what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 16 of 16 RSS Feed

Files Date: 2013-07-31

GNU Transport Layer Security Library 3.2.3
Posted Jul 31, 2013
Authored by Simon Josefsson, Nikos Mavrogiannopoulos | Site gnu.org

GnuTLS is a secure communications library implementing the SSL and TLS protocols and technologies around them. It provides a simple C language application programming interface (API) to access the secure communications protocols, as well as APIs to parse and write X.509, PKCS #12, OpenPGP, and other required structures. It is intended to be portable and efficient with a focus on security and interoperability.

Changes: This release fixes bugs related to TLS packet parsing and priority string parsing.
tags | protocol, library
SHA-256 | 0543ca13ce9ee1dea95a9349d319623b74d93b8a23935543197b1682bb7f2b5b
Drupal Flippy 7.x Access Bypass
Posted Jul 31, 2013
Authored by daviddr | Site drupal.org

Drupal Flippy third party module version 7.x suffers from an access bypass vulnerability.

tags | advisory, bypass
SHA-256 | e05dde6d1cfcc650059a70b7a0b17651578f9d0adca3f0f4a74d219ca763d248
DAVOSET 1.1.2
Posted Jul 31, 2013
Authored by MustLive

DAVOSET is a tool for committing distributed denial of service attacks using execution on other sites.

Changes: Various updates.
tags | denial of service
SHA-256 | a1614a6f14bb9e9c5ef22b488b156cfbb4b88c0698998d71453118c95f46e904
Wireshark Network Packet Analysis Tool
Posted Jul 31, 2013
Authored by TheMirkin

This is a brief whitepaper that discusses the Wireshark network packet analysis tool. Written in Turkish.

tags | paper
SHA-256 | 571369c84acdab916af5d9a34f47d0e70748ee280034c73b56aeb83a72a95ec0
Ubuntu Security Notice USN-1920-1
Posted Jul 31, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1920-1 - Kees Cook discovered a format string vulnerability in the Broadcom B43 wireless driver for the Linux kernel. A local user could exploit this flaw to gain administrative privileges.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2013-2852
SHA-256 | 2f91134a1a557092454434ee596a252d809898b18b8b16a6e4b0407d4f00c5a1
Red Hat Security Advisory 2013-1121-01
Posted Jul 31, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1121-01 - The sos package contains a set of tools that gather information from system hardware, logs and configuration files. The information can then be used for diagnostic purposes and debugging. The sosreport utility collected the Kickstart configuration file, but did not remove the root user's password from it before adding the file to the resulting archive of debugging information. An attacker able to access the archive could possibly use this flaw to obtain the root user's password. "/root/anaconda-ks.cfg" usually only contains a hash of the password, not the plain text password.

tags | advisory, root
systems | linux, redhat
advisories | CVE-2012-2664
SHA-256 | 017a385dceb214bf5d315228e72812b052260e68a9038125edf5e5e4839ab846
Mandriva Linux Security Advisory 2013-203
Posted Jul 31, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-203 - Multiple vulnerabilities have been discovered and corrected in phpmyadmin. Inclusive are cross site scripting, path disclosure, and SQL injection issues.

tags | advisory, vulnerability, xss, sql injection
systems | linux, mandriva
advisories | CVE-2013-4995, CVE-2013-4996, CVE-2013-4998, CVE-2013-5000, CVE-2013-5002, CVE-2013-5003
SHA-256 | 8090445e4dda8633ddc5b78c9804c5857de7dd5a3cadd344ba35eb672777f0e7
TP-Link TL-SC3171 Command Execution / Shell Upload / Bypass
Posted Jul 31, 2013
Authored by Core Security Technologies, Andres Blanco, Flavio de Cristofaro | Site coresecurity.com

Core Security Technologies Advisory - TP-Link TL-SC3171 IP Cameras suffer from OS command injection, use of hard-coded credentials, authentication bypass, and missing authentication vulnerabilities.

tags | exploit, vulnerability
advisories | CVE-2013-2578, CVE-2013-2579, CVE-2013-2580, CVE-2013-2581
SHA-256 | 65c946f42cda6e7f2e468690ba32b2210dbcd121ef351a42cfd3246f433128d2
Bit51 Better WP Security Plugin XSS / Command Execution
Posted Jul 31, 2013
Authored by Richard Warren | Site nccgroup.com

The Better Security Wordpress Plugin suffers from a stored cross site scripting vulnerability, which can be exploited by a remote unauthenticated attacker to steal cookies or gain privileged access to the affected site. Bit51 Better WP Security Plugin versions 3.4.8, 3.4.9, 3.4.10, 3.5.2, and 3.5.3 are affected.

