all things security
Showing 1 - 25 of 394 RSS Feed

Files Date: 2013-09-01 to 2013-09-30

Byword 2.x File Overwrite
Posted Sep 29, 2013
Authored by Guillaume Ross

Byword versions prior to 2.1 allow for a remote file overwrite attack.

tags | exploit, remote
advisories | CVE-2013-5725
MD5 | b039f1a575edfa3e9480d2d37f52ab75
Tenda W309R Configuration Enumeration
Posted Sep 29, 2013
Authored by SANTHO

Tenda wireless router version W309R allows for configuration enumeration without authentication. A NSE script is included for exploitation along with an advisory.

tags | exploit
systems | linux
MD5 | 02641a108e3eb0dfd75c98f2b011cc5d
PHP IDNA Convert 0.8.0 Cross Site Scripting
Posted Sep 28, 2013
Authored by Alexandro Silva

PHP IDNA Convert version 0.8.0 suffers from a cross site scripting vulnerability.

tags | exploit, php, xss
MD5 | 95b0296d772941cf7c9f82cecf26f4a2
Icy Phoenix 2.0 Cross Site Scripting
Posted Sep 28, 2013
Authored by syst3m_f4ult

Icy Phoenix CMS version 2.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | fe82a34a1496f1ff77041aae998b6f41
Apple Security Advisory 2013-09-26-1
Posted Sep 27, 2013
Authored by Apple | Site apple.com

Apple Security Advisory 2013-09-26-1 - iOS 7.0.2 is now available and addresses passcode lock security issues.

tags | advisory
systems | apple, ios
advisories | CVE-2013-5160, CVE-2013-5161
MD5 | 17d4d11105517ca812593f8124604d47
Ubuntu Security Notice USN-1969-1
Posted Sep 27, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1969-1 - Vince Weaver discovered a flaw in the perf subsystem of the Linux kernel on ARM platforms. A local user could exploit this flaw to gain privileges or cause a denial of service (system crash). A failure to validate block numbers was discovered in the Linux kernel's implementation of the XFS filesystem. A local user can cause a denial of service (system crash) if they can mount, or cause to be mounted a corrupted or special crafted XFS filesystem. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2013-4254, CVE-2013-1819, CVE-2013-1819, CVE-2013-4254
MD5 | a71d3f8c7de7333335b3f3a9f80ea034
Ubuntu Security Notice USN-1970-1
Posted Sep 27, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1970-1 - Vince Weaver discovered a flaw in the perf subsystem of the Linux kernel on ARM platforms. A local user could exploit this flaw to gain privileges or cause a denial of service (system crash). A failure to validate block numbers was discovered in the Linux kernel's implementation of the XFS filesystem. A local user can cause a denial of service (system crash) if they can mount, or cause to be mounted a corrupted or special crafted XFS filesystem. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2013-4254, CVE-2013-1819, CVE-2013-2237, CVE-2013-1819, CVE-2013-2237, CVE-2013-4254
MD5 | 2bb3e118bb942e4753a14ddb3ff16a53
Mandriva Linux Security Advisory 2013-243
Posted Sep 27, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-243 - A race condition was found in the way the PolicyKit pkcheck utility checked process authorization when the process was specified by its process ID via the --process option. A local user could use this flaw to bypass intended PolicyKit authorizations and escalate their privileges.

tags | advisory, local
systems | linux, mandriva
advisories | CVE-2013-4288, CVE-2013-4325, CVE-2013-4326, CVE-2013-4327
MD5 | 26373f33e20df455a28640147805b5fb
Gentoo Linux Security Advisory 201309-22
Posted Sep 27, 2013
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201309-22 - Multiple vulnerabilities have been found in Squid, possibly resulting in remote Denial of Service. Versions less than 3.2.13 are affected.

tags | advisory, remote, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2009-0801, CVE-2011-4096, CVE-2012-5643, CVE-2013-0189, CVE-2013-1839, CVE-2013-4115, CVE-2013-4123
MD5 | 88f0a967f5e2f023cf967924bf27f152
Debian Security Advisory 2765-1
Posted Sep 27, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2765-1 - Davfs2, a filesystem client for WebDAV, calls the function system() insecurely while is setuid root. This might allow a privilege escalation.

