exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 393 RSS Feed

Files Date: 2013-09-01 to 2013-09-30

Byword 2.x File Overwrite
Posted Sep 29, 2013
Authored by Guillaume Ross

Byword versions prior to 2.1 allow for a remote file overwrite attack.

tags | exploit, remote
advisories | CVE-2013-5725
SHA-256 | 31dbff80533d69b46f741347c1aad7f82c471e3bb3fd8097ffceea0cdbad5d0f
Tenda W309R Configuration Enumeration
Posted Sep 29, 2013
Authored by SANTHO

Tenda wireless router version W309R allows for configuration enumeration without authentication. A NSE script is included for exploitation along with an advisory.

tags | exploit
systems | linux
SHA-256 | 94fe6763bf250d568485660d4f5d4b2e374665b53c0a879b4e59b3dd8697607d
PHP IDNA Convert 0.8.0 Cross Site Scripting
Posted Sep 28, 2013
Authored by Alexandro Silva

PHP IDNA Convert version 0.8.0 suffers from a cross site scripting vulnerability.

tags | exploit, php, xss
SHA-256 | 759740ae1495d2c12f07ef1905ef401162bc13158398bad2e8f666e18e875ab8
Icy Phoenix 2.0 Cross Site Scripting
Posted Sep 28, 2013
Authored by syst3m_f4ult

Icy Phoenix CMS version 2.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 63eac311bcc5c110f6b257c21931a26987f2af8f67fb1ec266f16bf2996a6339
Apple Security Advisory 2013-09-26-1
Posted Sep 27, 2013
Authored by Apple | Site apple.com

Apple Security Advisory 2013-09-26-1 - iOS 7.0.2 is now available and addresses passcode lock security issues.

tags | advisory
systems | apple, ios
advisories | CVE-2013-5160, CVE-2013-5161
SHA-256 | 78bf4e20d83550ac24d39029e21f9d8b24c89776198824bbd44cccb8bcf7fc0d
Ubuntu Security Notice USN-1969-1
Posted Sep 27, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1969-1 - Vince Weaver discovered a flaw in the perf subsystem of the Linux kernel on ARM platforms. A local user could exploit this flaw to gain privileges or cause a denial of service (system crash). A failure to validate block numbers was discovered in the Linux kernel's implementation of the XFS filesystem. A local user can cause a denial of service (system crash) if they can mount, or cause to be mounted a corrupted or special crafted XFS filesystem. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2013-4254, CVE-2013-1819, CVE-2013-1819, CVE-2013-4254
SHA-256 | 47ad35992bbbc67f1cad43435747f29f94d5e87efbbfdb5dbc82e51fb177331e
Ubuntu Security Notice USN-1970-1
Posted Sep 27, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1970-1 - Vince Weaver discovered a flaw in the perf subsystem of the Linux kernel on ARM platforms. A local user could exploit this flaw to gain privileges or cause a denial of service (system crash). A failure to validate block numbers was discovered in the Linux kernel's implementation of the XFS filesystem. A local user can cause a denial of service (system crash) if they can mount, or cause to be mounted a corrupted or special crafted XFS filesystem. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2013-4254, CVE-2013-1819, CVE-2013-2237, CVE-2013-1819, CVE-2013-2237, CVE-2013-4254
SHA-256 | 5e12e33f49f1f5bf8779cfbdf49aaa4a002bb629cab6b20abc2852352af78ec2
Mandriva Linux Security Advisory 2013-243
Posted Sep 27, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-243 - A race condition was found in the way the PolicyKit pkcheck utility checked process authorization when the process was specified by its process ID via the --process option. A local user could use this flaw to bypass intended PolicyKit authorizations and escalate their privileges.

tags | advisory, local
systems | linux, mandriva
advisories | CVE-2013-4288, CVE-2013-4325, CVE-2013-4326, CVE-2013-4327
SHA-256 | 91ca06b6329364c75747c0f85a55c45bc6033f08b2e6bb7fa73577a3bf412762
Gentoo Linux Security Advisory 201309-22
Posted Sep 27, 2013
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201309-22 - Multiple vulnerabilities have been found in Squid, possibly resulting in remote Denial of Service. Versions less than 3.2.13 are affected.

tags | advisory, remote, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2009-0801, CVE-2011-4096, CVE-2012-5643, CVE-2013-0189, CVE-2013-1839, CVE-2013-4115, CVE-2013-4123
SHA-256 | 0c44f7d361e4ed8a9c424771c417f381ffacb9d1092ef7260b173349c11cc6d9
Debian Security Advisory 2765-1
Posted Sep 27, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2765-1 - Davfs2, a filesystem client for WebDAV, calls the function system() insecurely while is setuid root. This might allow a privilege escalation.

