what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 21 of 21 RSS Feed

Files Date: 2013-08-01

Cisco Security Advisory 20130801-lsaospf
Posted Aug 1, 2013
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Multiple Cisco products are affected by a vulnerability involving the Open Shortest Path First (OSPF) Routing Protocol Link State Advertisement (LSA) database. This vulnerability could allow an unauthenticated attacker to take full control of the OSPF Autonomous System (AS) domain routing table, blackhole traffic, and intercept traffic. The attacker could trigger this vulnerability by injecting crafted OSPF packets. Successful exploitation could cause flushing of the routing table on a targeted router, as well as propagation of the crafted OSPF LSA type 1 update throughout the OSPF AS domain. To exploit this vulnerability, an attacker must accurately determine certain parameters within the LSA database on the target router. This vulnerability can only be triggered by sending crafted unicast or multicast LSA type 1 packets. No other LSA type packets can trigger this vulnerability. OSPFv3 is not affected by this vulnerability. Fabric Shortest Path First (FSPF) protocol is not affected by this vulnerability. Cisco has released free software updates that address this vulnerability. Workarounds that mitigate this vulnerability are available.

tags | advisory, protocol
systems | cisco
SHA-256 | 125f699e2c60465681b87f29de94283e9c6493d12e4ff530f8248b5307500d24
Cotonti 0.9.13 SQL Injection
Posted Aug 1, 2013
Authored by High-Tech Bridge SA | Site htbridge.com

Cotonti version 0.9.13 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2013-4789
SHA-256 | 11be7d74fb10c4a12d82d19fd7f3bcbd3a83704586090f72442d1059fabc4e6f
vtiger CRM 5.4.0 SQL Injection
Posted Aug 1, 2013
Authored by EgiX | Site karmainsecurity.com

vtiger CRM versions 5.4.0 and below suffer from multiple remote SQL injection vulnerabilities in customerportal.php.

tags | advisory, remote, php, vulnerability, sql injection
advisories | CVE-2013-3213
SHA-256 | 0bdbe4caa49a6accff478f7e437e0fb94a9d85c37596d337ecd9e9829b7ce9ee
HP Security Bulletin HPSBMU02902
Posted Aug 1, 2013
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU02902 - A potential security vulnerability has been identified with HP Integrated Lights-Out iLO3 and iLO4. The vulnerability could allow authentication bypass. Revision 1 of this advisory.

tags | advisory
advisories | CVE-2013-4805
SHA-256 | 22c00f16e3e180437b41d705ab521def58996fc4302dfa3c8b494e425365cfca
vtiger CRM 5.40 Local File Inclusion
Posted Aug 1, 2013
Authored by EgiX | Site karmainsecurity.com

vtiger CRM versions 5.4.0 and below suffer from multiple local file inclusion vulnerabilities in customerportal.php.

tags | advisory, local, php, vulnerability, file inclusion
advisories | CVE-2013-3212
SHA-256 | 29e3aad2d7ca794886041f23e78628f30acc7129c030d2bf78107c3a25fe0a1f
Jahia xCM 6.6.1.0 r43343 Cross Site Scripting
Posted Aug 1, 2013
Authored by High-Tech Bridge SA | Site htbridge.com

Jahia xCM version 6.6.1.0 r43343 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2013-4624
SHA-256 | c5ef8030d861fa130fe564ae69779015f7e7b77b93b60e3fb55f9365cda7843a
Open-Xchange AppSuite 7.2.2 Phishing / Data Injection
Posted Aug 1, 2013
Authored by Martin Braun

Open-Xchange AppSuite versions 7.2.2 and below suffer from phishing and data injection vulnerabilities.

tags | exploit, vulnerability
advisories | CVE-2013-4790
SHA-256 | 27b6927eddb258978d90051d0b1651046597ac49ff00741bc39f4c2130f9a7d4
vtiger CRM 5.4.0 PHP Code Injection
Posted Aug 1, 2013
Authored by EgiX | Site karmainsecurity.com

vtiger CRM versions 5.4.0 and below suffer from a remote PHP code injection vulnerability in vtigerolservice.php.

tags | advisory, remote, php
advisories | CVE-2013-3214
SHA-256 | 815a18f425acb88ab1539eda82729d41812748d11048ac8fb98c75353fce269b
TEC-IT TBarCode OCX ActiveX Control Buffer Overflow
Posted Aug 1, 2013
Authored by d3b4g

TEC-IT TBarCode OCX active-x control TBarCode4.ocx version 4.1.0 buffer overflow proof of concept exploit.

tags | exploit, overflow, activex, proof of concept
SHA-256 | 9e7504858cd2b2e3b4c2b733618f991d98aa8fa02a48edb3d38372d57d04fb75
Western Digital My Net Password Disclosure
Posted Aug 1, 2013
Authored by Kyle Lovett

Western Digital My Net Series wireless routers suffer from a clear text password disclosure. The N600, N750, N900, and N900C are affected. This is an update to the prior advisory and has proof of concept information included.

tags | exploit, proof of concept, info disclosure
advisories | CVE-2013-5006
SHA-256 | c393ae6ab531915e2acb692f6020047cdc37cf5d9d3b83c4a942acc19474f947
Trusteer Rapport Memory Selfcheck Bypass
Posted Aug 1, 2013
Authored by dovakin

Trusteer Rapport versions 1208.41 and below suffer from a memory modification vulnerability that turns off Rapport's selfcheck unhooking and intercepting system APIs.

tags | exploit
SHA-256 | 46230c245dad0c9bdb55494e8fa635af6d5491e44c470fef6161e402b45a5637
Cisco Security Advisory 20130731-cm
Posted Aug 1, 2013
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Multiple Cisco content network and video delivery products contain a vulnerability when they are configured to run in central management mode. This vulnerability could allow an authenticated but unprivileged, remote attacker to execute arbitrary code on the affected system and on the devices managed by the affected system. Cisco has released free software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available.

