what you don't know can hurt you
Showing 1 - 16 of 16 RSS Feed

Files Date: 2013-07-15

GNU Transport Layer Security Library 3.2.2
Posted Jul 15, 2013
Authored by Simon Josefsson, Nikos Mavrogiannopoulos | Site gnu.org

GnuTLS is a secure communications library implementing the SSL and TLS protocols and technologies around them. It provides a simple C language application programming interface (API) to access the secure communications protocols, as well as APIs to parse and write X.509, PKCS #12, OpenPGP, and other required structures. It is intended to be portable and efficient with a focus on security and interoperability.

Changes: Several optimizations related to packet processing subsystems, and enhancements for support of DTLS under other transport layers than UDP. Several small fixes.
tags | protocol, library
MD5 | 9dd691ad1ccdb7386029809afef6b5ea
Huawei E587 3G Mobile Hotspot Web UI Cross Site Scripting
Posted Jul 15, 2013
Authored by Frederic Basse

Huawei E587 3G Mobile Hotspot version 11.203.27 is prone to a cross site scripting vulnerability in the Web UI. A specially crafted SMS can bypass the function used to sanitize incoming SMS messages.

tags | advisory, web, xss
MD5 | 61262e21de2d8cc49228170738fa0706
Red Hat Security Advisory 2013-1061-01
Posted Jul 15, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1061-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. A buffer overflow flaw was found in the way PHP parsed deeply nested XML documents. If a PHP application used the xml_parse_into_struct() function to parse untrusted XML content, an attacker able to supply specially-crafted XML could use this flaw to crash the application or, possibly, execute arbitrary code with the privileges of the user running the PHP interpreter. All php users should upgrade to these updated packages, which contain a backported patch to resolve this issue. After installing the updated packages, the httpd daemon must be restarted for the update to take effect.

tags | advisory, web, overflow, arbitrary, php
systems | linux, redhat
advisories | CVE-2013-4113
MD5 | c8cbb257d245cacf208273bbb18e375a
Saurus CMS 4.7.1 4.7.1 LFI / RFI / XSS / SQL Injection / Traversal / CSRF
Posted Jul 15, 2013
Authored by Janek Vind aka waraxe | Site waraxe.us

Saurus CMS version 4.7.1 suffers from cross site scripting, remote file inclusion, local file inclusion, information disclosure, remote SQL injection, HTTP response splitting, cross site request forgery, and directory traversal vulnerabilities.

tags | exploit, remote, web, local, vulnerability, xss, sql injection, file inclusion, info disclosure, csrf
MD5 | c5bc8a3e9c7c1dcc21b2e1c2db019482
Huawei E587 3G Mobile Hotspot Command Injection
Posted Jul 15, 2013
Authored by Frederic Basse

Huawei E587 3G Mobile Hotspot version 11.203.27 is prone to a command injection vulnerability in the Web UI. Successful exploitation allows unauthenticated attackers to execute arbitrary commands with root privileges.

tags | exploit, web, arbitrary, root
advisories | CVE-2013-2612
MD5 | 656cc729ae0243fd7539ac4c1a507dc1
SilverStripe CMS Cross Site Scripting
Posted Jul 15, 2013
Authored by Craig Young

SilverStripe CMS decidedly to quietly fix multiple persistent cross site scripting vulnerabilities without informing the public. Fail.

tags | advisory, vulnerability, xss
advisories | CVE-2012-6458
MD5 | 948de04e40911961d5e4f5b2ba0a6293
Mandriva Linux Security Advisory 2013-195
Posted Jul 15, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-195 - A heap corruption vulnerability has been discovered and corrected in PHP.

