the original cloud security
Showing 1 - 13 of 13 RSS Feed

Files Date: 2013-08-26

Debian Security Advisory 2742-1
Posted Aug 26, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2742-1 - It was discovered that PHP, a general-purpose scripting language commonly used for web application development, did not properly process embedded NUL characters in the subjectAltName extension of X.509 certificates. Depending on the application and with insufficient CA-level checks, this could be abused for impersonating other users.

tags | advisory, web, php
systems | linux, debian
advisories | CVE-2013-4248
MD5 | 4761b7f22bd806cd43d5cd52f3905bf4
Mac OS X Sudo Password Bypass
Posted Aug 26, 2013
Authored by Todd C. Miller, juan vazquez, joev | Site metasploit.com

This Metasploit module gains a session with root permissions on versions of OS X with sudo binary vulnerable to CVE-2013-1775. Tested working on Mac OS 10.7-10.8.4, and possibly lower versions. If your session belongs to a user with Administrative Privileges (the user is in the sudoers file and is in the "admin group"), and the user has ever run the "sudo" command, it is possible to become the super user by running `sudo -k` and then resetting the system clock to 01-01-1970. This Metasploit module will fail silently if the user is not an admin or if the user has never run the sudo command.

tags | exploit, root
systems | apple, osx
advisories | CVE-2013-1775, OSVDB-90677
MD5 | c576a86d9ee4a93abc0dde1445edcab8
Belkin G Wireless Router Code Execution
Posted Aug 26, 2013
Authored by Aodrulez

Belkin G Wireless Router remote code execution proof of concept exploit.

tags | exploit, remote, code execution, proof of concept
MD5 | 6c6977669a4773ae3c0f7b7c73470be8
Cisco Ironport Cross Site Request Forgery / Cross Site Scripting
Posted Aug 26, 2013
Authored by Pedro Andujar

Cisco IronPort Security Management Appliance M170 version 7.9.1-030 suffers from cross site scripting and cross site request forgery vulnerabilities.

tags | exploit, vulnerability, xss, csrf
systems | cisco
advisories | CVE-2013-3396, CVE-2013-3395
MD5 | 2fabe988d28db73cb1b616f923940cd0
CM3 AcoraCMS XSS / CSRF / Redirection / Disclosure
Posted Aug 26, 2013
Authored by Pedro Andujar

CM3 AcoraCMS versions 6.0.6/1a, 6.0.2/1a, 5.5.7/12b, and 5.5.0/1b-p1 suffer from cross site request forgery, cross site scripting, information disclosure, weak cookies, and URL redirection vulnerabilities.

tags | exploit, vulnerability, xss, info disclosure, csrf
advisories | CVE-2013-4722, CVE-2013-4723, CVE-2013-4724, CVE-2013-4725, CVE-2013-4726, CVE-2013-4727, CVE-2013-4728
MD5 | ff4e7b5606f1a69f78270c19ed79bbf1
libtiff 3.9.5 Integer Overflow
Posted Aug 26, 2013
Authored by x90c

libtiff versions 3.9.5 and below suffer from an integer overflow vulnerability.

tags | exploit, overflow
MD5 | 5547542f6a8434023ce8e192027866dd
WordPress Simple Login Registration 1.0.1 Cross Site Scripting
Posted Aug 26, 2013
Authored by Dylan Irzi

WordPress Simple Login Registration version 1.0.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 9cc05b986b622b27325cbfd7eb0dd01b
Musicbox 2.3.8 Cross Site Scripting / Shell Upload / SQL Injection
Posted Aug 26, 2013
Authored by DevilScreaM

Musicbox version 2.3.8 suffers from cross site scripting, remote shell upload, and remote SQL injection vulnerabilities.

tags | exploit, remote, shell, vulnerability, xss, sql injection
MD5 | c087a6477e7704247178d05e7c375811
Wi-fEye Wireless Pentesting Tool 1.0 Beta
Posted Aug 26, 2013
Authored by Zaid Al-Quraishi | Site wi-feye.za1d.com

Wi-fEye is designed to help with network penetration testing. It allows the user to perform a number of powerful attack automatically including WEP/WPA cracking, session hijacking and more.

Changes: Various updates.
tags | tool, wireless
systems | unix
MD5 | efe439aba781823ba11fd3d5fde7e4b2
Debian Security Advisory 2741-1
Posted Aug 26, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2741-1 - Several vulnerabilities have been discovered in the Chromium web browser.

tags | advisory, web, vulnerability
systems | linux, debian
advisories | CVE-2013-2887, CVE-2013-2900, CVE-2013-2901, CVE-2013-2902, CVE-2013-2903, CVE-2013-2904, CVE-2013-2905
MD5 | 7195b1023ad3641d1be4aa4a36ba12ad
Obehotel CMS Denial Of Service / SQL Injection
Posted Aug 26, 2013
Authored by Juan Carlos Garcia

Obehotel CMS suffers from denial of service, insecure transit, directory listing, and remote SQL injection vulnerabilities.

tags | exploit, remote, denial of service, vulnerability, sql injection
MD5 | 52a02d8e7a4606235f5dbaffe0ebc240
xml2 Fuzzer 1.0
Posted Aug 26, 2013
Authored by x90c

xml2 Fuzzer is a fuzzing utility that daemonizes in order to fuzz the client side of a web browser.

tags | web, fuzzer
MD5 | 1ca43872c1fd3985bebc49cea04c3ac4
WordPress Post-Gallery Cross Site Scripting
Posted Aug 26, 2013
Authored by IeDb

The WordPress Post-Gallery plugin suffers from a cross site scripting vulnerability. Note that this finding houses site-specific data.

tags | exploit, xss
MD5 | 79acfd45e000712359d461926d4b352d
Page 1 of 1
Back1Next

File Archive:

July 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    2 Files
  • 2
    Jul 2nd
    3 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    4 Files
  • 5
    Jul 5th
    15 Files
  • 6
    Jul 6th
    15 Files
  • 7
    Jul 7th
    10 Files
  • 8
    Jul 8th
    2 Files
  • 9
    Jul 9th
    10 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    15 Files
  • 12
    Jul 12th
    19 Files
  • 13
    Jul 13th
    16 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    3 Files
  • 16
    Jul 16th
    2 Files
  • 17
    Jul 17th
    8 Files
  • 18
    Jul 18th
    11 Files
  • 19
    Jul 19th
    15 Files
  • 20
    Jul 20th
    15 Files
  • 21
    Jul 21st
    15 Files
  • 22
    Jul 22nd
    7 Files
  • 23
    Jul 23rd
    2 Files
  • 24
    Jul 24th
    19 Files
  • 25
    Jul 25th
    28 Files
  • 26
    Jul 26th
    2 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close