tags | advisory, root
systems | linux, debian
advisories | CVE-2013-4362
SHA-256 | 3903ec4ccc79432967878e89f87d6fdeefddcd86cea4d6f09148d0d4af7e6b8b
Gentoo Linux Security Advisory 201309-24
Posted Sep 27, 2013
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201309-24 - Multiple vulnerabilities have been found in Xen, allowing attackers on a Xen Virtual Machine to execute arbitrary code, cause Denial of Service, or gain access to data on the host. Versions less than 4.2.2-r1 are affected.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2011-2901, CVE-2011-3262, CVE-2011-3262, CVE-2012-0217, CVE-2012-0218, CVE-2012-2934, CVE-2012-3432, CVE-2012-3433, CVE-2012-3494, CVE-2012-3495, CVE-2012-3496, CVE-2012-3497, CVE-2012-3498, CVE-2012-3515, CVE-2012-4411, CVE-2012-4535, CVE-2012-4536, CVE-2012-4537, CVE-2012-4538, CVE-2012-4539, CVE-2012-5510, CVE-2012-5511, CVE-2012-5512, CVE-2012-5513, CVE-2012-5514, CVE-2012-5515, CVE-2012-5525, CVE-2012-5634
SHA-256 | 42fbd346dc4e79100c814835fd5068ef0a6bd2ccc23977307e7f191f8be1cc22
Gentoo Linux Security Advisory 201309-23
Posted Sep 27, 2013
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201309-23 - Multiple vulnerabilities have been found in Mozilla Firefox, Thunderbird, and SeaMonkey, some of which may allow a remote user to execute arbitrary code. Versions less than 17.0.9 are affected.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2013-0744, CVE-2013-0745, CVE-2013-0746, CVE-2013-0747, CVE-2013-0748, CVE-2013-0749, CVE-2013-0750, CVE-2013-0751, CVE-2013-0752, CVE-2013-0753, CVE-2013-0754, CVE-2013-0755, CVE-2013-0756, CVE-2013-0757, CVE-2013-0758, CVE-2013-0759, CVE-2013-0760, CVE-2013-0761, CVE-2013-0762, CVE-2013-0763, CVE-2013-0764, CVE-2013-0765, CVE-2013-0766, CVE-2013-0767, CVE-2013-0768, CVE-2013-0769, CVE-2013-0770, CVE-2013-0771
SHA-256 | 4bef7b0a7ff87d60b621f002b69fe1f1340530418ea99fdd367ef66518e8baef
Ubuntu Security Notice USN-1968-1
Posted Sep 27, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1968-1 - Vince Weaver discovered a flaw in the perf subsystem of the Linux kernel on ARM platforms. A local user could exploit this flaw to gain privileges or cause a denial of service (system crash). A failure to validate block numbers was discovered in the Linux kernel's implementation of the XFS filesystem. A local user can cause a denial of service (system crash) if they can mount, or cause to be mounted a corrupted or special crafted XFS filesystem. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2013-4254, CVE-2013-1819, CVE-2013-1819, CVE-2013-4254
SHA-256 | c10a089319f695c9298e0218e80d367e4b8e7a42beb195bb76762a24d36b98d9
Ubuntu Security Notice USN-1975-1
Posted Sep 27, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1975-1 - Vince Weaver discovered a flaw in the perf subsystem of the Linux kernel on ARM platforms. A local user could exploit this flaw to gain privileges or cause a denial of service (system crash). A failure to validate block numbers was discovered in the Linux kernel's implementation of the XFS filesystem. A local user can cause a denial of service (system crash) if they can mount, or cause to be mounted a corrupted or special crafted XFS filesystem. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2013-4254, CVE-2013-1819, CVE-2013-1819, CVE-2013-4254
SHA-256 | 16189fdb29ef1621c06768231ec01452d6b65dbd6af49cfb6d4bd1119fec079f
Ubuntu Security Notice USN-1974-1
Posted Sep 27, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1974-1 - Vince Weaver discovered a flaw in the perf subsystem of the Linux kernel on ARM platforms. A local user could exploit this flaw to gain privileges or cause a denial of service (system crash). A memory leak was discovered in the user namespace facility of the Linux kernel. A local user could cause a denial of service (memory consumption) via the CLONE_NEWUSER unshare call.

tags | advisory, denial of service, kernel, local, memory leak
systems | linux, ubuntu
advisories | CVE-2013-4254, CVE-2013-4205, CVE-2013-4205, CVE-2013-4254
SHA-256 | 8bf12b9042e8f4abd989d6e76d6db7e8fcb5cea6a2e6f38d7a1f196d0e16af7e
Ubuntu Security Notice USN-1973-1
Posted Sep 27, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1973-1 - Vince Weaver discovered a flaw in the perf subsystem of the Linux kernel on ARM platforms. A local user could exploit this flaw to gain privileges or cause a denial of service (system crash). A failure to validate block numbers was discovered in the Linux kernel's implementation of the XFS filesystem. A local user can cause a denial of service (system crash) if they can mount, or cause to be mounted a corrupted or special crafted XFS filesystem. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2013-4254, CVE-2013-1819, CVE-2013-2237, CVE-2013-1819, CVE-2013-2237, CVE-2013-4254
SHA-256 | 63ed8f5b37475a48348edd4c032b51579f379e3d69cb52befecd1727d51a37f4
Ubuntu Security Notice USN-1972-1
Posted Sep 27, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1972-1 - Vince Weaver discovered a flaw in the perf subsystem of the Linux kernel on ARM platforms. A local user could exploit this flaw to gain privileges or cause a denial of service (system crash). A failure to validate block numbers was discovered in the Linux kernel's implementation of the XFS filesystem. A local user can cause a denial of service (system crash) if they can mount, or cause to be mounted a corrupted or special crafted XFS filesystem. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2013-4254, CVE-2013-1819, CVE-2013-2237, CVE-2013-1819, CVE-2013-2237, CVE-2013-4254
SHA-256 | 0f9fefdbe51478ae4584a337c802dbed9908e144c668effefb4cb60f45b7d502
Ubuntu Security Notice USN-1971-1
Posted Sep 27, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1971-1 - Vince Weaver discovered a flaw in the perf subsystem of the Linux kernel on ARM platforms. A local user could exploit this flaw to gain privileges or cause a denial of service (system crash). A memory leak was discovered in the user namespace facility of the Linux kernel. A local user could cause a denial of service (memory consumption) via the CLONE_NEWUSER unshare call.

