exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 17 of 17 RSS Feed

Files Date: 2013-10-16

Persistent Payload In Windows Volume Shadow Copy
Posted Oct 16, 2013
Authored by Jedediah Rodriguez | Site metasploit.com

This Metasploit module will attempt to create a persistent payload in a new volume shadow copy. This is based on the VSSOwn Script originally posted by Tim Tomes and Mark Baggett. This Metasploit module has been tested successfully on Windows 7. In order to achieve persistence through the RUNKEY option, the user should need password in order to start session on the target machine.

tags | exploit
systems | windows
SHA-256 | d72c7c4197223719655c0deb2854e9abd093b3ef32540cca84b41979d20922b1
HP Security Bulletin HPSBMU02931
Posted Oct 16, 2013
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU02931 - A potential security vulnerability has been identified with HP Service Manager. The vulnerabilities could be exploited to allow injection of arbitrary code, remote disclosure of privileged Information, improper privilege management and cross site scripting (XSS). Revision 1 of this advisory.

tags | advisory, remote, arbitrary, vulnerability, xss
advisories | CVE-2013-4830, CVE-2013-4831, CVE-2013-4832, CVE-2013-4833
SHA-256 | 92bd5016fb046657c3c2e38cc64e059c20f29bb7aaf7ad5967b91d4e1737e1b6
Dolibarr ERP/CMS 3.4.0 SQL Injection
Posted Oct 16, 2013
Authored by drone

Dolibarr ERP/CMS version 3.4.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 17558383b563f3fc59b866cd4454a1c3f1b147cd861e3918baa96316db448057
Red Hat Security Advisory 2013-1429-01
Posted Oct 16, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1429-01 - The Apache Commons FileUpload component can be used to add a file upload capability to your applications. A flaw was found in the way the DiskFileItem class handled NULL characters in file names. A remote attacker able to supply a serialized instance of the DiskFileItem class, which will be deserialized on a server, could use this flaw to write arbitrary content to any location on the server that is accessible to the user running the application server process. All users of Red Hat JBoss Web Server 1.0.2 as provided from the Red Hat Customer Portal are advised to apply this update.

tags | advisory, remote, web, arbitrary, file upload
systems | linux, redhat
advisories | CVE-2013-2186
SHA-256 | e4609645f4cd637011a2643599aa3263a831c9a6435202a828d6adef065e469f
Red Hat Security Advisory 2013-1426-01
Posted Oct 16, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1426-01 - X.Org is an open source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. A use-after-free flaw was found in the way the X.Org server handled ImageText requests. A malicious, authorized client could use this flaw to crash the X.Org server or, potentially, execute arbitrary code with root privileges.

tags | advisory, arbitrary, root
systems | linux, redhat
advisories | CVE-2013-4396
SHA-256 | d72ffb1f45e9412968049f5b566eaaed14e469d38fd22929209af914c61bb2d6
Red Hat Security Advisory 2013-1430-01
Posted Oct 16, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1430-01 - The Apache Commons FileUpload component can be used to add a file upload capability to your applications. A flaw was found in the way the DiskFileItem class handled NULL characters in file names. A remote attacker able to supply a serialized instance of the DiskFileItem class, which will be deserialized on a server, could use this flaw to write arbitrary content to any location on the server that is accessible to the user running the application server process. All users of the affected products as provided from the Red Hat Customer Portal are advised to apply this update.

tags | advisory, remote, arbitrary, file upload
systems | linux, redhat
advisories | CVE-2013-2186
SHA-256 | 8b2547fa6d3975c3a91727576e45109a28a17517cad7448a131a2f7b6230c3f5
Red Hat Security Advisory 2013-1428-01
Posted Oct 16, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1428-01 - The Apache Commons FileUpload component can be used to add a file upload capability to your applications. A flaw was found in the way the DiskFileItem class handled NULL characters in file names. A remote attacker able to supply a serialized instance of the DiskFileItem class, which will be deserialized on a server, could use this flaw to write arbitrary content to any location on the server that is accessible to the user running the application server process. Warning: Before applying the update, back up your existing Red Hat JBoss Enterprise Web Server installation.

tags | advisory, remote, web, arbitrary, file upload
systems | linux, redhat
advisories | CVE-2013-2186
SHA-256 | b976071b14d373df151db7787b9d20fe22a7a606d389e8f152187779ade395e2
Red Hat Security Advisory 2013-1427-01
Posted Oct 16, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1427-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to do system management tasks. RubyGems is the Ruby standard for publishing and managing third-party libraries. It was discovered that the rubygems API validated version strings using an unsafe regular expression. An application making use of this API to process a version string from an untrusted source could be vulnerable to a denial of service attack through CPU exhaustion.

