Exploit the possiblities
Showing 1 - 25 of 26 RSS Feed

Files Date: 2013-10-28

GNU Transport Layer Security Library 3.2.5
Posted Oct 28, 2013
Authored by Simon Josefsson, Nikos Mavrogiannopoulos | Site gnu.org

GnuTLS is a secure communications library implementing the SSL and TLS protocols and technologies around them. It provides a simple C language application programming interface (API) to access the secure communications protocols, as well as APIs to parse and write X.509, PKCS #12, OpenPGP, and other required structures. It is intended to be portable and efficient with a focus on security and interoperability.

Changes: This release added new ciphersuites with Camellia, SHA2-256, and SHA2-384. A buffer overflow in the DANE library was corrected and several minor improvements were made.
tags | protocol, library
MD5 | c7c367ee06f7f05ddb1e36a444a142ed
Mandos Encrypted File System Unattended Reboot Utility 1.6.2
Posted Oct 28, 2013
Authored by Teddy | Site fukt.bsnet.se

The Mandos system allows computers to have encrypted root file systems and at the same time be capable of remote or unattended reboots. The computers run a small client program in the initial RAM disk environment which will communicate with a server over a network. All network communication is encrypted using TLS. The clients are identified by the server using an OpenPGP key that is unique to each client. The server sends the clients an encrypted password. The encrypted password is decrypted by the clients using the same OpenPGP key, and the password is then used to unlock the root file system.

Changes: A GnuTLS connection problem was finally fixed. A key generation bug that caused bad keys to be generated was also fixed
tags | tool, remote, root
systems | linux
MD5 | 87f76e7cce22c990819f6794ba36872d
Nagios Looking Glass 1.1.0 Beta 2 Local File Inclusion
Posted Oct 28, 2013
Authored by Vyacheslav Egoshin

Nagios Looking Glass versions 1.1.0 beta 2 and below suffer from a local file inclusion vulnerability.

tags | advisory, local, file inclusion
MD5 | 93c8d2bb6a3bf34ac4ae8484cfdc6ac7
MobileIron 4.5.4 Cross Site Scripting
Posted Oct 28, 2013
Authored by Marc Ruef, Pascal Schaufelberger

MobileIron version 4.5.4 suffers from a cross site scripting vulnerability in the device registration functionality.

tags | exploit, xss
MD5 | 745e1f7dbab157688bed397ec6c5c792
ILIAS eLearning 4.3.4 / 4.4 Cross Site Scripting
Posted Oct 28, 2013
Authored by Benjamin Kunz Mejri | Site vulnerability-lab.com

ILIAS eLearning CMS versions 4.3.4 and 4.4 suffer from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | 55438148bfc2d26c41df778ab01683a1
WatchGuard Firewall XTM 11.7.4u1 Buffer Overflow Perl Exploit
Posted Oct 28, 2013
Authored by Jerome Nokin | Site funoverip.net

WatchGuard Firewall XTM version 11.7.4u1 suffers from a remote buffer overflow vulnerability in the handling of the sessionid cookie. This is the perl version of the exploit.

tags | exploit, remote, overflow, perl
advisories | CVE-2013-6021
MD5 | 291cacb6492108f6b1776ae3cfd67700
WatchGuard Firewall XTM 11.7.4u1 Buffer Overflow Metasploit Module
Posted Oct 28, 2013
Authored by st3n | Site funoverip.net

WatchGuard Firewall XTM version 11.7.4u1 suffers from a remote buffer overflow vulnerability in the handling of the sessionid cookie. This is the Metasploit module version of the exploit.

tags | exploit, remote, overflow
advisories | CVE-2013-6021
MD5 | e04d705b954f907d3922f58be6170907
Struts 2.3.15.3 Cross Site Scripting
Posted Oct 28, 2013
Authored by Nebula

Struts version 2.3.15.3 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 917c62ebfe2f7ca24774d0e124dc3931
Netgear ReadyNAS Remote Command Execution
Posted Oct 28, 2013
Authored by anonymous, Craig Young

Proof of concept exploit that demonstrates remote command execution on Netgear ReadyNAS.

tags | exploit, remote, proof of concept
MD5 | 5b0d4c4a67a2b093cc77fefbf354b429
Ops View Pre 4.4.1 Cross Site Scripting
Posted Oct 28, 2013
Authored by Jesus Oquendo

