what you don't know can hurt you
Showing 1 - 15 of 15 RSS Feed

Files Date: 2013-09-16

Gentoo Linux Security Advisory 201309-09
Posted Sep 16, 2013
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201309-9 - Multiple vulnerabilities have been found in LibRaw and libkdcraw, the worst of which may lead to arbitrary code execution. Versions less than 0.15.4 are affected.

tags | advisory, arbitrary, vulnerability, code execution
systems | linux, gentoo
advisories | CVE-2013-1438, CVE-2013-1439, CVE-2013-2126, CVE-2013-2127
MD5 | 11055773501ee320d1644a56393723c2
Red Hat Security Advisory 2013-1264-01
Posted Sep 16, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1264-01 - The kernel-rt packages contain the Linux kernel, the core of any Linux operating system. A heap-based buffer overflow flaw was found in the Linux kernel's iSCSI target subsystem. A remote attacker could use a specially-crafted iSCSI request to cause a denial of service on a system or, potentially, escalate their privileges on that system. A flaw was found in the Linux kernel's Performance Events implementation. On systems with certain Intel processors, a local, unprivileged user could use this flaw to cause a denial of service by leveraging the perf subsystem to write into the reserved bits of the OFFCORE_RSP_0 and OFFCORE_RSP_1 model-specific registers.

tags | advisory, remote, denial of service, overflow, kernel, local
systems | linux, redhat
advisories | CVE-2013-2058, CVE-2013-2141, CVE-2013-2146, CVE-2013-2147, CVE-2013-2148, CVE-2013-2164, CVE-2013-2232, CVE-2013-2234, CVE-2013-2237, CVE-2013-2850, CVE-2013-2851, CVE-2013-2852, CVE-2013-3301, CVE-2013-4162, CVE-2013-4163
MD5 | 5eea9d3ce982c34da176b92519e344f2
CodeCrypt 1.3
Posted Sep 16, 2013

codecrypt is a GnuPG-like program for encryption and signing that uses only quantum-computer-resistant algorithms.

Changes: This release fixes too aggressive locking of keyring that caused deadlocks on piping. It fixes many warnings and code inconsistencies. It prevents possible problems with forged sencode.
tags | tool, encryption
systems | unix
MD5 | 47c9c951f6d697793fe3472f2a44167c
OWASP ESAPI Symmetric Encryption MAC Bypass
Posted Sep 16, 2013
Authored by Kevin Wall

OWASP ESAPI versions 2.0GA and 2.0.1 suffer from a symmetric encryption MAC bypass.

tags | advisory, bypass
advisories | CVE-2013-5679
MD5 | 86c63663b6183e562747f970229031b5
Mandriva Linux Security Advisory 2013-235
Posted Sep 16, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-235 - Multiple vulnerabilities has been discovered and corrected in mediawiki. Full path disclosure in MediaWiki before 1.20.7, when an invalid language is specified in ResourceLoader. Several API modules in MediaWiki before 1.20.7 allowed anti-CSRF tokens to be accessed via JSONP. An issue with the MediaWiki API in MediaWiki before 1.20.7 where an invalid property name could be used for XSS with older versions of Internet Explorer. Several unspecified security issues were fixed with the 1.20.6 version. This replaces the MediaWiki 1.16.5 version, which has been EOL upstream for quite some time now, that was shipped with MBS 1. MediaWiki removed the Math extension for the 1.18 release, but it is now available separately. It has been packaged in the mediawiki-math package. The mediawiki-graphviz and mediawiki-ldapauthentication packages have also been updated to work with the new MediaWiki packages. The updated packages provides a solution to these issues.

tags | advisory, vulnerability
systems | linux, mandriva
advisories | CVE-2013-4301, CVE-2013-4302, CVE-2013-4303
MD5 | d0040ad39e89892b0b3a6ac4538b9ac9
Gentoo Linux Security Advisory 201309-08
Posted Sep 16, 2013
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201309-8 - Multiple vulnerabilities have been found in FileZilla, the worst of which could result in arbitrary code execution. Versions less than 3.7.3 are affected.

