the original cloud security
Showing 1 - 15 of 15 RSS Feed

Files Date: 2013-08-13

Red Hat Security Advisory 2013-1156-01
Posted Aug 13, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1156-01 - The Apache HTTP Server is a popular web server. A flaw was found in the way the mod_dav module of the Apache HTTP Server handled merge requests. An attacker could use this flaw to send a crafted merge request that contains URIs that are not configured for DAV, causing the httpd child process to crash. All httpd users should upgrade to these updated packages, which contain a backported patch to correct this issue. After installing the updated packages, the httpd daemon will be restarted automatically.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2013-1896
MD5 | f59e3d3d20d75e43b6cbea1401c3b9d8
Mandriva Linux Security Advisory 2013-213
Posted Aug 13, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-213 - A security vulnerability has been found in version 4.x of the Xymon Systems and Network Monitor tool. The error permits a remote attacker to delete files on the server running the Xymon trend-data daemon xymond_rrd. File deletion is done with the privileges of the user that Xymon is running with, so it is limited to files available to the userid running the Xymon service. This includes all historical data stored by the Xymon monitoring system.

tags | advisory, remote
systems | linux, mandriva
advisories | CVE-2013-4173
MD5 | 3010745e1074c90d4f3c89e9727d4344
Red Hat Security Advisory 2013-1155-01
Posted Aug 13, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1155-01 - VDSM is a management module that serves as a Red Hat Enterprise Virtualization Manager agent on Red Hat Enterprise Virtualization Hypervisor or Red Hat Enterprise Linux hosts. It was found that the fix for CVE-2013-0167 released via RHSA-2013:0886 was incomplete. A privileged guest user could potentially use this flaw to make the host the guest is running on unavailable to the management server. This issue was found by David Gibson of Red Hat.

tags | advisory
systems | linux, redhat
advisories | CVE-2013-4236
MD5 | dc097cc636752fdfc2590b10260c0d3a
Mandriva Linux Security Advisory 2013-212
Posted Aug 13, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-212 - It was discovered that otrs2, the Open Ticket Request System, does not properly sanitise user-supplied data that is used on SQL queries. An attacker with a valid agent login could exploit this issue to craft SQL queries by injecting arbitrary SQL code through manipulated URLs.

tags | advisory, arbitrary
systems | linux, mandriva
advisories | CVE-2013-4717
MD5 | 1e73dbba6fa42b5272420c80341119cb
Microsoft Security Bulletin Summary For August, 2013
Posted Aug 13, 2013
Site microsoft.com

This bulletin summary lists 8 released Microsoft security bulletins for August, 2013.

tags | advisory
MD5 | 2797f0e8297b8cb05453d271bfca682f
Struts2 2.3.15 OGNL Injection
Posted Aug 13, 2013
Authored by Takeshi Terada

Struts2 suffers from an OGNL injection vulnerability that allows for redirection. Versions 2.0.0 through 2.3.15 are affected.

tags | exploit
advisories | CVE-2013-2251
MD5 | b03794da7d18a78a84adf6edf75d8159
CakePHP 2.3.7 / 2.2.8 Local File Inclusion
Posted Aug 13, 2013
Authored by Takeshi Terada

CakePHP versions 2.3.7 and 2.2.8 suffer from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
MD5 | 1fed876b9d8ae26523b49f0ab8afde60
MinaliC Webserver 2.0.0 Buffer Overflow
Posted Aug 13, 2013
Authored by PuN1sh3r

MinaliC Webserver version 2.0.0 buffer overflow exploit with egg-hunting shellcode.

tags | exploit, overflow, shellcode
MD5 | 686b52d239be88aeb3d6a8a6defbcd7f
DotNetNuke (DNN) 7.1.0 / 6.2.8 Cross Site Scripting
Posted Aug 13, 2013
Authored by Sajjad Pourali, Nasser Salim Al-Hadhrami

DotNetNuke (DNN) versions prior to 7.1.0 and 6.2.8 suffer from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2013-4649
MD5 | ebc72b3f2e2522418c78ed1455943dee
Microsoft Security Bulletin Re-Release For August, 2013
Posted Aug 13, 2013
Site microsoft.com

This bulletin summary lists three re-released Microsoft security bulletins for August, 2013.

tags | advisory
MD5 | a3bdde53bd982cda484863e0eedb4ece
ZeroShell 2.0RC2 File Disclosure / Command Execution
Posted Aug 13, 2013
Authored by Yann CAM

ZeroShell version 2.0RC2 suffers from remote command execution and file disclosure vulnerabilities.

tags | exploit, remote, vulnerability, info disclosure
MD5 | 05f173e437c8deb6a2bfe96db74fc277
I2P 0.9.7.1
Posted Aug 13, 2013
Authored by welterde | Site i2p2.de

I2P is an anonymizing network, offering a simple layer that identity-sensitive applications can use to securely communicate. All data is wrapped with several layers of encryption, and the network is both distributed and dynamic, with no trusted parties. This is the source code release version.

Changes: 0.9.4 includes a fix for a network capacity bug, introduced in 0.9.2, which was reducing network performance and reliability. It also includes major changes in the in-network update system, and adds the capability to update via in-network torrents. It fixes several bugs in the i2psnark DHT implementation which was introduced in the last release. For those of you using console or HTTP proxy passwords, it converts to the more-secure digest method and improves the security for console forms.
tags | tool
systems | unix
MD5 | 8fb3741c883efd0e07eee6ab3ccb773c
Struts2 2.3.15 Open Redirect
Posted Aug 13, 2013
Authored by Takeshi Terada

Struts2 suffers from an open redirection vulnerability. Versions 2.0.0 through 2.3.15 are affected.

tags | exploit
advisories | CVE-2013-2248
MD5 | 3193611b0134f1bd02d60b9390ec2eee
Mac's CMS 1.1.4 CSRF / XSS / Path Disclosure
Posted Aug 13, 2013
Authored by Yashar shahinzadeh

Mac's CMS version 1.1.4 suffers from cross site request forgery, cross site scripting, and path disclosure vulnerabilities.

tags | exploit, vulnerability, xss, info disclosure, csrf
MD5 | 199309b4f5919d25731ba0a1f5c04b9e
onehttpd 0.7 Denial Of Service
Posted Aug 13, 2013
Authored by superkojiman

onehttpd version 0.7 suffers from a denial of service vulnerability.

tags | exploit, denial of service
MD5 | 0390da8e033743f79e328302d33afa64
Page 1 of 1
Back1Next

File Archive:

July 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    2 Files
  • 2
    Jul 2nd
    3 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    4 Files
  • 5
    Jul 5th
    15 Files
  • 6
    Jul 6th
    15 Files
  • 7
    Jul 7th
    10 Files
  • 8
    Jul 8th
    2 Files
  • 9
    Jul 9th
    10 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    15 Files
  • 12
    Jul 12th
    19 Files
  • 13
    Jul 13th
    16 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    3 Files
  • 16
    Jul 16th
    2 Files
  • 17
    Jul 17th
    8 Files
  • 18
    Jul 18th
    11 Files
  • 19
    Jul 19th
    15 Files
  • 20
    Jul 20th
    15 Files
  • 21
    Jul 21st
    15 Files
  • 22
    Jul 22nd
    7 Files
  • 23
    Jul 23rd
    2 Files
  • 24
    Jul 24th
    19 Files
  • 25
    Jul 25th
    28 Files
  • 26
    Jul 26th
    2 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close