what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 16 of 16 RSS Feed

Files Date: 2013-11-06

Cisco Security Advisory 20131106-tvxca
Posted Nov 6, 2013
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - A vulnerability in the WIL-A module of Cisco TelePresence VX Clinical Assistant could allow an unauthenticated, remote attacker to log in as the admin user of the device using a blank password. The vulnerability is due to a coding error that resets the password for the admin user to a blank password on every reboot. An attacker could exploit this vulnerability by logging in to the administrative interface as the admin user with a blank password.

tags | advisory, remote
systems | cisco
SHA-256 | 60fa59a80b7a72f93348b49a001a6edf91f256faa453042459058d5f9bcc86b9
Drupal Node Access Keys 7.x Access Bypass
Posted Nov 6, 2013
Authored by Daniel Korte | Site drupal.org

Drupal Node Access Keys third party module version 7.x suffers from an access bypass vulnerability.

tags | advisory, bypass
SHA-256 | a3fed5b523d8f02bbf636bf04beed087b4946cb8000f77be7a9ce199e6c00213
Ubuntu Security Notice USN-2012-1
Posted Nov 6, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2012-1 - Christian Prim discovered that Light Display Manager incorrectly applied the AppArmor security profile when the Guest account is used. A local attacker could use this issue to possibly gain access to sensitive information.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2013-4459
SHA-256 | a1eace9b209a86a694d9d45f5aa107b41d0e9e4f9eb2a754bcd076b2b2a83d35
appRain 3.0.2 SQL Injection
Posted Nov 6, 2013
Authored by High-Tech Bridge SA | Site htbridge.com

appRain version 3.0.2 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2013-6058
SHA-256 | c9b7309b9491bac7d77ccf7c949a6825fbdcd06cedb8d1445051efe18501f410
Cisco Security Advisory 20131106-sip
Posted Nov 6, 2013
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - A vulnerability exists in the Session Initiation Protocol (SIP) implementation in Cisco IOS Software that could allow an unauthenticated, remote attacker to cause a reload of an affected device or cause memory leaks that may result in system instabilities. To exploit this vulnerability, affected devices must be configured to process SIP messages. Limited Cisco IOS Software releases are affected. Cisco has released free software updates that address this vulnerability. There are no workarounds for devices that must run SIP; however, mitigations are available to limit exposure to the vulnerability.

tags | advisory, remote, protocol, memory leak
systems | cisco
SHA-256 | 83bb534a6196cdbd74e1bc7f15e0aed238494ea1c65d7a8c58259d47c7ca8e40
Cisco Security Advisory 20131106-waasm
Posted Nov 6, 2013
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Cisco Wide Area Application Services (WAAS) Mobile contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code on the Cisco WAAS Mobile server with the privileges of the Microsoft Internet Information Services (IIS) web server.

tags | advisory, remote, web, arbitrary
systems | cisco
SHA-256 | 96ddb161ad541229aad9a7990e38b2a379b12b25fde53f838de30e114656167f
Drupal Secure Pages 6.x Missing Encryption
Posted Nov 6, 2013
Authored by Balazs Nagykekesi | Site drupal.org

Drupal Secure Pages third party module version 6.x fails to encrypt sensitive data.

tags | advisory
SHA-256 | a1e9e2a1733818ef172b625bc6c3b7764cdd748082c7567c92283c6abcef157a
Open-Xchange AppSuite Script Insertion
Posted Nov 6, 2013
Authored by Martin Braun

Open-Xchange AppSuite versions prior to 7.4.0 fail to properly neutralize script code embedded within SVG files and also suffer from an information exposure vulnerability.

tags | advisory, xss
advisories | CVE-2013-6074, CVE-2013-6241
SHA-256 | 39e0180e7166549e3f32416ad6dcba8d15a526692b1b27889998d45ebd1eefe2
OsiriX Private Key Disclosure
Posted Nov 6, 2013
Authored by Dirk-Willem van Gulik

OsiriX suffers from a private key disclosure vulnerability. All versions up to and including 5.7.1/2.7-MD are affected. The fix was introduced in version 5.8 and 2.8-MD.

tags | advisory, info disclosure
advisories | CVE-2013-4425
SHA-256 | a1aaad73f338f3e2622bef5fd13f44a5546ecc0c57fad091ab344b8aef7bfd21
Drupal Payment For Webform 7.x Access Bypass
Posted Nov 6, 2013
Authored by Greg Knaddison, Herman van Rink, Clemens Tolboom | Site drupal.org

Drupal Payment for Webform third party module version 7.x suffers from an access bypass vulnerability.

tags | advisory, bypass
SHA-256 | dc61a578f7c0a8c0295bec23650648b2e31d56095c94f9a31ba67a54dbf428bb
WordPress Gallery Bank 2.0.19 Cross Site Scripting
Posted Nov 6, 2013
Authored by Sojobo Dev Team

WordPress Gallery Bank version 2.0.19 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 7de5d08259d25035978dbd898d7d844341683cc5a63d38f48f076be8ca15f5f9
Sanewall 1.1.6
Posted Nov 6, 2013
Authored by Costa Tsaousis, Phil Whineray | Site sanewall.org

Sanewall is a firewall builder for Linux which uses an elegant language abstracted to just the right level. This makes it powerful and easy to use, audit, and understand. It allows you to create very readable configurations even for complex stateful firewalls. Sanewall can be used for almost any purpose, including control of any number of internal/external/virtual interfaces, control of any combination of routed traffic, setting up DMZ routers and servers, all kinds of NAT, providing strong protection (flooding, spoofing, etc.), transparent caches, source MAC verification, blacklists, and whitelists. Newer versions abstract the differences between IPv4 and IPv6, allowing you to define a common set of rules for both, while permitting specific rules for each as you need.

Changes: Various minor improvement.
tags | tool, spoof, firewall
systems | linux, unix
SHA-256 | d1e6bb7765fbf76bbfa51bc6ec0a0cd61ad692ffa88ff946fa3d506fdea03c21
OWASP Java Encoder Filter Bypass
Posted Nov 6, 2013
Authored by Rafay Baloch, Alex Infuhr

OWASP Java Encoder suffers from a cross site scripting bypass vulnerability when it comes to the use of backticks.

tags | exploit, java, xss, bypass
SHA-256 | e201eb39628f1a3e446bebe36150d242b93041dab9381b0f61668518f32cf0d3
Microweber 0.905 SQL Injection
Posted Nov 6, 2013
Authored by Zy0d0x | Site nullsecurity.net

Microweber version 0.905 suffers from an error-based remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 52e11895bc07d1fbe5d493f3a953386b7fe7f8290972228f52209cc12528f9ee
Flatpress 1.0 Traversal / Command Execution
Posted Nov 6, 2013
Authored by Wireghoul

Flatpress version 1.0 remote code execution exploit that leverages a comment loaded through a directory traversal vulnerability.

tags | exploit, remote, code execution
SHA-256 | 8cbb0d3675b2bd21358cd41f0015f77833c3b74c965121dd98e9e879bf4160dc
Webers CMS XSS / LFI / SQL Injection
Posted Nov 6, 2013
Authored by Hossein Hezami

Webers CMS suffers from cross site scripting, local file inclusion, path disclosure, and remote SQL injection vulnerabilities.

tags | exploit, remote, local, vulnerability, xss, sql injection, file inclusion
SHA-256 | c6438759ebe51d229ccf375aaf894cf618a11b2819b1b4ac091a7c1839f9b19d
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close