exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 28 RSS Feed

Files Date: 2014-01-03

Ubuntu Security Notice USN-2071-1
Posted Jan 3, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2071-1 - Dave Jones and Vince Weaver reported a flaw in the Linux kernel's per event subsystem that allows normal users to enable function tracing. An unprivileged local user could exploit this flaw to obtain potentially sensitive information from the kernel. Stephan Mueller reported an error in the Linux kernel's ansi cprng random number generator. This flaw makes it easier for a local attacker to break cryptographic protections. Various other issues were also addressed.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2013-2930, CVE-2013-4345, CVE-2013-4511, CVE-2013-4513, CVE-2013-4514, CVE-2013-4515, CVE-2013-6383, CVE-2013-6763, CVE-2013-7027, CVE-2013-2930, CVE-2013-4345, CVE-2013-4511, CVE-2013-4513, CVE-2013-4514, CVE-2013-4515, CVE-2013-6383, CVE-2013-6763, CVE-2013-7027
SHA-256 | 950fdbf93ba8d5dce731ad4c9360b63e9799c57bc03fbb36980e0d38e0dd642f
Pen Test Tips 2
Posted Jan 3, 2014
Authored by David J. Dodd

This is a brief whitepaper that discusses shell access on both Windows and Unix systems and how to obtain better control versus arbitrary command execution.

tags | paper, arbitrary, shell
systems | windows, unix
SHA-256 | cb59a18f0938580f2565d5dbb95ef2e78886586329dfef334a80e2e3a2b58d8e
Hydra Network Logon Cracker 7.6
Posted Jan 3, 2014
Authored by van Hauser, thc | Site thc.org

THC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.

Changes: Added a wizard script for hydra. Added module for Siemens S7-300. Various other updates and fixes.
tags | tool, web, cracker, imap
systems | cisco, unix
SHA-256 | a479bebabcb81c4a08a25f41c88688055bbb800ecfa93e25dd809ad1ff58debd
Packet Storm New Exploits For 2013
Posted Jan 3, 2014
Authored by Todd J. | Site packetstormsecurity.com

Complete comprehensive archive of all 1,926 exploits added to Packet Storm in 2013.

tags | exploit
systems | linux
SHA-256 | 46861406c453071d085d144e6c1bfd6c680e804b02e4da7f3f60921d8c973653
Packet Storm New Exploits For December, 2013
Posted Jan 3, 2014
Authored by Todd J. | Site packetstormsecurity.com

This archive contains all of the 168 exploits added to Packet Storm in December, 2013.

tags | exploit
systems | linux
SHA-256 | d4b9459dd028290897fa390b58a99fcf657ef3793cf5219a9528b697985dbd84
IcoFX Stack Buffer Overflow
Posted Jan 3, 2014
Authored by juan vazquez, Marcos Accossatto | Site metasploit.com

This Metasploit module exploits a stack-based buffer overflow vulnerability in version 2.1 of IcoFX. The vulnerability exists while parsing .ICO files, where an specially crafted ICONDIR header, providing an arbitrary long number of images into the file, can be used to trigger the overflow when reading the ICONDIRENTRY structures.

tags | exploit, overflow, arbitrary
advisories | CVE-2013-4988
SHA-256 | 8cd7f9efd93b9d23aadcbf265eaa6316d2fbab2ce2af6ffed7b083782a1ac162
IBM Forms Viewer Unicode Buffer Overflow
Posted Jan 3, 2014
Authored by rgod, juan vazquez | Site metasploit.com

This Metasploit module exploits a stack-based buffer overflow in IBM Forms Viewer. The vulnerability is due to a dangerous usage of strcpy-like function, and occurs while parsing malformed XFDL files, with a long fontname value. This Metasploit module has been tested successfully on IBM Forms Viewer 4.0 on Windows XP SP3 and Windows 7 SP1.

