exploit the possibilities
Showing 1 - 20 of 20 RSS Feed

Files Date: 2013-07-03

InstantCMS 1.6 Remote PHP Code Execution
Posted Jul 3, 2013
Authored by Akastep | Site metasploit.com

This Metasploit module exploits an arbitrary php command execution vulnerability, because of a dangerous use of eval(), in InstantCMS versions 1.6.

tags | exploit, arbitrary, php
MD5 | e6fe49a21c081f6767abccc8e0116845
SSLsplit 0.4.7
Posted Jul 3, 2013
Site roe.ch

SSLsplit is a tool for man-in-the-middle attacks against SSL/TLS encrypted network connections. Connections are transparently intercepted through a network address translation engine and redirected to SSLsplit. SSLsplit terminates SSL/TLS and initiates a new SSL/TLS connection to the original destination address, while logging all data transmitted. SSLsplit is intended to be useful for network forensics and penetration testing.

Changes: This release prevents IETF draft public key pinning by removing HPKP headers from responses. Also, remaining threading issues in daemon mode are fixed, and the connection log now contains the HTTP status code and the size of the response.
tags | encryption
MD5 | 7a1d2931c78736c006ee34dfb6be4a75
Kasseler CMS 2 r1223 CSRF / XSS / SQL Injection
Posted Jul 3, 2013
Authored by High-Tech Bridge SA | Site htbridge.com

Kasseler CMS version 2 r1223 suffers from cross site request forgery, cross site scripting, and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection, csrf
advisories | CVE-2013-3727, CVE-2013-3728, CVE-2013-3729
MD5 | d4d50ae65b8c29fc9f0f8fab7b3364da
OpenX 2.8.10 Cross Site Scripting / Local File Inclusion
Posted Jul 3, 2013
Authored by High-Tech Bridge SA | Site htbridge.com

OpenX version 2.8.10 suffers from cross site scripting and local file inclusion vulnerabilities.

tags | exploit, local, vulnerability, xss, file inclusion
advisories | CVE-2013-3514, CVE-2013-3515
MD5 | b7d372283ec699afbe97e210670afa08
Apple Security Advisory 2013-07-02-1
Posted Jul 3, 2013
Authored by Apple | Site apple.com

Apple Security Advisory 2013-07-02-1 - Security Update 2013-003 is now available and addresses multiple arbitrary code execution vulnerabilities in QuickTime.

tags | advisory, arbitrary, vulnerability, code execution
systems | apple
advisories | CVE-2013-1019, CVE-2013-1018, CVE-2013-1022
MD5 | dbb8424ff0b31096bd7602718b30ec2c
HP Security Bulletin HPSBUX02893
Posted Jul 3, 2013
Authored by HP | Site hp.com

HP Security Bulletin HPSBUX02893 - Potential security vulnerabilities have been identified with HP-UX Apache running Tomcat Servlet Engine. These vulnerabilities could be exploited remotely to create a Denial of Service (DoS) or to perform Cross Site Scripting (XSS). Revision 1 of this advisory.

tags | advisory, denial of service, vulnerability, xss
systems | hpux
advisories | CVE-2012-2687, CVE-2012-4557
MD5 | 763f7a99f3c52889387c7696a809b2a4
HP Security Bulletin HPSBUX02889 SSRT101252
Posted Jul 3, 2013
Authored by HP | Site hp.com

HP Security Bulletin HPSBUX02889 SSRT101252 - Potential security vulnerabilities have been identified in the Java Runtime Environment (JRE) and the Java Developer Kit (JDK) running on HP-UX. These vulnerabilities could allow remote unauthorized access, disclosure of information, and other exploits. Revision 1 of this advisory.

