Exploit the possiblities
Showing 1 - 15 of 15 RSS Feed

Files Date: 2013-10-02

SIEMENS Solid Edge ST4 SEListCtrlX ActiveX Remote Code Execution
Posted Oct 2, 2013
Authored by rgod, juan vazquez | Site metasploit.com

This Metasploit module exploits the SEListCtrlX ActiveX installed with the SIEMENS Solid Edge product. The vulnerability exists on several APIs provided by the control, where user supplied input is handled as a memory pointer without proper validation, allowing an attacker to read and corrupt memory from the target process. This Metasploit module abuses the methods NumChildren() and DeleteItem() in order to achieve memory info leak and remote code execution respectively. This Metasploit module has been tested successfully on IE6-IE9 on Windows XP SP3 and Windows 7 SP1, using Solid Edge 10.4.

tags | exploit, remote, code execution, activex
systems | windows, xp, 7
advisories | OSVDB-93696
MD5 | 28ccc8a6b178310297fa38093831ae80
Red Hat Security Advisory 2013-1402-01
Posted Oct 2, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1402-01 - Adobe Reader allows users to view and print documents in Portable Document Format. Adobe Reader 9 reached the end of its support cycle on June 26, 2013, and will not receive any more security updates. Future versions of Adobe Acrobat Reader will not be available with Red Hat Enterprise Linux. The Adobe Reader packages in the Red Hat Network channels will continue to be available. Red Hat will continue to provide these packages only as a courtesy to customers. Red Hat will not provide updates to the Adobe Reader packages.

tags | advisory
systems | linux, redhat
MD5 | b9fd1c4dd214820209c299bfc799aaa1
Drupal Quick Tabs 6.x / 7.x Access Bypass
Posted Oct 2, 2013
Authored by Steven William | Site drupal.org

Drupal Quick Tabs third party module versions 6.x and 7.x suffer from an access bypass vulnerability.

tags | advisory, bypass
MD5 | 3b7a547bf610d02e4de89677bdf2a205
Cisco Security Advisory 20131002-iosxr
Posted Oct 2, 2013
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Cisco IOS XR Software version 4.3.1 contains a vulnerability that could result in complete packet memory exhaustion. Successful exploitation could render critical services on the affected device unable to allocate packets resulting in a denial of service (DoS) condition. Cisco has released free software updates that address this vulnerability. Workarounds that mitigate this vulnerability are available.

tags | advisory, denial of service
systems | cisco, osx
MD5 | 10faf9f5ef05984186f1a6b980fb83f0
Gnew 2013.1 PHP File Inclusion / SQL Injection
Posted Oct 2, 2013
Authored by High-Tech Bridge SA | Site htbridge.com

Gnew version 2013.1 suffers from file inclusion and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection, file inclusion
advisories | CVE-2013-5639, CVE-2013-5640
MD5 | 27c79cd49c3d1915b20632df2093d04d
GLPI 0.84.1 Access Control / Code Injection
Posted Oct 2, 2013
Authored by High-Tech Bridge SA | Site htbridge.com

GLPI version 0.84.1 suffers from improper access control bypass and PHP code injection vulnerabilities.

tags | exploit, php, vulnerability
advisories | CVE-2013-5696
MD5 | 111f2e2c481378f2a0a512d1963e88a1
ClipBucket Remote Code Execution
Posted Oct 2, 2013
Authored by Gabby

ClipBucket suffers from a remote code execution vulnerability that allows for a shell upload.

tags | exploit, remote, shell, code execution
MD5 | c9c7067c011ad00385d327bc7699a3bd
Facebook Port Scanning / Open Redirect
Posted Oct 2, 2013
Authored by Dimopoulos Elias

The Facebook debugger tool allows for arbitrary port scanning through Facebook's systems, based upon responses received for open ports versus closed ports. In addition to this, Facebook suffers from an open redirection vulnerability.