tags | exploit, overflow
systems | windows
advisories | CVE-2013-5447
SHA-256 | 8c139782a403921bdba77c8856a91b24673a1e9c2f049de54c66647ee1019e52
Ubuntu Security Notice USN-2076-1
Posted Jan 3, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2076-1 - Dave Jones and Vince Weaver reported a flaw in the Linux kernel's per event subsystem that allows normal users to enable function tracing. An unprivileged local user could exploit this flaw to obtain potentially sensitive information from the kernel. Stephan Mueller reported an error in the Linux kernel's ansi cprng random number generator. This flaw makes it easier for a local attacker to break cryptographic protections. Various other issues were also addressed.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2013-2930, CVE-2013-4345, CVE-2013-4511, CVE-2013-4513, CVE-2013-4514, CVE-2013-4515, CVE-2013-6383, CVE-2013-6763, CVE-2013-7027, CVE-2013-2930, CVE-2013-4345, CVE-2013-4511, CVE-2013-4513, CVE-2013-4514, CVE-2013-4515, CVE-2013-6383, CVE-2013-6763, CVE-2013-7027
SHA-256 | 369bc7b03370175686092bea9ca0944a541a683c642bcbd0256037a01cc4adc9
Ubuntu Security Notice USN-2072-1
Posted Jan 3, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2072-1 - Dave Jones and Vince Weaver reported a flaw in the Linux kernel's per event subsystem that allows normal users to enable function tracing. An unprivileged local user could exploit this flaw to obtain potentially sensitive information from the kernel. Stephan Mueller reported an error in the Linux kernel's ansi cprng random number generator. This flaw makes it easier for a local attacker to break cryptographic protections. Various other issues were also addressed.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2013-2930, CVE-2013-4345, CVE-2013-4511, CVE-2013-4513, CVE-2013-4514, CVE-2013-4515, CVE-2013-6383, CVE-2013-6763, CVE-2013-7027, CVE-2013-2930, CVE-2013-4345, CVE-2013-4511, CVE-2013-4513, CVE-2013-4514, CVE-2013-4515, CVE-2013-6383, CVE-2013-6763, CVE-2013-7027
SHA-256 | e0e631b5cb68d5150fb0ee9e34d5bcfe2ad457487aef49713af73f9701a73dd0
Ubuntu Security Notice USN-2074-1
Posted Jan 3, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2074-1 - Dave Jones and Vince Weaver reported a flaw in the Linux kernel's per event subsystem that allows normal users to enable function tracing. An unprivileged local user could exploit this flaw to obtain potentially sensitive information from the kernel. Stephan Mueller reported an error in the Linux kernel's ansi cprng random number generator. This flaw makes it easier for a local attacker to break cryptographic protections. Various other issues were also addressed.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2013-2930, CVE-2013-4345, CVE-2013-4511, CVE-2013-4513, CVE-2013-4514, CVE-2013-4515, CVE-2013-6383, CVE-2013-6763, CVE-2013-7027, CVE-2013-2930, CVE-2013-4345, CVE-2013-4511, CVE-2013-4513, CVE-2013-4514, CVE-2013-4515, CVE-2013-6383, CVE-2013-6763, CVE-2013-7027
SHA-256 | d76486ba03df467cd3168f55ae5a17113f646535fa022b96f7a762b753cd857c
ACE Stream Media 2.1 Format String
Posted Jan 3, 2014
Authored by LiquidWorm | Site zeroscience.mk

ACE Stream Media version 2.1 acestream:// format string exploit proof of concept exploit.

tags | exploit, proof of concept
SHA-256 | cf629280b334eb372c8fc1c941bad2d4c6b6fc05578d1ad8d98a35b5690bbc87
eduTrac 1.1.1-Stable Path Traversal
Posted Jan 3, 2014
Authored by High-Tech Bridge SA | Site htbridge.com

eduTrac version 1.1.1-Stable suffers from a path traversal vulnerability.