tags | advisory, java, remote, vulnerability
systems | hpux
advisories | CVE-2013-0401, CVE-2013-1491, CVE-2013-1518, CVE-2013-1537, CVE-2013-1540, CVE-2013-1557, CVE-2013-1558, CVE-2013-1563, CVE-2013-1569, CVE-2013-2383, CVE-2013-2384, CVE-2013-2394, CVE-2013-2417, CVE-2013-2418, CVE-2013-2419, CVE-2013-2420, CVE-2013-2422, CVE-2013-2424, CVE-2013-2429, CVE-2013-2430, CVE-2013-2432, CVE-2013-2433, CVE-2013-2434, CVE-2013-2435, CVE-2013-2439, CVE-2013-2440
MD5 | cdb8997e52ddbd134f8fadb3ce4cd0ad
Opera 12.15 Denial Of Service
Posted Jul 3, 2013

Opera 12.15 memory exhaustion denial of service proof of concept exploit.

tags | exploit, denial of service, proof of concept
MD5 | e7a38a15557dd7efc3dd745de4d3982f
Realtek Sound Manager Denial Of Service
Posted Jul 3, 2013
Authored by Asesino04

Realtek Sound Manager AvRack crash proof of concept exploit.

tags | exploit, denial of service, proof of concept
MD5 | 079312d709a9354de424ab03c9252c5d
Nokia 1280 Denial Of Service
Posted Jul 3, 2013
Authored by Un0wn_X

Nokia 1280 phones suffers from a denial of service vulnerability when receiving a large SMS.

tags | exploit, denial of service
MD5 | 91983364f1c9904cec9f1d012d8a868d
Ubuntu Security Notice USN-1897-1
Posted Jul 3, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1897-1 - Jibbers McGee discovered that PyMongo incorrectly handled certain invalid DBRefs. An attacker could use this issue to cause PyMongo to crash, resulting in a denial of service.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2013-2132
MD5 | 93e0d41a854f17bc073fa5ddc6948b84
Red Hat Security Advisory 2013-1014-01
Posted Jul 3, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1014-01 - These packages provide the OpenJDK 6 Java Runtime Environment and the OpenJDK 6 Software Development Kit. Multiple flaws were discovered in the ImagingLib and the image attribute, channel, layout and raster processing in the 2D component. An untrusted Java application or applet could possibly use these flaws to trigger Java Virtual Machine memory corruption. Integer overflow flaws were found in the way AWT processed certain input. An attacker could use these flaws to execute arbitrary code with the privileges of the user running an untrusted Java applet or application.

tags | advisory, java, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2013-1500, CVE-2013-1571, CVE-2013-2407, CVE-2013-2412, CVE-2013-2443, CVE-2013-2444, CVE-2013-2445, CVE-2013-2446, CVE-2013-2447, CVE-2013-2448, CVE-2013-2450, CVE-2013-2452, CVE-2013-2453, CVE-2013-2455, CVE-2013-2456, CVE-2013-2457, CVE-2013-2459, CVE-2013-2461, CVE-2013-2463, CVE-2013-2465, CVE-2013-2469, CVE-2013-2470, CVE-2013-2471, CVE-2013-2472, CVE-2013-2473
MD5 | f240f2e1536a009ade5d97fcbb908156
Red Hat Security Advisory 2013-1013-01
Posted Jul 3, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1013-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector, JBoss HTTP Connector, Hibernate, and the Tomcat Native library. This release serves as a replacement for Red Hat JBoss Web Server 2.0.0, and includes several bug fixes.

tags | advisory, java, web
systems | linux, redhat
advisories | CVE-2012-3499, CVE-2012-3544, CVE-2012-4558, CVE-2013-0166, CVE-2013-0169, CVE-2013-2067, CVE-2013-2071
MD5 | 8e7be06f0560bf7ce62b0b6f6281181e
Red Hat Security Advisory 2013-1011-01
Posted Jul 3, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1011-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector, JBoss HTTP Connector, Hibernate, and the Tomcat Native library. This release serves as a replacement for Red Hat JBoss Web Server 2.0.0, and includes several bug fixes.

