what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 15 of 15 RSS Feed

Files Date: 2013-07-16

Debian Security Advisory 2722-1
Posted Jul 16, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2722-1 - Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in the execution of arbitrary code, breakouts of the Java sandbox, information disclosure or denial of service.

tags | advisory, java, denial of service, arbitrary, vulnerability, info disclosure
systems | linux, debian
advisories | CVE-2013-1500, CVE-2013-1571, CVE-2013-2407, CVE-2013-2412, CVE-2013-2443, CVE-2013-2444, CVE-2013-2445, CVE-2013-2446, CVE-2013-2447, CVE-2013-2448, CVE-2013-2449, CVE-2013-2450, CVE-2013-2451, CVE-2013-2452, CVE-2013-2453, CVE-2013-2454, CVE-2013-2455, CVE-2013-2456, CVE-2013-2457, CVE-2013-2458, CVE-2013-2459, CVE-2013-2460, CVE-2013-2461, CVE-2013-2463, CVE-2013-2465, CVE-2013-2469, CVE-2013-2470, CVE-2013-2471
SHA-256 | 205d6ba45c2ac50e43f376f72ec9f52ae8f2d51b5db211236230f603843dfbef
Packet Fence 4.0.2
Posted Jul 16, 2013
Site packetfence.org

PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.

Changes: This release adds many bugfixes and enhancements. bind has been replaced by pfdns (PF's own DNS server), Oauth2 support has been greatly improved, line graphs of reports have new counters, simple searching of nodes has been extended to match MAC, owner, and computer name, each portal profile can now use a list of authentication sources, and a switch definition can now be easily cloned.
tags | tool, remote
systems | unix
SHA-256 | ec6fdbe005e9789f64a2eb59bce6ed0182b40f164f99fe7d0081355897a00e21
Mandriva Linux Security Advisory 2013-196
Posted Jul 16, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-196 - Updated java-1.6.0-openjdk packages fix multiple security vulnerabilities.

tags | advisory, java, vulnerability
systems | linux, mandriva
advisories | CVE-2013-1500, CVE-2013-1571, CVE-2013-2407, CVE-2013-2412, CVE-2013-2443, CVE-2013-2444, CVE-2013-2445, CVE-2013-2446, CVE-2013-2447, CVE-2013-2448, CVE-2013-2449, CVE-2013-2450, CVE-2013-2452, CVE-2013-2453, CVE-2013-2454, CVE-2013-2455, CVE-2013-2456, CVE-2013-2457, CVE-2013-2458, CVE-2013-2459, CVE-2013-2460, CVE-2013-2461, CVE-2013-2463, CVE-2013-2465, CVE-2013-2469, CVE-2013-2470, CVE-2013-2471, CVE-2013-2472
SHA-256 | 869b68c084c8fd4d72ae353a576a7c8617307bf7360d63d7816d3a7a235ee7d1
Ubuntu Security Notice USN-1904-1
Posted Jul 16, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1904-1 - It was discovered that libxml2 would load XML external entities by default. If a user or automated system were tricked into opening a specially crafted document, an attacker could possibly obtain access to arbitrary files or cause resource consumption. This issue only affected Ubuntu 10.04 LTS, Ubuntu 12.04 LTS, and Ubuntu 12.10. It was discovered that libxml2 incorrectly handled documents that end abruptly. If a user or automated system were tricked into opening a specially crafted document, an attacker could possibly cause libxml2 to crash, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, xxe
systems | linux, ubuntu
advisories | CVE-2013-0339, CVE-2013-2877, CVE-2013-0339, CVE-2013-2877
SHA-256 | cd859ab9c1529eb842030310fdae2e007f5f2c595e947035ccee976394f0e6e5
Red Hat Security Advisory 2013-1063-01
Posted Jul 16, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1063-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. A buffer overflow flaw was found in the way PHP parsed deeply nested XML documents. If a PHP application used the xml_parse_into_struct() function to parse untrusted XML content, an attacker able to supply specially-crafted XML could use this flaw to crash the application or, possibly, execute arbitrary code with the privileges of the user running the PHP interpreter. All php users should upgrade to these updated packages, which contain a backported patch to resolve this issue. After installing the updated packages, the httpd daemon must be restarted for the update to take effect.

tags | advisory, web, overflow, arbitrary, php
systems | linux, redhat
advisories | CVE-2013-4113
SHA-256 | 309505c2c8254540813cdaa10f7c8c273952f53f9b8394498febda01107705ea
HP Security Bulletin HPSBPV02891
Posted Jul 16, 2013
Authored by HP | Site hp.com

HP Security Bulletin HPSBPV02891 - A potential security vulnerability has been identified with HP ProCurve Switches. The vulnerability could be remotely exploited resulting in unauthorized information disclosure. Revision 1 of this advisory.

tags | advisory, info disclosure
advisories | CVE-2008-7270
SHA-256 | a13c78b7e9815f844c448c9eb92c69522b4f6a4f767e7c12192d6a9794671eef
Dell Kace 1000 SMA 5.4.70402 Cross Site Scripting
Posted Jul 16, 2013
Authored by Ibrahim El-Sayed, Vulnerability Laboratory | Site vulnerability-lab.com

