Exploit the possiblities
Showing 1 - 14 of 14 RSS Feed

Files Date: 2013-08-12

HP StorageWorks P4000 Virtual SAN Appliance Login Buffer Overflow
Posted Aug 12, 2013
Authored by juan vazquez, e6af8de8b1d4b2b6d5ba2610cbf9cd38 | Site metasploit.com

This Metasploit module exploits a buffer overflow vulnerability found in HP's StorageWorks P4000 VSA on versions prior to 10.0. The vulnerability is due to an insecure usage of the sscanf() function when parsing login requests. This Metasploit module has been tested successfully on the HP VSA 9 Virtual Appliance.

tags | exploit, overflow
advisories | CVE-2013-2343, OSVDB-94701
MD5 | e971e65723c7b85a5799b20b79ea1f2c
Open-FTPD 1.2 Arbitrary File Upload
Posted Aug 12, 2013
Authored by Serge Gorbunov | Site metasploit.com

This Metasploit module exploits multiple vulnerabilities found in Open&Compact FTP server. The software contains an authentication bypass vulnerability and a arbitrary file upload vulnerability that allows a remote attacker to write arbitrary files to the file system as long as there is at least one user who has permission. Code execution can be achieved by first uploading the payload to the remote machine as an exe file, and then upload another mof file, which enables WMI (Management Instrumentation service) to execute the uploaded payload. Please note that this module currently only works for Windows before Vista.

tags | exploit, remote, arbitrary, vulnerability, code execution, bypass, file upload
systems | windows
advisories | CVE-2010-2620, OSVDB-65687
MD5 | 8f4743d03afe4229ca91071ca307bc0b
WATOBO 0.9.13
Posted Aug 12, 2013
Authored by Andreas Schmidt | Site watobo.sourceforge.net

WATOBO, the Web Application Toolbox, is a tool that enables security professionals to perform highly efficient (semi-automated) web application security audits. It acts like a local proxy and analyzes the traffic on the fly for helpful information and vulnerabilities. It also has automated scanning capabilities, e.g. SQL injection, cross site scripting and more.

Changes: Faster socket communication. Various module updates. Addition of the WShell plugin and much more.
tags | tool, web, local, scanner, vulnerability, xss, sql injection
systems | linux, unix
MD5 | e205b00fe7b584329794d5befe8e22c7
IBM Advanced Management Module Cross Site Scripting
Posted Aug 12, 2013
Authored by Jens Regel

The IBM Advanced Management module suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2013-4007
MD5 | 9cfa2d2f3311a439e87218ccfe6c5617
Debian Security Advisory 2737-1
Posted Aug 12, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2737-1 - Several vulnerabilities have been discovered in Swift, the Openstack object storage.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2013-2161, CVE-2013-4155
MD5 | 1e8d3c57a3711fdb5faabc1ccf8995ed
Red Hat Security Advisory 2013-1151-01
Posted Aug 12, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1151-01 - Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. A flaw was discovered in the way authenticated connections were cached on the server by remote-naming. After a user has successfully logged in, a remote attacker could use a remoting client to log in as that user without knowing their password, allowing them to access data and perform actions with the privileges of that user. A flaw was discovered in the way connections for remote EJB invocations via the EJB client API were cached on the server. After a user has successfully logged in, a remote attacker could use an EJB client to log in as that user without knowing their password, allowing them to access data and perform actions with the privileges of that user.

tags | advisory, java, remote
systems | linux, redhat
advisories | CVE-2013-4128, CVE-2013-4213
MD5 | ca185a8b643385216c9f4bce0484a2fb
Red Hat Security Advisory 2013-1152-01
Posted Aug 12, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1152-01 - Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. A flaw was discovered in the way authenticated connections were cached on the server by remote-naming. After a user has successfully logged in, a remote attacker could use a remoting client to log in as that user without knowing their password, allowing them to access data and perform actions with the privileges of that user. A flaw was discovered in the way connections for remote EJB invocations via the EJB client API were cached on the server. After a user has successfully logged in, a remote attacker could use an EJB client to log in as that user without knowing their password, allowing them to access data and perform actions with the privileges of that user.