tags | advisory, denial of service, ruby
systems | linux, redhat
advisories | CVE-2013-4287
SHA-256 | 95b8c5fb8466ea5aaac7d7ca6845aee4834cc8fe67daa4ad63e92c66a8847521
Slackware Security Advisory - gnupg2 Updates
Posted Oct 16, 2013
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New gnupg2 packages are available for Slackware 13.37, 14.0, and -current to fix security issues. These packages will require the updated libgpg-error package. Related CVE Numbers: CVE-2013-4402.

tags | advisory
systems | linux, slackware
advisories | CVE-2013-4402
SHA-256 | dda1058a769536c2ddb2b2d2a402ff01901c6e6d245c08d55af69271767b813e
Ubuntu Security Notice USN-1989-1
Posted Oct 16, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1989-1 - It was discovered that ICU contained a race condition affecting multi- threaded applications. If an application using ICU processed crafted data, an attacker could cause it to crash or potentially execute arbitrary code with the privileges of the user invoking the program. This issue only affected Ubuntu 12.04 LTS and Ubuntu 12.10. It was discovered that ICU incorrectly handled memory operations. If an application using ICU processed crafted data, an attacker could cause it to crash or potentially execute arbitrary code with the privileges of the user invoking the program. Various other issues were also addressed.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2013-0900, CVE-2013-2924, CVE-2013-0900, CVE-2013-2924
SHA-256 | 4c985d7e31139c62df2e58886e91c67008a1ebe7ced54b4fc3bb9bc1c895190c
Slackware Security Advisory - xorg-server Updates
Posted Oct 16, 2013
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New xorg-server packages are available for Slackware 12.1, 12.2, 13.0, 13.1, 13.37, 14.0, and -current to fix a security issue. Related CVE Numbers: CVE-2013-4396.

tags | advisory
systems | linux, slackware
advisories | CVE-2013-4396
SHA-256 | d63fcb06cd8e5c354fdbceb85314bd6e9bee0b0da684642768e3b3bfb2dce838
Slackware Security Advisory - gnupg Updates
Posted Oct 16, 2013
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New gnupg packages are available for Slackware 12.1, 12.2, 13.0, 13.1, 13.37, 14.0, and -current to fix security issues. Related CVE Numbers: CVE-2013-4402.

tags | advisory
systems | linux, slackware
advisories | CVE-2013-4402
SHA-256 | 063e6988f3bde3da3e28b4a1c8e9e1bc4231c00ecc5f86bc612cc24d0d7ebb14
Slackware Security Advisory - gnutls Updates
Posted Oct 16, 2013
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New gnutls packages are available for Slackware 12.1, 12.2, 13.0, 13.1, and 13.37 to fix security issues. Related CVE Numbers: CVE-2011-4128,CVE-2012-1569,CVE-2012-1573,CVE-2013-1619,CVE-2013-2116.

tags | advisory
systems | linux, slackware
advisories | CVE-2011-4128, CVE-2012-1569, CVE-2012-1573, CVE-2013-1619, CVE-2013-2116
SHA-256 | 13905ed94cfe14682c1c5c14c16132d41f098ff84047a15e976344d2814c839d
Slackware Security Advisory - libgpg-error Updates
Posted Oct 16, 2013
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New libgpg-error packages are available for Slackware 13.37 and 14.0. These are needed for the updated gnupg2 package.

tags | advisory
systems | linux, slackware
SHA-256 | 5e8cd960335dd818981514837c916a4e6228aa26175b4ef7bf5cd49aa11e7aad
DornCMS Application 1.4 Local File Inclusion / XSS
Posted Oct 16, 2013
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

DornCMS Application version 1.4 suffers from cross site scripting and local file inclusion vulnerabilities.

tags | exploit, local, vulnerability, xss, file inclusion
SHA-256 | effa62cb4eaaa12b0a23ca9706a0f1cc9087f8d782f16c149fece649db7b3103
WordPress Dexs PM System Cross Site Scripting
Posted Oct 16, 2013
Authored by TheXero

WordPress Dexs PM System plugin suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 46585f05ce1c8abf03275497ab4ed1b5a5b1fe6f2f5d454627d66da4e26a2725
Aladdin Knowledge Systems Ltd. Overflow
Posted Oct 16, 2013
Authored by Blake

Aladdin Knowledge Systems Ltd. PrivAgent active-x control overflow exploit.

tags | exploit, overflow, activex
SHA-256 | 78e1f9941ee243de2c6fa4f4dd4d806f45dbe201a8b08daf54b144678052bb4f
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close