tags | advisory, root
systems | linux, debian
advisories | CVE-2013-4362
MD5 | 7d23e40641aa38a7c956e24c3d3d02af
Gentoo Linux Security Advisory 201309-24
Posted Sep 27, 2013
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201309-24 - Multiple vulnerabilities have been found in Xen, allowing attackers on a Xen Virtual Machine to execute arbitrary code, cause Denial of Service, or gain access to data on the host. Versions less than 4.2.2-r1 are affected.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2011-2901, CVE-2011-3262, CVE-2011-3262, CVE-2012-0217, CVE-2012-0218, CVE-2012-2934, CVE-2012-3432, CVE-2012-3433, CVE-2012-3494, CVE-2012-3495, CVE-2012-3496, CVE-2012-3497, CVE-2012-3498, CVE-2012-3515, CVE-2012-4411, CVE-2012-4535, CVE-2012-4536, CVE-2012-4537, CVE-2012-4538, CVE-2012-4539, CVE-2012-5510, CVE-2012-5511, CVE-2012-5512, CVE-2012-5513, CVE-2012-5514, CVE-2012-5515, CVE-2012-5525, CVE-2012-5634
MD5 | d60b00411141945f4ee210e863c05dab
Gentoo Linux Security Advisory 201309-23
Posted Sep 27, 2013
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201309-23 - Multiple vulnerabilities have been found in Mozilla Firefox, Thunderbird, and SeaMonkey, some of which may allow a remote user to execute arbitrary code. Versions less than 17.0.9 are affected.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2013-0744, CVE-2013-0745, CVE-2013-0746, CVE-2013-0747, CVE-2013-0748, CVE-2013-0749, CVE-2013-0750, CVE-2013-0751, CVE-2013-0752, CVE-2013-0753, CVE-2013-0754, CVE-2013-0755, CVE-2013-0756, CVE-2013-0757, CVE-2013-0758, CVE-2013-0759, CVE-2013-0760, CVE-2013-0761, CVE-2013-0762, CVE-2013-0763, CVE-2013-0764, CVE-2013-0765, CVE-2013-0766, CVE-2013-0767, CVE-2013-0768, CVE-2013-0769, CVE-2013-0770, CVE-2013-0771
MD5 | ab5e44689a8b68f4c69934f9caab0e01
Ubuntu Security Notice USN-1968-1
Posted Sep 27, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1968-1 - Vince Weaver discovered a flaw in the perf subsystem of the Linux kernel on ARM platforms. A local user could exploit this flaw to gain privileges or cause a denial of service (system crash). A failure to validate block numbers was discovered in the Linux kernel's implementation of the XFS filesystem. A local user can cause a denial of service (system crash) if they can mount, or cause to be mounted a corrupted or special crafted XFS filesystem. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2013-4254, CVE-2013-1819, CVE-2013-1819, CVE-2013-4254
MD5 | e1f217ea78daace731d963d52c248aef
Ubuntu Security Notice USN-1975-1
Posted Sep 27, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1975-1 - Vince Weaver discovered a flaw in the perf subsystem of the Linux kernel on ARM platforms. A local user could exploit this flaw to gain privileges or cause a denial of service (system crash). A failure to validate block numbers was discovered in the Linux kernel's implementation of the XFS filesystem. A local user can cause a denial of service (system crash) if they can mount, or cause to be mounted a corrupted or special crafted XFS filesystem. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2013-4254, CVE-2013-1819, CVE-2013-1819, CVE-2013-4254
MD5 | aead55680ba3c0cff9f1092ce226f330
Ubuntu Security Notice USN-1974-1
Posted Sep 27, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1974-1 - Vince Weaver discovered a flaw in the perf subsystem of the Linux kernel on ARM platforms. A local user could exploit this flaw to gain privileges or cause a denial of service (system crash). A memory leak was discovered in the user namespace facility of the Linux kernel. A local user could cause a denial of service (memory consumption) via the CLONE_NEWUSER unshare call.

tags | advisory, denial of service, kernel, local, memory leak
systems | linux, ubuntu
advisories | CVE-2013-4254, CVE-2013-4205, CVE-2013-4205, CVE-2013-4254
MD5 | 0d944e34e261ca59bfa000e6b699e6d9
Ubuntu Security Notice USN-1973-1
Posted Sep 27, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1973-1 - Vince Weaver discovered a flaw in the perf subsystem of the Linux kernel on ARM platforms. A local user could exploit this flaw to gain privileges or cause a denial of service (system crash). A failure to validate block numbers was discovered in the Linux kernel's implementation of the XFS filesystem. A local user can cause a denial of service (system crash) if they can mount, or cause to be mounted a corrupted or special crafted XFS filesystem. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2013-4254, CVE-2013-1819, CVE-2013-2237, CVE-2013-1819, CVE-2013-2237, CVE-2013-4254
MD5 | d77f9e9614ffbcfa657338c0a5663eeb
Ubuntu Security Notice USN-1972-1
Posted Sep 27, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1972-1 - Vince Weaver discovered a flaw in the perf subsystem of the Linux kernel on ARM platforms. A local user could exploit this flaw to gain privileges or cause a denial of service (system crash). A failure to validate block numbers was discovered in the Linux kernel's implementation of the XFS filesystem. A local user can cause a denial of service (system crash) if they can mount, or cause to be mounted a corrupted or special crafted XFS filesystem. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2013-4254, CVE-2013-1819, CVE-2013-2237, CVE-2013-1819, CVE-2013-2237, CVE-2013-4254
MD5 | b29cabd242753589453a9e246529b6b0
Ubuntu Security Notice USN-1971-1
Posted Sep 27, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1971-1 - Vince Weaver discovered a flaw in the perf subsystem of the Linux kernel on ARM platforms. A local user could exploit this flaw to gain privileges or cause a denial of service (system crash). A memory leak was discovered in the user namespace facility of the Linux kernel. A local user could cause a denial of service (memory consumption) via the CLONE_NEWUSER unshare call.

