exploit the possibilities
Showing 1 - 16 of 16 RSS Feed

Files Date: 2014-01-10

Cisco Security Advisory 20140110-sbd
Posted Jan 10, 2014
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - A vulnerability in the Cisco WAP4410N Wireless-N Access Point, Cisco WRVS4400N Wireless-N Gigabit Security Router, and the Cisco RVS4000 4-port Gigabit Security Router could allow an unauthenticated, remote attacker to gain root-level access to an affected device. Cisco will release free software updates that address these vulnerabilities. Workarounds that mitigate these vulnerabilities are not available.

tags | advisory, remote, root, vulnerability
systems | cisco
MD5 | 46fffd41deb70a50f23551d6f95c3f4c
Debian Security Advisory 2840-1
Posted Jan 10, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2840-1 - Fernando Russ from Groundworks Technologies reported a buffer overflow flaw in srtp, Cisco's reference implementation of the Secure Real-time Transport Protocol (SRTP), in how the crypto_policy_set_from_profile_for_rtp() function applies cryptographic profiles to an srtp_policy. A remote attacker could exploit this vulnerability to crash an application linked against libsrtp, resulting in a denial of service.

tags | advisory, remote, denial of service, overflow, protocol
systems | cisco, linux, debian
advisories | CVE-2013-2139
MD5 | 057a4e567c94c45eb57a7b258846740d
Gentoo Linux Security Advisory 201401-07
Posted Jan 10, 2014
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201401-7 - Multiple Denial of Service vulnerabilities have been found in libxslt. Versions less than 1.1.28 are affected.

tags | advisory, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2012-2870, CVE-2012-2893, CVE-2012-6139, CVE-2013-4520
MD5 | 462ab5e99566b6db58efcb252409cfef
Gentoo Linux Security Advisory 201401-06
Posted Jan 10, 2014
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201401-6 - A stack-based buffer overflow in Git might allow a local attacker to gain escalated privileges. Versions less than 1.7.2.2 are affected.

tags | advisory, overflow, local
systems | linux, gentoo
advisories | CVE-2010-2542
MD5 | 5062ad7af71221329791c0381563499d
Red Hat Security Advisory 2014-0018-01
Posted Jan 10, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-0018-01 - The libXfont packages provide the X.Org libXfont runtime library. X.Org is an open source implementation of the X Window System. A stack-based buffer overflow flaw was found in the way the libXfont library parsed Glyph Bitmap Distribution Format fonts. A malicious, local user could exploit this issue to potentially execute arbitrary code with the privileges of the X.Org server. Users of libXfont should upgrade to these updated packages, which contain a backported patch to resolve this issue. All running X.Org server instances must be restarted for the update to take effect.

tags | advisory, overflow, arbitrary, local
systems | linux, redhat
advisories | CVE-2013-6462
MD5 | 07c5611231698bdf1787f3db24a7d4b0
Conceptronic CIPCAMPTIWL 21.37.2.49 Cross Site Request Forgery
Posted Jan 10, 2014
Authored by Felipe Molina

Conceptronic camera CIPCAMPTIWL with firmware 21.37.2.49 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
advisories | CVE-2013-7204
MD5 | ddd9a56184d225b0fb7b7c5875474d4a
Joomla Aclassfb Shell Upload
Posted Jan 10, 2014
Authored by DevilScreaM

The Joomla Aclassfb component suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
MD5 | 2193c8a9949307a1b11152e6dc6397cd
vBulletin YUI 2.9.0 Cross Site Scripting
Posted Jan 10, 2014
Authored by TUNISIAN CYBER

vBulletin YUI version 2.9.0 suffers from a cross site scripting vulnerability. Note that this finding houses site-specific data.

tags | exploit, xss
MD5 | 7a300385eabc8a2f853b02c62302caf1
Lorex Security DVR Active-X Buffer Overflow
Posted Jan 10, 2014
Authored by Pedro Ribeiro

Lorex Security DVR systems suffers from an active-x related buffer overflow vulnerability.

tags | advisory, overflow, activex
advisories | CVE-2014-1201
MD5 | 40fc8627f548e7485d2fd7dc68e1edc7
SerComm Device Remote Code Execution
Posted Jan 10, 2014
Authored by Matt Andreko, Eloi Vanderbeken | Site metasploit.com

This Metasploit module will cause remote code execution on several SerComm devices. These devices typically include routers from NetGear and Linksys. Tested against NetGear DG834.

tags | exploit, remote, code execution
MD5 | c22fb9998f983b186d1d901a1535e416
OpenSSL Toolkit 1.0.1f
Posted Jan 10, 2014
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.

