Twenty Year Anniversary
Showing 1 - 21 of 21 RSS Feed

Files Date: 2013-07-29

PineApp Mail-SeCure test_li_connection.php Arbitrary Command Execution
Posted Jul 29, 2013
Authored by juan vazquez, Dave Weinstein | Site metasploit.com

This Metasploit module exploits a command injection vulnerability on PineApp Mail-SeCure 3.70. The vulnerability exists on the test_li_connection.php component, due to the insecure usage of the system() php function. This Metasploit module has been tested successfully on PineApp Mail-SeCure 3.70.

tags | exploit, php
MD5 | 370df352e83a2de9ec2c063ee1b2c4c5
PineApp Mail-SeCure ldapsyncnow.php Arbitrary Command Execution
Posted Jul 29, 2013
Authored by juan vazquez, Dave Weinstein | Site metasploit.com

This Metasploit module exploits a command injection vulnerability on PineApp Mail-SeCure 3.70. The vulnerability exists on the ldapsyncnow.php component, due to the insecure usage of the shell_exec() php function. This Metasploit module has been tested successfully on PineApp Mail-SeCure 3.70.

tags | exploit, php
MD5 | 9f5105de172f003eebfb122d6b1f563c
PineApp Mail-SeCure livelog.html Arbitrary Command Execution
Posted Jul 29, 2013
Authored by juan vazquez, temp66 | Site metasploit.com

This Metasploit module exploits a command injection vulnerability on PineApp Mail-SeCure 3.70. The vulnerability exists on the livelog.html component, due to the insecure usage of the shell_exec() php function. This Metasploit module has been tested successfully on PineApp Mail-SeCure 3.70.

tags | exploit, php
MD5 | d17400c28ae6dc6e4e23eb68f2fcd0d1
MS13-005 HWND_BROADCAST Low to Medium Integrity Privilege Escalation
Posted Jul 29, 2013
Authored by Tavis Ormandy, Axel Souchet | Site metasploit.com

The Windows kernel does not properly isolate broadcast messages from low integrity applications from medium or high integrity applications. This allows commands to be broadcasted to an open medium or high integrity command prompts allowing escalation of privileges. We can spawn a medium integrity command prompt, after spawning a low integrity command prompt, by using the Win+Shift+# combination to specify the position of the command prompt on the taskbar. We can then broadcast our command and hope that the user is away and doesn't corrupt it by interacting with the UI. Broadcast issue affects versions Windows Vista, 7, 8, Server 2008, Server 2008 R2, Server 2012, RT. But Spawning a command prompt with the shortcut key does not work in Vista so you will have to check if the user is already running a command prompt and set SPAWN_PROMPT false. The WEB technique will execute a powershell encoded payload from a Web location. The FILE technique will drop an executable to the file system, set it to medium integrity and execute it. The TYPE technique will attempt to execute a powershell encoded payload directly from the command line but it may take some time to complete.

tags | exploit, web, kernel
systems | windows, vista
advisories | CVE-2013-0008, OSVDB-88966
MD5 | bf765133ef2a04116cd29a63ed9e4763
FluxBB 1.5.3 XSS / CSRF / URL Redirection
Posted Jul 29, 2013
Authored by LiquidWorm | Site zeroscience.mk

FluxBB version 1.5.3 suffers from cross site scripting, cross site request forgery, and URL redirection vulnerabilities.

tags | exploit, vulnerability, xss, csrf
MD5 | 8767b191d220e6c3f0e0ea91472cc534
Debian Security Advisory 2731-1
Posted Jul 29, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2731-1 - Yarom and Falkner discovered that RSA secret keys in applications using the libgcrypt11 library, for example GnuPG 2.x, could be leaked via a side channel attack, where a malicious local user could obtain private key information from another user on the system.

tags | advisory, local
systems | linux, debian
advisories | CVE-2013-4242
MD5 | 186cef92434fe810db9d11d6c7553ae9
Ubuntu Security Notice USN-1911-1
Posted Jul 29, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1911-1 - It was discovered that Little CMS did not properly verify certain memory allocations. If a user or automated system using Little CMS were tricked into opening a specially crafted file, an attacker could cause Little CMS to crash.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2013-4160
MD5 | 26389e2f60404d8f7ab9cf3796f09bdf
EMC NetWorker Information Disclosure
Posted Jul 29, 2013
Site emc.com