Ops View version pre 4.4.41 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2013-5695
MD5 | e06b5f0bc8804df2abab5a8887e63a04
Mandriva Linux Security Advisory 2013-262
Posted Oct 28, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-262 - In PyCrypto before v2.6.1, the Crypto.Random pseudo-random number generator exhibits a race condition that may cause it to generate the same 'random' output in multiple processes that are forked from each other. Depending on the application, this could reveal sensitive information or cryptographic keys to remote attackers.

tags | advisory, remote, crypto
systems | linux, mandriva
advisories | CVE-2013-1445
MD5 | c914eb6d7cd918d111b7385f10b3736c
Mandriva Linux Security Advisory 2013-261
Posted Oct 28, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-261 - Possible memory exhaustion denial of service due to the size of decompressed payloads in dropbear before 2013.59. Inconsistent delays in authorization failures could be used to disclose the existence of valid user accounts in dropbear before 2013.59.

tags | advisory, denial of service
systems | linux, mandriva
advisories | CVE-2013-4421, CVE-2013-4434
MD5 | 8acc3d49b0f96fe673ed7e7b8514305b
Mandriva Linux Security Advisory 2013-260
Posted Oct 28, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-260 - Multiple vulnerabilities have been discovered and corrected in x11-server. The updated packages have been patched to correct these issues.

tags | advisory, vulnerability
systems | linux, mandriva
advisories | CVE-2010-1166, CVE-2011-4028, CVE-2013-1940, CVE-2013-4396
MD5 | e3591cc9c7148e10a44ce40218eb092e
Mandriva Linux Security Advisory 2013-259
Posted Oct 28, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-259 - Use-after-free vulnerability in the doImageText function in dix/dixfonts.c in the xorg-server module before 1.14.4 in X.Org X11 allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted ImageText request that triggers memory-allocation failure.

tags | advisory, remote, denial of service, arbitrary
systems | linux, mandriva
advisories | CVE-2013-4396
MD5 | d125f59b83cd24a55e5f83e4d2e7dbd9
Mandriva Linux Security Advisory 2013-258
Posted Oct 28, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-258 - It was discovered that ICU contained a race condition affecting multi-threaded applications. If an application using ICU processed crafted data, an attacker could cause it to crash or potentially execute arbitrary code with the privileges of the user invoking the program. It was discovered that ICU incorrectly handled memory operations. If an application using ICU processed crafted data, an attacker could cause it to crash or potentially execute arbitrary code with the privileges of the user invoking the program.

tags | advisory, arbitrary
systems | linux, mandriva
advisories | CVE-2013-0900, CVE-2013-2924
MD5 | c67f90b398ba7f3b727ea6732ff4e513
Gentoo Linux Security Advisory 201310-21
Posted Oct 28, 2013
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201310-21 - Multiple vulnerabilities have been found in MediaWiki, the worst of which could lead to Denial of Service. Versions less than 1.21.2 are affected.

tags | advisory, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2013-1816, CVE-2013-1817, CVE-2013-1818, CVE-2013-1951, CVE-2013-2031, CVE-2013-2032, CVE-2013-2114, CVE-2013-4301, CVE-2013-4302, CVE-2013-4303, CVE-2013-4304, CVE-2013-4305, CVE-2013-4306, CVE-2013-4307, CVE-2013-4308
MD5 | 927b589499f288ee024d0d4db3f46e6c
Gentoo Linux Security Advisory 201310-20
Posted Oct 28, 2013
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201310-20 - A vulnerability in acpid2 may allow a local attacker to gain escalated privileges. Versions less than 2.0.17 are affected.

tags | advisory, local
systems | linux, gentoo
advisories | CVE-2011-2777
MD5 | d5986df22459ab18b7584a7774af17d7
Gentoo Linux Security Advisory 201310-19
Posted Oct 28, 2013
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201310-19 - A path vulnerability in X2Go Server may allow remote execution of arbitrary code. Versions less than 4.0.0.2 are affected.

tags | advisory, remote, arbitrary
systems | linux, gentoo
advisories | CVE-2013-4376
MD5 | f99990412cb03ddfa673d4651e354f16
Debian Security Advisory 2786-1
Posted Oct 28, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2786-1 - The Google Chrome Security Team discovered two issues (a race condition and a use-after-free issue) in the International Components for Unicode (ICU) library.

