what you don't know can hurt you
Showing 1 - 15 of 15 RSS Feed

Files Date: 2013-09-23

Gentoo Linux Security Advisory 201309-12
Posted Sep 23, 2013
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201309-12 - Multiple vulnerabilities have been discovered in Apache HTTP Server, possibly allowing remote attackers to execute arbitrary code, cause a Denial of Service condition or perform man-in-the-middle attacks. Versions less than 2.2.25 are affected.

tags | advisory, remote, web, denial of service, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2007-6750, CVE-2012-4929, CVE-2013-1862, CVE-2013-1896
MD5 | 3bd400e0ab251b33c56a2a76c27ff19d
Gentoo Linux Security Advisory 201309-11
Posted Sep 23, 2013
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201309-11 - Multiple vulnerabilities have been found in Subversion, allowing attackers to cause a Denial of Service, escalate privileges, or obtain sensitive information. Versions less than 1.7.13 are affected.

tags | advisory, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2010-4539, CVE-2010-4644, CVE-2011-0715, CVE-2011-1752, CVE-2011-1783, CVE-2011-1921, CVE-2013-1845, CVE-2013-1846, CVE-2013-1847, CVE-2013-1849, CVE-2013-1884, CVE-2013-1968, CVE-2013-2088, CVE-2013-2112, CVE-2013-4131, CVE-2013-4277
MD5 | 929cdeffca997902104b587c3f0fbd1d
WordPress Bradesco Gateway Cross Site Scripting
Posted Sep 23, 2013
Authored by Alexandro Silva

WordPress Bradesco Gateway plugin suffers from a cross site scripting vulnerability. Versions prior to 2.0 are affected.

tags | exploit, xss
advisories | CVE-2013-5916
MD5 | b08cd26a1ca45ad663c7fc19748c00b9
Raidsonic NAS Devices Unauthenticated Remote Command Execution
Posted Sep 23, 2013
Authored by Michael Messner, juan vazquez | Site metasploit.com

Different Raidsonic NAS devices are vulnerable to OS command injection via the web interface. The vulnerability exists in timeHandler.cgi, which is accessible without authentication. This Metasploit module has been tested with the versions IB-NAS5220 and IB-NAS4220. Since this module is adding a new user and modifying the inetd daemon configuration, this module is set to ManualRanking and could cause target instability.

tags | exploit, web, cgi
advisories | OSVDB-90221
MD5 | f3151dd2eca5d42b2a5b5d7426fb71ac
Ubuntu Security Notice USN-1965-1
Posted Sep 23, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1965-1 - It was discovered that pyOpenSSL did not properly handle certificates with NULL characters in the Subject Alternative Name field. An attacker could exploit this to perform a man in the middle attack to view sensitive information or alter encrypted communications.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2013-4314
MD5 | 94c65b5f3e5c45af0bb95d95ef283e26
Ubuntu Security Notice USN-1964-1
Posted Sep 23, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1964-1 - It was discovered that LibRaw incorrectly handled photo files. If a user or automated system were tricked into processing a specially crafted photo file, applications linked against LibRaw could be made to crash, resulting in a denial of service.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2013-1438, CVE-2013-1439
MD5 | 2a1f6811c2a4976de60ee20cbf334a16
Red Hat Security Advisory 2013-1260-01
Posted Sep 23, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1260-01 - The rhev-hypervisor6 package provides a Red Hat Enterprise Virtualization Hypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor is a dedicated Kernel-based Virtual Machine hypervisor. It includes everything necessary to run and manage virtual machines: A subset of the Red Hat Enterprise Linux operating environment and the Red Hat Enterprise Virtualization Agent. Note: Red Hat Enterprise Virtualization Hypervisor is only available for the Intel 64 and AMD64 architectures with virtualization extensions. Upgrade Note: If you upgrade the Red Hat Enterprise Virtualization Hypervisor through the 3.2 Manager administration portal, the Host may appear with the status of "Install Failed". If this happens, place the host into maintenance mode, then activate it again to get the host back to an "Up" state.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2013-4130
MD5 | 46504f697103cd0b73c961a5dae4ae1d
Debian Security Advisory 2762-1
Posted Sep 23, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2762-1 - Multiple security issues have been found in Icedove, Debian's version of the Mozilla Thunderbird mail and news client. Multiple memory safety errors and buffer overflows may lead to the execution of arbitrary code.

tags | advisory, overflow, arbitrary
systems | linux, debian
advisories | CVE-2013-1718, CVE-2013-1722, CVE-2013-1725, CVE-2013-1730, CVE-2013-1732, CVE-2013-1735, CVE-2013-1736, CVE-2013-1737
MD5 | 5a294c52f3b28067cc0d78bacc42a08c
Stack Based Buffer Overflow Exploitation Tutorial
Posted Sep 23, 2013
Authored by Saif El-Sherei

This is a brief whitepaper tutorial discussing stack-based buffer overflow exploitation.

tags | paper, overflow
MD5 | 49452c01d181d495290d24ce54c43233
Hook Analyser Malware Tool 2.6
Posted Sep 23, 2013
Authored by Beenu Arora | Site hookanalyser.blogspot.com

Hook Analyser is a hook tool which can be potentially helpful in reversing applications and analyzing malware. It can hook to an API in a process and search for a pattern in memory or dump the buffer.

Changes: Added new signatures, various bug fixes, and fixed a start up error.
tags | tool
MD5 | 49fd60c1cc2e27369a14ffb2fa49fd65
Format String Exploitation Tutorial
Posted Sep 23, 2013
Authored by Saif El-Sherei

This is a brief whitepaper tutorial that discusses format string exploitation.

tags | paper
MD5 | 8e7b7a01f95d6da5dfd2dfe3d275b9a6
Off-By-One Exploitation Tutorial
Posted Sep 23, 2013
Authored by Saif El-Sherei

This whitepaper is called Off-By-One Exploitation Tutorial. The off by one vulnerability in general means that if an attacker supplied input with certain length if the program has an incorrect length condition the program will write one byte outside the bounds of the space allocated to hold this input causing one of two scenarios depending on the input.

tags | paper
MD5 | 5cb2ae53dcd95b808c534a6a209e1c51
Return-Oriented-Programming
Posted Sep 23, 2013
Authored by Saif El-Sherei

Whitepaper called Return-Oriented-Programming (ROP FTW).

tags | paper
MD5 | f3584b6be0569a29647d60380eb4644e
SolarWinds Monitor 6.0 Buffer Overflow
Posted Sep 23, 2013
Authored by Blake

SolarWinds Server and Application Monitor version 6.0 suffers from an active-x related buffer overflow vulnerability.

tags | exploit, overflow, activex
MD5 | a17c432125d326050ffaf3c546b88f44
AspxCommerce 2.0 Shell Upload
Posted Sep 23, 2013
Authored by SANTHO

AspxCommerce version 2.0 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
MD5 | cd7ac93dc1639059116bb954a5456dbe
Page 1 of 1
Back1Next

File Archive:

March 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    19 Files
  • 2
    Mar 2nd
    15 Files
  • 3
    Mar 3rd
    30 Files
  • 4
    Mar 4th
    0 Files
  • 5
    Mar 5th
    0 Files
  • 6
    Mar 6th
    0 Files
  • 7
    Mar 7th
    0 Files
  • 8
    Mar 8th
    0 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    0 Files
  • 12
    Mar 12th
    0 Files
  • 13
    Mar 13th
    0 Files
  • 14
    Mar 14th
    0 Files
  • 15
    Mar 15th
    0 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    0 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close