tags | advisory, java, remote
systems | linux, redhat
advisories | CVE-2013-4128, CVE-2013-4213
MD5 | c34a8669c8ed15082ddab384d2ad0dbf
Mandriva Linux Security Advisory 2013-211
Posted Aug 12, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-211 - It was discovered that Little CMS did not properly verify certain memory allocations. If a user or automated system using Little CMS were tricked into opening a specially crafted file, an attacker could cause Little CMS to crash.

tags | advisory
systems | linux, mandriva
advisories | CVE-2013-4160
MD5 | 47c36c71e8f358b6f9a571445d4522b2
Debian Security Advisory 2736-1
Posted Aug 12, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2736-1 - Several vulnerabilities where discovered in PuTTY, a Telnet/SSH client for X.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2013-4206, CVE-2013-4207, CVE-2013-4208, CVE-2013-4852
MD5 | 434bab86bb033d55b5159611d1e196ff
Sami FTP 2.0.1 MKD Buffer Overflow
Posted Aug 12, 2013
Authored by Polunchis

Sami FTP server version 2.0.1 MKD buffer overflow exploit with ASLR bypass.

tags | exploit, overflow
MD5 | 35f86b6850476cf685bb908aaa1eddf6
PE (Portable Executable) File Format
Posted Aug 12, 2013
Authored by Nytro

This paper describes the PE (Portable Executable) file format used by Windows executables (.exe), dynamic link libraries (.dll) and other files: system drivers or ActiveX controls. It is written in Romanian.

tags | paper, activex
systems | windows
MD5 | 94fe1be7ede3e08b42807a1bb160574f
Indrajith FTP Cracker
Posted Aug 12, 2013
Authored by Ajith KP

Indrajith FTP cracker is a dictionary-based FTP username and password cracker. Source included.

tags | cracker
MD5 | 26b91e3834e904b724749f22e04a8a62
Packet Storm Advisory 2013-0811-1 - Oracle Java storeImageArray()
Posted Aug 12, 2013
Site packetstormsecurity.com

Oracle Java versions prior to 7u25 suffer from an invalid array indexing vulnerability that exists within the native storeImageArray() function inside jre/bin/awt.dll. This vulnerability allows for remote code execution. User interaction is required for this exploit in that the target must visit a malicious page or open a malicious file. This finding was obtained through the Packet Storm Bug Bounty program.

tags | advisory, java, remote, code execution, bug bounty, packet storm
systems | linux, windows, 2k, 9x, 32, apple, xp, 7
advisories | CVE-2013-2465, OSVDB-96269
MD5 | db785e46bf5c2d592d198749b74d7acd
Packet Storm Exploit 2013-0811-1 - Oracle Java storeImageArray() Invalid Array Indexing Code Execution
Posted Aug 12, 2013
Site packetstormsecurity.com

Oracle Java versions prior to 7u25 suffer from an invalid array indexing vulnerability that exists within the native storeImageArray() function inside jre/bin/awt.dll. This exploit code demonstrates remote code execution by popping calc.exe. It was obtained through the Packet Storm Bug Bounty program.

tags | exploit, java, remote, code execution, bug bounty, packet storm
systems | linux, windows, 2k, 9x, 32, apple, xp, 7
advisories | CVE-2013-2465, OSVDB-96269
MD5 | 75f487c61517e74a3d453dff5eab12d5
Page 1 of 1
Back1Next

File Archive:

December 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    15 Files
  • 2
    Dec 2nd
    2 Files
  • 3
    Dec 3rd
    1 Files
  • 4
    Dec 4th
    15 Files
  • 5
    Dec 5th
    15 Files
  • 6
    Dec 6th
    18 Files
  • 7
    Dec 7th
    17 Files
  • 8
    Dec 8th
    15 Files
  • 9
    Dec 9th
    13 Files
  • 10
    Dec 10th
    4 Files
  • 11
    Dec 11th
    41 Files
  • 12
    Dec 12th
    44 Files
  • 13
    Dec 13th
    25 Files
  • 14
    Dec 14th
    15 Files
  • 15
    Dec 15th
    28 Files
  • 16
    Dec 16th
    3 Files
  • 17
    Dec 17th
    13 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close