tags | advisory
systems | linux, debian
advisories | CVE-2013-0900, CVE-2013-2924
MD5 | b7c2ffee26d8819db958c987dcb0af13
Gentoo Linux Security Advisory 201310-18
Posted Oct 28, 2013
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201310-18 - Multiple vulnerabilities have been discovered in GnuTLS, the worst of which could lead to Denial of Service. Versions less than 2.12.23-r1 are affected.

tags | advisory, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2013-1619, CVE-2013-2116
MD5 | 3bd373195a2954d3ad1c151032ac68b5
Gentoo Linux Security Advisory 201310-17
Posted Oct 28, 2013
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201310-17 - pmake uses temporary files in an insecure manner, allowing for symlink attacks. Versions less than 1.111.3.1 are affected.

tags | advisory
systems | linux, gentoo
advisories | CVE-2011-1920
MD5 | fcc1af65e598005447484c48671497c3
Debian Security Advisory 2787-1
Posted Oct 28, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2787-1 - It was discovered that roundcube, a skinnable AJAX based webmail solution for IMAP servers, does not properly sanitize the _session parameter in steps/utils/save_pref.inc during saving preferences. The vulnerability can be exploited to overwrite configuration settings and subsequently allowing random file access, manipulated SQL queries and even code execution.

tags | advisory, imap, code execution
systems | linux, debian
advisories | CVE-2013-6172
MD5 | ce0385e27ad71d653a72155c0a9a389e
Debian Security Advisory 2785-1
Posted Oct 28, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2785-1 - Several vulnerabilities have been discovered in the chromium web browser.

tags | advisory, web, vulnerability
systems | linux, debian
advisories | CVE-2013-2906, CVE-2013-2907, CVE-2013-2908, CVE-2013-2909, CVE-2013-2910, CVE-2013-2911, CVE-2013-2912, CVE-2013-2913, CVE-2013-2915, CVE-2013-2916, CVE-2013-2917, CVE-2013-2918, CVE-2013-2919, CVE-2013-2920, CVE-2013-2921, CVE-2013-2922, CVE-2013-2923, CVE-2013-2924, CVE-2013-2925, CVE-2013-2926, CVE-2013-2927, CVE-2013-2928
MD5 | b4e024ee4525eb80a93f124881d1ceb3
Gentoo Linux Security Advisory 201310-16
Posted Oct 28, 2013
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201310-16 - Two buffer overflow vulnerabilities in TPTEST may allow remote attackers to execute arbitrary code or cause Denial of Service. Versions less than 3.1.7-r2 are affected.

tags | advisory, remote, denial of service, overflow, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2009-0650, CVE-2009-0659
MD5 | 6bc77f724fb5f22f671b4ea88bd60396
vBulletin 4.1.x / 5.x.x Administrative User Injection
Posted Oct 28, 2013
Authored by Simo Ben Youssef

vBulletin versions 4.1.x and 5.x.x suffer from a remote unauthenticated administrative user injection vulnerability via upgrade.php.

tags | exploit, remote, php
MD5 | 7b0af1994f2dfa5aaf6675fb81c62955
Page 1 of 2
Back12Next

File Archive:

November 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    22 Files
  • 2
    Nov 2nd
    28 Files
  • 3
    Nov 3rd
    10 Files
  • 4
    Nov 4th
    1 Files
  • 5
    Nov 5th
    5 Files
  • 6
    Nov 6th
    15 Files
  • 7
    Nov 7th
    15 Files
  • 8
    Nov 8th
    13 Files
  • 9
    Nov 9th
    9 Files
  • 10
    Nov 10th
    9 Files
  • 11
    Nov 11th
    3 Files
  • 12
    Nov 12th
    2 Files
  • 13
    Nov 13th
    15 Files
  • 14
    Nov 14th
    17 Files
  • 15
    Nov 15th
    19 Files
  • 16
    Nov 16th
    15 Files
  • 17
    Nov 17th
    19 Files
  • 18
    Nov 18th
    4 Files
  • 19
    Nov 19th
    2 Files
  • 20
    Nov 20th
    9 Files
  • 21
    Nov 21st
    15 Files
  • 22
    Nov 22nd
    23 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close