the original cloud security
Showing 1 - 25 of 368 RSS Feed

Files Date: 2014-01-01 to 2014-01-31

Ubuntu Security Notice USN-2091-1
Posted Jan 30, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2091-1 - This update disables the OTR v1 protocol to prevent protocol downgrade attacks.

tags | advisory, protocol
systems | linux, ubuntu
MD5 | 0f588cc8cad6dfa7801fa65e8fd0f381
Ektron CMS Account Hijacking
Posted Jan 30, 2014
Authored by Mark Litchfield | Site securatary.com

This whitepaper discusses how to perform a take over of the Ektron CMS. It demonstrates how to hijack the builtin and admin accounts.

tags | exploit
MD5 | 0856fe75f96c637a28b5646229e477c2
Slackware Security Advisory - bind Updates
Posted Jan 30, 2014
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New bind packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix a security issue.

tags | advisory
systems | linux, slackware
advisories | CVE-2014-0591
MD5 | 5102f54ff0f96bb3105c79b25dd2456b
Smashing Bitcoin BrainWallets For Fun And Profit
Posted Jan 30, 2014
Authored by Simo Ben Youssef

This whitepaper discusses how attackers use dictionary-based brute-force attacks to steal other people's bitcoins. Proof of concept tools are included.

tags | paper, proof of concept
MD5 | 253b3dc18147eb55d705a0bf1f116404
WordPress Amerisale-Re Remote Shell Upload
Posted Jan 30, 2014
Authored by T3rm!nat0r5

This Metasploit module exploits an arbitrary PHP file upload in the WordPress Amerisale-Re third party plugin.

tags | exploit, arbitrary, php, file upload
MD5 | 58b23d05e941bd84e2dca0da9684160c
LinPHA 1.3.4 Cross Site Request Forgery / Cross Site Scripting
Posted Jan 30, 2014
Authored by killall-9

LinPHA version 1.3.4 suffers from cross site request forgery and persistent cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
MD5 | d7250df0c7a028eb12ed42401cd6dd7e
Amin'z Tech CMS Shell Upload / SQL Injection
Posted Jan 30, 2014
Authored by ACC3SS

Amin'z Tech CMS suffers from remote shell upload and a remote SQL injection vulnerability that allows for login bypass.

tags | exploit, remote, shell, sql injection
MD5 | a7a933047f40e3fe4b94432b3b5e5ddf
Drupal Tribune 6.x / 7.x Cross Site Scripting
Posted Jan 30, 2014
Authored by Raynald Mirville | Site drupal.org

Drupal Tribune third party module versions 6.x and 7.x suffer from a cross site scripting vulnerability.

tags | advisory, xss
MD5 | 8542620bc3f0d4de48eae956a560f936
Drupal Services 7.x Access Bypass
Posted Jan 30, 2014
Authored by wedge, prjcarr | Site drupal.org

Drupal Services third party module version 7.x suffers from multiple access bypass vulnerabilities.

tags | advisory, vulnerability
MD5 | e7d2d7fa767682cc351451ea94a02f41
NCH Software Inventoria 3.45 Cross Site Scripting
Posted Jan 30, 2014
Authored by LiquidWorm | Site zeroscience.mk

NCH Software Inventoria version 3.45 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 1db8f0ed8b98fbd134a7d152a5c4982c
Lynis Auditing Tool 1.4.0
Posted Jan 30, 2014
Authored by Michael Boelen | Site cisofy.com

Lynis is an auditing tool for Unix (specialists). It scans the system and available software to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated auditing, software patch management, vulnerability and malware scanning of Unix based systems.

Changes: This release adds several improvements to support AIX better, hostid creation, ignoring of the LANG value, and extension of a few tests.
tags | tool, scanner
systems | unix
MD5 | 8e04a01bb1baa87cc59e3792269f5a99
Slackware Security Advisory - mozilla-nss Updates
Posted Jan 30, 2014
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New mozilla-nss packages are available for Slackware 14.0, 14.1, and -current to fix a security issue.

tags | advisory
systems | linux, slackware
advisories | CVE-2013-1740
MD5 | aeaeac280193f068475456ead968c65b
Gentoo Linux Security Advisory 201401-33
Posted Jan 30, 2014
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201401-33 - A vulnerability has been found in the Digest-Base Perl module, allowing remote attackers to execute arbitrary code. Versions less than 1.170.0 are affected.