tags | advisory, denial of service, kernel, local, memory leak
systems | linux, ubuntu
advisories | CVE-2013-4254, CVE-2013-4205, CVE-2013-4205, CVE-2013-4254
SHA-256 | ed029cbc0dd66c1d66db892fcfc9337d09dcc8dbd8c1bfe377effe4cbfa96845
Gentoo Linux Security Advisory 201309-21
Posted Sep 27, 2013
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201309-21 - A vulnerability in klibc could allow remote attackers to execute arbitrary shell code. Versions less than 1.5.25 are affected.

tags | advisory, remote, arbitrary, shell
systems | linux, gentoo
advisories | CVE-2011-1930
SHA-256 | c94186050607efd9128a0698480eb18e3be1e4b7372b9a9ff84a90f3617d61e0
Gentoo Linux Security Advisory 201309-20
Posted Sep 27, 2013
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201309-20 - Multiple vulnerabilities have been found in Dropbear, the worst of which could lead to arbitrary code execution. Versions less than 2012.55 are affected.

tags | advisory, arbitrary, vulnerability, code execution
systems | linux, gentoo
advisories | CVE-2012-0920
SHA-256 | 8c501aac169b59f4d7e34bf130f52ad2568dffab61cd485f6e2a81642491f13f
Astium Remote Code Execution
Posted Sep 26, 2013
Authored by xistence | Site metasploit.com

This Metasploit module exploits vulnerabilities found in Astium astium-confweb-2.1-25399 RPM and lower. A SQL Injection vulnerability is used to achieve authentication bypass and gain admin access. From an admin session arbitrary PHP code upload is possible. It is used to add the final PHP payload to "/usr/local/astium/web/php/config.php" and execute the "sudo /sbin/service astcfgd reload" command to reload the configuration and achieve remote root code execution.

tags | exploit, remote, web, arbitrary, local, root, php, vulnerability, code execution, sql injection
advisories | OSVDB-88860
SHA-256 | 16cd8b04690fc28db1b8c5c9afdb81554208e84689604fe813314bc4a6e8d476
Red Hat Security Advisory 2013-1292-01
Posted Sep 26, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1292-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A use-after-free flaw was found in the madvise() system call implementation in the Linux kernel. A local, unprivileged user could use this flaw to cause a denial of service or, potentially, escalate their privileges. A flaw was found in the way the Linux kernel's TCP/IP protocol suite implementation handled IPv6 sockets that used the UDP_CORK option. A local, unprivileged user could use this flaw to cause a denial of service.

tags | advisory, denial of service, kernel, local, tcp, protocol
systems | linux, redhat
advisories | CVE-2012-3511, CVE-2013-2141, CVE-2013-4162
SHA-256 | bb34fbaf34b1e2d0617595612c429058d891776d85b070142cca272b51e1610a
EMC VPLEX Information Disclosure
Posted Sep 26, 2013
Site emc.com

EMC VPLEX contains a vulnerability that stores the LDAP/AD bind password in plain text in the VPLEX management server configuration file. This can potentially be exploited by a malicious user who has access to the configuration file to obtain the sensitive password and gain privileged access to protected resources. Affected versions include EMC VPLEX Local/Metro/Geo with GeoSynchrony 5.2 Patch1 and below.

tags | advisory, local
advisories | CVE-2013-3278
SHA-256 | 84420a97ddf942aaec63002319e68c4e2bde47b40f973c04b4e92beb9a06cc3f
mod_accounting 0.5 Blind SQL Injection
Posted Sep 26, 2013
Authored by Wireghoul

mod_accounting version 0.5 suffers from a remote blind SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2013-5697
SHA-256 | 5f80d81efab9b887ab6063336f50467c4282d2a92a64c29cbf5563b42ba9f24a
XAMPP 1.8.1 Local Write Access
Posted Sep 26, 2013
Authored by Manuel Garcia Cardenas | Site isecauditors.com

XAMPP version 1.8.1 allows an unprivileged user the ability to write to the local disk.

tags | exploit, local
advisories | CVE-2013-2586
SHA-256 | 4d1631d6f469e4eec20739ed04366120ee8ad777df5da5df3840c88f67f32135
Page 1 of 16
Back12345Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close