the original cloud security
Showing 1 - 15 of 15 RSS Feed

Files Date: 2014-01-21

Franklin Fueling's T550 Evo Access Control / Credentials
Posted Jan 21, 2014
Authored by Matthew Jakubowski, Nate Drier | Site trustwave.com

Franklin Fueling's TS-550 Evo suffers from insufficient access control and hard-coded credential vulnerabilities.

tags | exploit, vulnerability
advisories | CVE-2013-7248, CVE-2013-7247
MD5 | f9eaa96ecaf2d672f1f502ba968905ce
Ubuntu Security Notice USN-2086-1
Posted Jan 21, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2086-1 - Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 5.1.73 in Ubuntu 10.04 LTS. Ubuntu 12.04 LTS, Ubuntu 12.10, and Ubuntu 13.10 have been updated to MySQL 5.5.35. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Various other issues were also addressed.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2013-5891, CVE-2013-5908, CVE-2014-0386, CVE-2014-0393, CVE-2014-0401, CVE-2014-0402, CVE-2014-0412, CVE-2014-0420, CVE-2014-0437
MD5 | 28a32bff6ebdba2f09d2bf6f639399c6
OpenPNE PHP Object Injection
Posted Jan 21, 2014
Authored by Secunia, EgiX | Site secunia.com

Secunia Research has discovered a vulnerability in OpenPNE, which can be exploited by malicious people to manipulate certain data or compromise a vulnerable system. The vulnerability is caused due to the "opSecurityUser::getRememberLoginCookie()" method defined in the /lib/user/opSecurityUser.class.php script using the "unserialize()" function with user controlled input. This can be exploited to e.g. delete arbitrary files or execute arbitrary PHP code via specially crafted serialized objects sent in a "Cookie" header. Versions 3.6.13 and 3.8.9 are affected.

tags | advisory, arbitrary, php
advisories | CVE-2013-5350
MD5 | 57f40ad0fbb29c3f6284b4fa96be0f6f
Mandriva Linux Security Advisory 2014-013
Posted Jan 21, 2014
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2014-013 - Stack-based buffer overflow in the bdfReadCharacters function in bitmap/bdfread.c in X.Org libXfont 1.1 through 1.4.6 allows remote attackers to cause a denial of service or possibly execute arbitrary code via a long string in a character name in a BDF font file. The updated packages have been patched to correct this issue.

tags | advisory, remote, denial of service, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2013-6462
MD5 | a6546a99f5932b495b961ff719c88071
Gentoo Linux Security Advisory 201401-15
Posted Jan 21, 2014
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201401-15 - Multiple vulnerabilities have been found in Asterisk, the worst of which may allow execution of arbitrary code. Versions less than 11.7.0 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2012-5976, CVE-2012-5977, CVE-2013-2264, CVE-2013-2685, CVE-2013-2686, CVE-2013-5641, CVE-2013-5642, CVE-2013-7100
MD5 | c2ad750f56dc57b1f9f52346c4cb4889
Red Hat Security Advisory 2014-0037-01
Posted Jan 21, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-0037-01 - The Red Hat Enterprise Virtualization reports package provides a suite of pre-configured reports and dashboards that enable you to monitor the system. The reports module is based on JasperReports and JasperServer, and can also be used to create ad-hoc reports. Apache Axis did not verify that the server hostname matched the domain name in the subject's Common Name or subjectAltName field in X.509 certificates. This could allow a man-in-the-middle attacker to spoof an SSL server if they had a certificate that was valid for any domain name.

tags | advisory, spoof
systems | linux, redhat
advisories | CVE-2012-5784, CVE-2013-2192
MD5 | 1984aa3605b71d2b7b77ac0e70906065
Gentoo Linux Security Advisory 201401-18
Posted Jan 21, 2014
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201401-18 - Multiple stack-based buffer overflows have been found in OpenSC, allowing attackers to execute arbitrary code. Versions less than 0.11.13-r2 are affected.

