what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 16 of 16 RSS Feed

Files Date: 2013-10-11

VMware Hyperic HQ Groovy Script-Console Java Execution
Posted Oct 11, 2013
Authored by Brendan Coles | Site metasploit.com

This Metasploit module uses the VMware Hyperic HQ Groovy script console to execute OS commands using Java. Valid credentials for an application administrator user account are required. This Metasploit module has been tested successfully with Hyperic HQ 4.6.6 on Windows 2003 SP2 and Ubuntu 10.04 systems.

tags | exploit, java
systems | linux, windows, ubuntu
SHA-256 | f310cc67584ebfece0fb02e5b0b15c7748e4537dd7eb3d17e3d681399a54630c
Debian Security Advisory 2778-1
Posted Oct 11, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2778-1 - Robert Matthews discovered that the Apache FCGID module, a FastCGI implementation for Apache HTTP Server, fails to perform adequate boundary checks on user-supplied input. This may allow a remote attacker to cause a heap-based buffer overflow, resulting in a denial of service or potentially allowing the execution of arbitrary code.

tags | advisory, remote, web, denial of service, overflow, arbitrary
systems | linux, debian
advisories | CVE-2013-4365
SHA-256 | a691935e6b3883f0bb5112b1fc262bde929253995e637c6def6907d4358e59f0
WordPress 3.6 URL Redirection
Posted Oct 11, 2013
Authored by Kenneth F. Belva

WordPress version 3.6 suffers from multiple URL redirection restriction bypass vulnerabilities.

tags | exploit, vulnerability
advisories | CVE-2013-4339
SHA-256 | b7c554cd3d39594ec433361de09accd00a8298b232665ded7801c40c285494bb
WordPress Cart66 1.5.1.14 Cross Site Request Forgery / Cross Site Scripting
Posted Oct 11, 2013
Authored by absane

WordPress Cart66 plugin version 1.5.1.14 suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
advisories | CVE-2013-5977, CVE-2013-5978
SHA-256 | 6c2e05be2ddbb6085173b24d083a439347cd96197550e2c65c6ab80ad3b2bf2e
HP Security Bulletin HPSBMU02901
Posted Oct 11, 2013
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU02901 - Potential security vulnerabilities have been identified with HP Business Process Monitor running on windows. The vulnerabilities could be remotely exploited resulting in execution of arbitrary code and disclosure of information. Revision 1 of this advisory.

tags | advisory, arbitrary, vulnerability
systems | windows
advisories | CVE-2013-2366, CVE-2013-4804
SHA-256 | 8adfd19d251a2363a89d72b93d7449bb0161b448518c3836380283343e3b5394
Debian Security Advisory 2773-1
Posted Oct 11, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2773-1 - Two vulnerabilities were discovered in GnuPG, the GNU privacy guard, a free PGP replacement.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2013-4351, CVE-2013-4402
SHA-256 | e077ea3264c37bcd24fbc332abf425b7495d109a8d76e55af9da3f607195c663
Debian Security Advisory 2774-1
Posted Oct 11, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2774-1 - Two vulnerabilities were discovered in GnuPG 2, the GNU privacy guard, a free PGP replacement.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2013-4351, CVE-2013-4402
SHA-256 | 7bbc4f5dc7ed8480336fce6b2293b35a941d9c5286990097f3237cb526b79318
Debian Security Advisory 2777-1
Posted Oct 11, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2777-1 - Multiple security issues in systemd have been discovered by Sebastian to the bypass of Policykit restrictions and privilege escalation or denial of service through an integer overflow in journald and missing input sanitising in the processing of X keyboard extension (XKB) files.

tags | advisory, denial of service, overflow
systems | linux, debian
advisories | CVE-2013-4327, CVE-2013-4391, CVE-2013-4394
SHA-256 | 317013ec0e6ce864ca057e95e8db59dc95c1c32f8d7632418eb29c25cb50f773
Debian Security Advisory 2776-1
Posted Oct 11, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2776-1 - Multiple vulnerabilities have been been fixed in the Drupal content management framework, resulting in information disclosure, insufficient validation, cross-site scripting and cross-site request forgery.

