exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 15 of 15 RSS Feed

Files Date: 2013-09-23

Gentoo Linux Security Advisory 201309-12
Posted Sep 23, 2013
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201309-12 - Multiple vulnerabilities have been discovered in Apache HTTP Server, possibly allowing remote attackers to execute arbitrary code, cause a Denial of Service condition or perform man-in-the-middle attacks. Versions less than 2.2.25 are affected.

tags | advisory, remote, web, denial of service, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2007-6750, CVE-2012-4929, CVE-2013-1862, CVE-2013-1896
SHA-256 | a834b8c97a0c98dcf9ffd2350ae88c9499323cf2cc10bcbb258da5bf98c05882
Gentoo Linux Security Advisory 201309-11
Posted Sep 23, 2013
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201309-11 - Multiple vulnerabilities have been found in Subversion, allowing attackers to cause a Denial of Service, escalate privileges, or obtain sensitive information. Versions less than 1.7.13 are affected.

tags | advisory, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2010-4539, CVE-2010-4644, CVE-2011-0715, CVE-2011-1752, CVE-2011-1783, CVE-2011-1921, CVE-2013-1845, CVE-2013-1846, CVE-2013-1847, CVE-2013-1849, CVE-2013-1884, CVE-2013-1968, CVE-2013-2088, CVE-2013-2112, CVE-2013-4131, CVE-2013-4277
SHA-256 | bfe40a4d66f395924c269877ddf68f495d3d3de142a58bf24a97c981c9b7c9d4
WordPress Bradesco Gateway Cross Site Scripting
Posted Sep 23, 2013
Authored by Alexandro Silva

WordPress Bradesco Gateway plugin suffers from a cross site scripting vulnerability. Versions prior to 2.0 are affected.

tags | exploit, xss
advisories | CVE-2013-5916
SHA-256 | 0dc5dd6056d1e33ed43fe0e9d5a97c9ea97521368f17f778c62040126822602a
Raidsonic NAS Devices Unauthenticated Remote Command Execution
Posted Sep 23, 2013
Authored by Michael Messner, juan vazquez | Site metasploit.com

Different Raidsonic NAS devices are vulnerable to OS command injection via the web interface. The vulnerability exists in timeHandler.cgi, which is accessible without authentication. This Metasploit module has been tested with the versions IB-NAS5220 and IB-NAS4220. Since this module is adding a new user and modifying the inetd daemon configuration, this module is set to ManualRanking and could cause target instability.

tags | exploit, web, cgi
advisories | OSVDB-90221
SHA-256 | 349e9ccfce89a895bc88301a928728a68a24c672b6744b743b04b03f181ca743
Ubuntu Security Notice USN-1965-1
Posted Sep 23, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1965-1 - It was discovered that pyOpenSSL did not properly handle certificates with NULL characters in the Subject Alternative Name field. An attacker could exploit this to perform a man in the middle attack to view sensitive information or alter encrypted communications.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2013-4314
SHA-256 | 9a62177c15f37e7c4836b84c5bef097ee6d8aade227639bbf1331a5b2718f5f8
Ubuntu Security Notice USN-1964-1
Posted Sep 23, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1964-1 - It was discovered that LibRaw incorrectly handled photo files. If a user or automated system were tricked into processing a specially crafted photo file, applications linked against LibRaw could be made to crash, resulting in a denial of service.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2013-1438, CVE-2013-1439
SHA-256 | 058283230c12a801b053bf0c867c65eea622018734173ac4d9c93508f3edf518
Red Hat Security Advisory 2013-1260-01
Posted Sep 23, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1260-01 - The rhev-hypervisor6 package provides a Red Hat Enterprise Virtualization Hypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor is a dedicated Kernel-based Virtual Machine hypervisor. It includes everything necessary to run and manage virtual machines: A subset of the Red Hat Enterprise Linux operating environment and the Red Hat Enterprise Virtualization Agent. Note: Red Hat Enterprise Virtualization Hypervisor is only available for the Intel 64 and AMD64 architectures with virtualization extensions. Upgrade Note: If you upgrade the Red Hat Enterprise Virtualization Hypervisor through the 3.2 Manager administration portal, the Host may appear with the status of "Install Failed". If this happens, place the host into maintenance mode, then activate it again to get the host back to an "Up" state.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2013-4130
SHA-256 | b6911a2d88f3383a2433d1ba0bb3834896d31dcd24d650b65d2dbfba1df22b28
Debian Security Advisory 2762-1
Posted Sep 23, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2762-1 - Multiple security issues have been found in Icedove, Debian's version of the Mozilla Thunderbird mail and news client. Multiple memory safety errors and buffer overflows may lead to the execution of arbitrary code.

