what you don't know can hurt you
Showing 1 - 16 of 16 RSS Feed

Files Date: 2013-12-14

YSTS 8th Edition Call For Papers
Posted Dec 14, 2013
Site ysts.org

The 8th edition of YSTS (You Shot The Sheriff) has announced its call for papers. It will be held in Sao Paulo, Brazil on April 14th, 2014.

tags | paper, conference
MD5 | 5dfa84cf6f24830d2c3876c4fc63ad4c
Etoshop B2B Vertical Marketplace Creator 2.0 SQL Injection
Posted Dec 14, 2013
Authored by R3d-D3v!L

Etoshop B2B Vertical Marketplace Creator version 2.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 62bdd6b2c75316b9d79f3c8add9dbd20
HP Security Bulletin HPSBMU02874 3
Posted Dec 14, 2013
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU02874 3 - Potential security vulnerabilities have been identified with HP Service Manager and ServiceCenter for Windows, Linux, HP-UX, Solaris and AIX. The Java Runtime Environment (JRE) has been updated to correct these issues. Revision 3 of this advisory.

tags | advisory, java, vulnerability
systems | linux, windows, solaris, aix, hpux
advisories | CVE-2012-1541, CVE-2012-1543, CVE-2012-3213, CVE-2012-3342, CVE-2012-4301, CVE-2012-4305, CVE-2013-0169, CVE-2013-0351, CVE-2013-0409, CVE-2013-0419, CVE-2013-0423, CVE-2013-0424, CVE-2013-0425, CVE-2013-0426, CVE-2013-0427, CVE-2013-0428, CVE-2013-0429, CVE-2013-0430, CVE-2013-0431, CVE-2013-0432, CVE-2013-0433, CVE-2013-0434, CVE-2013-0435, CVE-2013-0436, CVE-2013-0437, CVE-2013-0438, CVE-2013-0439, CVE-2013-0440
MD5 | b6b8674b75eceb0753056a4a45db9da6
Classifieds Creator 2.0 SQL Injection
Posted Dec 14, 2013
Authored by R3d-D3v!L

Classifieds Creator version 2.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 2f1cb168a636e8b26db905d777be58bc
C2C Forward Auction Center SQL Injection
Posted Dec 14, 2013
Authored by R3d-D3v!L

C2C Forward Auction Creator version 2.0 suffers a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 716887a9a46c1c03bd93af135dd81039
Bypassing Modern Web Application Firewalls
Posted Dec 14, 2013
Authored by Rafay Baloch

This whitepaper is called Modern Web Application Firewalls Fingerprinting and Bypassing XSS Filters.

tags | paper, web
MD5 | 929bd2711e1c79a08e4a6c59381ac3ec
iScripts MultiCart 2.4 Cross Site Request Forgery / Cross Site Scripting
Posted Dec 14, 2013
Authored by Saadat Ullah

iScripts MultiCart versions 2.4 and below suffer from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
MD5 | cb765c9c031cef40221a30f74633e0a6
Osclass 3.3 Cross Site Request Forgery / SQL Injection / Traversal
Posted Dec 14, 2013
Authored by R3d-D3v!L

Osclass version 3.3 suffers from cross site request forgery, remote SQL injection, and directory traversal vulnerabilities.

tags | exploit, remote, vulnerability, sql injection, file inclusion, csrf
MD5 | d03392d1c3a066cbec485a082da44902
IBM SPSS 21 Weak Cryptography Implementation
Posted Dec 14, 2013
Authored by Ben Pfaff

IBM SPSS2 21 and later suffer from use of an encryption scheme with inherent weaknesses.

tags | advisory
MD5 | 967c963dadccd19703774352603155e1
Microsoft Online, Office And Cloud Persistent Encoding Issues
Posted Dec 14, 2013
Authored by Benjamin Kunz Mejri | Site vulnerability-lab.com

Microsoft Online, Office and Cloud suffer from persistent encoding issues that can allow for cross site scripting.

tags | exploit, xss
MD5 | c2e283f4b1377b6a4d98db5ac9a011fe
Simple Machines Forum Username Faking / Clickjacking
Posted Dec 14, 2013
Authored by Jakob Lell | Site jakoblell.com

Simple Machines Forum suffers from username impersonation and clickjacking issues. These issues are are present in SMF1 up to version 1.1.18 and SMF2 up to version 2.0.5.