tags | exploit, file inclusion
advisories | CVE-2013-7097
SHA-256 | bbcbaefdf98a4264b09bcb1efd2aa0a1ddc9ac5a1377f6110a0313dee9cdb58c
Cubic CMS SQL Injection / LFI / Path Disclosure
Posted Jan 3, 2014
Authored by Eugenio Delfa

Cubic CMS suffers from local file inclusion, path disclosure, and remote SQL injection vulnerabilities.

tags | exploit, remote, local, vulnerability, sql injection, file inclusion, info disclosure
SHA-256 | fad0b2849fc2664a2d60a42389ae4cd27f62f22d247cfafdc36cbf89fa7d4bb3
Haveged 1.8
Posted Jan 3, 2014
Site issihosts.com

haveged is a daemon that feeds the /dev/random pool on Linux using an adaptation of the HArdware Volatile Entropy Gathering and Expansion algorithm invented at IRISA. The algorithm is self-tuning on machines with cpuid support, and has been tested in both 32-bit and 64-bit environments. The tarball uses the GNU build mechanism, and includes self test targets and a spec file for those who want to build an RPM.

Changes: Fixes return codes for the signal handler. Updates systemd install. Corrections to the man page and documentation.
tags | tool
systems | linux, unix
SHA-256 | 73c3d9543cf9274e777064bd179f1ff563987ca103f8ab6d7035c94c8a0db192
HP Security Bulletin HPSBMU02895 SSRT101253
Posted Jan 3, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU02895 SSRT101253 - Potential security vulnerabilities have been identified with HP Data Protector. These vulnerabilities could be remotely exploited to allow an increase of privilege, create a Denial of Service (DoS), or execute arbitrary code. Revision 1 of this advisory.

tags | advisory, denial of service, arbitrary, vulnerability
advisories | CVE-2013-2344, CVE-2013-2345, CVE-2013-2346, CVE-2013-2347, CVE-2013-2348, CVE-2013-2349, CVE-2013-2350, CVE-2013-6194, CVE-2013-6195
SHA-256 | e315c302e7f2d97dc3f700e7494b20a8fc24b2495f959b4ddd2cba9eead7a28b
Debian Security Advisory 2833-1
Posted Jan 3, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2833-1 - was susceptible to denial of service and retransmission of DTLS messages was fixed. In addition this updates disables the insecure Dual_EC_DRBG algorithm and no longer uses the RdRand feature available on some Intel CPUs as a sole source of entropy unless explicitly requested.

tags | advisory, denial of service
systems | linux, debian
advisories | CVE-2013-6449, CVE-2013-6450
SHA-256 | 56f45ba1a08e9fe54a9e11c085f0d99ae3cf6d0d984ba08ef5105d675e05005a
Debian Security Advisory 2832-1
Posted Jan 3, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2832-1 - Multiple vulnerabilities have been found in memcached, a high-performance memory object caching system.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2011-4971, CVE-2013-7239
SHA-256 | 98a5876a2d1f333b54eaa35f7926c9fa30ea9a6e1633066ea113d3cb3e31e58c
Debian Security Advisory 2831-1
Posted Jan 3, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2831-1 - An unsafe use of temporary files was discovered in Puppet, a tool for centralized configuration management. An attacker can exploit this vulnerability and overwrite an arbitrary file in the system.

