seeing is believing
Showing 1 - 15 of 15 RSS Feed

Files Date: 2013-10-24

easyXDM 2.4.16 Cross Site Scripting
Posted Oct 24, 2013
Authored by Krzysztof Kotowicz

easyXDM library versions 2.4.16 and below suffer from cross site scripting and parameter injection vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2013-5212
MD5 | 04d852dfe6dfef7a24801fa67f0165f5
NetCrypt .NET Executable Packer
Posted Oct 24, 2013
Authored by Yvan Janssens | Site github.com

This tool is a proof-of-concept packer for .NET executables designed to provide a starting point to explain the basic principles of runtime packing.

tags | tool
MD5 | e4c1c191b313085b8e0917a30516b56c
Contexis CMS 1.0 Cross Site Scripting
Posted Oct 24, 2013
Authored by Juan Francisco

Contexis CMS version 1.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2013-6239
MD5 | 1be0a768122bc09d0bde4a69fb54b82c
Debian Security Advisory 2783-2
Posted Oct 24, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2783-2 - The update of librack-ruby in DSA-2783-1 also addressed CVE-2013-0183. The patch applied breaks rails applications like redmine (see Debian Bug #727187). Updated packages are available to address this problem.

tags | advisory, ruby
systems | linux, debian
advisories | CVE-2011-5036, CVE-2013-0183, CVE-2013-0184, CVE-2013-0263
MD5 | 2e39aa1e4b03061af042975c9f494aab
Ubuntu Security Notice USN-2007-1
Posted Oct 24, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2007-1 - Martin Carpenter discovered that Apport set incorrect permissions on core dump files generated by setuid binaries. A local attacker could possibly use this issue to obtain privileged information.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2013-1067
MD5 | ded41e3fd43d3174c22f0b9c9bd2a35d
Ubuntu Security Notice USN-2008-1
Posted Oct 24, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2008-1 - Ralph Loader discovered that Suds incorrectly handled temporary files. A local attacker could possibly use this issue to overwrite arbitrary files. In the default installation of Ubuntu, this should be prevented by the Yama link restrictions.

tags | advisory, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2013-2217
MD5 | 8ec08eeedc2a77a4aea479102b0a72c4
Ubuntu Security Notice USN-2006-1
Posted Oct 24, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2006-1 - Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 5.1.72 in Ubuntu 10.04 LTS. Ubuntu 12.04 LTS, Ubuntu 12.10, Ubuntu 13.04 and Ubuntu 13.10 have been updated to MySQL 5.5.34. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Various other issues were also addressed.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2013-3839, CVE-2013-5807
MD5 | 5072140db034b1e5170fde38cdbbc5fd
Red Hat Security Advisory 2013-1459-01
Posted Oct 24, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1459-01 - The GNU Privacy Guard is a tool for encrypting data and creating digital signatures, compliant with the proposed OpenPGP Internet standard and the S/MIME standard. A denial of service flaw was found in the way GnuPG parsed certain compressed OpenPGP packets. An attacker could use this flaw to send specially crafted input data to GnuPG, making GnuPG enter an infinite loop when parsing data. It was found that importing a corrupted public key into a GnuPG keyring database corrupted that keyring. An attacker could use this flaw to trick a local user into importing a specially crafted public key into their keyring database, causing the keyring to be corrupted and preventing its further use.

tags | advisory, denial of service, local
systems | linux, redhat
advisories | CVE-2012-6085, CVE-2013-4351, CVE-2013-4402
MD5 | 838b8e05872c1f62bde7a2a2efe0a5f2
Red Hat Security Advisory 2013-1458-01
Posted Oct 24, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1458-01 - The GNU Privacy Guard is a tool for encrypting data and creating digital signatures, compliant with the proposed OpenPGP Internet standard and the S/MIME standard. It was found that GnuPG was vulnerable to the Yarom/Falkner flush+reload cache side-channel attack on the RSA secret exponent. An attacker able to execute a process on the logical CPU that shared the L3 cache with the GnuPG process could possibly use this flaw to obtain portions of the RSA secret key.