Dell Kace 1000 SMA version 5.4.70402 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | f31d9466c071de7d9384679b764eb2b12bfadfa571627c915b0ffc7b94cf09ee
Ubuntu Security Notice USN-1903-1
Posted Jul 16, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1903-1 - It was discovered that the mod_rewrite module incorrectly sanitized non-printable characters before writing data to log files. A remote attacker could possibly use this flaw to execute arbitrary commands by injecting escape sequences in the log file. It was discovered that the mod_dav module incorrectly handled certain MERGE requests. A remote attacker could use this issue to cause the server to stop responding, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2013-1862, CVE-2013-1896, CVE-2013-1862, CVE-2013-1896
SHA-256 | abd462126aebf1bb2c7fabc5c4f67e1480ea33b6a384117cb877b884bcb02807
Olive File Manager 1.0.1 Arbitrary File Upload / XSS
Posted Jul 16, 2013
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

Olive File Manager version 1.0.1 for iOS suffers from arbitrary file upload and cross site scripting vulnerabilities.

tags | exploit, arbitrary, vulnerability, xss, file upload
systems | ios
SHA-256 | 4923d8db6286e1cf6917d43aa359d9d1dbc6d093111aca760cfae1f6c1112cbc
FTP Sprite 1.2.1 Script Insertion
Posted Jul 16, 2013
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

FTP Sprite version 1.2.1 for iOS suffers from a persistent script insertion vulnerability.

tags | exploit
systems | ios
SHA-256 | b17f9f86c93c7d304115e7a035b5f7635cf9f925526f289c29667e10571460d8
Squid 3.3.5 Denial Of Service
Posted Jul 16, 2013
Authored by Kingcope

Squid version 3.3.5 remote denial of service crash exploit.

tags | exploit, remote, denial of service
SHA-256 | 247867b58f499ec2f8cbd7f45618c22bc77cf0fc844f2741c42df41f4033fd68
Eglibc PTR MANGLE Bug
Posted Jul 16, 2013
Authored by Hector Marco, Ismael Ripoll

Eglibc suffers from a PTR MANGLE bug. All statically linked applications compiled with glibc and eglibc are affected, independent of the operating system distribution. Note that this problem is not solved by only patching the eglibc, but it is also necessary to recompile all static executables. Proof of concept exploit included.

tags | exploit, proof of concept
systems | linux
advisories | CVE-2013-4788
SHA-256 | 886e08b8e90e2d9b861f8e4dba2d25b994c4200f1929e01cc6bc74363c57f184
Red Hat Security Advisory 2013-1062-01
Posted Jul 16, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1062-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. A buffer overflow flaw was found in the way PHP parsed deeply nested XML documents. If a PHP application used the xml_parse_into_struct() function to parse untrusted XML content, an attacker able to supply specially-crafted XML could use this flaw to crash the application or, possibly, execute arbitrary code with the privileges of the user running the PHP interpreter. All php53 users should upgrade to these updated packages, which contain a backported patch to resolve this issue. After installing the updated packages, the httpd daemon must be restarted for the update to take effect.

tags | advisory, web, overflow, arbitrary, php
systems | linux, redhat
advisories | CVE-2013-4113
SHA-256 | d5af94336d7fe63affede3df98c2a9ba5b0b2fe4b757d285b2aa441de70ebcfe
Nikon CoolPix L Series Fw 1.0 Information Disclosure
Posted Jul 16, 2013
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

Nikon CoolPix L Series Fw version 1.0 suffers from an information disclosure vulnerability.

tags | exploit, info disclosure
SHA-256 | 00c5dc25f1958967070a5163d5ecb6dda8b5bb295f0fb9e5d15b3cce7642bdc8
Barracuda CudaTel 2.6.02.040 Cross Site Scripting
Posted Jul 16, 2013
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

Barracuda CudaTel version 2.6.02.040 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 7c11db64cfe677974655ad7002705d5f2f7e6ebaafd849999276966c27b4d925
Page 1 of 1
Back1Next

File Archive:

August 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    20 Files
  • 2
    Aug 2nd
    4 Files
  • 3
    Aug 3rd
    6 Files
  • 4
    Aug 4th
    55 Files
  • 5
    Aug 5th
    16 Files
  • 6
    Aug 6th
    0 Files
  • 7
    Aug 7th
    0 Files
  • 8
    Aug 8th
    13 Files
  • 9
    Aug 9th
    13 Files
  • 10
    Aug 10th
    34 Files
  • 11
    Aug 11th
    16 Files
  • 12
    Aug 12th
    5 Files
  • 13
    Aug 13th
    0 Files
  • 14
    Aug 14th
    0 Files
  • 15
    Aug 15th
    25 Files
  • 16
    Aug 16th
    3 Files
  • 17
    Aug 17th
    6 Files
  • 18
    Aug 18th
    4 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close