tags | advisory, arbitrary
systems | linux, debian
advisories | CVE-2013-4969
SHA-256 | cc605532f830c812a5aff1d6beae3ba37898c615328416961595daa0b9e22ddc
Ubuntu Security Notice USN-2075-1
Posted Jan 3, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2075-1 - Vasily Kulikov reported a flaw in the Linux kernel's implementation of ptrace. An unprivileged local user could exploit this flaw to obtain sensitive information from kernel memory. Dave Jones and Vince Weaver reported a flaw in the Linux kernel's per event subsystem that allows normal users to enable function tracing. An unprivileged local user could exploit this flaw to obtain potentially sensitive information from the kernel. Various other issues were also addressed.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2013-2929, CVE-2013-2930, CVE-2013-4345, CVE-2013-4348, CVE-2013-4511, CVE-2013-4513, CVE-2013-4514, CVE-2013-4515, CVE-2013-4516, CVE-2013-6378, CVE-2013-6380, CVE-2013-6383, CVE-2013-6763, CVE-2013-7026, CVE-2013-2929, CVE-2013-2930, CVE-2013-4345, CVE-2013-4348, CVE-2013-4511, CVE-2013-4513, CVE-2013-4514, CVE-2013-4515, CVE-2013-4516, CVE-2013-6378, CVE-2013-6380, CVE-2013-6383, CVE-2013-6763, CVE-2013-7026
SHA-256 | 36e9f98726ff3916e206a9b84d5b8c8816cb7f08e016c1754ed8f67fe870c45d
Ubuntu Security Notice USN-2073-1
Posted Jan 3, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2073-1 - Hannes Frederic Sowa discovered a flaw in the Linux kernel's UDP Fragmentation Offload (UFO). An unprivileged local user could exploit this flaw to cause a denial of service (system crash) or possibly gain administrative privileges. Multiple integer overflow flaws were discovered in the Alchemy LCD frame- buffer drivers in the Linux kernel. An unprivileged local user could exploit this flaw to gain administrative privileges. Various other issues were also addressed.

tags | advisory, denial of service, overflow, kernel, local, udp
systems | linux, ubuntu
advisories | CVE-2013-4470, CVE-2013-4511, CVE-2013-4513, CVE-2013-4514, CVE-2013-4515, CVE-2013-4516, CVE-2013-6383, CVE-2013-6763, CVE-2013-7027, CVE-2013-4470, CVE-2013-4511, CVE-2013-4513, CVE-2013-4514, CVE-2013-4515, CVE-2013-4516, CVE-2013-6383, CVE-2013-6763, CVE-2013-7027
SHA-256 | 16859392296a8e49c730dd0be2040d64bc697c90cd6f5ed3e029c79b42dca9af
Ubuntu Security Notice USN-2070-1
Posted Jan 3, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2070-1 - Vasily Kulikov reported a flaw in the Linux kernel's implementation of ptrace. An unprivileged local user could exploit this flaw to obtain sensitive information from kernel memory. Dave Jones and Vince Weaver reported a flaw in the Linux kernel's per event subsystem that allows normal users to enable function tracing. An unprivileged local user could exploit this flaw to obtain potentially sensitive information from the kernel. Various other issues were also addressed.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2013-2929, CVE-2013-2930, CVE-2013-4345, CVE-2013-4348, CVE-2013-4511, CVE-2013-4513, CVE-2013-4514, CVE-2013-4515, CVE-2013-4516, CVE-2013-6378, CVE-2013-6380, CVE-2013-6383, CVE-2013-6763, CVE-2013-7026, CVE-2013-2929, CVE-2013-2930, CVE-2013-4345, CVE-2013-4348, CVE-2013-4511, CVE-2013-4513, CVE-2013-4514, CVE-2013-4515, CVE-2013-4516, CVE-2013-6378, CVE-2013-6380, CVE-2013-6383, CVE-2013-6763, CVE-2013-7026
SHA-256 | 1f5a40a0caee47f048366ec9a46fede7e05d0e0f8905e9ccb5b8744e93164d0e
Ubuntu Security Notice USN-2069-1
Posted Jan 3, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2069-1 - Hannes Frederic Sowa discovered a flaw in the Linux kernel's UDP Fragmentation Offload (UFO). An unprivileged local user could exploit this flaw to cause a denial of service (system crash) or possibly gain administrative privileges. Multiple integer overflow flaws were discovered in the Alchemy LCD frame- buffer drivers in the Linux kernel. An unprivileged local user could exploit this flaw to gain administrative privileges. Various other issues were also addressed.

