exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 15 of 15 RSS Feed

Files Date: 2013-12-10

EMC Data Protection Advisor Remote Code Execution
Posted Dec 10, 2013
Authored by rgod | Site retrogod.altervista.org

EMC Data Protection Advisor version 5.8 sp5 suffers from a DPA Illuminator EJBInvokerServlet remote code execution vulnerability. Proof of concept code included.

tags | exploit, remote, code execution, proof of concept
systems | linux
SHA-256 | bec0bb61454387d713dc7ce4ade6cefcbc27df7b553ab6873ee83cad51e2a1c6
Owning Render Farms Via NVIDIA Mental Ray
Posted Dec 10, 2013
Authored by Luigi Auriemma, Donato Ferrante

This paper details a vulnerability affecting NVIDIA mental ray, which allows an attacker to take control over a mental ray based render farm.

tags | paper
SHA-256 | 775f48d6630d6aac147c8f09fc15e01a82cf693584d38a901be40b58fff0f320
Air Gallery 1.0 Air Photo Browser Command Injection
Posted Dec 10, 2013
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

Air Gallery Air Photo Browser version 1.0 suffers from multiple command injection vulnerabilities.

tags | exploit, vulnerability
SHA-256 | 1a35705f3ea7cd9bc981b6a7b0fd47f596186f8acd70761a6df2d1b90be027b8
LiveZilla 5.1.1.0 Cross Site Scripting
Posted Dec 10, 2013
Authored by Jakub Zoczek

LiveZilla version 5.1.1.0 suffers from multiple stored cross site scripting issues in the web-based Operator Client and LiveZilla client.

tags | exploit, web, xss
advisories | CVE-2013-7003
SHA-256 | a9a6519e8b5a96c47677b39baf14e1fa3cb06fc3188411397cdaecebcc214f3f
GOM Player 2.2.53.5169 Buffer Overflow
Posted Dec 10, 2013
Authored by Mike Czumak

GOM Player version 2.2.53.5169 SEH buffer overflow exploit.

tags | exploit, overflow
advisories | CVE-2013-6356
SHA-256 | 09733cd92523cb7582f4b8273a90b6b602443c8f2ce4263aeb0101cbfb59425c
vBulletin index.php/ajax/api/reputation/vote nodeid Parameter SQL Injection
Posted Dec 10, 2013
Authored by juan vazquez, Orestis Kourides | Site metasploit.com

This Metasploit module exploits a SQL injection vulnerability found in vBulletin 5 that has been used in the wild since March 2013. This Metasploit module uses the sqli to extract the web application's usernames and hashes. With the retrieved information tries to log into the admin control panel in order to deploy the PHP payload. This Metasploit module has been tested successfully on VBulletin Version 5.0.0 Beta 13 over an Ubuntu Linux distribution.

tags | exploit, web, php, sql injection
systems | linux, ubuntu
advisories | CVE-2013-3522, OSVDB-92031
SHA-256 | 9d8efb0cad2d070a8f7a77f67fe384b7478ccfb79465861ec1f1764abe23a5f1
Red Hat Security Advisory 2013-1806-01
Posted Dec 10, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1806-01 - Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. A heap-based buffer overflow flaw was found in the DCE-RPC client code in Samba. A specially crafted DCE-RPC packet could cause various Samba programs to crash or, possibly, execute arbitrary code when parsed. A malicious or compromised Active Directory Domain Controller could use this flaw to compromise the winbindd daemon running with root privileges.

tags | advisory, overflow, arbitrary, root, protocol
systems | linux, redhat
advisories | CVE-2013-4408, CVE-2013-4475
SHA-256 | 776f5e06aa1d59689b658d1881b9e89a5fcea991a6537bc63833095590381b35
Red Hat Security Advisory 2013-1805-01
Posted Dec 10, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1805-01 - Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. A heap-based buffer overflow flaw was found in the DCE-RPC client code in Samba. A specially crafted DCE-RPC packet could cause various Samba programs to crash or, possibly, execute arbitrary code when parsed. A malicious or compromised Active Directory Domain Controller could use this flaw to compromise the winbindd daemon running with root privileges.

tags | advisory, overflow, arbitrary, root, protocol
systems | linux, redhat
advisories | CVE-2013-4408
SHA-256 | 7a95ea07e79777b06a6fa8a5c54f5c65a0354ca7595170be622db4ed1496de04
Debian Security Advisory 2815-1
Posted Dec 10, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2815-1 - Christoph Biedl discovered two denial of service vulnerabilities in munin, a network-wide graphing framework.

tags | advisory, denial of service, vulnerability
systems | linux, debian
advisories | CVE-2013-6048, CVE-2013-6359
SHA-256 | 55851fa8a15306a3fd9125a88e7ee55e48f372ccc13862e3364616d8c63025c2
Debian Security Advisory 2814-1
Posted Dec 10, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2814-1 - A denial of service vulnerability was reported in varnish, a state of the art, high-performance web accelerator. With some configurations of varnish a remote attacker could mount a denial of service (child-process crash and temporary caching outage) via a GET request with trailing whitespace characters and no URI.

tags | advisory, remote, web, denial of service
systems | linux, debian
advisories | CVE-2013-4484
SHA-256 | 6d9b196bb178599d75a77ee1dee4a7a1609b587bc3f0fb2f12f26dd4e6929a51
Debian Security Advisory 2813-1
Posted Dec 10, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2813-1 - Murray McAllister discovered multiple integer and buffer overflows in the XWD plugin in Gimp, which can result in the execution of arbitrary code.

tags | advisory, overflow, arbitrary
systems | linux, debian
advisories | CVE-2013-1913, CVE-2013-1978
SHA-256 | c06c391c3fd8c1b46bde7ad6dd5b1f16ef777d95602dea8702f26adaadf6ad83
Ubuntu Security Notice USN-2051-1
Posted Dec 10, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2051-1 - Murray McAllister discovered that GIMP incorrectly handled malformed XWD files. If a user were tricked into opening a specially crafted XWD file, an attacker could cause GIMP to crash, or possibly execute arbitrary code with the user's privileges.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2013-1913, CVE-2013-1978
SHA-256 | 8493a8639e296e4dbd702fff7bd13f9491d9ab10e39063a4d86e79c6f7cec8a4
Gentoo Linux Security Advisory 201312-07
Posted Dec 10, 2013
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201312-7 - Multiple vulnerabilities have been found in OpenEXR, allowing remote attackers to execute arbitrary code or cause a Denial of Service condition. Versions less than 1.7.0 are affected.

tags | advisory, remote, denial of service, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2009-1720, CVE-2009-1721
SHA-256 | 061c233843f6d1e376869b86fe81a7c175184176f83d141493dd9e3aaeec9db5
CGILua 3.0 SQL Injection
Posted Dec 10, 2013
Authored by aceeeeeeeer

CGILua versions 3.0 and below suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | a2f1834f3f06371c1017c95dec7618b37b9e5d90551ca8600db7a660a364e44e
Debian Security Advisory 2812-1
Posted Dec 10, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2812-1 - Two security issues were found in Samba, a SMB/CIFS file, print, and login server.

tags | advisory
systems | linux, debian
advisories | CVE-2013-4408, CVE-2013-4475
SHA-256 | f999b212f4fc13361aae0ea94817b1f46dc2584eaa0f151337c38c12cae08445
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close