exploit the possibilities
Showing 1 - 21 of 21 RSS Feed

Files Date: 2013-08-01

Cisco Security Advisory 20130801-lsaospf
Posted Aug 1, 2013
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Multiple Cisco products are affected by a vulnerability involving the Open Shortest Path First (OSPF) Routing Protocol Link State Advertisement (LSA) database. This vulnerability could allow an unauthenticated attacker to take full control of the OSPF Autonomous System (AS) domain routing table, blackhole traffic, and intercept traffic. The attacker could trigger this vulnerability by injecting crafted OSPF packets. Successful exploitation could cause flushing of the routing table on a targeted router, as well as propagation of the crafted OSPF LSA type 1 update throughout the OSPF AS domain. To exploit this vulnerability, an attacker must accurately determine certain parameters within the LSA database on the target router. This vulnerability can only be triggered by sending crafted unicast or multicast LSA type 1 packets. No other LSA type packets can trigger this vulnerability. OSPFv3 is not affected by this vulnerability. Fabric Shortest Path First (FSPF) protocol is not affected by this vulnerability. Cisco has released free software updates that address this vulnerability. Workarounds that mitigate this vulnerability are available.

tags | advisory, protocol
systems | cisco
MD5 | c90853feeb4af88402b4feb542deae80
Cotonti 0.9.13 SQL Injection
Posted Aug 1, 2013
Authored by High-Tech Bridge SA | Site htbridge.com

Cotonti version 0.9.13 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2013-4789
MD5 | 2d9a4139daad595ddd6d0a59a4f4d27b
vtiger CRM 5.4.0 SQL Injection
Posted Aug 1, 2013
Authored by EgiX | Site karmainsecurity.com

vtiger CRM versions 5.4.0 and below suffer from multiple remote SQL injection vulnerabilities in customerportal.php.

tags | advisory, remote, php, vulnerability, sql injection
advisories | CVE-2013-3213
MD5 | eb32d02840c7bb5f58ecf7cb422e4385
HP Security Bulletin HPSBMU02902
Posted Aug 1, 2013
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU02902 - A potential security vulnerability has been identified with HP Integrated Lights-Out iLO3 and iLO4. The vulnerability could allow authentication bypass. Revision 1 of this advisory.

tags | advisory
advisories | CVE-2013-4805
MD5 | 5aeba34426918e7d679535f95ca8b2b7
vtiger CRM 5.40 Local File Inclusion
Posted Aug 1, 2013
Authored by EgiX | Site karmainsecurity.com

vtiger CRM versions 5.4.0 and below suffer from multiple local file inclusion vulnerabilities in customerportal.php.

tags | advisory, local, php, vulnerability, file inclusion
advisories | CVE-2013-3212
MD5 | 18163b8839c6d56e9596ac59ca76520f
Jahia xCM 6.6.1.0 r43343 Cross Site Scripting
Posted Aug 1, 2013
Authored by High-Tech Bridge SA | Site htbridge.com

Jahia xCM version 6.6.1.0 r43343 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2013-4624
MD5 | 64b3ff6e65203f7f2495dea84514315f
Open-Xchange AppSuite 7.2.2 Phishing / Data Injection
Posted Aug 1, 2013
Authored by Martin Braun

Open-Xchange AppSuite versions 7.2.2 and below suffer from phishing and data injection vulnerabilities.

tags | exploit, vulnerability
advisories | CVE-2013-4790
MD5 | ed376ed1bc928ae93e2860e6eb73bc64
vtiger CRM 5.4.0 PHP Code Injection
Posted Aug 1, 2013
Authored by EgiX | Site karmainsecurity.com

vtiger CRM versions 5.4.0 and below suffer from a remote PHP code injection vulnerability in vtigerolservice.php.

tags | advisory, remote, php
advisories | CVE-2013-3214
MD5 | 481c4427aba2d75b6cdfa78f0bb910cf
TEC-IT TBarCode OCX ActiveX Control Buffer Overflow
Posted Aug 1, 2013
Authored by d3b4g

TEC-IT TBarCode OCX active-x control TBarCode4.ocx version 4.1.0 buffer overflow proof of concept exploit.

tags | exploit, overflow, activex, proof of concept
MD5 | 10c67c0fe953ce67a8329a27d7bfb86f
Western Digital My Net Password Disclosure
Posted Aug 1, 2013
Authored by Kyle Lovett

Western Digital My Net Series wireless routers suffer from a clear text password disclosure. The N600, N750, N900, and N900C are affected. This is an update to the prior advisory and has proof of concept information included.

tags | exploit, proof of concept, info disclosure
advisories | CVE-2013-5006
MD5 | d4305dd728bea40ee46852d3e870ba3a
Trusteer Rapport Memory Selfcheck Bypass
Posted Aug 1, 2013
Authored by dovakin

Trusteer Rapport versions 1208.41 and below suffer from a memory modification vulnerability that turns off Rapport's selfcheck unhooking and intercepting system APIs.

tags | exploit
MD5 | 38c1bbebc194e931bb3971e89a8dcac3
Cisco Security Advisory 20130731-cm
Posted Aug 1, 2013
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Multiple Cisco content network and video delivery products contain a vulnerability when they are configured to run in central management mode. This vulnerability could allow an authenticated but unprivileged, remote attacker to execute arbitrary code on the affected system and on the devices managed by the affected system. Cisco has released free software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available.

