what you don't know can hurt you
Showing 1 - 16 of 16 RSS Feed

Files Date: 2013-07-31

GNU Transport Layer Security Library 3.2.3
Posted Jul 31, 2013
Authored by Simon Josefsson, Nikos Mavrogiannopoulos | Site gnu.org

GnuTLS is a secure communications library implementing the SSL and TLS protocols and technologies around them. It provides a simple C language application programming interface (API) to access the secure communications protocols, as well as APIs to parse and write X.509, PKCS #12, OpenPGP, and other required structures. It is intended to be portable and efficient with a focus on security and interoperability.

Changes: This release fixes bugs related to TLS packet parsing and priority string parsing.
tags | protocol, library
MD5 | 7c0dd4f77dc70c64d2f385aeb2df4157
Drupal Flippy 7.x Access Bypass
Posted Jul 31, 2013
Authored by daviddr | Site drupal.org

Drupal Flippy third party module version 7.x suffers from an access bypass vulnerability.

tags | advisory, bypass
MD5 | 5a8d71d6a263d09d9c2e523e9254b29a
DAVOSET 1.1.2
Posted Jul 31, 2013
Authored by MustLive

DAVOSET is a tool for committing distributed denial of service attacks using execution on other sites.

Changes: Various updates.
tags | denial of service
MD5 | be99910c3d3ee9b95efa321a3bfe909e
Wireshark Network Packet Analysis Tool
Posted Jul 31, 2013
Authored by TheMirkin

This is a brief whitepaper that discusses the Wireshark network packet analysis tool. Written in Turkish.

tags | paper
MD5 | 4ce88426f38441063206edac8f81a1d9
Ubuntu Security Notice USN-1920-1
Posted Jul 31, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1920-1 - Kees Cook discovered a format string vulnerability in the Broadcom B43 wireless driver for the Linux kernel. A local user could exploit this flaw to gain administrative privileges.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2013-2852
MD5 | b1aeea2ce7a6f0dfa9615c0ef77ad088
Red Hat Security Advisory 2013-1121-01
Posted Jul 31, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1121-01 - The sos package contains a set of tools that gather information from system hardware, logs and configuration files. The information can then be used for diagnostic purposes and debugging. The sosreport utility collected the Kickstart configuration file, but did not remove the root user's password from it before adding the file to the resulting archive of debugging information. An attacker able to access the archive could possibly use this flaw to obtain the root user's password. "/root/anaconda-ks.cfg" usually only contains a hash of the password, not the plain text password.

tags | advisory, root
systems | linux, redhat
advisories | CVE-2012-2664
MD5 | ab01156837ebb799fef874ae618f4beb
Mandriva Linux Security Advisory 2013-203
Posted Jul 31, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-203 - Multiple vulnerabilities have been discovered and corrected in phpmyadmin. Inclusive are cross site scripting, path disclosure, and SQL injection issues.

tags | advisory, vulnerability, xss, sql injection
systems | linux, mandriva
advisories | CVE-2013-4995, CVE-2013-4996, CVE-2013-4998, CVE-2013-5000, CVE-2013-5002, CVE-2013-5003
MD5 | 1b05573500d8fdec1a13aeea621f4792
TP-Link TL-SC3171 Command Execution / Shell Upload / Bypass
Posted Jul 31, 2013
Authored by Core Security Technologies, Andres Blanco, Flavio de Cristofaro | Site coresecurity.com

Core Security Technologies Advisory - TP-Link TL-SC3171 IP Cameras suffer from OS command injection, use of hard-coded credentials, authentication bypass, and missing authentication vulnerabilities.

tags | exploit, vulnerability
advisories | CVE-2013-2578, CVE-2013-2579, CVE-2013-2580, CVE-2013-2581
MD5 | 7cf475c02e459381d6a31904f4e307c1
Bit51 Better WP Security Plugin XSS / Command Execution
Posted Jul 31, 2013
Authored by Richard Warren | Site nccgroup.com

The Better Security Wordpress Plugin suffers from a stored cross site scripting vulnerability, which can be exploited by a remote unauthenticated attacker to steal cookies or gain privileged access to the affected site. Bit51 Better WP Security Plugin versions 3.4.8, 3.4.9, 3.4.10, 3.5.2, and 3.5.3 are affected.

