Exploit the possiblities
Showing 1 - 25 of 26 RSS Feed

Files Date: 2013-09-18

Apple Security Advisory 2013-09-18-1
Posted Sep 18, 2013
Authored by Apple | Site apple.com

Apple Security Advisory 2013-09-18-1 - iTunes 11.1 is now available. A memory corruption issue existed in the iTunes ActiveX control. This issue was addressed through additional bounds checking.

tags | advisory, activex
systems | apple
advisories | CVE-2013-1035
MD5 | f3ff9a58395bdbf41d6e899302198eed
HP Security Bulletin HPSBMU02917
Posted Sep 18, 2013
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU02917 - Potential security vulnerabilities have been identified with HP System Management Homepage (SMH) running on Linux and Windows. The vulnerabilities could be exploited remotely resulting in command execution and privilege gain. Revision 1 of this advisory.

tags | advisory, vulnerability
systems | linux, windows
advisories | CVE-2013-3576
MD5 | bd537eef05a4fb5f3d1f292764da92bd
vtiger CRM 5.4.0 SQL Injection
Posted Sep 18, 2013
Authored by High-Tech Bridge SA | Site htbridge.com

vtiger CRM version 5.4.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2013-5091
MD5 | 4916f432608cf7542a445e039b7cbb52
Code Sector TeraCopy 2.3 Integer Overflow
Posted Sep 18, 2013
Authored by LiquidWorm | Site zeroscience.mk

Code Sector TeraCopy versions 2.3 beta 2 and 2.27 integer overflow proof of concept exploit. TeraCopy is prone to an integer overflow vulnerability because it fails to perform adequate boundary checks when reading language files. Successfully exploiting this issue may allow local attackers to execute arbitrary code in the context of the application. Failed exploit attempts will cause denial-of-service conditions.

tags | exploit, overflow, arbitrary, local, proof of concept
MD5 | a605faad4a754e24b1b2a39af9ab527d
Cisco Security Advisory 20130918-dcnm
Posted Sep 18, 2013
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Cisco Prime Data Center Network Manager (DCNM) contains multiple vulnerabilities that could allow an unauthenticated, remote attacker to disclose file components, and access text files on an affected device. Various components of Cisco Prime DCNM are affected. These vulnerabilities can be exploited independently on the same device; however, a release that is affected by one of the vulnerabilities may not be affected by the others. Cisco Prime DCNM is affected by the following vulnerabilities: Cisco Prime DCNM Information Disclosure Vulnerability Cisco Prime DCNM Remote Command Execution Vulnerabilities Cisco Prime DCNM XML External Entity Injection Vulnerability Cisco has released free software updates that address these vulnerabilities. There are currently no workarounds that mitigate these vulnerabilities.

tags | advisory, remote, vulnerability, info disclosure
systems | cisco
MD5 | 53ad35f6f6e850acfe7aed1a07da332c
Cisco Security Advisory 20130918-pc
Posted Sep 18, 2013
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - A vulnerability in the web framework of Cisco Prime Central for Hosted Collaboration Solution (HCS) Assurance could allow an unauthenticated, remote attacker to access sensitive information on the system. The vulnerability is due to improper user authentication and inadequate session management. An unauthenticated, remote attacker could exploit this vulnerability by submitting a crafted HTTP request to the web user interface. Successful exploitation of this vulnerability may reveal sensitive information, including user credentials. Cisco has released a free software update that addresses this vulnerability. There are currently no workarounds that mitigate this vulnerability.

tags | advisory, remote, web
systems | cisco
MD5 | 320e3c8eca5df1804b9e5d14d4139a00
Slackware Security Advisory - mozilla-firefox Updates
Posted Sep 18, 2013
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New mozilla-firefox packages are available for Slackware 13.37, 14.0, and -current to fix security issues.

tags | advisory
systems | linux, slackware
MD5 | a6c9a864ac3b76e9bf20858daa9aac5d
Debian Security Advisory 2759-1
Posted Sep 18, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2759-1 - Multiple security issues have been found in Iceweasel, Debian's version of the Mozilla Firefox web browser: Multiple memory safety errors, buffer overflows may lead to the execution of arbitrary code.

