Twenty Year Anniversary
Showing 1 - 15 of 15 RSS Feed

Files Date: 2013-12-10

EMC Data Protection Advisor Remote Code Execution
Posted Dec 10, 2013
Authored by rgod | Site retrogod.altervista.org

EMC Data Protection Advisor version 5.8 sp5 suffers from a DPA Illuminator EJBInvokerServlet remote code execution vulnerability. Proof of concept code included.

tags | exploit, remote, code execution, proof of concept
systems | linux
MD5 | 19edac034d235467282580bde6d60025
Owning Render Farms Via NVIDIA Mental Ray
Posted Dec 10, 2013
Authored by Luigi Auriemma, Donato Ferrante

This paper details a vulnerability affecting NVIDIA mental ray, which allows an attacker to take control over a mental ray based render farm.

tags | paper
MD5 | 886ce6e4c37835eeb36b477086d12e47
Air Gallery 1.0 Air Photo Browser Command Injection
Posted Dec 10, 2013
Authored by Benjamin Kunz Mejri | Site vulnerability-lab.com

Air Gallery Air Photo Browser version 1.0 suffers from multiple command injection vulnerabilities.

tags | exploit, vulnerability
MD5 | 7868c46340d95c26860f206f78e7d6d3
LiveZilla 5.1.1.0 Cross Site Scripting
Posted Dec 10, 2013
Authored by Jakub Zoczek

LiveZilla version 5.1.1.0 suffers from multiple stored cross site scripting issues in the web-based Operator Client and LiveZilla client.

tags | exploit, web, xss
advisories | CVE-2013-7003
MD5 | 5946f7231aaa791b6bafb05ea433d45b
GOM Player 2.2.53.5169 Buffer Overflow
Posted Dec 10, 2013
Authored by Mike Czumak

GOM Player version 2.2.53.5169 SEH buffer overflow exploit.

tags | exploit, overflow
advisories | CVE-2013-6356
MD5 | 64d7218f4043c241f7c322dc5a20e3d9
vBulletin index.php/ajax/api/reputation/vote nodeid Parameter SQL Injection
Posted Dec 10, 2013
Authored by juan vazquez, Orestis Kourides | Site metasploit.com

This Metasploit module exploits a SQL injection vulnerability found in vBulletin 5 that has been used in the wild since March 2013. This Metasploit module uses the sqli to extract the web application's usernames and hashes. With the retrieved information tries to log into the admin control panel in order to deploy the PHP payload. This Metasploit module has been tested successfully on VBulletin Version 5.0.0 Beta 13 over an Ubuntu Linux distribution.

tags | exploit, web, php, sql injection
systems | linux, ubuntu
advisories | CVE-2013-3522, OSVDB-92031
MD5 | 0f801bcadbfc3c75cd3c5a572f5f08c2
Red Hat Security Advisory 2013-1806-01
Posted Dec 10, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1806-01 - Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. A heap-based buffer overflow flaw was found in the DCE-RPC client code in Samba. A specially crafted DCE-RPC packet could cause various Samba programs to crash or, possibly, execute arbitrary code when parsed. A malicious or compromised Active Directory Domain Controller could use this flaw to compromise the winbindd daemon running with root privileges.

tags | advisory, overflow, arbitrary, root, protocol
systems | linux, redhat
advisories | CVE-2013-4408, CVE-2013-4475
MD5 | 6ff57c51a5daccb868cb6c4010b1bf62
Red Hat Security Advisory 2013-1805-01
Posted Dec 10, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1805-01 - Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. A heap-based buffer overflow flaw was found in the DCE-RPC client code in Samba. A specially crafted DCE-RPC packet could cause various Samba programs to crash or, possibly, execute arbitrary code when parsed. A malicious or compromised Active Directory Domain Controller could use this flaw to compromise the winbindd daemon running with root privileges.

tags | advisory, overflow, arbitrary, root, protocol
systems | linux, redhat
advisories | CVE-2013-4408
MD5 | 22c426fe37d2ace52ede3fcd35bc21cc
Debian Security Advisory 2815-1
Posted Dec 10, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2815-1 - Christoph Biedl discovered two denial of service vulnerabilities in munin, a network-wide graphing framework.

tags | advisory, denial of service, vulnerability
systems | linux, debian
advisories | CVE-2013-6048, CVE-2013-6359
MD5 | 1e2dee20e96703e31b08dbb385d710e7
Debian Security Advisory 2814-1
Posted Dec 10, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2814-1 - A denial of service vulnerability was reported in varnish, a state of the art, high-performance web accelerator. With some configurations of varnish a remote attacker could mount a denial of service (child-process crash and temporary caching outage) via a GET request with trailing whitespace characters and no URI.

tags | advisory, remote, web, denial of service
systems | linux, debian
advisories | CVE-2013-4484
MD5 | 9f35fff31c5c5d987601aee61d599cbb
Debian Security Advisory 2813-1
Posted Dec 10, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2813-1 - Murray McAllister discovered multiple integer and buffer overflows in the XWD plugin in Gimp, which can result in the execution of arbitrary code.

tags | advisory, overflow, arbitrary
systems | linux, debian
advisories | CVE-2013-1913, CVE-2013-1978
MD5 | fad26d6725f100eec9434d3f3f896099
Ubuntu Security Notice USN-2051-1
Posted Dec 10, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2051-1 - Murray McAllister discovered that GIMP incorrectly handled malformed XWD files. If a user were tricked into opening a specially crafted XWD file, an attacker could cause GIMP to crash, or possibly execute arbitrary code with the user's privileges.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2013-1913, CVE-2013-1978
MD5 | 8fd0213b79e4543aff72b2c437e9b747
Gentoo Linux Security Advisory 201312-07
Posted Dec 10, 2013
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201312-7 - Multiple vulnerabilities have been found in OpenEXR, allowing remote attackers to execute arbitrary code or cause a Denial of Service condition. Versions less than 1.7.0 are affected.

tags | advisory, remote, denial of service, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2009-1720, CVE-2009-1721
MD5 | 4a04f9e62e057d3d4efe7822fdb0f93c
CGILua 3.0 SQL Injection
Posted Dec 10, 2013
Authored by aceeeeeeeer

CGILua versions 3.0 and below suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 1c93d1712efad2b5884bc1bfa7ffc9da
Debian Security Advisory 2812-1
Posted Dec 10, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2812-1 - Two security issues were found in Samba, a SMB/CIFS file, print, and login server.

tags | advisory
systems | linux, debian
advisories | CVE-2013-4408, CVE-2013-4475
MD5 | 458e4fd7a3f621940c01e190a48a5ef4
Page 1 of 1
Back1Next

File Archive:

October 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    26 Files
  • 2
    Oct 2nd
    15 Files
  • 3
    Oct 3rd
    15 Files
  • 4
    Oct 4th
    15 Files
  • 5
    Oct 5th
    15 Files
  • 6
    Oct 6th
    2 Files
  • 7
    Oct 7th
    3 Files
  • 8
    Oct 8th
    23 Files
  • 9
    Oct 9th
    16 Files
  • 10
    Oct 10th
    15 Files
  • 11
    Oct 11th
    19 Files
  • 12
    Oct 12th
    16 Files
  • 13
    Oct 13th
    2 Files
  • 14
    Oct 14th
    2 Files
  • 15
    Oct 15th
    15 Files
  • 16
    Oct 16th
    20 Files
  • 17
    Oct 17th
    19 Files
  • 18
    Oct 18th
    21 Files
  • 19
    Oct 19th
    16 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close