tags | exploit, arbitrary
systems | linux
MD5 | 2d16f12622de85100fd9e91845bef4fd
WordPress Semper Fi Cross Site Scripting
Posted Oct 2, 2013
Authored by Charlie Briggs, Richard Clifford

The Semper Fi Web Design WordPress plugin suffers from a cross site scripting vulnerability due to the use of stripcslashes().

tags | exploit, web, xss
MD5 | 7dc0f3302a00ccddc3e85ab268b71556
Digital Whisper Electronic Magazine #45
Posted Oct 2, 2013
Authored by cp77fk4r, digitalwhisper

Digital Whisper Electronic Magazine issue 45. Written in Hebrew.

tags | magazine
MD5 | 6e08aacd725f1d8168c9ea36b94db4d2
WordPress Social Hashtag 2.0.0 Cross Site Scripting
Posted Oct 2, 2013
Authored by Arsan

WordPress Social Hashtag plugin version 2.0.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | dee14cc4dee4777f48b6453f3bad6f83
XPATH Injection
Posted Oct 2, 2013
Authored by Chetan Soni

This is a brief whitepaper that covers XPATH injection attacks and use cases.

tags | paper
MD5 | 9d0a94c181895a2a10ed0a785f5abcc1
CodeCrypt 1.4
Posted Oct 2, 2013

codecrypt is a GnuPG-like program for encryption and signing that uses only quantum-computer-resistant algorithms.

Changes: This release adds a complete range of Cubehash-based algorithms. Crypto++ dependency is now optional. The KeyID algorithm has been changed, so old ciphertexts/signed messages may be incompatible with this version.
tags | encryption
systems | unix
MD5 | c484c24beccd33c20fc912149ffe08ad
Packet Storm New Exploits For September, 2013
Posted Oct 2, 2013
Authored by Todd J. | Site packetstormsecurity.com

This archive contains all of the 156 exploits added to Packet Storm in September, 2013.

tags | exploit
systems | linux
MD5 | 234f4e5f1ade70577f7f93a8a8fad72d
PinApp Mail-SeCure Access Control Failure
Posted Oct 2, 2013
Authored by Core Security Technologies, John Petrusa | Site coresecurity.com

Core Security Technologies Advisory - A security vulnerability was discovered in PineApp Mail-SeCure Suite, allowing a non-privileged attacker to get a root shell by sending a specially crafted command from the Mail-SeCure console. A valid user account is needed to launch the attack, so this is a privileged escalation vulnerability that can be exploited locally only. All Mail-SeCure versions prior to 3.70 are affected.

tags | exploit, shell, root
advisories | CVE-2013-4987
MD5 | a55819a06c6cdf1dc1795de1eca29e6f
Page 1 of 1

Want To Donate?

Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

File Archive:

January 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    2 Files
  • 2
    Jan 2nd
    13 Files
  • 3
    Jan 3rd
    16 Files
  • 4
    Jan 4th
    39 Files
  • 5
    Jan 5th
    26 Files
  • 6
    Jan 6th
    40 Files
  • 7
    Jan 7th
    2 Files
  • 8
    Jan 8th
    16 Files
  • 9
    Jan 9th
    25 Files
  • 10
    Jan 10th
    28 Files
  • 11
    Jan 11th
    44 Files
  • 12
    Jan 12th
    32 Files
  • 13
    Jan 13th
    2 Files
  • 14
    Jan 14th
    4 Files
  • 15
    Jan 15th
    31 Files
  • 16
    Jan 16th
    15 Files
  • 17
    Jan 17th
    16 Files
  • 18
    Jan 18th
    24 Files
  • 19
    Jan 19th
    15 Files
  • 20
    Jan 20th
    5 Files
  • 21
    Jan 21st
    0 Files
  • 22
    Jan 22nd
    0 Files
  • 23
    Jan 23rd
    0 Files
  • 24
    Jan 24th
    0 Files
  • 25
    Jan 25th
    0 Files
  • 26
    Jan 26th
    0 Files
  • 27
    Jan 27th
    0 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2018 Packet Storm. All rights reserved.

Security Services
Hosting By