what you don't know can hurt you
Showing 1 - 15 of 15 RSS Feed

Files Date: 2014-01-30

Ubuntu Security Notice USN-2091-1
Posted Jan 30, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2091-1 - This update disables the OTR v1 protocol to prevent protocol downgrade attacks.

tags | advisory, protocol
systems | linux, ubuntu
SHA-256 | c785bdb9b935770e2dfc02fa917fcde92b56401145719f85d6cd84d605e27ca4
Ektron CMS Account Hijacking
Posted Jan 30, 2014
Authored by Mark Litchfield | Site securatary.com

This whitepaper discusses how to perform a take over of the Ektron CMS. It demonstrates how to hijack the builtin and admin accounts.

tags | exploit
SHA-256 | 4051126d4a1554f5aa1a371e3823fe1746489da90272c4a0bd3f21fffb9a0ce0
Slackware Security Advisory - bind Updates
Posted Jan 30, 2014
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New bind packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix a security issue.

tags | advisory
systems | linux, slackware
advisories | CVE-2014-0591
SHA-256 | 191246e4649b609e4202d26d8789784f17b49c0d1ab475bc653ac4de35be5b5c
Smashing Bitcoin BrainWallets For Fun And Profit
Posted Jan 30, 2014
Authored by Simo Ben Youssef

This whitepaper discusses how attackers use dictionary-based brute-force attacks to steal other people's bitcoins. Proof of concept tools are included.

tags | paper, proof of concept
SHA-256 | d3b473fd72aba55764c5b793c9300a33b4bc94411e4282b14f400213f149aa0d
WordPress Amerisale-Re Remote Shell Upload
Posted Jan 30, 2014
Authored by T3rm!nat0r5

This Metasploit module exploits an arbitrary PHP file upload in the WordPress Amerisale-Re third party plugin.

tags | exploit, arbitrary, php, file upload
SHA-256 | 1977a861af86c1bb609eab4c6885099d74ee40712c458de75397e40bdcfb1bea
LinPHA 1.3.4 Cross Site Request Forgery / Cross Site Scripting
Posted Jan 30, 2014
Authored by killall-9

LinPHA version 1.3.4 suffers from cross site request forgery and persistent cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
SHA-256 | dd1112c814225c6d2b24116f1d99bcf78fed4941a42afe5ea7e7f980af1746d0
Amin'z Tech CMS Shell Upload / SQL Injection
Posted Jan 30, 2014
Authored by ACC3SS

Amin'z Tech CMS suffers from remote shell upload and a remote SQL injection vulnerability that allows for login bypass.

tags | exploit, remote, shell, sql injection
SHA-256 | c992e7712a27df499ae4bc3d17ca86548e65261cdd7eaa0f75a9c314525437d6
Drupal Tribune 6.x / 7.x Cross Site Scripting
Posted Jan 30, 2014
Authored by Raynald Mirville | Site drupal.org

Drupal Tribune third party module versions 6.x and 7.x suffer from a cross site scripting vulnerability.

tags | advisory, xss
SHA-256 | 8922901cd06fd3a4a6b5033006c05d50258b696c4b87a583e0b6d71bc6fbce48
Drupal Services 7.x Access Bypass
Posted Jan 30, 2014
Authored by wedge, prjcarr | Site drupal.org

Drupal Services third party module version 7.x suffers from multiple access bypass vulnerabilities.

tags | advisory, vulnerability
SHA-256 | 2d54f256cc810c69585b7137d0fd722f6cc26ab73d4785ab51345dc1c38f18ce
NCH Software Inventoria 3.45 Cross Site Scripting
Posted Jan 30, 2014
Authored by LiquidWorm | Site zeroscience.mk

NCH Software Inventoria version 3.45 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 013ce0474eb3119edf8938629f3cf1485ee96a3afaa5234d50e9c770f8c001ad
Lynis Auditing Tool 1.4.0
Posted Jan 30, 2014
Authored by Michael Boelen | Site cisofy.com

Lynis is an auditing tool for Unix (specialists). It scans the system and available software to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated auditing, software patch management, vulnerability and malware scanning of Unix based systems.

Changes: This release adds several improvements to support AIX better, hostid creation, ignoring of the LANG value, and extension of a few tests.
tags | tool, scanner
systems | unix
SHA-256 | fb2cda4617d1625eeed6c9d9ba9aa64a72737f25b4b8bff588a69620d7c4f1cb
Slackware Security Advisory - mozilla-nss Updates
Posted Jan 30, 2014
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New mozilla-nss packages are available for Slackware 14.0, 14.1, and -current to fix a security issue.

tags | advisory
systems | linux, slackware
advisories | CVE-2013-1740
SHA-256 | 985394a529eb8e2dc205f756adfa22da2611ace7eea571d769bc2a3506915047
Gentoo Linux Security Advisory 201401-33
Posted Jan 30, 2014
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201401-33 - A vulnerability has been found in the Digest-Base Perl module, allowing remote attackers to execute arbitrary code. Versions less than 1.170.0 are affected.

tags | advisory, remote, arbitrary, perl
systems | linux, gentoo
advisories | CVE-2011-3597
SHA-256 | 073b067938255df59111607a647be7a61207ceda164ae0bab0a2f2e8b3d64f0f
Gentoo Linux Security Advisory 201401-34
Posted Jan 30, 2014
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201401-34 - Multiple vulnerabilities have been found in BIND, possibly resulting in Denial of Service. Versions less than 9.9.4_p2 are affected.

tags | advisory, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2012-5166, CVE-2012-5688, CVE-2012-5689, CVE-2013-2266, CVE-2013-3919, CVE-2013-4854, CVE-2014-0591
SHA-256 | 08788290f886b257bb5cf19d5da72a1cebe9c1902c834380c2cebb552a875e12
Red Hat Security Advisory 2014-0108-01
Posted Jan 30, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-0108-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. It was found that the Xen hypervisor did not always lock 'page_alloc_lock' and 'grant_table.lock' in the same order. This could potentially lead to a deadlock. A malicious guest administrator could use this flaw to cause a denial of service on the host.

tags | advisory, denial of service, kernel
systems | linux, redhat
advisories | CVE-2013-4494
SHA-256 | 8f46a6282e67a95809d58fc3a16c9ecccc57553d3af6f14af2ff8aeda8c5d557
Page 1 of 1
Back1Next

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    26 Files
  • 18
    May 18th
    4 Files
  • 19
    May 19th
    17 Files
  • 20
    May 20th
    2 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    6 Files
  • 24
    May 24th
    19 Files
  • 25
    May 25th
    5 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close