tags | advisory, php
systems | linux, mandriva
advisories | CVE-2013-4113
MD5 | 1ad398ec7927778e9f0611d8bfaef0ca
Red Hat Security Advisory 2013-1060-01
Posted Jul 15, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1060-01 - IBM Java SE version 7 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2013-1500, CVE-2013-1571, CVE-2013-2400, CVE-2013-2407, CVE-2013-2412, CVE-2013-2437, CVE-2013-2442, CVE-2013-2444, CVE-2013-2446, CVE-2013-2447, CVE-2013-2448, CVE-2013-2449, CVE-2013-2450, CVE-2013-2451, CVE-2013-2452, CVE-2013-2453, CVE-2013-2454, CVE-2013-2455, CVE-2013-2456, CVE-2013-2457, CVE-2013-2458, CVE-2013-2459, CVE-2013-2460, CVE-2013-2462, CVE-2013-2463, CVE-2013-2464, CVE-2013-2465, CVE-2013-2466
MD5 | da99a0ddf13d2ef208ac7881bbc424f3
Red Hat Security Advisory 2013-1059-01
Posted Jul 15, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1059-01 - IBM Java SE version 6 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2013-1500, CVE-2013-1571, CVE-2013-2407, CVE-2013-2412, CVE-2013-2437, CVE-2013-2442, CVE-2013-2443, CVE-2013-2444, CVE-2013-2446, CVE-2013-2447, CVE-2013-2448, CVE-2013-2450, CVE-2013-2451, CVE-2013-2452, CVE-2013-2453, CVE-2013-2454, CVE-2013-2455, CVE-2013-2456, CVE-2013-2457, CVE-2013-2459, CVE-2013-2463, CVE-2013-2464, CVE-2013-2465, CVE-2013-2466, CVE-2013-2468, CVE-2013-2469, CVE-2013-2470, CVE-2013-2471
MD5 | 073ac8f9fa1e951d20be914e77ff4634
ZedLog 0.2 Beta 3
Posted Jul 15, 2013
Authored by Zachary Scott | Site github.com

ZedLog is a robust cross-platform input logging tool (or key logger). It is based on a flexible data logging system which makes it easy to get the required data. It captures all keyboard and mouse events, has a full GUI, and supports logging to a file and basic hiding.

Changes: This interim release adds a commandline interface, fixes the run scripts for Windows, and fixes a deadlock in the shutdown sequence.
tags | tool, system logging
systems | unix
MD5 | 69fe479d1e141735b273ab3b12d85df5
Zoho Information Disclosure / Mixed Content
Posted Jul 15, 2013
Authored by Juan Carlos Garcia

Zoho suffers from information disclosure due to a lack of a content-type being specified and also appears to use mixed content.

tags | exploit, info disclosure
MD5 | 3dbd0405c3fbd4aa7b5cc61428fdd3e5
Dell.com Open Redirection
Posted Jul 15, 2013
Authored by GoMeR-12

Dell.com suffers from an open redirection vulnerability.

tags | exploit
MD5 | dc64235d7b5bb78e748ebc6d7dbc7769
TinyMCE Image Manager 1.1 Cross Site Scripting
Posted Jul 15, 2013
Authored by MustLive

TinyMCE Image Manager versions 1.1 and below suffer from a cross site scripting and content spoofing vulnerabilities.

tags | exploit, spoof, vulnerability, xss
MD5 | 76e46fa650b4e7ec9f040e4f8e09fe52
Microsoft Internet Explorer 6 / 7 Use-After-Free
Posted Jul 15, 2013
Authored by Yuhong Bao

This is a brief summary of how a security researcher discovered a use-after-free vulnerability in Microsoft Internet Explorer versions 6 and 7.

tags | advisory
advisories | CVE-2013-1310
MD5 | 9e203fe8068772588301b4507a4b0e3a
Patator Brute Forcer 0.5
Posted Jul 15, 2013
Authored by Sebastien Macke | Site code.google.com

Patator is a multi-purpose brute-forcer, with a modular design and a flexible usage. When Medusa, Hydra or other brute-force tools fail to do what you want, Patator might be what you need.

Changes: Various new modules. Multiple improvements, bug fixes, and additions.
tags | tool, cracker
MD5 | 58fb64a58a9ecc1629d35b5680098721
DAVOSET 1.1
Posted Jul 15, 2013
Authored by MustLive

DAVOSET is a tool for committing distributed denial of service attacks using execution on other sites.

Changes: Various updates.
tags | tool, denial of service
MD5 | 46991c53e72b43bcdf8429c4d015cbed
Page 1 of 1
Back1Next

File Archive:

November 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    28 Files
  • 2
    Nov 2nd
    1 Files
  • 3
    Nov 3rd
    1 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    19 Files
  • 6
    Nov 6th
    65 Files
  • 7
    Nov 7th
    22 Files
  • 8
    Nov 8th
    18 Files
  • 9
    Nov 9th
    1 Files
  • 10
    Nov 10th
    1 Files
  • 11
    Nov 11th
    11 Files
  • 12
    Nov 12th
    65 Files
  • 13
    Nov 13th
    27 Files
  • 14
    Nov 14th
    22 Files
  • 15
    Nov 15th
    18 Files
  • 16
    Nov 16th
    1 Files
  • 17
    Nov 17th
    3 Files
  • 18
    Nov 18th
    22 Files
  • 19
    Nov 19th
    17 Files
  • 20
    Nov 20th
    7 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close