Twenty Year Anniversary
Showing 1 - 15 of 15 RSS Feed

Files Date: 2013-06-21

HP Security Bulletin HPSBUX02876 SSRT101148 2
Posted Jun 21, 2013
Authored by HP | Site hp.com

HP Security Bulletin HPSBUX02876 SSRT101148 2 - A potential security vulnerability has been identified with HP-UX running BIND. This vulnerability could be exploited remotely to create a Denial of Service (DoS). Revision 2 of this advisory.

tags | advisory, denial of service
systems | hpux
advisories | CVE-2013-2266
MD5 | cb5a2ccaa3cda13864c28d369b1455bf
Alienvault OSSIM SIEM 4.1 SQL Injection
Posted Jun 21, 2013
Authored by Glafkos Charalambous

Alienvault OSSIM open source SIEM version 4.1 suffers from multiple remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
MD5 | dcc34f61d45bce3a4b5520350b749f13
Suricata IDPE 1.4.3
Posted Jun 21, 2013
Site openinfosecfoundation.org

Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and Barnyard2 tools.

Changes: A case of missed detection in bytetest, bytejump, and byteextract was fixed. Tunneled packets can now be dropped properly in IPS mode. The OS X build was fixed.
tags | tool, intrusion detection
systems | unix
MD5 | 8ea0a877fb00ff1c649a92dd45e6b986
Packet Storm Advisory 2013-0621 - Facebook Information Disclosure
Posted Jun 21, 2013
Authored by Todd J. | Site packetstormsecurity.com

Facebook suffered from an information disclosure vulnerability. If a user uploaded their contacts to Facebook and then proceeded to download their expanded dataset from the DYI (Download Your Information) section, they would receive a file called addressbook.html in their downloaded archive. The addressbook.html is supposed to house the contact information they uploaded. However, due to a flaw in how Facebook implemented this, it also housed contact information from other uploads other users have performed for the same person, provided they had one piece of matching data. This effectively built large dossiers on users and disclosed their information to anyone that knew at least one piece of matching data.

tags | exploit, info disclosure, packet storm
MD5 | 6d04c1c9219472c5734724f865f61dd0
Google Translate Cross Site Request Forgery
Posted Jun 21, 2013
Authored by Ivano Binetti

Google Translate suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | 7a8114b732bb31adf73094b0af9dfda0
Mediacoder .lst SEH Buffer Overflow
Posted Jun 21, 2013
Authored by metacom

Local SEH buffer overflow code execution exploit for Mediacoder products that generates a malicious .lst file.

tags | exploit, overflow, local, code execution
MD5 | 15bc1aa045b2104e26e46a7a0a977fb1
MediaCoder PMP Edition 0.8.17 Buffer Overflow
Posted Jun 21, 2013
Authored by metacom

MediaCoder PMP Edition version 0.8.17 buffer overflow exploit that generates a malicious .m3u file.

tags | exploit, overflow
MD5 | f76e9498720fa774475e53f87a8cf208
Mediacoder .m3u SEH Buffer Overflow
Posted Jun 21, 2013
Authored by metacom

Local SEH buffer overflow code execution exploit for Mediacoder products that generates a malicious .m3u file.

tags | exploit, overflow, local, code execution
MD5 | ea3e0f302013eb61277fbff499144fba
WordPress Slash Theme XSS / Spoofing / Disclosure
Posted Jun 21, 2013
Authored by MustLive

The Slash theme for WordPress suffers from cross site scripting, content spoofing, and path disclosure vulnerabilities.

tags | exploit, spoof, vulnerability, xss
MD5 | b7f5becbeb28ce62ea5dc0d7513e5752
Prestige Software CMS File Disclosure
Posted Jun 21, 2013
Authored by Beni_Vanda

Prestige Software CMS suffers from a local file disclosure vulnerability.

