exploit the possibilities
Showing 1 - 16 of 16 RSS Feed

Files Date: 2013-07-01

Windows EPATHOBJ::pprFlattenRec Local Privilege Escalation
Posted Jul 1, 2013
Authored by Tavis Ormandy, egypt, sinn3r, juan vazquez, progmboy, Meatballs, Keebie4e | Site metasploit.com

This Metasploit module exploits a vulnerability on EPATHOBJ::pprFlattenRec due to the usage of uninitialized data which allows to corrupt memory. At the moment, the module has been tested successfully on Windows XP SP3, Windows 2003 SP1, and Windows 7 SP1.

tags | exploit
systems | windows, xp, 7
advisories | CVE-2013-3660, OSVDB-93539
MD5 | 4c66155f0bae4b1bbeab91b35499cc0d
Barracuda SSL VPN 680Vx 2.3.3.193 Cross Site Scripting
Posted Jul 1, 2013
Authored by LiquidWorm | Site zeroscience.mk

Barracuda SSL VPN 680Vx version 2.3.3.193 suffers from multiple stored cross site scripting vulnerabilities when parsing user input to several parameters via POST method. Attackers can exploit these weaknesses to execute arbitrary HTML and script code in a user's browser session.

tags | exploit, arbitrary, vulnerability, xss
MD5 | 0adea25b0bc65bab4d7ed59122cc18fd
WinAmp 5.63 Null Pointer Dereference
Posted Jul 1, 2013
Authored by Julien Ahrens | Site security.inshell.net

An invalid pointer dereference vulnerability has been identified in WinAmp version 5.63. The application loads the contents of the %APPDATA%\WinAmp\links.xml on startup (the key lngId="default") and while browsing through the bookmarks in the Browser view of the GUI, but does not properly validate the length of the string loaded from the "<link name>" and "<home url>" keys before using them in a pointer call in the library gen_ff.dll, which leads to a invalid pointer dereference condition with possible code execution.

tags | advisory, code execution
advisories | CVE-2013-4695
MD5 | 1b60bc580f3e1bb1d01a00826886421b
Red Hat Security Advisory 2013-1006-01
Posted Jul 1, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1006-01 - Red Hat JBoss BRMS is a business rules management system for the management, storage, creation, modification, and deployment of JBoss Rules. This roll up patch serves as a cumulative upgrade for Red Hat JBoss BRMS 5.3.1. It includes various bug fixes. The following security issues are also fixed with this release: XML encryption backwards compatibility attacks were found against various frameworks, including Apache CXF. An attacker could force a server to use insecure, legacy cryptosystems, even when secure cryptosystems were enabled on endpoints. By forcing the use of legacy cryptosystems, flaws such as CVE-2011-1096 and CVE-2011-2487 would be exposed, allowing plain text to be recovered from cryptograms and symmetric keys. This issue affected both the JBoss Web Services CXF and JBoss Web Services Native stacks.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2012-5575, CVE-2012-5783, CVE-2012-5885, CVE-2012-5886, CVE-2012-5887
MD5 | d91d32bbc6607ceccd2bf3c9c9eadcea
WinAmp 5.63 Buffer Overflow
Posted Jul 1, 2013
Authored by Julien Ahrens | Site security.inshell.net

WinAmp version 5.63 suffers from a stack-based buffer overflow vulnerability. The application loads the directories in %PROGRAMFILES%\WinAmp\Skins on startup to determine the skins that have been installed and to list them in the application menu point "Skins" and in the Skins Browser. But the application does not properly validate the length of the directory name before passing it as argument to a lstrcpynW call in the library gen_jumpex.dll, which leads to a buffer overflow condition with possible code execution.

tags | exploit, overflow, code execution
advisories | CVE-2013-4694
MD5 | 18ff70bcdd59ee08d59bed21ec136186
HP Security Bulletin HPSBHF02888
Posted Jul 1, 2013
Authored by HP | Site hp.com

HP Security Bulletin HPSBHF02888 - Potential security vulnerabilities have been identified with HP, 3COM, and H3C routers and switches. The vulnerabilities could be remotely exploited resulting in disclosure of information and execution of code. Revision 1 of this advisory.

tags | advisory, vulnerability
advisories | CVE-2013-2340, CVE-2013-2341
MD5 | 7b9273c188c91ab24c617e3f40c894b2
Apache Geronimo 3 RMI Classloader Exposure
Posted Jul 1, 2013
Authored by Pierre Ernst

