accept no compromises
Showing 1 - 16 of 16 RSS Feed

Files Date: 2013-10-11

VMware Hyperic HQ Groovy Script-Console Java Execution
Posted Oct 11, 2013
Authored by Brendan Coles | Site metasploit.com

This Metasploit module uses the VMware Hyperic HQ Groovy script console to execute OS commands using Java. Valid credentials for an application administrator user account are required. This Metasploit module has been tested successfully with Hyperic HQ 4.6.6 on Windows 2003 SP2 and Ubuntu 10.04 systems.

tags | exploit, java
systems | linux, windows, ubuntu
MD5 | 3096f632c71fe89a255343816fc50a94
Debian Security Advisory 2778-1
Posted Oct 11, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2778-1 - Robert Matthews discovered that the Apache FCGID module, a FastCGI implementation for Apache HTTP Server, fails to perform adequate boundary checks on user-supplied input. This may allow a remote attacker to cause a heap-based buffer overflow, resulting in a denial of service or potentially allowing the execution of arbitrary code.

tags | advisory, remote, web, denial of service, overflow, arbitrary
systems | linux, debian
advisories | CVE-2013-4365
MD5 | 0822e3bbda5e355969b36f17b7abbb74
WordPress 3.6 URL Redirection
Posted Oct 11, 2013
Authored by Kenneth F. Belva

WordPress version 3.6 suffers from multiple URL redirection restriction bypass vulnerabilities.

tags | exploit, vulnerability
advisories | CVE-2013-4339
MD5 | 221df3bff78c4badddb93234ce5f95a1
WordPress Cart66 1.5.1.14 Cross Site Request Forgery / Cross Site Scripting
Posted Oct 11, 2013
Authored by absane

WordPress Cart66 plugin version 1.5.1.14 suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
advisories | CVE-2013-5977, CVE-2013-5978
MD5 | e2a4833dd1015386ac7643dd96bcd5b1
HP Security Bulletin HPSBMU02901
Posted Oct 11, 2013
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU02901 - Potential security vulnerabilities have been identified with HP Business Process Monitor running on windows. The vulnerabilities could be remotely exploited resulting in execution of arbitrary code and disclosure of information. Revision 1 of this advisory.

tags | advisory, arbitrary, vulnerability
systems | windows
advisories | CVE-2013-2366, CVE-2013-4804
MD5 | 4bf272f75c95fb118641740e9d68453d
Debian Security Advisory 2773-1
Posted Oct 11, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2773-1 - Two vulnerabilities were discovered in GnuPG, the GNU privacy guard, a free PGP replacement.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2013-4351, CVE-2013-4402
MD5 | 378282127b9f1267bbb3299e5bafde09
Debian Security Advisory 2774-1
Posted Oct 11, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2774-1 - Two vulnerabilities were discovered in GnuPG 2, the GNU privacy guard, a free PGP replacement.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2013-4351, CVE-2013-4402
MD5 | 3a4beb0a449abb477b21f5ec7e6b705c
Debian Security Advisory 2777-1
Posted Oct 11, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2777-1 - Multiple security issues in systemd have been discovered by Sebastian to the bypass of Policykit restrictions and privilege escalation or denial of service through an integer overflow in journald and missing input sanitising in the processing of X keyboard extension (XKB) files.

tags | advisory, denial of service, overflow
systems | linux, debian
advisories | CVE-2013-4327, CVE-2013-4391, CVE-2013-4394
MD5 | 588b3c0b68341cfa7c3da4f88e82a4e7
Debian Security Advisory 2776-1
Posted Oct 11, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2776-1 - Multiple vulnerabilities have been been fixed in the Drupal content management framework, resulting in information disclosure, insufficient validation, cross-site scripting and cross-site request forgery.

tags | advisory, vulnerability, xss, info disclosure, csrf
systems | linux, debian
advisories | CVE-2012-0825, CVE-2012-0826, CVE-2012-5651, CVE-2012-5652, CVE-2012-5653, CVE-2013-0244, CVE-2013-0245
MD5 | 8aae5403b2203990bdccf815b471e30b
Debian Security Advisory 2775-1
Posted Oct 11, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2775-1 - It was discovered that ejabberd, a Jabber/XMPP server, uses SSLv2 and weak ciphers for communication, which are considered insecure. The software offers no runtime configuration options to disable these. This update disables the use of SSLv2 and weak ciphers.

tags | advisory
systems | linux, debian
MD5 | 87d1ad52c3a52de964ec0425bd409f5f
AdaptCMS 3.0.1 Cross Site Scripting
Posted Oct 11, 2013
Authored by syst3m_f4ult

AdaptCMS version 3.0.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 243223029ac964b94ed2eb150b80741e
Amun CMS 1.0.1 REST API Access Bypass
Posted Oct 11, 2013
Authored by syst3m_f4ult

Amun CMS version 1.0.1 fails to restrict access to its REST API.

tags | exploit, bypass
MD5 | 9d097dabe4aa60da7ce0e31f2f5a70a9
Claroline 1.11.8 Cross Site Scripting
Posted Oct 11, 2013
Authored by Arsan

Claroline version 1.11.8 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | d1876dbc1479ba98e8dc9bde4f652d89
Satyr's OpenSSH Autobackdooring Doohicky 0.1
Posted Oct 11, 2013
Authored by Satyr

This script provides OpenSSH backdoor functionality with a magic password and logs passwords as well. It leverages the same basic idea behind common OpenSSH patches but this script attempts to make the process version agnostic. Use at your own risk.

tags | tool, encryption
MD5 | a04c79d067aa246b65009f4673556fb9
Mandriva Linux Security Advisory 2013-249
Posted Oct 11, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-249 - It was discovered that LibRaw incorrectly handled photo files. If a user or automated system were tricked into processing a specially crafted photo file, applications linked against LibRaw could be made to crash, resulting in a denial of service.

tags | advisory, denial of service
systems | linux, mandriva
advisories | CVE-2013-1438, CVE-2013-1439
MD5 | 937c7138830f71220c8d6dbbda6c61b8
Mandriva Linux Security Advisory 2013-248
Posted Oct 11, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-248 - It was found that xinetd ignored the user and group configuration directives for services running under the tcpmux-server service. This flaw could cause the associated services to run as root. If there was a flaw in such a service, a remote attacker could use it to execute arbitrary code with the privileges of the root user.

tags | advisory, remote, arbitrary, root
systems | linux, mandriva
advisories | CVE-2013-4342
MD5 | a211970396bdd8f6312dce1c7d4c0f50
Page 1 of 1
Back1Next

File Archive:

July 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    2 Files
  • 2
    Jul 2nd
    3 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    4 Files
  • 5
    Jul 5th
    15 Files
  • 6
    Jul 6th
    15 Files
  • 7
    Jul 7th
    10 Files
  • 8
    Jul 8th
    2 Files
  • 9
    Jul 9th
    10 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    15 Files
  • 12
    Jul 12th
    19 Files
  • 13
    Jul 13th
    16 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    3 Files
  • 16
    Jul 16th
    2 Files
  • 17
    Jul 17th
    8 Files
  • 18
    Jul 18th
    11 Files
  • 19
    Jul 19th
    15 Files
  • 20
    Jul 20th
    15 Files
  • 21
    Jul 21st
    15 Files
  • 22
    Jul 22nd
    7 Files
  • 23
    Jul 23rd
    2 Files
  • 24
    Jul 24th
    19 Files
  • 25
    Jul 25th
    28 Files
  • 26
    Jul 26th
    2 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close