tags | advisory, denial of service, kernel, local, memory leak
systems | linux, ubuntu
advisories | CVE-2013-4254, CVE-2013-4205, CVE-2013-4205, CVE-2013-4254
MD5 | dce55d52255b3a179f4a7bb0f4aaa2ff
Gentoo Linux Security Advisory 201309-21
Posted Sep 27, 2013
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201309-21 - A vulnerability in klibc could allow remote attackers to execute arbitrary shell code. Versions less than 1.5.25 are affected.

tags | advisory, remote, arbitrary, shell
systems | linux, gentoo
advisories | CVE-2011-1930
MD5 | bb38354f586ab918cb8cf49d3cf304b2
Gentoo Linux Security Advisory 201309-20
Posted Sep 27, 2013
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201309-20 - Multiple vulnerabilities have been found in Dropbear, the worst of which could lead to arbitrary code execution. Versions less than 2012.55 are affected.

tags | advisory, arbitrary, vulnerability, code execution
systems | linux, gentoo
advisories | CVE-2012-0920
MD5 | 2fa35a60b184c78b270b21110b353f6f
Astium Remote Code Execution
Posted Sep 26, 2013
Authored by xistence | Site metasploit.com

This Metasploit module exploits vulnerabilities found in Astium astium-confweb-2.1-25399 RPM and lower. A SQL Injection vulnerability is used to achieve authentication bypass and gain admin access. From an admin session arbitrary PHP code upload is possible. It is used to add the final PHP payload to "/usr/local/astium/web/php/config.php" and execute the "sudo /sbin/service astcfgd reload" command to reload the configuration and achieve remote root code execution.

tags | exploit, remote, web, arbitrary, local, root, php, vulnerability, code execution, sql injection
advisories | OSVDB-88860
MD5 | 432ed72ac7cc26bfbd358d5604b17bd2
Red Hat Security Advisory 2013-1292-01
Posted Sep 26, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1292-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A use-after-free flaw was found in the madvise() system call implementation in the Linux kernel. A local, unprivileged user could use this flaw to cause a denial of service or, potentially, escalate their privileges. A flaw was found in the way the Linux kernel's TCP/IP protocol suite implementation handled IPv6 sockets that used the UDP_CORK option. A local, unprivileged user could use this flaw to cause a denial of service.

tags | advisory, denial of service, kernel, local, tcp, protocol
systems | linux, redhat
advisories | CVE-2012-3511, CVE-2013-2141, CVE-2013-4162
MD5 | 431af5caa713d02a87c8868f96420d36
EMC VPLEX Information Disclosure
Posted Sep 26, 2013
Site emc.com

EMC VPLEX contains a vulnerability that stores the LDAP/AD bind password in plain text in the VPLEX management server configuration file. This can potentially be exploited by a malicious user who has access to the configuration file to obtain the sensitive password and gain privileged access to protected resources. Affected versions include EMC VPLEX Local/Metro/Geo with GeoSynchrony 5.2 Patch1 and below.

tags | advisory, local
advisories | CVE-2013-3278
MD5 | d63eb6ff8de7e45e16326dd32356a72e
mod_accounting 0.5 Blind SQL Injection
Posted Sep 26, 2013
Authored by Wireghoul

mod_accounting version 0.5 suffers from a remote blind SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2013-5697
MD5 | 6c05a142030e492bec48c90159aac337
XAMPP 1.8.1 Local Write Access
Posted Sep 26, 2013
Authored by Manuel Garcia Cardenas | Site isecauditors.com

XAMPP version 1.8.1 allows an unprivileged user the ability to write to the local disk.

tags | exploit, local
advisories | CVE-2013-2586
MD5 | ceaa4484ed6ee7b162e38edd366cf8b1
Page 1 of 16
Back12345Next

File Archive:

July 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    2 Files
  • 2
    Jul 2nd
    3 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    4 Files
  • 5
    Jul 5th
    15 Files
  • 6
    Jul 6th
    15 Files
  • 7
    Jul 7th
    10 Files
  • 8
    Jul 8th
    2 Files
  • 9
    Jul 9th
    10 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    15 Files
  • 12
    Jul 12th
    19 Files
  • 13
    Jul 13th
    16 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    3 Files
  • 16
    Jul 16th
    2 Files
  • 17
    Jul 17th
    8 Files
  • 18
    Jul 18th
    11 Files
  • 19
    Jul 19th
    15 Files
  • 20
    Jul 20th
    15 Files
  • 21
    Jul 21st
    15 Files
  • 22
    Jul 22nd
    7 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close