exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 13 of 13 RSS Feed

Files Date: 2013-12-26

RealNetworks RealPlayer Version Attribute Buffer Overflow
Posted Dec 26, 2013
Authored by Gabor Seljan | Site metasploit.com

This Metasploit module exploits a stack-based buffer overflow vulnerability in version 16.0.3.51 and 16.0.2.32 of RealNetworks RealPlayer, caused by improper bounds checking of the version and encoding attributes inside the XML declaration. By persuading the victim to open a specially-crafted .RMP file, a remote attacker could execute arbitrary code on the system or cause the application to crash.

tags | exploit, remote, overflow, arbitrary
advisories | CVE-2013-6877
SHA-256 | 8a8a413478986610cfe01a2463f28c4cb1a4e732df507042bac07cef2741232e
WordPress Ad-minister 0.6 Cross Site Scripting
Posted Dec 26, 2013
Authored by High-Tech Bridge SA | Site htbridge.com

WordPress Ad-minister plugin version 0.6 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2013-6993
SHA-256 | 00c782cd1bf296e3d433962ceb1d7976f641f78821242d9e2dcb9de59a95273c
AskApache 3.0 Cross Site Request Forgery
Posted Dec 26, 2013
Authored by High-Tech Bridge SA | Site htbridge.com

AskApache Firefox Adsense WordPress plugin version 3.0 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
advisories | CVE-2013-6992
SHA-256 | 83e2b745be93d36c6d8f251eb3ff8e050c3d08d2693edf4929bbd4bd6f6b2a97
WordPress WP-Cron 1.1.5 Cross Site Scripting
Posted Dec 26, 2013
Authored by High-Tech Bridge SA | Site htbridge.com

WordPress WP-Cron Dashboard plugin version 1.1.5 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2013-6991
SHA-256 | f8840c091172531deddf4652fb5f9157003d57aa86d4e8c7c034f771605b859b
Lynis Auditing Tool 1.3.8
Posted Dec 26, 2013
Authored by Michael Boelen | Site cisofy.com

Lynis is an auditing tool for Unix (specialists). It scans the system and available software to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated auditing, software patch management, vulnerability and malware scanning of Unix based systems.

Changes: This release adds a new parameter (--view-categories), eight new tests, and several improvements to existing tests and functions.
tags | tool, scanner
systems | unix
SHA-256 | 6d8255aece478911b161ce2079cd98807edd458416e7c4a6de0802c534d79208
GNUnet P2P Framework 0.10.0
Posted Dec 26, 2013
Authored by Christian Grothoff | Site ovmj.org

GNUnet is a peer-to-peer framework with focus on providing security. All peer-to-peer messages in the network are confidential and authenticated. The framework provides a transport abstraction layer and can currently encapsulate the network traffic in UDP (IPv4 and IPv6), TCP (IPv4 and IPv6), HTTP, or SMTP messages. GNUnet supports accounting to provide contributing nodes with better service. The primary service build on top of the framework is anonymous file sharing.

Changes: This release adds improved documentation, the application "conversation", a multi-process GUI gnunet-gtk, a tool to create GNS business cards, a tool to import GNS QR codes, use of EdDSA and ECDHE instead of RSA, use of ECDSA for GNS and identity management, indistinguishable KSK and SKS queries in file-sharing, the ability for F2F mode to use the "do not gossip" flag to hide existence from non-friends entirely, end-to-end encrypted mesh tunnels, flow- and congestion-control for mesh tunnels, an improved key revocation scheme, and improved query privacy for GNS.
tags | tool, web, udp, tcp, peer2peer
systems | unix
SHA-256 | 11b4bdb47be09aabfd74593ea132001bce44d0a7ea020aefcd12723f0f61177f
Mandriva Linux Security Advisory 2013-302
Posted Dec 26, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-302 - Bryan Quigley discovered an integer underflow in pixman. If a user were tricked into opening a specially crafted file, an attacker could cause a denial of service via application crash.

tags | advisory, denial of service
systems | linux, mandriva
advisories | CVE-2013-6425
SHA-256 | 7eeff252b88f4cc943152c4736e6d4e5c63ab924a85c0f4088a9707bbaa2825c
RBS Change 3.6.8 Cross Site Scripting
Posted Dec 26, 2013
Authored by Metropolis

RBS Change version 3.6.8 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 925e2a5ae0d035197ded4fa690d78d5f9cbfbe8153e26db10ef8fa743617ce20
eFront LMS 3.6.14 File Upload / Path Disclosure
Posted Dec 26, 2013
Authored by expl0i13r

eFront LMS version 3.6.14 suffers from arbitrary file upload, file read, and path disclosure vulnerabilities.

tags | exploit, arbitrary, vulnerability, info disclosure, file upload
SHA-256 | 236bf191a5b34718ed687f6cdf5729cb22931ec79eda5c590ecd278be5ac58d2
ipset_list 2.9
Posted Dec 26, 2013
Authored by AllKind | Site sourceforge.net

ipset_list is a wrapper script for listing sets of the netfilter ipset program. It allows you to match and display sets, headers, and elements in various ways. Optionally, the output can be colorized.

Changes: New in this release is the -Oi option, which allows you to match the options of set elements (i.e. timeout, bytes, packets) by arithmetic comparison of their values. A bug in parsing of the pattern of the -Fi option was fixed.
tags | tool, firewall
systems | linux, unix
SHA-256 | 631f633517f77a02f4739e73d7021948317471c611289b0c5aab76b3694c8743
AFCommerce Remote File Inclusion
Posted Dec 26, 2013
Authored by NoGe

AFCommerce aka Amazing Flash Commerce suffers from a remote file inclusion vulnerability.

tags | exploit, remote, code execution, file inclusion
SHA-256 | 38635dedaba0b79f283542b9b7fac8b6b1cbee36f0f5a1954dd0efc39f29c96e
Windows Live Movie Maker 2011 Denial Of Service
Posted Dec 26, 2013
Authored by Osanda Malith

Windows Live Movie Maker 2011 suffers from a denial of service vulnerability.

tags | exploit, denial of service
systems | windows
SHA-256 | 241e324526f25e75f9300532724c02cca0e7a22fdc2aa5837d9184c9f046fc58
JForum Cross Site Request Forgery
Posted Dec 26, 2013
Authored by Arno Chen

JForum suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
advisories | CVE-2013-7209
SHA-256 | f93df6b7611a0b561f97c882b6fbffda3eb97f02bbf55aa9f4eead3559e8a9fa
Page 1 of 1
Back1Next

File Archive:

December 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    0 Files
  • 2
    Dec 2nd
    41 Files
  • 3
    Dec 3rd
    25 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close