A vulnerability exists in EMC NetWorker that could allow exposure of certain sensitive configuration information under specific circumstances. Versions affected include EMC NetWorker 8.0.0.x, 8.0.1.x, and 7.6.x.x.

tags | advisory
advisories | CVE-2013-0943
MD5 | e330884abd7899cc0cd10e53e1f4d026
FreeBSD Security Advisory - NFS Incorrect Privilege Validation
Posted Jul 29, 2013
Authored by Tim Zingelman, Christopher Key, Rick Macklem | Site security.freebsd.org

FreeBSD Security Advisory - The kernel incorrectly uses client supplied credentials instead of the one configured in exports(5) when filling out the anonymous credential for a NFS export, when -network or -host restrictions are used at the same time. The remote client may supply privileged credentials (e.g. the root user) when accessing a file under the NFS share, which will bypass the normal access checks.

tags | advisory, remote, kernel, root
systems | freebsd
advisories | CVE-2013-4851
MD5 | cbce467b7418702904d48e4d09f0a883
FreeBSD Security Advisory - BIND Denial Of Service
Posted Jul 29, 2013
Authored by Maxim Shudrak | Site security.freebsd.org

FreeBSD Security Advisory - Due to a software defect a specially crafted query which includes malformed rdata, could cause named(8) to crash with an assertion failure and rejecting the malformed query. This issue affects both recursive and authoritative-only nameservers.

tags | advisory
systems | freebsd
advisories | CVE-2013-4854
MD5 | d067b3d4cb8f83293e2e8c872f363ce9
Debian Security Advisory 2730-1
Posted Jul 29, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2730-1 - Yarom and Falkner discovered that RSA secret keys could be leaked via a side channel attack, where a malicious local user could obtain private key information from another user on the system.

tags | advisory, local
systems | linux, debian
advisories | CVE-2013-4242
MD5 | 3919d7da930a5f478fa1fc4a5c9c7c44
Ubuntu Security Notice USN-1910-1
Posted Jul 29, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1910-1 - Maxim Shudrak discovered that Bind incorrectly handled certain malformed rdata. A remote attacker could use this flaw with a specially crafted query to cause Bind to stop responding, resulting in a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2013-4854
MD5 | becc4db5c35d5314cf7e8d39d1db7687
Mandriva Linux Security Advisory 2013-202
Posted Jul 29, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-202 - The RFC 5011 implementation in rdata.c in ISC BIND 9.7.x and 9.8.x before 9.8.5-P2, 9.8.6b1, 9.9.x before 9.9.3-P2, and 9.9.4b1, and DNSco BIND 9.9.3-S1 before 9.9.3-S1-P1 and 9.9.4-S1b1, allows remote attackers to cause a denial of service via a query with a malformed RDATA section that is not properly handled during construction of a log message, as exploited in the wild in July 2013. The updated packages for Enterprise Server 5 have been patched to correct this issue. The updated packages for Business Server 1 have been upgraded to the 9.9.3-P2 version which is not vulnerable to this issue.

tags | advisory, remote, denial of service
systems | linux, mandriva
advisories | CVE-2013-4854
MD5 | d14bbbb0288ff902beb3bb5c073c60d3
Debian Security Advisory 2729-1
Posted Jul 29, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2729-1 - OpenAFS, the implementation of the distributed filesystem AFS, has been updated to no longer use DES for the encryption of tickets. Additional migration steps are needed to fully set the update into effect.

tags | advisory
systems | linux, debian
advisories | CVE-2013-4134, CVE-2013-4135
MD5 | 6c1ce2c061d2492c93a994c2e56e7f5b
WebDisk 3.0.2 PhotoViewer iOS Command Execution
Posted Jul 29, 2013
Authored by Benjamin Kunz Mejri | Site vulnerability-lab.com