tags | advisory, vulnerability, xss, info disclosure, csrf
systems | linux, debian
advisories | CVE-2012-0825, CVE-2012-0826, CVE-2012-5651, CVE-2012-5652, CVE-2012-5653, CVE-2013-0244, CVE-2013-0245
SHA-256 | 45a72bfd68d855596936144a4be64a54d8096cdaf8020e5dd7667dc60a77524e
Debian Security Advisory 2775-1
Posted Oct 11, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2775-1 - It was discovered that ejabberd, a Jabber/XMPP server, uses SSLv2 and weak ciphers for communication, which are considered insecure. The software offers no runtime configuration options to disable these. This update disables the use of SSLv2 and weak ciphers.

tags | advisory
systems | linux, debian
SHA-256 | 8d8938b3daacec8136336221ef73887aed271a956c519631d2c52c9546e6bba5
AdaptCMS 3.0.1 Cross Site Scripting
Posted Oct 11, 2013
Authored by syst3m_f4ult

AdaptCMS version 3.0.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 4f69e17362e1d3e3727d1e8458a9b8c39609e4b39a547dacffe89ebb93f75936
Amun CMS 1.0.1 REST API Access Bypass
Posted Oct 11, 2013
Authored by syst3m_f4ult

Amun CMS version 1.0.1 fails to restrict access to its REST API.

tags | exploit, bypass
SHA-256 | 8a1edcbf00c3646d6fc6c484cfea43697c0602acb71980da916cbfcb6ea49926
Claroline 1.11.8 Cross Site Scripting
Posted Oct 11, 2013
Authored by Arsan

Claroline version 1.11.8 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 0233b9fa7e314470bc0c177c0e0d3147f4db57e20cd49bb358148232c668f9ad
Satyr's OpenSSH Autobackdooring Doohicky 0.1
Posted Oct 11, 2013
Authored by Satyr

This script provides OpenSSH backdoor functionality with a magic password and logs passwords as well. It leverages the same basic idea behind common OpenSSH patches but this script attempts to make the process version agnostic. Use at your own risk.

tags | tool, encryption
SHA-256 | 48419f325c5d2746d064bab78dd1ed1c5147e0f991366ca00c840c22914cd382
Mandriva Linux Security Advisory 2013-249
Posted Oct 11, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-249 - It was discovered that LibRaw incorrectly handled photo files. If a user or automated system were tricked into processing a specially crafted photo file, applications linked against LibRaw could be made to crash, resulting in a denial of service.

tags | advisory, denial of service
systems | linux, mandriva
advisories | CVE-2013-1438, CVE-2013-1439
SHA-256 | 1fd5322a48fb478e74546de7a3f4ad817dfbde36d3206bd77f23980445536965
Mandriva Linux Security Advisory 2013-248
Posted Oct 11, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-248 - It was found that xinetd ignored the user and group configuration directives for services running under the tcpmux-server service. This flaw could cause the associated services to run as root. If there was a flaw in such a service, a remote attacker could use it to execute arbitrary code with the privileges of the root user.

tags | advisory, remote, arbitrary, root
systems | linux, mandriva
advisories | CVE-2013-4342
SHA-256 | 893f93a3e347b7defc96c9a0605787b8950a92d0dd891a476dd395f69124d735
Page 1 of 1
Back1Next

File Archive:

June 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    0 Files
  • 2
    Jun 2nd
    0 Files
  • 3
    Jun 3rd
    18 Files
  • 4
    Jun 4th
    21 Files
  • 5
    Jun 5th
    0 Files
  • 6
    Jun 6th
    57 Files
  • 7
    Jun 7th
    6 Files
  • 8
    Jun 8th
    0 Files
  • 9
    Jun 9th
    0 Files
  • 10
    Jun 10th
    12 Files
  • 11
    Jun 11th
    27 Files
  • 12
    Jun 12th
    38 Files
  • 13
    Jun 13th
    16 Files
  • 14
    Jun 14th
    14 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    16 Files
  • 18
    Jun 18th
    26 Files
  • 19
    Jun 19th
    15 Files
  • 20
    Jun 20th
    18 Files
  • 21
    Jun 21st
    0 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close