tags | advisory, arbitrary, vulnerability, code execution
systems | linux, gentoo
advisories | CVE-2013-4206, CVE-2013-4207, CVE-2013-4208, CVE-2013-4852
MD5 | 35802b97207ffaabd44821648fcd2e33
Moodle CMS 2.5.0-1 Cross Site Scripting
Posted Sep 16, 2013
Authored by Emilio Pinna

Moodle CMS version 2.5.0-1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | ddaaed0e28776a0d8ade0f70ab7587a2
PCMAN FTP Server Buffer Overflow
Posted Sep 16, 2013
Authored by Rick Flores, Polunchis | Site metasploit.com

This Metasploit module exploits a buffer overflow vulnerability found in the STOR command of the PCMAN FTP v2.07 Server when the "/../" parameters are also sent to the server.

tags | exploit, overflow
MD5 | 9a8d90c62167b053b9a22c797652a9c5
Tiendas Online SQL Injection
Posted Sep 16, 2013
Authored by Don Tukulesto | Site indonesiancoder.com

Tiendas Online Shopping Cart suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 2960b3326b7a700233fe10e2f3024410
Mitsubishi MC-WorkX 8.02 File Execution
Posted Sep 16, 2013
Authored by Blake

Mitsubishi MC-WorkX version 8.02 active-x control file execution proof of concept exploit.

tags | exploit, activex, proof of concept
MD5 | db8a878b6e4747b66bfdd97898cb3f97
Gentoo Linux Security Advisory 201309-07
Posted Sep 16, 2013
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201309-7 - A buffer overflow vulnerability in libotr could allow a remote attacker to execute arbitrary code or cause a Denial of Service condition. Versions less than 3.2.1 are affected.

tags | advisory, remote, denial of service, overflow, arbitrary
systems | linux, gentoo
advisories | CVE-2012-3461
MD5 | ae34016443589cb93f38aaf3956da119
Red Hat Security Advisory 2013-1263-01
Posted Sep 16, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1263-01 - Red Hat Storage Console is a powerful and simple web based Graphical User Interface for managing a Red Hat Storage 2.1 environment. This feature is provided as a Technology Preview, and is currently not supported under Red Hat Storage subscription services.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2012-0818
MD5 | 6ae7cc1517e6f89ab2e0345fedc7d153
Malware Memory Forensics
Posted Sep 16, 2013
Authored by X3NON, F4RY4R_RED

Whitepaper called Malware Memory Forensics. Written in Persian.

tags | paper
MD5 | 873192633d043befa84f371c24bc6163
phpLinks Cross Site Scripting
Posted Sep 16, 2013
Authored by Arsan

Sites powered by phpLinks suffers from a cross site scripting vulnerability. Note that this finding houses site-specific data.

tags | exploit, xss
MD5 | 4a2c216df1c95de0ca8d5e09e319f896
Password Secrets Of Popular Windows Applications
Posted Sep 16, 2013
Authored by X3NON, F4RY4R_RED

Whitepaper called Password Secrets of Popular Windows Applications. Written in Persian.

tags | paper
systems | windows
MD5 | a9a4b7f4ad3f23e01c4f1679d2e90470
Page 1 of 1
Back1Next

File Archive:

September 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    1 Files
  • 2
    Sep 2nd
    38 Files
  • 3
    Sep 3rd
    30 Files
  • 4
    Sep 4th
    15 Files
  • 5
    Sep 5th
    12 Files
  • 6
    Sep 6th
    17 Files
  • 7
    Sep 7th
    3 Files
  • 8
    Sep 8th
    1 Files
  • 9
    Sep 9th
    24 Files
  • 10
    Sep 10th
    22 Files
  • 11
    Sep 11th
    22 Files
  • 12
    Sep 12th
    15 Files
  • 13
    Sep 13th
    5 Files
  • 14
    Sep 14th
    2 Files
  • 15
    Sep 15th
    1 Files
  • 16
    Sep 16th
    11 Files
  • 17
    Sep 17th
    16 Files
  • 18
    Sep 18th
    8 Files
  • 19
    Sep 19th
    12 Files
  • 20
    Sep 20th
    0 Files
  • 21
    Sep 21st
    0 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close