tags | advisory
systems | linux, redhat
advisories | CVE-2012-6085, CVE-2013-4242, CVE-2013-4351, CVE-2013-4402
MD5 | 45fc1e00fb43f350d85dd774dc4ad400
Red Hat Security Advisory 2013-1457-01
Posted Oct 24, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1457-01 - The libgcrypt library provides general-purpose implementations of various cryptographic algorithms. It was found that GnuPG was vulnerable to the Yarom/Falkner flush+reload cache side-channel attack on the RSA secret exponent. An attacker able to execute a process on the logical CPU that shared the L3 cache with the GnuPG process could possibly use this flaw to obtain portions of the RSA secret key.

tags | advisory
systems | linux, redhat
advisories | CVE-2013-4242
MD5 | 8288b414bb44822fc082647925d9d514
Drupal Bean 7.x Cross Site Scripting
Posted Oct 24, 2013
Authored by Francesco Quagliati | Site drupal.org

Drupal Bean third party module version 7.x suffers from a cross site scripting vulnerability.

tags | advisory, xss
MD5 | 543b962f263d6efa5643194742a5c375
RSA Authentication Agent Bypass
Posted Oct 24, 2013
Site emc.com

In certain circumstances, RSA Authentication Agent for Web for IIS protection can be bypassed due to a fail open flaw in the agent. Versions 7.1 and 7.1.1 are affected.

tags | advisory, web
advisories | CVE-2013-3280
MD5 | c30e113b0c4deb973ae564ff7b1bfd0f
AusCERT 2014 Call For Presentations
Posted Oct 24, 2013
Site easychair.org

The 13th Annual AusCERT Information Security Conference, AusCERT2014, is to be held on the Gold Coast, Queensland, Australia from Monday 12th - 16th May 2014, at the Royal Pines Resort. AusCERT is the premier Computer Emergency Response Team for Australia and provides information security support and advice to its members, including the higher education sector and the Australian community at large.

tags | paper, conference
MD5 | f7adbbf607bd5e37a7fc65e3d3af9169
Avira Internet Security Filter Bypass / Privilege Escalation
Posted Oct 24, 2013
Authored by Ahmad Moghimi

Avira Internet Security filter bypass and privilege escalation zero day exploit that leverages avipbb.sys.

tags | exploit
MD5 | a3066ee34eb2ce7a6e3b66ef8b3c3292
Fuzzing And Software Vulnerabilities Part 1
Posted Oct 24, 2013
Authored by Ibrahim Balic

This is a whitepaper discussing fuzzing and software vulnerabilities. This is part one. It is written in Turkish.

tags | paper, vulnerability
MD5 | 4055fb18d4267897853fae3e14b0e3b6
Page 1 of 1
Back1Next

File Archive:

July 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    2 Files
  • 2
    Jul 2nd
    3 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    4 Files
  • 5
    Jul 5th
    15 Files
  • 6
    Jul 6th
    15 Files
  • 7
    Jul 7th
    10 Files
  • 8
    Jul 8th
    2 Files
  • 9
    Jul 9th
    10 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    15 Files
  • 12
    Jul 12th
    19 Files
  • 13
    Jul 13th
    16 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    3 Files
  • 16
    Jul 16th
    2 Files
  • 17
    Jul 17th
    8 Files
  • 18
    Jul 18th
    11 Files
  • 19
    Jul 19th
    15 Files
  • 20
    Jul 20th
    15 Files
  • 21
    Jul 21st
    15 Files
  • 22
    Jul 22nd
    7 Files
  • 23
    Jul 23rd
    2 Files
  • 24
    Jul 24th
    19 Files
  • 25
    Jul 25th
    28 Files
  • 26
    Jul 26th
    2 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close