tags | exploit, remote, xss
SHA-256 | 851d1befb1d83e0151c831c6884961f17e3e980ac4ed6716207a81c4fd790e09
Red Hat Security Advisory 2013-1120-01
Posted Jul 31, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1120-01 - HAProxy provides high availability, load balancing, and proxying for TCP and HTTP-based applications. A flaw was found in the way HAProxy handled requests when the proxy's configuration had certain rules that use the hdr_ip criterion. A remote attacker could use this flaw to crash HAProxy instances that use the affected configuration.

tags | advisory, remote, web, tcp
systems | linux, redhat
advisories | CVE-2013-2175
SHA-256 | 4eae575883953a022087359e906d02ff61ef76473125a82a2fa161858a5d8caf
Red Hat Security Advisory 2013-1119-01
Posted Jul 31, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1119-01 - The 389 Directory Server is an LDAPv3 compliant server. The base packages include the Lightweight Directory Access Protocol server and command-line utilities for server administration. It was discovered that the 389 Directory Server did not honor defined attribute access controls when evaluating search filter expressions. A remote attacker could use this flaw to determine the values of restricted attributes via a series of search queries with filter conditions that used restricted attributes.

tags | advisory, remote, protocol
systems | linux, redhat
advisories | CVE-2013-2219
SHA-256 | 1409ac162d0007714edfad28e3045f8a6eda6423768a7478dc7f991b1d164304
Oracle Hyperion 11 Directory Traversal
Posted Jul 31, 2013
Authored by Richard Warren | Site nccgroup.com

Oracle Hyperion 11 suffers from a directory traversal vulnerability. Versions 11.1.1.3, 11.1.1.4.107 and earlier, 11.1.2.1.129 and earlier, and 11.1.2.2.305 and earlier are affected.

tags | exploit
SHA-256 | a63ebab32dfca1c676f5478d4507e5cb9958e376a21f14bd4a427db0035dea98
EchoVNC Viewer Remote Denial Of Service
Posted Jul 31, 2013
Authored by Z3r0n3

A remote attacker can crash EchoVNC Viewer by sending a malformed request. The crash occurs when EchoVNC Viewer allocate a buffer from heap with the size specified by the malicious server.

tags | exploit, remote, denial of service
SHA-256 | 0f95b5873df085c2956dfc5fe0afe9b4e60c00984cd0b00e317b429c8132c007
Mandriva Linux Security Advisory 2013-204
Posted Jul 31, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-204 - An updated wireshark package fixes multiple security vulnerabilities. The Bluetooth SDP dissector could go into a large loop. The DIS dissector could go into a large loop. The DVB-CI dissector could crash. The GSM RR dissector could go into a large loop. The GSM A Common dissector could crash. The Netmon file parser could crash. The ASN.1 PER dissector could crash.

tags | advisory, vulnerability
systems | linux, mandriva
advisories | CVE-2013-4927, CVE-2013-4929, CVE-2013-4930, CVE-2013-4931, CVE-2013-4932, CVE-2013-4933, CVE-2013-4934, CVE-2013-4935
SHA-256 | 00eced9593c58aac3a60ba3a90afa47d35b711a71715de5b97f4efbb02c501cc
MojoPortal 2.3.9.7 Cross Site Scripting
Posted Jul 31, 2013
Authored by Michael Savage

MojoPortal version 2.3.9.7 suffers from a stored cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 8b314a7ebb6349066cbe66d2384dfefcf3dad366bbf130131f2c132e81a0edba
Miyachung BackConnect Shell
Posted Jul 31, 2013
Authored by miyachung

This is a PHP shell that provides the ability to connect back, grab files, perform exploit searches for local roots and compile and run them, and much more.

tags | tool, shell, local, root, php, rootkit
systems | unix
SHA-256 | 9a58a31ca500190b10953b45211f622c7f926cd4e939781b4f99fae0213fad96
Page 1 of 1
Back1Next

File Archive:

October 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    10 Files
  • 2
    Oct 2nd
    0 Files
  • 3
    Oct 3rd
    12 Files
  • 4
    Oct 4th
    15 Files
  • 5
    Oct 5th
    0 Files
  • 6
    Oct 6th
    0 Files
  • 7
    Oct 7th
    0 Files
  • 8
    Oct 8th
    0 Files
  • 9
    Oct 9th
    0 Files
  • 10
    Oct 10th
    0 Files
  • 11
    Oct 11th
    0 Files
  • 12
    Oct 12th
    0 Files
  • 13
    Oct 13th
    0 Files
  • 14
    Oct 14th
    0 Files
  • 15
    Oct 15th
    0 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close