tags | advisory, overflow, arbitrary
systems | linux, gentoo
advisories | CVE-2010-4523
MD5 | 2a9737099f9cb12e7427225223211dc9
Ubuntu Security Notice USN-2084-1
Posted Jan 21, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2084-1 - It was discovered that the uscan tool incorrectly repacked archive files. If a user or automated system were tricked into processing specially crafted files, a remote attacker could possibly execute arbitrary code.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2013-6888
MD5 | 6fa95663361ecd2de4a44a8f40debe18
Ubuntu Security Notice USN-2085-1
Posted Jan 21, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2085-1 - It was discovered that the HPLIP Polkit daemon incorrectly handled temporary files. A local attacker could possibly use this issue to overwrite arbitrary files. In the default installation of Ubuntu 12.04 LTS and higher, this should be prevented by the Yama link restrictions. It was discovered that HPLIP contained an upgrade tool that would download code in an unsafe fashion. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could be exploited to execute arbitrary code. Various other issues were also addressed.

tags | advisory, remote, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2013-6402, CVE-2013-6427, CVE-2013-6402, CVE-2013-6427
MD5 | ddafe0b3b703c98be84446977df435da
Gentoo Linux Security Advisory 201401-17
Posted Jan 21, 2014
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201401-17 - A vulnerability in PCSC-Lite could result in execution of arbitrary code or Denial of Service. Versions less than 1.6.6 are affected.

tags | advisory, denial of service, arbitrary
systems | linux, gentoo
advisories | CVE-2010-4531
MD5 | a172c6c8b2857d541b13ebb0a371b962
Gentoo Linux Security Advisory 201401-16
Posted Jan 21, 2014
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201401-16 - A vulnerability in CCID could result in execution of arbitrary code. Versions less than 1.4.1-r1 are affected.

tags | advisory, arbitrary
systems | linux, gentoo
advisories | CVE-2010-4530
MD5 | 8460891cbe7e1cfa40cfdb3a48f199d2
Imageview 6.x Shell Upload
Posted Jan 21, 2014
Authored by TUNISIAN CYBER

Imageview version 6.x suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
MD5 | 3f10e5db5c1e5ae72a35cef7533946c3
HP Data Protector Backup Client Service Directory Traversal
Posted Jan 21, 2014
Authored by juan vazquez, Brian Gorenc | Site metasploit.com

This Metasploit module exploits a directory traversal vulnerability in the Hewlett-Packard Data Protector product. The vulnerability exists at the Backup Client Service (OmniInet.exe) when parsing packets with opcode 42. This Metasploit module has been tested successfully on HP Data Protector 6.20 on Windows 2003 SP2 and Windows XP SP3.

tags | exploit
systems | windows, xp
advisories | CVE-2013-6194
MD5 | cd4b503a320d7db8abff859ab89ee7b2
Debian Security Advisory 2847-1
Posted Jan 21, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2847-1 - Multiple vulnerabilities have been discovered in Drupal, a fully-featured content management framework.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2014-1475, CVE-2014-1476
MD5 | ba07aea514f5ee4ecad22650c0db6f4b
MuPDF 1.3 Buffer Overflow
Posted Jan 21, 2014
Authored by Jean-Jamil Khalife

MuPDF versions 1.3 and below suffer from a stack-based buffer overflow in xps_parse_color(). Proof of concept file included.

tags | exploit, overflow, proof of concept
systems | linux
MD5 | 89fc0c9aea1cfc0367703380711a69d4
Page 1 of 1
Back1Next

File Archive:

July 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    2 Files
  • 2
    Jul 2nd
    3 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    4 Files
  • 5
    Jul 5th
    15 Files
  • 6
    Jul 6th
    15 Files
  • 7
    Jul 7th
    10 Files
  • 8
    Jul 8th
    2 Files
  • 9
    Jul 9th
    10 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    15 Files
  • 12
    Jul 12th
    19 Files
  • 13
    Jul 13th
    16 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    3 Files
  • 16
    Jul 16th
    2 Files
  • 17
    Jul 17th
    8 Files
  • 18
    Jul 18th
    11 Files
  • 19
    Jul 19th
    2 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close