exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 8 of 8 RSS Feed

Files Date: 2013-12-15

HP Security Bulletin HPSBGN02952
Posted Dec 15, 2013
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN02952 - A potential security vulnerability has been identified with HP Application Lifecycle Manager (ALM) running JBoss application server. This vulnerability could be exploited remotely to allow code execution. Revision 1 of this advisory.

tags | advisory, code execution
advisories | CVE-2013-4810
SHA-256 | b30f271b757401886554de4dfbd2e10bc1f7d66f3e0a19a69b7169dc91228181
HP Security Bulletin HPSBGN02951
Posted Dec 15, 2013
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN02951 - Potential security vulnerabilities have been identified with HP Operations Orchestration. The vulnerabilities could be exploited to allow cross-site scripting (XSS) and cross-site request forgery (CSRF). Revision 1 of this advisory.

tags | advisory, vulnerability, xss, csrf
advisories | CVE-2013-6191, CVE-2013-6192
SHA-256 | c269b1d60b3e90c5acb18d71d9329cd95b5832a4b458d1d64dba90e4d65129fd
Gentoo Linux Security Advisory 201312-10
Posted Dec 15, 2013
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201312-10 - A buffer overflow in libsmi might allow a context-dependent attacker to execute arbitrary code. Versions less than 0.4.8-r1 are affected.

tags | advisory, overflow, arbitrary
systems | linux, gentoo
advisories | CVE-2010-2891
SHA-256 | 6aa435a29cce58ebaef5ee97b49c52c0045e0a66e59825d2106d819f7b61b00c
Gentoo Linux Security Advisory 201312-09
Posted Dec 15, 2013
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201312-9 - Multiple vulnerabilities have been found in cabextract, allowing remote attackers to execute arbitrary code or cause a Denial of Service condition. Versions less than 1.3 are affected.

tags | advisory, remote, denial of service, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2010-2800, CVE-2010-2801
SHA-256 | 8cdb78dc586c4b23f55ef5470d748fdd81b5e9636acdcbc0d181c4649c5021ad
Debian Security Advisory 2817-1
Posted Dec 15, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2817-1 - Timo Warns reported multiple integer overflow vulnerabilities in libtar, a library for manipulating tar archives, which can result in the execution of arbitrary code.

tags | advisory, overflow, arbitrary, vulnerability
systems | linux, debian
advisories | CVE-2013-4397
SHA-256 | f3c71858a5f19feeca680c031798b02da6f0c617f5783c05975cb2a9f23b7313
PHP openssl_x509_parse() Memory Corruption
Posted Dec 15, 2013
Authored by Stefan Esser

The PHP function openssl_x509_parse() uses a helper function called asn1_time_to_time_t() to convert timestamps from ASN1 string format into integer timestamp values. The parser within this helper function is not binary safe and can therefore be tricked to write up to five NUL bytes outside of an allocated buffer. This problem can be triggered by x509 certificates that contain NUL bytes in their notBefore and notAfter timestamp fields and leads to a memory corruption that might result in arbitrary code execution.

tags | exploit, arbitrary, php, code execution
advisories | CVE-2013-6420
SHA-256 | 7406038cb1adf87acf1e03364bbd761251c6d8fc531065990b85c245ae25fbe4
Bio Basespace SDK 0.1.7 API Key Exposure
Posted Dec 15, 2013
Authored by Larry W. Cashdollar

The Bio Basespace SDK 0.1.7 Ruby Gem API client code passes the API_KEY to a curl command. This exposes the api key to the shell and process table. Another user on the system could snag the api key by just monitoring the process table.

tags | advisory, shell, info disclosure, ruby
SHA-256 | d611161b7de257aeced569b86efb86407334ac528739835cfa78af454f079352
iScripts AutoHoster PHP Code Injection
Posted Dec 15, 2013
Authored by i-Hmx

iScripts AutoHoster suffers from file disclosure, PHP code injection, file disclosure, and remote SQL injection vulnerabilities.

tags | exploit, remote, php, vulnerability, sql injection, info disclosure
SHA-256 | e688d35feae61acb5dcdfa1966f1c4b19724883860f61ef17d40a6500a340e63
Page 1 of 1
Back1Next

File Archive:

January 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    0 Files
  • 2
    Jan 2nd
    13 Files
  • 3
    Jan 3rd
    5 Files
  • 4
    Jan 4th
    5 Files
  • 5
    Jan 5th
    9 Files
  • 6
    Jan 6th
    5 Files
  • 7
    Jan 7th
    0 Files
  • 8
    Jan 8th
    0 Files
  • 9
    Jan 9th
    18 Files
  • 10
    Jan 10th
    31 Files
  • 11
    Jan 11th
    30 Files
  • 12
    Jan 12th
    33 Files
  • 13
    Jan 13th
    25 Files
  • 14
    Jan 14th
    0 Files
  • 15
    Jan 15th
    0 Files
  • 16
    Jan 16th
    7 Files
  • 17
    Jan 17th
    25 Files
  • 18
    Jan 18th
    38 Files
  • 19
    Jan 19th
    6 Files
  • 20
    Jan 20th
    21 Files
  • 21
    Jan 21st
    0 Files
  • 22
    Jan 22nd
    0 Files
  • 23
    Jan 23rd
    24 Files
  • 24
    Jan 24th
    68 Files
  • 25
    Jan 25th
    22 Files
  • 26
    Jan 26th
    20 Files
  • 27
    Jan 27th
    17 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close