tags | exploit, remote, xss
MD5 | c976f23ca76e7c1eda6898d0bb24c04a
Red Hat Security Advisory 2013-1120-01
Posted Jul 31, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1120-01 - HAProxy provides high availability, load balancing, and proxying for TCP and HTTP-based applications. A flaw was found in the way HAProxy handled requests when the proxy's configuration had certain rules that use the hdr_ip criterion. A remote attacker could use this flaw to crash HAProxy instances that use the affected configuration.

tags | advisory, remote, web, tcp
systems | linux, redhat
advisories | CVE-2013-2175
MD5 | 56a7e5820e6894300510e932df76538f
Red Hat Security Advisory 2013-1119-01
Posted Jul 31, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1119-01 - The 389 Directory Server is an LDAPv3 compliant server. The base packages include the Lightweight Directory Access Protocol server and command-line utilities for server administration. It was discovered that the 389 Directory Server did not honor defined attribute access controls when evaluating search filter expressions. A remote attacker could use this flaw to determine the values of restricted attributes via a series of search queries with filter conditions that used restricted attributes.

tags | advisory, remote, protocol
systems | linux, redhat
advisories | CVE-2013-2219
MD5 | 2d3dc56f41373bebb98b38079eba8e43
Oracle Hyperion 11 Directory Traversal
Posted Jul 31, 2013
Authored by Richard Warren | Site nccgroup.com

Oracle Hyperion 11 suffers from a directory traversal vulnerability. Versions 11.1.1.3, 11.1.1.4.107 and earlier, 11.1.2.1.129 and earlier, and 11.1.2.2.305 and earlier are affected.

tags | exploit
MD5 | b76edea15e95010305f7338374de98f1
EchoVNC Viewer Remote Denial Of Service
Posted Jul 31, 2013
Authored by Z3r0n3

A remote attacker can crash EchoVNC Viewer by sending a malformed request. The crash occurs when EchoVNC Viewer allocate a buffer from heap with the size specified by the malicious server.

tags | exploit, remote, denial of service
MD5 | b14505e1070a5bc9b27fa0d97b2b4756
Mandriva Linux Security Advisory 2013-204
Posted Jul 31, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-204 - An updated wireshark package fixes multiple security vulnerabilities. The Bluetooth SDP dissector could go into a large loop. The DIS dissector could go into a large loop. The DVB-CI dissector could crash. The GSM RR dissector could go into a large loop. The GSM A Common dissector could crash. The Netmon file parser could crash. The ASN.1 PER dissector could crash.

tags | advisory, vulnerability
systems | linux, mandriva
advisories | CVE-2013-4927, CVE-2013-4929, CVE-2013-4930, CVE-2013-4931, CVE-2013-4932, CVE-2013-4933, CVE-2013-4934, CVE-2013-4935
MD5 | 51ffb4703a68ca3ad1659d26735a2dff
MojoPortal 2.3.9.7 Cross Site Scripting
Posted Jul 31, 2013
Authored by Michael Savage

MojoPortal version 2.3.9.7 suffers from a stored cross site scripting vulnerability.

tags | exploit, xss
MD5 | e59ca34310db299fc45f3c5f81682fc9
Miyachung BackConnect Shell
Posted Jul 31, 2013
Authored by miyachung

This is a PHP shell that provides the ability to connect back, grab files, perform exploit searches for local roots and compile and run them, and much more.

tags | tool, shell, local, root, php, rootkit
systems | unix
MD5 | 91d8389396e1acf53e48ff1cdb1cd048
Page 1 of 1
Back1Next

File Archive:

September 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    1 Files
  • 2
    Sep 2nd
    38 Files
  • 3
    Sep 3rd
    30 Files
  • 4
    Sep 4th
    15 Files
  • 5
    Sep 5th
    12 Files
  • 6
    Sep 6th
    17 Files
  • 7
    Sep 7th
    3 Files
  • 8
    Sep 8th
    1 Files
  • 9
    Sep 9th
    24 Files
  • 10
    Sep 10th
    22 Files
  • 11
    Sep 11th
    22 Files
  • 12
    Sep 12th
    15 Files
  • 13
    Sep 13th
    5 Files
  • 14
    Sep 14th
    2 Files
  • 15
    Sep 15th
    1 Files
  • 16
    Sep 16th
    11 Files
  • 17
    Sep 17th
    14 Files
  • 18
    Sep 18th
    0 Files
  • 19
    Sep 19th
    0 Files
  • 20
    Sep 20th
    0 Files
  • 21
    Sep 21st
    0 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close