tags | advisory, denial of service, overflow, kernel, local, udp
systems | linux, ubuntu
advisories | CVE-2013-4470, CVE-2013-4511, CVE-2013-4513, CVE-2013-4514, CVE-2013-4515, CVE-2013-4516, CVE-2013-6383, CVE-2013-6763, CVE-2013-7027, CVE-2013-4470, CVE-2013-4511, CVE-2013-4513, CVE-2013-4514, CVE-2013-4515, CVE-2013-4516, CVE-2013-6383, CVE-2013-6763, CVE-2013-7027
SHA-256 | ff28440a1056bceaebba0542f35684ebacb0eb83dda2f047d34bdc6807345b25
Ubuntu Security Notice USN-2064-1
Posted Jan 3, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2064-1 - Stephan Mueller reported an error in the Linux kernel's ansi cprng random number generator. This flaw makes it easier for a local attacker to break cryptographic protections. A flaw was discovered in the Linux kernel's IP Virtual Server (IP_VS) support. A local user with the CAP_NET_ADMIN capability could exploit this flaw to gain additional administrative privileges. Nico Golde and Fabian Yamaguchi reported a flaw in the Linux kernel's debugfs filesystem. An administrative local user could exploit this flaw to cause a denial of service (OOPS). Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2013-4345, CVE-2013-4588, CVE-2013-6378, CVE-2013-6763, CVE-2013-4345, CVE-2013-4588, CVE-2013-6378, CVE-2013-6763
SHA-256 | 9c3e9f2c814827e600fc7be7c08689fe9beec31c0d63eab9f40e273c13117877
Ubuntu Security Notice USN-2067-1
Posted Jan 3, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2067-1 - A flaw was discovered in the Linux kernel's dm snapshot facility. A remote authenticated user could exploit this flaw to obtain sensitive information or modify/corrupt data. Hannes Frederic Sowa discovered a flaw in the Linux kernel's UDP Fragmentation Offload (UFO). An unprivileged local user could exploit this flaw to cause a denial of service (system crash) or possibly gain administrative privileges. Various other issues were also addressed.

tags | advisory, remote, denial of service, kernel, local, udp
systems | linux, ubuntu
advisories | CVE-2013-4299, CVE-2013-4470, CVE-2013-4511, CVE-2013-4514, CVE-2013-4515, CVE-2013-4592, CVE-2013-6282, CVE-2013-6378, CVE-2013-6383, CVE-2013-6763, CVE-2013-7027, CVE-2013-4299, CVE-2013-4470, CVE-2013-4511, CVE-2013-4514, CVE-2013-4515, CVE-2013-4592, CVE-2013-6282, CVE-2013-6378, CVE-2013-6383, CVE-2013-6763, CVE-2013-7027
SHA-256 | f026924acc26aeec8f7f134fa6517d8629dc2787dfd6d43f822b523543fcffd0
Ubuntu Security Notice USN-2068-1
Posted Jan 3, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2068-1 - Dave Jones and Vince Weaver reported a flaw in the Linux kernel's per event subsystem that allows normal users to enable function tracing. An unprivileged local user could exploit this flaw to obtain potentially sensitive information from the kernel. Stephan Mueller reported an error in the Linux kernel's ansi cprng random number generator. This flaw makes it easier for a local attacker to break cryptographic protections. Various other issues were also addressed.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2013-2930, CVE-2013-4345, CVE-2013-4511, CVE-2013-4513, CVE-2013-4514, CVE-2013-4515, CVE-2013-6383, CVE-2013-6763, CVE-2013-7027, CVE-2013-2930, CVE-2013-4345, CVE-2013-4511, CVE-2013-4513, CVE-2013-4514, CVE-2013-4515, CVE-2013-6383, CVE-2013-6763, CVE-2013-7027
SHA-256 | 9ba88c4d05009af5298da1c5101367fe60b0c5b5f04995fcb17c489b9983a02e
Page 1 of 2
Back12Next

File Archive:

December 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    2 Files
  • 2
    Dec 2nd
    12 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close