137a6b3823d086c1f17193130422c73f5e897f52c93a6ab9e66486
Page 1 of 1
Back1Next

File Archive:

September 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    261 Files
  • 2
    Sep 2nd
    17 Files
  • 3
    Sep 3rd
    38 Files
  • 4
    Sep 4th
    52 Files
  • 5
    Sep 5th
    23 Files
  • 6
    Sep 6th
    27 Files
  • 7
    Sep 7th
    0 Files
  • 8
    Sep 8th
    1 Files
  • 9
    Sep 9th
    16 Files
  • 10
    Sep 10th
    38 Files
  • 11
    Sep 11th
    21 Files
  • 12
    Sep 12th
    40 Files
  • 13
    Sep 13th
    18 Files
  • 14
    Sep 14th
    0 Files
  • 15
    Sep 15th
    0 Files
  • 16
    Sep 16th
    21 Files
  • 17
    Sep 17th
    51 Files
  • 18
    Sep 18th
    23 Files
  • 19
    Sep 19th
    48 Files
  • 20
    Sep 20th
    36 Files
  • 21
    Sep 21st
    0 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close