Changes: A TLS record tampering bug was fixed. A carefully crafted invalid handshake could crash OpenSSL with a NULL pointer exception (CVE-2013-4353). Original DTLS digest and encryption contexts are kept in retransmission structures so that the previous session parameters can be used if they need to be re-sent (CVE-2013-6450). A SSL_OP_SAFARI_ECDHE_ECDSA_BUG option (part of SSL_OP_ALL) which avoids preferring ECDHE-ECDSA ciphers when the client appears to be Safari on OS X was added.
tags | tool, encryption, protocol
systems | unix
advisories | CVE-2013-4353, CVE-2013-6450
MD5 | f26b09c028a0541cab33da697d522b25
Lynis Auditing Tool 1.3.9
Posted Jan 10, 2014
Authored by Michael Boelen | Site cisofy.com

Lynis is an auditing tool for Unix (specialists). It scans the system and available software to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated auditing, software patch management, vulnerability and malware scanning of Unix based systems.

Changes: This release has additional support for Mac OS, performance adjustments, a better hostid function, and several smaller bug fixes.
tags | tool, scanner
systems | unix
MD5 | 30fd1404ca12861633eb665e4eca8fcf
Ubuntu Security Notice USN-2079-1
Posted Jan 10, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2079-1 - Anton Johansson discovered that OpenSSL incorrectly handled certain invalid TLS handshakes. A remote attacker could use this issue to cause OpenSSL to crash, resulting in a denial of service. Ron Barber discovered that OpenSSL used an incorrect data structure to obtain a version number. A remote attacker could use this issue to cause OpenSSL to crash, resulting in a denial of service. Dmitry Sobinov discovered that OpenSSL incorrectly handled certain DTLS retransmissions. A remote attacker could use this issue to cause OpenSSL to crash, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2013-4353, CVE-2013-6449, CVE-2013-6450, CVE-2013-4353, CVE-2013-6449, CVE-2013-6450
MD5 | 72a1dfbc1ac072c13c703fd064617332
WordPress NextGen Gallery Cross Site Scripting
Posted Jan 10, 2014
Authored by TUNISIAN CYBER

WordPress NextGen Gallery plugin suffers from a cross site scripting vulnerability. Note that this finding houses site-specific data.

tags | exploit, xss
MD5 | c3c966b00a0a67bf27d4e0d59f11f1e9
Joomla Melody Cross Site Scripting
Posted Jan 10, 2014
Authored by TUNISIAN CYBER

The Joomla Melody component suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 0f1313dd46a786d511987772495ca372
Ubuntu Security Notice USN-2077-2
Posted Jan 10, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2077-2 - USN-2077-1 fixed a vulnerability in Puppet. The upstream patch introduced a regression resulting in the default file mode being incorrect. This update fixes the problem. It was discovered that Puppet incorrectly handled temporary files. A local attacker could possibly use this issue to overwrite arbitrary files. In the default installation of Ubuntu, this should be prevented by the Yama link restrictions. Various other issues were also addressed.

tags | advisory, arbitrary, local
systems | linux, ubuntu
MD5 | 9b059df5bc3f198c931f5c14ce51b02b
Page 1 of 1
Back1Next

File Archive:

April 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    60 Files
  • 2
    Apr 2nd
    0 Files
  • 3
    Apr 3rd
    0 Files
  • 4
    Apr 4th
    0 Files
  • 5
    Apr 5th
    0 Files
  • 6
    Apr 6th
    0 Files
  • 7
    Apr 7th
    0 Files
  • 8
    Apr 8th
    0 Files
  • 9
    Apr 9th
    0 Files
  • 10
    Apr 10th
    0 Files
  • 11
    Apr 11th
    0 Files
  • 12
    Apr 12th
    0 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    0 Files
  • 16
    Apr 16th
    0 Files
  • 17
    Apr 17th
    0 Files
  • 18
    Apr 18th
    0 Files
  • 19
    Apr 19th
    0 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close