A misconfigured RMI classloader in Apache Geronimo version 3.0 may enable an attacker to send a serialized object via JMX that could compromise the system.

tags | advisory
advisories | CVE-2013-1777
MD5 | d0b53bbbc25781a09af049d19cddde49
HP Security Bulletin HPSBST02846 SSRT100798 2
Posted Jul 1, 2013
Authored by HP | Site hp.com

HP Security Bulletin HPSBST02846 SSRT100798 2 - Potential security vulnerabilities have been identified with HP LeftHand Virtual SAN Appliance hydra. The vulnerabilities could be remotely exploited resulting in execution of arbitrary code. Revision 2 of this advisory.

tags | advisory, arbitrary, vulnerability
advisories | CVE-2012-3282, CVE-2012-3283, CVE-2012-3284, CVE-2012-3285, CVE-2013-2343
MD5 | 7566fb78ebef85f4b9ee6f8289119bea
Link Farm Evolution 1.8.7 Cross Site Scripting
Posted Jul 1, 2013
Authored by Prakhar Prasad, Rafay Baloch

Link Farm Evolution version 1.8.7 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 92eb8b521f0867ec63d49fbc2dc5ddac
Slackware Security Advisory - mozilla-thunderbird Updates
Posted Jul 1, 2013
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New mozilla-thunderbird packages are available for Slackware 13.37, 14.0, and -current to fix security issues.

tags | advisory
systems | linux, slackware
MD5 | b7e086a0ff3f2d07dde38da535d67991
Slackware Security Advisory - mozilla-firefox Updates
Posted Jul 1, 2013
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New mozilla-firefox packages are available for Slackware 13.37, 14.0, and -current to fix security issues.

tags | advisory
systems | linux, slackware
MD5 | c0a6a059ef8ee5e793a0990bc41e7a61
Packet Storm New Exploits For June, 2013
Posted Jul 1, 2013
Authored by Todd J. | Site packetstormsecurity.com

This archive contains all of the 192 exploits added to Packet Storm in June, 2013.

tags | exploit
systems | linux
MD5 | 2e44e7990f49341ce457a46b7cc36d4d
Bifrost 1.2.1 Remote Buffer Overflow
Posted Jul 1, 2013
Authored by Mohamed Clay

Bifrost version 1.2.1 remote buffer overflow exploit that pops calc.exe.

tags | exploit, remote, overflow
MD5 | 72e1eef601c5c857176d4e340b4e8ce6
Bifrost 1.2d Remote Buffer Overflow
Posted Jul 1, 2013
Authored by Mohamed Clay

Bifrost version 1.2d remote buffer overflow exploit that pops calc.exe.

tags | exploit, remote, overflow
MD5 | 03ef88c9c3bc3fa41592d1a535294cae
GLPI 0.83.9 Code Execution
Posted Jul 1, 2013

GLPI version 0.83.9 suffers from a remote PHP code execution vulnerability in the unserialize() function.

tags | exploit, remote, php, code execution
advisories | CVE-2013-2225
MD5 | ce837f1e044a025c7a9ec314bb02fd10
Moxieplayer Content Spoofing
Posted Jul 1, 2013
Authored by MustLive

TinyMCE versions 3.4b2 through 4.0b3 and WordPress versions up to 3.5.1 suffer from content spoofing issues with Moxieplayer. .

tags | exploit, spoof
MD5 | e7d6d67e5ed6598c5df397a94d3f4241
Page 1 of 1
Back1Next

File Archive:

September 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    20 Files
  • 2
    Sep 2nd
    15 Files
  • 3
    Sep 3rd
    15 Files
  • 4
    Sep 4th
    4 Files
  • 5
    Sep 5th
    1 Files
  • 6
    Sep 6th
    1 Files
  • 7
    Sep 7th
    15 Files
  • 8
    Sep 8th
    27 Files
  • 9
    Sep 9th
    7 Files
  • 10
    Sep 10th
    16 Files
  • 11
    Sep 11th
    9 Files
  • 12
    Sep 12th
    0 Files
  • 13
    Sep 13th
    0 Files
  • 14
    Sep 14th
    25 Files
  • 15
    Sep 15th
    15 Files
  • 16
    Sep 16th
    15 Files
  • 17
    Sep 17th
    15 Files
  • 18
    Sep 18th
    12 Files
  • 19
    Sep 19th
    0 Files
  • 20
    Sep 20th
    0 Files
  • 21
    Sep 21st
    0 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close