all things security
Showing 1 - 16 of 16 RSS Feed

Files Date: 2013-11-06

Cisco Security Advisory 20131106-tvxca
Posted Nov 6, 2013
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - A vulnerability in the WIL-A module of Cisco TelePresence VX Clinical Assistant could allow an unauthenticated, remote attacker to log in as the admin user of the device using a blank password. The vulnerability is due to a coding error that resets the password for the admin user to a blank password on every reboot. An attacker could exploit this vulnerability by logging in to the administrative interface as the admin user with a blank password.

tags | advisory, remote
systems | cisco
MD5 | 579d659cd567ce6aedaec44d482d584d
Drupal Node Access Keys 7.x Access Bypass
Posted Nov 6, 2013
Authored by Daniel Korte | Site drupal.org

Drupal Node Access Keys third party module version 7.x suffers from an access bypass vulnerability.

tags | advisory, bypass
MD5 | 41300b5d31c9bba96e34843cd6ee4c87
Ubuntu Security Notice USN-2012-1
Posted Nov 6, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2012-1 - Christian Prim discovered that Light Display Manager incorrectly applied the AppArmor security profile when the Guest account is used. A local attacker could use this issue to possibly gain access to sensitive information.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2013-4459
MD5 | b80c23eadf7d37fceca37e0f1cbce381
appRain 3.0.2 SQL Injection
Posted Nov 6, 2013
Authored by High-Tech Bridge SA | Site htbridge.com

appRain version 3.0.2 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2013-6058
MD5 | 29a92311effd44bb00605c214ae28527
Cisco Security Advisory 20131106-sip
Posted Nov 6, 2013
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - A vulnerability exists in the Session Initiation Protocol (SIP) implementation in Cisco IOS Software that could allow an unauthenticated, remote attacker to cause a reload of an affected device or cause memory leaks that may result in system instabilities. To exploit this vulnerability, affected devices must be configured to process SIP messages. Limited Cisco IOS Software releases are affected. Cisco has released free software updates that address this vulnerability. There are no workarounds for devices that must run SIP; however, mitigations are available to limit exposure to the vulnerability.

tags | advisory, remote, protocol, memory leak
systems | cisco
MD5 | d0ae7cb526af72b60278590abfb55c69
Cisco Security Advisory 20131106-waasm
Posted Nov 6, 2013
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Cisco Wide Area Application Services (WAAS) Mobile contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code on the Cisco WAAS Mobile server with the privileges of the Microsoft Internet Information Services (IIS) web server.

tags | advisory, remote, web, arbitrary
systems | cisco
MD5 | b9907af1e65b49d817b31d002e9612c5
Drupal Secure Pages 6.x Missing Encryption
Posted Nov 6, 2013
Authored by Balazs Nagykekesi | Site drupal.org

Drupal Secure Pages third party module version 6.x fails to encrypt sensitive data.

tags | advisory
MD5 | c4f07f85662e4ac6a087dd8b472856a2
Open-Xchange AppSuite Script Insertion
Posted Nov 6, 2013
Authored by Martin Braun

Open-Xchange AppSuite versions prior to 7.4.0 fail to properly neutralize script code embedded within SVG files and also suffer from an information exposure vulnerability.

tags | advisory, xss
advisories | CVE-2013-6074, CVE-2013-6241
MD5 | 057df2f2182adb64c76e9cb391092a6f
OsiriX Private Key Disclosure
Posted Nov 6, 2013
Authored by Dirk-Willem van Gulik

OsiriX suffers from a private key disclosure vulnerability. All versions up to and including 5.7.1/2.7-MD are affected. The fix was introduced in version 5.8 and 2.8-MD.

tags | advisory, info disclosure
advisories | CVE-2013-4425
MD5 | 1e3af0b9ae43b8b7cfad49a3ed0cddcc
Drupal Payment For Webform 7.x Access Bypass
Posted Nov 6, 2013
Authored by Greg Knaddison, Herman van Rink, Clemens Tolboom | Site drupal.org

Drupal Payment for Webform third party module version 7.x suffers from an access bypass vulnerability.

tags | advisory, bypass
MD5 | 77cc32535e23966f5e917ffbb7ae7c5a
WordPress Gallery Bank 2.0.19 Cross Site Scripting
Posted Nov 6, 2013
Authored by Sojobo Dev Team

WordPress Gallery Bank version 2.0.19 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 7a293e773b796eda70dbd81c037b1951
Sanewall 1.1.6
Posted Nov 6, 2013
Authored by Costa Tsaousis, Phil Whineray | Site sanewall.org

Sanewall is a firewall builder for Linux which uses an elegant language abstracted to just the right level. This makes it powerful and easy to use, audit, and understand. It allows you to create very readable configurations even for complex stateful firewalls. Sanewall can be used for almost any purpose, including control of any number of internal/external/virtual interfaces, control of any combination of routed traffic, setting up DMZ routers and servers, all kinds of NAT, providing strong protection (flooding, spoofing, etc.), transparent caches, source MAC verification, blacklists, and whitelists. Newer versions abstract the differences between IPv4 and IPv6, allowing you to define a common set of rules for both, while permitting specific rules for each as you need.

Changes: Various minor improvement.
tags | tool, spoof, firewall
systems | linux, unix
MD5 | ce046b15678cf7186c9f1179cd43bccb
OWASP Java Encoder Filter Bypass
Posted Nov 6, 2013
Authored by Rafay Baloch, Alex Infuhr

OWASP Java Encoder suffers from a cross site scripting bypass vulnerability when it comes to the use of backticks.

tags | exploit, java, xss, bypass
MD5 | 68b5a8a5dbc20e0d9105ad855c46b9ae
Microweber 0.905 SQL Injection
Posted Nov 6, 2013
Authored by Zy0d0x | Site nullsecurity.net

Microweber version 0.905 suffers from an error-based remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 67e099e43c35b28b8b0e8a62af68e840
Flatpress 1.0 Traversal / Command Execution
Posted Nov 6, 2013
Authored by Wireghoul

Flatpress version 1.0 remote code execution exploit that leverages a comment loaded through a directory traversal vulnerability.

tags | exploit, remote, code execution
MD5 | b9f84e50139fb0af637202daf10ebddc
Webers CMS XSS / LFI / SQL Injection
Posted Nov 6, 2013
Authored by Hossein Hezami

Webers CMS suffers from cross site scripting, local file inclusion, path disclosure, and remote SQL injection vulnerabilities.

tags | exploit, remote, local, vulnerability, xss, sql injection, file inclusion
MD5 | 97b6de27d1ba58915658aff241611425
Page 1 of 1
Back1Next

File Archive:

July 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    2 Files
  • 2
    Jul 2nd
    3 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    4 Files
  • 5
    Jul 5th
    15 Files
  • 6
    Jul 6th
    15 Files
  • 7
    Jul 7th
    10 Files
  • 8
    Jul 8th
    2 Files
  • 9
    Jul 9th
    10 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    15 Files
  • 12
    Jul 12th
    19 Files
  • 13
    Jul 13th
    16 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    3 Files
  • 16
    Jul 16th
    2 Files
  • 17
    Jul 17th
    8 Files
  • 18
    Jul 18th
    11 Files
  • 19
    Jul 19th
    15 Files
  • 20
    Jul 20th
    15 Files
  • 21
    Jul 21st
    15 Files
  • 22
    Jul 22nd
    7 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close