tags | advisory
MD5 | cd58e3f9fd64f4dfac03017e9ce92eb8
Red Hat Security Advisory 2013-1801-01
Posted Dec 14, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1801-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A flaw was found in the way the Linux kernel's TCP/IP protocol suite implementation handled sending of certain UDP packets over sockets that used the UDP_CORK option when the UDP Fragmentation Offload feature was enabled on the output device. A local, unprivileged user could use this flaw to cause a denial of service or, potentially, escalate their privileges on the system. A divide-by-zero flaw was found in the apic_get_tmcct() function in KVM's Local Advanced Programmable Interrupt Controller implementation. A privileged guest user could use this flaw to crash the host.

tags | advisory, denial of service, kernel, local, udp, tcp, protocol
systems | linux, redhat
advisories | CVE-2013-2141, CVE-2013-4470, CVE-2013-6367, CVE-2013-6368
MD5 | 1af132fdcf7c424f280c901b55f82dec
Red Hat Security Advisory 2013-1829-01
Posted Dec 14, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1829-01 - Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime provides platform independence for non-GUI operating system facilities. A flaw was found in the way NSS handled invalid handshake packets. A remote attacker could use this flaw to cause a TLS/SSL client using NSS to crash or, possibly, execute arbitrary code with the privileges of the user running the application. It was found that the fix for CVE-2013-1620 released via RHSA-2013:1135 introduced a regression causing NSS to read uninitialized data when a decryption failure occurred. A remote attacker could use this flaw to cause a TLS/SSL server using NSS to crash.

tags | advisory, remote, arbitrary
systems | linux, redhat
advisories | CVE-2013-1739, CVE-2013-1741, CVE-2013-5605, CVE-2013-5606, CVE-2013-5607
MD5 | 006629f180df0482a90f037affbe37d0
Red Hat Security Advisory 2013-1802-01
Posted Dec 14, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1802-01 - The rhev-hypervisor6 package provides a Red Hat Enterprise Virtualization Hypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor is a dedicated Kernel-based Virtual Machine hypervisor. It includes everything necessary to run and manage virtual machines: a subset of the Red Hat Enterprise Linux operating environment and the Red Hat Enterprise Virtualization Agent. Note: Red Hat Enterprise Virtualization Hypervisor is only available for the Intel 64 and AMD64 architectures with virtualization extensions. Upgrade Note: If you upgrade the Red Hat Enterprise Virtualization Hypervisor through the 3.2 Manager administration portal, the Host may appear with the status of "Install Failed". If this happens, place the host into maintenance mode, then activate it again to get the host back to an "Up" state.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2013-6367
MD5 | 3a1ffcb4e563119b8f903731ba4fce9e
Ubuntu Security Notice USN-2055-1
Posted Dec 14, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2055-1 - Stefan Esser discovered that PHP incorrectly parsed certificates. An attacker could use a malformed certificate to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. It was discovered that PHP incorrectly handled DateInterval objects. An attacker could use this issue to cause PHP to crash, resulting in a denial of service.

tags | advisory, denial of service, arbitrary, php
systems | linux, ubuntu
advisories | CVE-2013-6420, CVE-2013-6712, CVE-2013-6420, CVE-2013-6712
MD5 | 916beb41f134d201de0109172ed0550c
Debian Security Advisory 2816-1
Posted Dec 14, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2816-1 - Several vulnerabilities were found in PHP, a general-purpose scripting language commonly used for web application development.

tags | advisory, web, php, vulnerability
systems | linux, debian
advisories | CVE-2013-6420, CVE-2013-6712
MD5 | 962a874bbfa0c615659f16545ecea4f8
Page 1 of 1
Back1Next

File Archive:

August 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    3 Files
  • 2
    Aug 2nd
    2 Files
  • 3
    Aug 3rd
    32 Files
  • 4
    Aug 4th
    22 Files
  • 5
    Aug 5th
    15 Files
  • 6
    Aug 6th
    19 Files
  • 7
    Aug 7th
    6 Files
  • 8
    Aug 8th
    1 Files
  • 9
    Aug 9th
    2 Files
  • 10
    Aug 10th
    27 Files
  • 11
    Aug 11th
    11 Files
  • 12
    Aug 12th
    11 Files
  • 13
    Aug 13th
    17 Files
  • 14
    Aug 14th
    7 Files
  • 15
    Aug 15th
    0 Files
  • 16
    Aug 16th
    0 Files
  • 17
    Aug 17th
    0 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close