tags | exploit, local, info disclosure
MD5 | 49319c2c98e996a9ff979ebcde331fb4
Ubuntu Security Notice USN-1887-1
Posted Jun 21, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1887-1 - Sebastian Krahmer discovered that Swift used the loads function in the pickle Python module when it was configured to use memcached. A remote attacker on the same network as memcached could exploit this to execute arbitrary code. This update adds a new memcache_serialization_support option to support secure json serialization. For details on this new option, please see /usr/share/doc/swift-proxy/memcache.conf-sample. This issue only affected Ubuntu 12.04 LTS. Alex Gaynor discovered that Swift did not safely generate XML. An attacker could potentially craft an account name to generate arbitrary XML responses to trigger vulnerabilties in software parsing Swift's XML. Various other issues were also addressed.

tags | advisory, remote, arbitrary, python
systems | linux, ubuntu
advisories | CVE-2012-4406, CVE-2013-2161, CVE-2012-4406, CVE-2013-2161
MD5 | a39b31d5a9623091e4b7e2b86701a13e
Ubuntu Security Notice USN-1889-1
Posted Jun 21, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1889-1 - David Torgerson discovered that HAProxy incorrectly parsed certain HTTP headers. A remote attacker could use this issue to cause HAProxy to stop responding, resulting in a denial of service.

tags | advisory, remote, web, denial of service
systems | linux, ubuntu
advisories | CVE-2013-2175
MD5 | df6265e329951353a63e17800373ccb5
Ubuntu Security Notice USN-1888-1
Posted Jun 21, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1888-1 - It was discovered that Mesa incorrectly handled certain memory calculations. An attacker could use this flaw to cause an application to crash, or possibly execute arbitrary code. Ilja van Sprundel discovered that Mesa incorrectly handled certain memory calculations. An attacker could use this flaw to cause an application to crash, or possibly execute arbitrary code.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2013-1872, CVE-2013-1993, CVE-2013-1872, CVE-2013-1993
MD5 | acd1cd5c2ae3ac685375427d7861c403
Red Hat Security Advisory 2013-0963-01
Posted Jun 21, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0963-01 - Oracle Java SE version 7 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update fixes several vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. Further information about these flaws can be found on the Oracle Java SE Critical Patch Update Advisory page, listed in the References section.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2013-1500, CVE-2013-1571, CVE-2013-2400, CVE-2013-2407, CVE-2013-2412, CVE-2013-2437, CVE-2013-2442, CVE-2013-2443, CVE-2013-2444, CVE-2013-2445, CVE-2013-2446, CVE-2013-2447, CVE-2013-2448, CVE-2013-2449, CVE-2013-2450, CVE-2013-2451, CVE-2013-2452, CVE-2013-2453, CVE-2013-2454, CVE-2013-2455, CVE-2013-2456, CVE-2013-2457, CVE-2013-2458, CVE-2013-2459, CVE-2013-2460, CVE-2013-2461, CVE-2013-2462, CVE-2013-2463
MD5 | fe04a89d3c3a9c9e01c5ae1b35133e4d
Red Hat Security Advisory 2013-0964-01
Posted Jun 21, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0964-01 - Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages technologies. A session fixation flaw was found in the Tomcat FormAuthenticator module. During a narrow window of time, if a remote attacker sent requests while a user was logging in, it could possibly result in the attacker's requests being processed as if they were sent by the user. Users of Tomcat are advised to upgrade to these updated packages, which correct this issue. Tomcat must be restarted for this update to take effect.

tags | advisory, java, remote
systems | linux, redhat
advisories | CVE-2013-2067
MD5 | 23d718f98f151e439f1b336a8108846d
Page 1 of 1
Back1Next

Want To Donate?


Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

File Archive:

July 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    1 Files
  • 2
    Jul 2nd
    26 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    11 Files
  • 5
    Jul 5th
    13 Files
  • 6
    Jul 6th
    4 Files
  • 7
    Jul 7th
    4 Files
  • 8
    Jul 8th
    1 Files
  • 9
    Jul 9th
    16 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    32 Files
  • 12
    Jul 12th
    22 Files
  • 13
    Jul 13th
    15 Files
  • 14
    Jul 14th
    1 Files
  • 15
    Jul 15th
    1 Files
  • 16
    Jul 16th
    21 Files
  • 17
    Jul 17th
    4 Files
  • 18
    Jul 18th
    0 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close