exploit the possibilities
Showing 1 - 16 of 16 RSS Feed

Files Date: 2013-10-11

VMware Hyperic HQ Groovy Script-Console Java Execution
Posted Oct 11, 2013
Authored by Brendan Coles | Site metasploit.com

This Metasploit module uses the VMware Hyperic HQ Groovy script console to execute OS commands using Java. Valid credentials for an application administrator user account are required. This Metasploit module has been tested successfully with Hyperic HQ 4.6.6 on Windows 2003 SP2 and Ubuntu 10.04 systems.

tags | exploit, java
systems | linux, windows, ubuntu
SHA-256 | f310cc67584ebfece0fb02e5b0b15c7748e4537dd7eb3d17e3d681399a54630c
Debian Security Advisory 2778-1
Posted Oct 11, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2778-1 - Robert Matthews discovered that the Apache FCGID module, a FastCGI implementation for Apache HTTP Server, fails to perform adequate boundary checks on user-supplied input. This may allow a remote attacker to cause a heap-based buffer overflow, resulting in a denial of service or potentially allowing the execution of arbitrary code.

tags | advisory, remote, web, denial of service, overflow, arbitrary
systems | linux, debian
advisories | CVE-2013-4365
SHA-256 | a691935e6b3883f0bb5112b1fc262bde929253995e637c6def6907d4358e59f0
WordPress 3.6 URL Redirection
Posted Oct 11, 2013
Authored by Kenneth F. Belva

WordPress version 3.6 suffers from multiple URL redirection restriction bypass vulnerabilities.

tags | exploit, vulnerability
advisories | CVE-2013-4339
SHA-256 | b7c554cd3d39594ec433361de09accd00a8298b232665ded7801c40c285494bb
WordPress Cart66 1.5.1.14 Cross Site Request Forgery / Cross Site Scripting
Posted Oct 11, 2013
Authored by absane

WordPress Cart66 plugin version 1.5.1.14 suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
advisories | CVE-2013-5977, CVE-2013-5978
SHA-256 | 6c2e05be2ddbb6085173b24d083a439347cd96197550e2c65c6ab80ad3b2bf2e
HP Security Bulletin HPSBMU02901
Posted Oct 11, 2013
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU02901 - Potential security vulnerabilities have been identified with HP Business Process Monitor running on windows. The vulnerabilities could be remotely exploited resulting in execution of arbitrary code and disclosure of information. Revision 1 of this advisory.

tags | advisory, arbitrary, vulnerability
systems | windows
advisories | CVE-2013-2366, CVE-2013-4804
SHA-256 | 8adfd19d251a2363a89d72b93d7449bb0161b448518c3836380283343e3b5394
Debian Security Advisory 2773-1
Posted Oct 11, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2773-1 - Two vulnerabilities were discovered in GnuPG, the GNU privacy guard, a free PGP replacement.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2013-4351, CVE-2013-4402
SHA-256 | e077ea3264c37bcd24fbc332abf425b7495d109a8d76e55af9da3f607195c663
Debian Security Advisory 2774-1
Posted Oct 11, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2774-1 - Two vulnerabilities were discovered in GnuPG 2, the GNU privacy guard, a free PGP replacement.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2013-4351, CVE-2013-4402
SHA-256 | 7bbc4f5dc7ed8480336fce6b2293b35a941d9c5286990097f3237cb526b79318
Debian Security Advisory 2777-1
Posted Oct 11, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2777-1 - Multiple security issues in systemd have been discovered by Sebastian to the bypass of Policykit restrictions and privilege escalation or denial of service through an integer overflow in journald and missing input sanitising in the processing of X keyboard extension (XKB) files.