tags | advisory, web, overflow, arbitrary
systems | linux, debian
advisories | CVE-2013-1718, CVE-2013-1722, CVE-2013-1725, CVE-2013-1730, CVE-2013-1732, CVE-2013-1735, CVE-2013-1736, CVE-2013-1737
MD5 | 07d14ec2c92a3e95eca4f7e7762e6fc6
Ubuntu Security Notice USN-1963-1
Posted Sep 18, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1963-1 - It was discovered that usb-creator was using polkit in an unsafe manner. A local attacker could possibly use this issue to bypass intended polkit authorizations.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2013-1063
MD5 | 2aaa9029677b4928a06b31583e469204
Ubuntu Security Notice USN-1952-1
Posted Sep 18, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1952-1 - Multiple memory safety issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted message with scripting enabled, an attacker could possibly exploit these to cause a denial of service via application crash, or potentially execute arbitrary code with the privileges of the user invoking Thunderbird. Atte Kettunen discovered a flaw in the HTML5 Tree Builder when interacting with template elements. If a user had scripting enabled, in some circumstances an attacker could potentially exploit this to execute arbitrary code with the privileges of the user invoking Thunderbird. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2013-1718, CVE-2013-1720, CVE-2013-1721, CVE-2013-1722, CVE-2013-1724, CVE-2013-1725, CVE-2013-1728, CVE-2013-1730, CVE-2013-1732, CVE-2013-1736, CVE-2013-1737, CVE-2013-1738, CVE-2013-1718, CVE-2013-1720, CVE-2013-1721, CVE-2013-1722, CVE-2013-1724, CVE-2013-1725, CVE-2013-1728, CVE-2013-1730, CVE-2013-1732, CVE-2013-1735, CVE-2013-1736, CVE-2013-1737, CVE-2013-1738
MD5 | 2a2476178895dad9d742a11f1412b9b5
Ubuntu Security Notice USN-1957-1
Posted Sep 18, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1957-1 - It was discovered that Jockey was using polkit in an unsafe manner. A local attacker could possibly use this issue to bypass intended polkit authorizations.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2013-1065
MD5 | 157ac40baa00eba1d0adb1e5d754c5c4
Ubuntu Security Notice USN-1962-1
Posted Sep 18, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1962-1 - It was discovered that ubuntu-system-service was using polkit in an unsafe manner. A local attacker could possibly use this issue to bypass intended polkit authorizations.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2013-1062
MD5 | 7d97ec19fa82725f64cdb07054ba4883
Ubuntu Security Notice USN-1961-1
Posted Sep 18, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1961-1 - It was discovered that systemd was using polkit in an unsafe manner. A local attacker could possibly use this issue to bypass intended polkit authorizations.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2013-4327
MD5 | 0aaa65c30ae5869bc9f5eb5f5238a109
Ubuntu Security Notice USN-1960-1
Posted Sep 18, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1960-1 - It was discovered that Software Properties was using polkit in an unsafe manner. A local attacker could possibly use this issue to bypass intended polkit authorizations.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2013-1061
MD5 | 457e0c355fcbe91c78134e0587de123c
Ubuntu Security Notice USN-1955-1
Posted Sep 18, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1955-1 - It was discovered that apt-xapian-index was using polkit in an unsafe manner. A local attacker could possibly use this issue to bypass intended polkit authorizations.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2013-1064
MD5 | abb6cfc45a5fa23f9317d91635a0c96e
Ubuntu Security Notice USN-1959-1
Posted Sep 18, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1959-1 - It was discovered that RealtimeKit was using polkit in an unsafe manner. A local attacker could possibly use this issue to bypass intended polkit authorizations.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2013-4326
MD5 | c8baaa42d6044984d2f2377916ff3469
Ubuntu Security Notice USN-1954-1
Posted Sep 18, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1954-1 - It was discovered that libvirt used the pkcheck tool in an unsafe manner. A local attacker could possibly use this flaw to bypass polkit authentication. In Ubuntu, libvirt polkit authentication is not enabled by default. It was discovered that libvirt incorrectly handled certain memory stats requests. A remote attacker could use this issue to cause libvirt to crash, resulting in a denial of service. This issue only affected Ubuntu 12.04 LTS, Ubuntu 12.10, and Ubuntu 13.04. Various other issues were also addressed.