tags | advisory, remote, arbitrary
systems | cisco
SHA-256 | 9b7e3039911060bee35b66d0d510f0df4c0dc74a8f862f6fecbcc02c274e397a
Cisco Security Advisory 20130731-waascm
Posted Aug 1, 2013
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Cisco Wide Area Application Services (WAAS) when configured as Central Manager (CM), contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code on the affected system. Cisco has released free software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available.

tags | advisory, remote, arbitrary
systems | cisco
SHA-256 | 802e54c4a44b4816a27c3303f58ce264f98317de1f90c664d4a9473667c136e2
Ubuntu Security Notice USN-1923-1
Posted Aug 1, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1923-1 - Yuval Yarom and Katrina Falkner discovered a timing-based information leak, known as Flush+Reload, that could be used to trace execution in programs. GnuPG and Libgcrypt followed different execution paths based on key-related data, which could be used to expose the contents of private keys.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2013-4242
SHA-256 | 4b34c19540e898abdf725a966d6352bc929dfc4611f5200f686251cb2918ab0c
Ubuntu Security Notice USN-1922-1
Posted Aug 1, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1922-1 - Yves-Alexis Perez discovered that Evolution Data Server did not properly select GPG recipients. Under certain circumstances, this could result in Evolution encrypting email to an unintended recipient.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2013-4166
SHA-256 | 673fd931b78efc87aa81d57563e1b586b037596bd37d50b95a2c502ff906fdd3
Ubuntu Security Notice USN-1911-2
Posted Aug 1, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1911-2 - USN-1911-1 fixed vulnerabilities in Little CMS. This update provides the corresponding updates for Ghostscript. It was discovered that Little CMS did not properly verify certain memory allocations. If a user or automated system using Little CMS were tricked into opening a specially crafted file, an attacker could cause Little CMS to crash. Various other issues were also addressed.

tags | advisory, vulnerability
systems | linux, ubuntu
advisories | CVE-2013-4160
SHA-256 | 18ba72a51f2c147cfb25533472a063378a1d800cd2e2ee09ae8784dab875511c
Red Hat Security Advisory 2013-1122-01
Posted Aug 1, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1122-01 - The rhev-guest-tools-iso package contains tools and drivers. These tools and drivers are required by supported Windows guest operating systems when installed as guests on Red Hat Enterprise Virtualization. An unquoted search path flaw was found in the way the Red Hat Enterprise Virtualization Application Provisioning Tool service was installed on Windows. Depending on the permissions of the directories in the unquoted search path, a local, unprivileged user could use this flaw to have a binary of their choosing executed with SYSTEM privileges.

tags | advisory, local
systems | linux, redhat, windows
advisories | CVE-2013-2176
SHA-256 | 4f2b824d834ca0483434ec94a8546bb4acdb3c11cb9f899c7f71b3296c2cc2cc
Red Hat Security Advisory 2013-1126-01
Posted Aug 1, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1126-01 - In accordance with the Red Hat Enterprise Linux Errata Support Policy, Extended Lifecycle Support for Red Hat Enterprise Linux 3 will be retired on January 30, 2014, and support will no longer be provided. Accordingly, Red Hat will no longer provide updated packages, including critical impact security patches or urgent priority bug fixes, for Red Hat Enterprise Linux 3 ELS after that date. In addition, after January 30, 2014, technical support through Red Hat's Global Support Services will no longer be provided. Note: This notification applies only to those customers subscribed to the Extended Lifecycle Support channel for Red Hat Enterprise Linux 3.

tags | advisory
systems | linux, redhat
SHA-256 | 16feeca55707b0b780a4731e28f155f8addde9d97cedb50d8b7ed8f4ab4512d1
Packet Storm New Exploits For July, 2013
Posted Aug 1, 2013
Authored by Todd J. | Site packetstormsecurity.com

This archive contains all of the 164 exploits added to Packet Storm in July, 2013.

tags | exploit
systems | linux
SHA-256 | 0a0985c7d5fdcaabbf25a53953410fd592cdcbfc6dacbbb8c55ddb3e55a12e42
FunGamez Remote Shell Upload
Posted Aug 1, 2013
Authored by cr4wl3r

FunGamez suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
SHA-256 | 5318d5eb778cca5d25235dd724c03995e85d82a039f4247376502efa14e44849
WordPress Comment Extra Fields 1.7 CSRF / XSS
Posted Aug 1, 2013
Authored by Ryuzaki Lawlet

WordPress Comment Extra Fields plugin version 1.7 suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
SHA-256 | 7a727d84c9a3ea04dbf0bfc83f7d36113284c9a82dc85b33105a1d6862f47f55
Page 1 of 1
Back1Next

File Archive:

August 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    20 Files
  • 2
    Aug 2nd
    4 Files
  • 3
    Aug 3rd
    6 Files
  • 4
    Aug 4th
    55 Files
  • 5
    Aug 5th
    16 Files
  • 6
    Aug 6th
    0 Files
  • 7
    Aug 7th
    0 Files
  • 8
    Aug 8th
    13 Files
  • 9
    Aug 9th
    13 Files
  • 10
    Aug 10th
    34 Files
  • 11
    Aug 11th
    16 Files
  • 12
    Aug 12th
    0 Files
  • 13
    Aug 13th
    0 Files
  • 14
    Aug 14th
    0 Files
  • 15
    Aug 15th
    0 Files
  • 16
    Aug 16th
    0 Files
  • 17
    Aug 17th
    0 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close