the original cloud security
Showing 1 - 16 of 16 RSS Feed

Files Date: 2013-08-06

Slackware Security Advisory - bind Updates
Posted Aug 6, 2013
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New bind packages are available for Slackware 12.1, 12.2, 13.0, 13.1, 13.37, 14.0, and -current to fix a security issue. Related CVE Numbers: CVE-2013-4854.

tags | advisory
systems | linux, slackware
advisories | CVE-2013-4854
MD5 | af6de7b1c3b09a2f08019816f158f628
Facebook Friends Disclosure
Posted Aug 6, 2013
Authored by Bhavesh Naik

If you know a valid email address of a given Facebook user, you can find out who their friends are.

tags | exploit, info disclosure
MD5 | 153f8fb219b2e3f1935654a79daf538e
WordPress Usernoise 3.7.8 Cross Site Scripting
Posted Aug 6, 2013
Authored by RogueCoder

WordPress Usernoise plugin version 3.7.8 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 80b9889c55d53580815f8c7ff630eafe
Adventures In Automotive Networks And Control Units
Posted Aug 6, 2013
Authored by Chris Valasek, Charlie Miller

Previous research has shown that it is possible for an attacker to get remote code execution on the electronic control units (ECU) in automotive vehicles via various interfaces such as the Bluetooth interface and the telematics unit. This paper aims to expand on the ideas of what such an attacker could do to influence the behavior of the vehicle after that type of attack. In particular, the authors demonstrate how on two different vehicles that in some circumstances they are able to control the steering, braking, acceleration and display. They also propose a mechanism to detect these kinds of attacks. All technical information and code needed to reproduce these attacks is included in this archive. This was released to the community as promised by the researchers who presented their findings at Defcon 21.

tags | exploit, remote, code execution
MD5 | b5efe9122bed5928e34cab93ce6da1fb
Tor Firefox Malicious Javascript
Posted Aug 6, 2013

This is the unsanitized version of the Firefox malicious javascript exploit that was targeting Tor users. It is suspected that this code was used by the FBI to gain identifying information on Tor users.

tags | exploit, javascript
systems | linux
MD5 | b946540b229b518b97e73a887c414ee4
Vodafone EasyBox Default WPS PIN Algorithm Weakness
Posted Aug 6, 2013
Authored by S. Viehbock | Site sec-consult.com

Vodafone EasyBox versions 802 and 803 suffer from a default WPS PIN algorithm weakness. The algorithm that generates the default WPS-PIN is entirely based on the MAC address (=BSSID) and serial number of the device. The serial number can be derived from the MAC address.

tags | exploit
MD5 | e736512983518e1ef585fc36440ecb71
Joomseller Events Booking Pro / JSE Event Cross Site Scripting
Posted Aug 6, 2013
Authored by Gaston Traberg

Joomseller Events Booking Pro version 5 and JSE Event versions prior to 1.0.1 suffer from a reflective cross site scripting vulnerability.

tags | exploit, xss
MD5 | 4b4c9cc89c90bae839ecd243758bffea
Huawei B153 3G/UMTS Router WPS Weakness
Posted Aug 6, 2013
Authored by Roberto Paleari, Alessandro Di Pinto

The Huawei B153 3G/UMTS router suffers from a WPS weakness that allows for authentication bypass.

tags | advisory
MD5 | 86b3b9d185e91d0ea29c5a4ccd47a24e
Joomla 3.1.5 Cross Site Scripting
Posted Aug 6, 2013
Authored by Emilio Pinna

Joomla versions 3.1.5 and 3.1.4 suffer from a reflective cross site scripting vulnerability in example.php.

tags | exploit, php, xss
MD5 | cf49d249558e5ace4bcbff4ff5e16564
HP LaserJet Credential Disclosure / Missing Authentication
Posted Aug 6, 2013
Authored by Michal Sajdak

Multiple HP LaserJet printers have hidden URLs hardcoded in the firmware that fail to authenticate access and disclose sensitive data including the administrative password.

tags | exploit, info disclosure
MD5 | 3679f5828e0ebbd1ec55e57754bf064c
PuTTY 0.62 Heap Overflow
Posted Aug 6, 2013
Authored by Gergely Eberhardt

PuTTY versions 0.62 and below suffer from an SSH handshake heap overflow vulnerability.

tags | advisory, overflow
advisories | CVE-2013-4852
MD5 | c841cb43581bedebf7bc74034e1b9a52
TOR Firefox 0-day
Posted Aug 6, 2013

This is the malicious javascript for the Firefox 0-day created to target Tor users leveraging the .onion sneaker net. The shellcode is supposedly neutered but test at your own risk.

tags | exploit, javascript, shellcode
MD5 | 610cb2644e35adf996ede42df072edb9
Booking Calendar 4.1.4 Cross Site Request Forgery
Posted Aug 6, 2013
Authored by Dylan Irzi

Book Calendar WordPress plugin version 4.1.4 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | 397e024db8fcfd58c799029b89dc15cb
VoIP Wars: Return Of The SIP
Posted Aug 6, 2013
Authored by Fatih Ozavci

These are the presentation slides from "VoIP Wars: Return of the SIP" as presented at Defcon 21 in Las Vegas.

tags | paper
MD5 | 2a27c2084d5a6bce0b1e763dfb792f3b
FTP OnConnect 1.4.11 File Inclusion / Shell Upload / XSS
Posted Aug 6, 2013
Authored by Benjamin Kunz Mejri | Site vulnerability-lab.com

FTP OnConnect version 1.4.11 for iOS suffers from cross site scripting, local file inclusion, and remote shell upload vulnerabilities.

tags | exploit, remote, shell, local, vulnerability, xss, file inclusion
systems | cisco, ios
MD5 | 53e81d9f4c81c7eded82a38ec89a0de7
withU Music Share 1.3.7 Command Injection
Posted Aug 6, 2013
Authored by Benjamin Kunz Mejri | Site vulnerability-lab.com

withU Music Share version 1.3.7 for iOS suffers from a command injection vulnerability.

tags | exploit
systems | cisco, ios
MD5 | 0722c770848d076e1b416b120f7a49e6
Page 1 of 1
Back1Next

File Archive:

July 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    2 Files
  • 2
    Jul 2nd
    3 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    4 Files
  • 5
    Jul 5th
    15 Files
  • 6
    Jul 6th
    15 Files
  • 7
    Jul 7th
    10 Files
  • 8
    Jul 8th
    2 Files
  • 9
    Jul 9th
    10 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    15 Files
  • 12
    Jul 12th
    19 Files
  • 13
    Jul 13th
    16 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    3 Files
  • 16
    Jul 16th
    2 Files
  • 17
    Jul 17th
    8 Files
  • 18
    Jul 18th
    11 Files
  • 19
    Jul 19th
    15 Files
  • 20
    Jul 20th
    15 Files
  • 21
    Jul 21st
    15 Files
  • 22
    Jul 22nd
    7 Files
  • 23
    Jul 23rd
    2 Files
  • 24
    Jul 24th
    19 Files
  • 25
    Jul 25th
    28 Files
  • 26
    Jul 26th
    2 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close