tags | advisory, overflow, arbitrary
systems | linux, debian
advisories | CVE-2013-1718, CVE-2013-1722, CVE-2013-1725, CVE-2013-1730, CVE-2013-1732, CVE-2013-1735, CVE-2013-1736, CVE-2013-1737
SHA-256 | 1f2d0e9338e4bcc954cee7d4e39d03c6db8cc45f37ce200d040a7c5838fbfaf0
Stack Based Buffer Overflow Exploitation Tutorial
Posted Sep 23, 2013
Authored by Saif El-Sherei

This is a brief whitepaper tutorial discussing stack-based buffer overflow exploitation.

tags | paper, overflow
SHA-256 | 11b14091592ce665a4052fa63c683bede3f54a2039f3e8ac022b17bc903078c5
Hook Analyser Malware Tool 2.6
Posted Sep 23, 2013
Authored by Beenu Arora | Site hookanalyser.blogspot.com

Hook Analyser is a hook tool which can be potentially helpful in reversing applications and analyzing malware. It can hook to an API in a process and search for a pattern in memory or dump the buffer.

Changes: Added new signatures, various bug fixes, and fixed a start up error.
tags | tool
SHA-256 | b26e5214de3d3875ccca59d6cfbffb8dfa87ab40288d159dc5713ec7d29109eb
Format String Exploitation Tutorial
Posted Sep 23, 2013
Authored by Saif El-Sherei

This is a brief whitepaper tutorial that discusses format string exploitation.

tags | paper
SHA-256 | 1544465d9c53bc46b45f199277e5af8bfc93c0c6d2f40f5ff2478c2db9d3714b
Off-By-One Exploitation Tutorial
Posted Sep 23, 2013
Authored by Saif El-Sherei

This whitepaper is called Off-By-One Exploitation Tutorial. The off by one vulnerability in general means that if an attacker supplied input with certain length if the program has an incorrect length condition the program will write one byte outside the bounds of the space allocated to hold this input causing one of two scenarios depending on the input.

tags | paper
SHA-256 | 5f0e7988d1f9efa82633300226d7ad14a89ebbc4f3ad3eb4a3d67306232ea70c
Return-Oriented-Programming
Posted Sep 23, 2013
Authored by Saif El-Sherei

Whitepaper called Return-Oriented-Programming (ROP FTW).

tags | paper
SHA-256 | 0df3dba7ba4fbf596b77ccb6bcaf64bddf65e2fae569ec24d7481f4b6ce3f8b6
SolarWinds Monitor 6.0 Buffer Overflow
Posted Sep 23, 2013
Authored by Blake

SolarWinds Server and Application Monitor version 6.0 suffers from an active-x related buffer overflow vulnerability.

tags | exploit, overflow, activex
SHA-256 | 841395a87d46f8aba7dd14551684fe16b9e3de8cd2cb1433a295058e36790214
AspxCommerce 2.0 Shell Upload
Posted Sep 23, 2013
Authored by SANTHO

AspxCommerce version 2.0 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
SHA-256 | 8713bab6a79f7b5d50c2b8edad2fb8f4da89c6c5cd1a55ab350684bd6f34a372
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close