tags | advisory, remote, arbitrary
systems | cisco
MD5 | 39c62a2be1bfe59ee645e9daeb27b1c2
Cisco Security Advisory 20130731-waascm
Posted Aug 1, 2013
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Cisco Wide Area Application Services (WAAS) when configured as Central Manager (CM), contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code on the affected system. Cisco has released free software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available.

tags | advisory, remote, arbitrary
systems | cisco
MD5 | a1988c24b0d49fedb6d10ad6b13ba329
Ubuntu Security Notice USN-1923-1
Posted Aug 1, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1923-1 - Yuval Yarom and Katrina Falkner discovered a timing-based information leak, known as Flush+Reload, that could be used to trace execution in programs. GnuPG and Libgcrypt followed different execution paths based on key-related data, which could be used to expose the contents of private keys.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2013-4242
MD5 | 310581af51e80deb907a60467ad5dc7e
Ubuntu Security Notice USN-1922-1
Posted Aug 1, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1922-1 - Yves-Alexis Perez discovered that Evolution Data Server did not properly select GPG recipients. Under certain circumstances, this could result in Evolution encrypting email to an unintended recipient.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2013-4166
MD5 | 02a34894d77ed6ef2c80a2c5a66f8e43
Ubuntu Security Notice USN-1911-2
Posted Aug 1, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1911-2 - USN-1911-1 fixed vulnerabilities in Little CMS. This update provides the corresponding updates for Ghostscript. It was discovered that Little CMS did not properly verify certain memory allocations. If a user or automated system using Little CMS were tricked into opening a specially crafted file, an attacker could cause Little CMS to crash. Various other issues were also addressed.

tags | advisory, vulnerability
systems | linux, ubuntu
advisories | CVE-2013-4160
MD5 | 37ac579d9a5fbb719d54a86e461ce292
Red Hat Security Advisory 2013-1122-01
Posted Aug 1, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1122-01 - The rhev-guest-tools-iso package contains tools and drivers. These tools and drivers are required by supported Windows guest operating systems when installed as guests on Red Hat Enterprise Virtualization. An unquoted search path flaw was found in the way the Red Hat Enterprise Virtualization Application Provisioning Tool service was installed on Windows. Depending on the permissions of the directories in the unquoted search path, a local, unprivileged user could use this flaw to have a binary of their choosing executed with SYSTEM privileges.

tags | advisory, local
systems | linux, redhat, windows
advisories | CVE-2013-2176
MD5 | 3b85e0ab46568848f9a1af4faf600f5b
Red Hat Security Advisory 2013-1126-01
Posted Aug 1, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1126-01 - In accordance with the Red Hat Enterprise Linux Errata Support Policy, Extended Lifecycle Support for Red Hat Enterprise Linux 3 will be retired on January 30, 2014, and support will no longer be provided. Accordingly, Red Hat will no longer provide updated packages, including critical impact security patches or urgent priority bug fixes, for Red Hat Enterprise Linux 3 ELS after that date. In addition, after January 30, 2014, technical support through Red Hat's Global Support Services will no longer be provided. Note: This notification applies only to those customers subscribed to the Extended Lifecycle Support channel for Red Hat Enterprise Linux 3.

tags | advisory
systems | linux, redhat
MD5 | 7d1f47ae18cb78c9087c4d4381b7a416
Packet Storm New Exploits For July, 2013
Posted Aug 1, 2013
Authored by Todd J. | Site packetstormsecurity.com

This archive contains all of the 164 exploits added to Packet Storm in July, 2013.

tags | exploit
systems | linux
MD5 | cbc1c797ada9fc3021dffea3e7ef9d2f
FunGamez Remote Shell Upload
Posted Aug 1, 2013
Authored by cr4wl3r

FunGamez suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
MD5 | 5068e50970c1bef3deb00b70033dfdf9
WordPress Comment Extra Fields 1.7 CSRF / XSS
Posted Aug 1, 2013
Authored by Ryuzaki Lawlet

WordPress Comment Extra Fields plugin version 1.7 suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
MD5 | ae5aa8efc2d61041610f05719af435b9
Page 1 of 1
Back1Next

File Archive:

April 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    21 Files
  • 2
    Apr 2nd
    35 Files
  • 3
    Apr 3rd
    21 Files
  • 4
    Apr 4th
    16 Files
  • 5
    Apr 5th
    15 Files
  • 6
    Apr 6th
    1 Files
  • 7
    Apr 7th
    2 Files
  • 8
    Apr 8th
    23 Files
  • 9
    Apr 9th
    19 Files
  • 10
    Apr 10th
    15 Files
  • 11
    Apr 11th
    14 Files
  • 12
    Apr 12th
    11 Files
  • 13
    Apr 13th
    2 Files
  • 14
    Apr 14th
    5 Files
  • 15
    Apr 15th
    14 Files
  • 16
    Apr 16th
    19 Files
  • 17
    Apr 17th
    19 Files
  • 18
    Apr 18th
    8 Files
  • 19
    Apr 19th
    4 Files
  • 20
    Apr 20th
    5 Files
  • 21
    Apr 21st
    1 Files
  • 22
    Apr 22nd
    10 Files
  • 23
    Apr 23rd
    22 Files
  • 24
    Apr 24th
    11 Files
  • 25
    Apr 25th
    15 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close