tags | advisory, denial of service, overflow
systems | linux, debian
advisories | CVE-2013-4327, CVE-2013-4391, CVE-2013-4394
SHA-256 | 317013ec0e6ce864ca057e95e8db59dc95c1c32f8d7632418eb29c25cb50f773
Debian Security Advisory 2776-1
Posted Oct 11, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2776-1 - Multiple vulnerabilities have been been fixed in the Drupal content management framework, resulting in information disclosure, insufficient validation, cross-site scripting and cross-site request forgery.

tags | advisory, vulnerability, xss, info disclosure, csrf
systems | linux, debian
advisories | CVE-2012-0825, CVE-2012-0826, CVE-2012-5651, CVE-2012-5652, CVE-2012-5653, CVE-2013-0244, CVE-2013-0245
SHA-256 | 45a72bfd68d855596936144a4be64a54d8096cdaf8020e5dd7667dc60a77524e
Debian Security Advisory 2775-1
Posted Oct 11, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2775-1 - It was discovered that ejabberd, a Jabber/XMPP server, uses SSLv2 and weak ciphers for communication, which are considered insecure. The software offers no runtime configuration options to disable these. This update disables the use of SSLv2 and weak ciphers.

tags | advisory
systems | linux, debian
SHA-256 | 8d8938b3daacec8136336221ef73887aed271a956c519631d2c52c9546e6bba5
AdaptCMS 3.0.1 Cross Site Scripting
Posted Oct 11, 2013
Authored by syst3m_f4ult

AdaptCMS version 3.0.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 4f69e17362e1d3e3727d1e8458a9b8c39609e4b39a547dacffe89ebb93f75936
Amun CMS 1.0.1 REST API Access Bypass
Posted Oct 11, 2013
Authored by syst3m_f4ult

Amun CMS version 1.0.1 fails to restrict access to its REST API.

tags | exploit, bypass
SHA-256 | 8a1edcbf00c3646d6fc6c484cfea43697c0602acb71980da916cbfcb6ea49926
Claroline 1.11.8 Cross Site Scripting
Posted Oct 11, 2013
Authored by Arsan

Claroline version 1.11.8 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 0233b9fa7e314470bc0c177c0e0d3147f4db57e20cd49bb358148232c668f9ad
Satyr's OpenSSH Autobackdooring Doohicky 0.1
Posted Oct 11, 2013
Authored by Satyr

This script provides OpenSSH backdoor functionality with a magic password and logs passwords as well. It leverages the same basic idea behind common OpenSSH patches but this script attempts to make the process version agnostic. Use at your own risk.

tags | tool, encryption
SHA-256 | 48419f325c5d2746d064bab78dd1ed1c5147e0f991366ca00c840c22914cd382
Mandriva Linux Security Advisory 2013-249
Posted Oct 11, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-249 - It was discovered that LibRaw incorrectly handled photo files. If a user or automated system were tricked into processing a specially crafted photo file, applications linked against LibRaw could be made to crash, resulting in a denial of service.

tags | advisory, denial of service
systems | linux, mandriva
advisories | CVE-2013-1438, CVE-2013-1439
SHA-256 | 1fd5322a48fb478e74546de7a3f4ad817dfbde36d3206bd77f23980445536965
Mandriva Linux Security Advisory 2013-248
Posted Oct 11, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-248 - It was found that xinetd ignored the user and group configuration directives for services running under the tcpmux-server service. This flaw could cause the associated services to run as root. If there was a flaw in such a service, a remote attacker could use it to execute arbitrary code with the privileges of the root user.

tags | advisory, remote, arbitrary, root
systems | linux, mandriva
advisories | CVE-2013-4342
SHA-256 | 893f93a3e347b7defc96c9a0605787b8950a92d0dd891a476dd395f69124d735
Page 1 of 1
Back1Next

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    26 Files
  • 18
    May 18th
    4 Files
  • 19
    May 19th
    17 Files
  • 20
    May 20th
    2 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    6 Files
  • 24
    May 24th
    19 Files
  • 25
    May 25th
    5 Files
  • 26
    May 26th
    12 Files
  • 27
    May 27th
    12 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close