WebDisk version 3.0.2 PhotoViewer for iOS suffers from a remote command execution vulnerability.

tags | exploit, remote
systems | cisco, ios
MD5 | 70870bbf83cf8313ffdff7490404374b
Private Photos 1.0 Script Insertion
Posted Jul 29, 2013
Authored by Benjamin Kunz Mejri | Site vulnerability-lab.com

Private Photos version 1.0 for iOS suffers from a persistent script insertion vulnerability.

tags | exploit
systems | cisco, ios
MD5 | 4a7600af02aaea317cce995e31f7dfd8
Nmap Port Scanner 6.40
Posted Jul 29, 2013
Authored by Fyodor | Site insecure.org

Nmap is a utility for port scanning large networks, although it works fine for single hosts. Sometimes you need speed, other times you may need stealth. In some cases, bypassing firewalls may be required. Not to mention the fact that you may want to scan different protocols (UDP, TCP, ICMP, etc.). Nmap supports Vanilla TCP connect() scanning, TCP SYN (half open) scanning, TCP FIN, Xmas, or NULL (stealth) scanning, TCP ftp proxy (bounce attack) scanning, SYN/FIN scanning using IP fragments (bypasses some packet filters), TCP ACK and Window scanning, UDP raw ICMP port unreachable scanning, ICMP scanning (ping-sweep), TCP Ping scanning, Direct (non portmapper) RPC scanning, Remote OS Identification by TCP/IP Fingerprinting, and Reverse-ident scanning. Nmap also supports a number of performance and reliability features such as dynamic delay time calculations, packet timeout and retransmission, parallel port scanning, detection of down hosts via parallel pings.

Changes: Various additions and updates.
tags | tool, remote, udp, tcp, protocol, nmap
systems | linux, unix
MD5 | df4a22c283574ff970b60e822661e286
OpenEMM-2013 8.10.380.hf13.0.066 Cross Site Scripting / SQL Injection
Posted Jul 29, 2013
Authored by drone

OpenEMM-2013 version 8.10.380.hf13.0.066 suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
MD5 | 0dc344af5b5ec5d81c3857ccb8f0728f
Aux Browser 3.0.2.6
Posted Jul 29, 2013
Authored by Dieyu

Aux Browser is a small tool for securely browsing the web. It uses a kernel level sandbox. This is the source code release.

tags | web, kernel
MD5 | ed75bae4a36f83a476e230a7a9863d39
Novell Client 2 SP3 Privilege Escalation
Posted Jul 29, 2013
Authored by sickness

Novell Client 2 SP3 suffers from a privilege escalation vulnerability.

tags | exploit
advisories | OSVDB-93718
MD5 | d55894615a747624ade14ec16b1b6feb
OllyDbg / Immunity Debugger Crash
Posted Jul 29, 2013
Authored by Dark-Puzzle

OllyDbg / Immunity debugger crash proof of concept denial of service exploit.

tags | exploit, denial of service, proof of concept
MD5 | a9156179e9f9c0a479e08a3641d064aa
Page 1 of 1
Back1Next

File Archive:

September 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    1 Files
  • 2
    Sep 2nd
    3 Files
  • 3
    Sep 3rd
    15 Files
  • 4
    Sep 4th
    15 Files
  • 5
    Sep 5th
    18 Files
  • 6
    Sep 6th
    18 Files
  • 7
    Sep 7th
    15 Files
  • 8
    Sep 8th
    2 Files
  • 9
    Sep 9th
    2 Files
  • 10
    Sep 10th
    16 Files
  • 11
    Sep 11th
    17 Files
  • 12
    Sep 12th
    15 Files
  • 13
    Sep 13th
    29 Files
  • 14
    Sep 14th
    21 Files
  • 15
    Sep 15th
    3 Files
  • 16
    Sep 16th
    1 Files
  • 17
    Sep 17th
    15 Files
  • 18
    Sep 18th
    16 Files
  • 19
    Sep 19th
    13 Files
  • 20
    Sep 20th
    0 Files
  • 21
    Sep 21st
    0 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close