what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 8 of 8 RSS Feed

Files Date: 2013-07-23

FOSCAM IP-Cameras Improper Access Restrictions
Posted Jul 23, 2013
Authored by Core Security Technologies, Andres Blanco, Flavio de Cristofaro | Site coresecurity.com

Core Security Technologies Advisory - Due to improper access restrictions, the FOSCAM FI8620 device allows a remote attacker the ability to browse and access arbitrary files from the directories '/tmpfs/' and '/log/' without requiring authentication. This could allow disclosure of access credentials and more.

tags | exploit, remote, arbitrary
advisories | CVE-2013-2574
SHA-256 | adaec8a2f891fe9f46be77e8f4377c1af9e6f99fbc5b6ffa63687d17c42b396c
Nginx 1.3.9 / 1.4.0 Exploit Documentation
Posted Jul 23, 2013
Authored by Kingcope

This whitepaper document how the brute forcing exploit works for a buffer overflow vulnerability in nginx versions 1.3.9 and 1.4.0 on x86.

tags | paper, overflow, x86
advisories | CVE-2013-2028
SHA-256 | 83e7a76cda024bdc1720e8569cb20218c76aa3c5b8a8f5ddfad4818e03f8afe9
Surge FTP 23c8 Buffer Overflow
Posted Jul 23, 2013
Authored by Anil Pazvant

Surge FTP server versions 23c8 and below suffer from a buffer overflow vulnerability.

tags | advisory, overflow
advisories | CVE-2013-4742
SHA-256 | 8371e4e6a2219b80f0cdd60273de6526a797aaa7f16bbda2d393ad1b7b415834
Juniper Secure Access Cross Site Scripting
Posted Jul 23, 2013
Authored by Anil Pazvant

Juniper Secure Access software suffers from a reflective cross site scripting vulnerability.

tags | advisory, xss
systems | juniper
advisories | CVE-2012-5460
SHA-256 | 1e91a40814ce854dfbc08417fc774b84fa293848396a5db20ca9b655cc2fc7d0
AISec2013 Call For Papers
Posted Jul 23, 2013
Site sites.google.com

The AISec2013 Call For Papers has been announced. It will take place on November 4, 2013 in Berlin, Germany held in conjunction with ACM CCS 2013.

tags | paper, conference
SHA-256 | 53efede4578c200fd9c576434367a341ae6f2db5816ac342f3f7e01796a79fd2
D-Link Devices UPnP SOAP Command Execution
Posted Jul 23, 2013
Authored by Michael Messner, juan vazquez | Site metasploit.com

Different D-Link Routers are vulnerable to OS command injection in the UPnP SOAP interface. Since it is a blind OS command injection vulnerability, there is no output for the executed command when using the CMD target. Additionally, two targets are included, to start a telnetd service and establish a session over it, or deploy a native mipsel payload. This Metasploit module has been tested successfully on DIR-300, DIR-600, DIR-645, DIR-845 and DIR-865. According to the vulnerability discoverer, more D-Link devices may affected.

tags | exploit
advisories | OSVDB-94924
SHA-256 | 01d435ac6d062114f47621077e0eb7f0d7eaf8b4b14cc6838696243a3e34377f
Foreman (Red Hat OpenStack/Satellite) Code Injection
Posted Jul 23, 2013
Authored by Ramon de C Valle | Site metasploit.com

This Metasploit module exploits a code injection vulnerability in the 'create' action of 'bookmarks' controller of Foreman and Red Hat OpenStack/Satellite (Foreman 1.2.0-RC1 and earlier).

tags | exploit
systems | linux, redhat
advisories | CVE-2013-2121, OSVDB-94671
SHA-256 | c5c9607b201bbed12138b9c01832cadc3f0585df9c929779954f3b1deff22316
VMware vCenter Chargeback Manager ImageUploadServlet Arbitrary File Upload
Posted Jul 23, 2013
Authored by Andrea Micalizzi, juan vazquez | Site metasploit.com

This Metasploit module exploits a code execution flaw in VMware vCenter Chargeback Manager, where the ImageUploadServlet servlet allows unauthenticated file upload. The files are uploaded to the /cbmui/images/ web path, where JSP code execution is allowed. The module has been tested successfully on VMware vCenter Chargeback Manager 2.0.1 on Windows 2003 SP2.

tags | exploit, web, code execution, file upload
systems | windows
advisories | CVE-2013-3520, OSVDB-94188
SHA-256 | b08962941512b5b8079fa8c0192f78e7fa07e4194e7eadc4c084e0b8ccd390a5
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close