tags | advisory, remote, denial of service, local
systems | linux, ubuntu
advisories | CVE-2013-4311, CVE-2013-4296, CVE-2013-5651, CVE-2013-4296, CVE-2013-4311, CVE-2013-5651
MD5 | 4245e030f386dfe3921fbc331b543655
Ubuntu Security Notice USN-1956-1
Posted Sep 18, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1956-1 - It was discovered that HPLIP was using polkit in an unsafe manner. A local attacker could possibly use this issue to bypass intended polkit authorizations.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2013-4325
MD5 | e27edb8aaa3ad0eb77861376c11ba66d
Ubuntu Security Notice USN-1958-1
Posted Sep 18, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1958-1 - It was discovered that language-selector was using polkit in an unsafe manner. A local attacker could possibly use this issue to bypass intended polkit authorizations.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2013-1066
MD5 | c7887d51c16f72a933c3dade267b39de
Ubuntu Security Notice USN-1953-1
Posted Sep 18, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1953-1 - It was discovered that polkit didn't allow applications to use the pkcheck tool in a way which prevented a race condition in the UID lookup. A local attacker could use this flaw to possibly escalate privileges.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2013-4288
MD5 | 3f730fd9147d514c2ddfc5da128cf621
Debian Security Advisory 2760-1
Posted Sep 18, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2760-1 - Florian Weimer discovered two security problems in the Chrony time synchronization software (buffer overflows and use of uninitialized data in command replies).

tags | advisory, overflow
systems | linux, debian
advisories | CVE-2012-4502, CVE-2012-4503
MD5 | 72bcaeb7e5abf37665e6e71a41392c5a
Mandriva Linux Security Advisory 2013-237
Posted Sep 18, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-237 - Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code. Security researcher Abhishek Arya of the Google Chrome Security Team used the Address Sanitizer tool to discover a use-after-free problem in the Animation Manager during the cloning of stylesheets. This can lead to a potentially exploitable crash. Various other issues were also addressed.

tags | advisory, arbitrary
systems | linux, mandriva
advisories | CVE-2013-1719, CVE-2013-1722, CVE-2013-1725, CVE-2013-1730, CVE-2013-1732, CVE-2013-1735, CVE-2013-1736, CVE-2013-1737
MD5 | ec5935a114e07da31d40c9cbe0d705c6
Slackware Security Advisory - mozilla-thunderbird Updates
Posted Sep 18, 2013
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New mozilla-thunderbird packages are available for Slackware 13.37, 14.0, and -current to fix security issues.

tags | advisory
systems | linux, slackware
MD5 | 4747eabb8590bf49c94bd427980b50aa
CryptHook Secure TCP/UDP Connection Wrapper
Posted Sep 18, 2013
Authored by stderr | Site chokepoint.net

CryptHook is a modular implementation for securing and layering cryptography for existing applications with symmetrical block cipher encryption. It works by hooking the base system calls for network communication send/sendto and recv/recvfrom. Crypthook will work with any existing application that relies on these system calls. Full example at their homepage includes tunneling SSH through the encrypted wrapper.

tags | tool, encryption
MD5 | e8904aad71b96b7d4e9d996c4c1e67f0
German ERP Sage Office Line Privilege Escalation
Posted Sep 18, 2013
Authored by x180913erp

German ERP system "Sage Office Line" suffers from a database user privilege escalation vulnerability.

tags | exploit
MD5 | 994b42d2f15864db49766bfed2fa1656
Page 1 of 2
Back12Next

File Archive:

November 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    22 Files
  • 2
    Nov 2nd
    28 Files
  • 3
    Nov 3rd
    10 Files
  • 4
    Nov 4th
    1 Files
  • 5
    Nov 5th
    5 Files
  • 6
    Nov 6th
    15 Files
  • 7
    Nov 7th
    15 Files
  • 8
    Nov 8th
    13 Files
  • 9
    Nov 9th
    9 Files
  • 10
    Nov 10th
    9 Files
  • 11
    Nov 11th
    3 Files
  • 12
    Nov 12th
    2 Files
  • 13
    Nov 13th
    15 Files
  • 14
    Nov 14th
    17 Files
  • 15
    Nov 15th
    19 Files
  • 16
    Nov 16th
    15 Files
  • 17
    Nov 17th
    19 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close