tags | advisory, java, web
systems | linux, redhat
advisories | CVE-2012-3499, CVE-2012-3544, CVE-2012-4558, CVE-2013-2067, CVE-2013-2071
MD5 | 82a11145c9ffd62ab05d50efe254a6f1
Red Hat Security Advisory 2013-1012-01
Posted Jul 3, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1012-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector, JBoss HTTP Connector, Hibernate, and the Tomcat Native library. This release serves as a replacement for Red Hat JBoss Web Server 2.0.0, and includes several bug fixes.

tags | advisory, java, web
systems | linux, redhat
advisories | CVE-2012-3499, CVE-2012-3544, CVE-2012-4558, CVE-2013-2067, CVE-2013-2071
MD5 | b07f39e4f1f69a9201b2b7d0e910f596
Ubuntu Security Notice USN-1890-2
Posted Jul 3, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1890-2 - USN-1890-1 fixed vulnerabilities in Firefox. This update introduced a regression which sometimes resulted in Firefox using the wrong network proxy settings. This update fixes the problem.

tags | advisory, vulnerability
systems | linux, ubuntu
advisories | CVE-2013-1687, CVE-2013-1688, CVE-2013-1690, CVE-2013-1692, CVE-2013-1693, CVE-2013-1694, CVE-2013-1695, CVE-2013-1696, CVE-2013-1697, CVE-2013-1698, CVE-2013-1699
MD5 | 7d4614a10f7f18c477dbc5d72cfd67e6
Ubuntu Security Notice USN-1896-1
Posted Jul 3, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1896-1 - Florian Weimer discovered that the Module::Signature perl module incorrectly loaded unknown ciphers from relative directories. An attacker could possibly use this flaw to execute arbitrary code when a signature is verified.

tags | advisory, arbitrary, perl
systems | linux, ubuntu
advisories | CVE-2013-2145
MD5 | c10bcbe452f716e58bf43aa252f746ba
Debian Security Advisory 2718-1
Posted Jul 3, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2718-1 - Several vulnerabilities were identified in Wordpress, a web blogging tool. As the CVEs were allocated from releases announcements and specific fixes are usually not identified, it has been decided to upgrade the Wordpress package to the latest upstream version instead of backporting the patches.

tags | advisory, web, vulnerability
systems | linux, debian
advisories | CVE-2013-2173, CVE-2013-2199, CVE-2013-2200, CVE-2013-2201, CVE-2013-2202, CVE-2013-2203, CVE-2013-2204, CVE-2013-2205
MD5 | 58ec8e6dd185e2bf83d991352df10a14
Linksys EA2700 / EA3500 / E4200 / EA4500 Unauthenticated Access
Posted Jul 3, 2013
Authored by Kyle Lovett

Linksys versions EA2700, EA3500, E4200, EA4500 using lighttpd 1.4.28 and Utopia on Linux 2.6.22 suffer from an unauthenticated access vulnerability.

tags | advisory, bypass
systems | linux
MD5 | 5a1284c6192df7a3cda5a1165f391709
WordPress 3.5.1 Cross Site Scripting
Posted Jul 3, 2013
Authored by MustLive

WordPress versions 3.5.1 and below suffer from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 7ff3fd09d500af42c2782108bba05ac9
Page 1 of 1
Back1Next

File Archive:

October 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    24 Files
  • 2
    Oct 2nd
    15 Files
  • 3
    Oct 3rd
    7 Files
  • 4
    Oct 4th
    4 Files
  • 5
    Oct 5th
    10 Files
  • 6
    Oct 6th
    1 Files
  • 7
    Oct 7th
    21 Files
  • 8
    Oct 8th
    19 Files
  • 9
    Oct 9th
    5 Files
  • 10
    Oct 10th
    20 Files
  • 11
    Oct 11th
    17 Files
  • 12
    Oct 12th
    4 Files
  • 13
    Oct 13th
    4 Files
  • 14
    Oct 14th
    15 Files
  • 15
    Oct 15th
    19 Files
  • 16
    Oct 16th
    25 Files
  • 17
    Oct 17th
    17 Files
  • 18
    Oct 18th
    3 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close