tags | advisory, remote, arbitrary, perl
systems | linux, gentoo
advisories | CVE-2011-3597
MD5 | 85a4a70843c8294f0393cfd87a9bbca1
Gentoo Linux Security Advisory 201401-34
Posted Jan 30, 2014
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201401-34 - Multiple vulnerabilities have been found in BIND, possibly resulting in Denial of Service. Versions less than 9.9.4_p2 are affected.

tags | advisory, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2012-5166, CVE-2012-5688, CVE-2012-5689, CVE-2013-2266, CVE-2013-3919, CVE-2013-4854, CVE-2014-0591
MD5 | 90bdcc100240be1f5b920b30dbe5c3ef
Red Hat Security Advisory 2014-0108-01
Posted Jan 30, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-0108-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. It was found that the Xen hypervisor did not always lock 'page_alloc_lock' and 'grant_table.lock' in the same order. This could potentially lead to a deadlock. A malicious guest administrator could use this flaw to cause a denial of service on the host.

tags | advisory, denial of service, kernel
systems | linux, redhat
advisories | CVE-2013-4494
MD5 | cf383a0404e1950c6b41d40a9ea70192
SimplyShare 1.4 Code Execution / Local File Inclusion / XSS
Posted Jan 29, 2014
Authored by Benjamin Kunz Mejri | Site vulnerability-lab.com

SimplyShare version 1.4 suffers from code execution, local file inclusion, cross site scripting, and command injection vulnerabilities.

tags | exploit, local, vulnerability, code execution, xss, file inclusion
MD5 | c205f550b937b2a8b54e06eec6d71dea
PCMAN FTP 2.07 ABOR Buffer Overflow
Posted Jan 29, 2014
Authored by Mahmod Mahajna

PCMAN FTP version 2.07 ABOR command buffer overflow exploit.

tags | exploit, overflow
advisories | OSVDB-94624
MD5 | c04a7296bb27322d23b20397111b2faf
haneWIN DNS Server 1.5.3 Buffer Overflow
Posted Jan 29, 2014
Authored by Dario Estrada

haneWIN DNS server version 1.5.3 structured exception handler (SEH) buffer overflow exploit.

tags | exploit, overflow
MD5 | 6e0767750867989538403ce8a6f4b98b
PCMAN FTP 2.07 CWD Buffer Overflow
Posted Jan 29, 2014
Authored by Mahmod Mahajna

PCMAN FTP version 2.07 CWD command buffer overflow exploit.

tags | exploit, overflow
advisories | OSVDB-94624
MD5 | add8c6251dba3b072636642876467f1a
Pandora FMS 5.0RC1 Code Execution
Posted Jan 29, 2014
Authored by xistence

Pandora FMS versions 5.0RC1 and below suffer from a code execution vulnerability.

tags | exploit, code execution
MD5 | d9057714df010cfac019fecec177b539
WordPress Photocrati Cross Site Scripting
Posted Jan 29, 2014
Authored by ACC3SS

WordPress Photocrati Theme suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | bdad286d7c28cece9563536ded1c2d74
Sitecore XML Cross Site Scripting
Posted Jan 29, 2014
Authored by Mark Litchfield

Sitecore's special way of display XML controls allows for a cross site scripting attack.

tags | exploit, xss
MD5 | 8a1d6020303110b15116e663f27f4bd7
A10 Networks Loadbalancer Directory Traversal
Posted Jan 28, 2014
Authored by xistence

A10 Networks Loadbalancer versions (Soft)AX 2.6.1-GR1-P5 and below and 2.7.0 build 217 and below suffer from a directory traversal vulnerability.

tags | exploit, file inclusion
MD5 | c2d35e3676966352b7593606a6413280
Oracle Reports Shell Uploader
Posted Jan 28, 2014
Authored by Dana Taylor

Oracle Reports pwnacle exploit that uploads a jsp shell to the target system using the URLPARAMETER vulnerability that allows for planting files.

tags | exploit, shell
advisories | CVE-2012-3153, CVE-2012-3152
MD5 | fcdc1ad241a1e254b58749531003d3f5
Eventum 2.3.4 Incorrect Permissions / Code Injection
Posted Jan 28, 2014
Authored by High-Tech Bridge SA | Site htbridge.com

Eventum version 2.3.4 suffers from incorrect default permission and code injection vulnerabilities.

tags | exploit, vulnerability
advisories | CVE-2014-1631, CVE-2014-1632
MD5 | 0c697f86dbc734e152644f601abd5d6e
Page 1 of 15
Back12345Next

File Archive:

September 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    5 Files
  • 2
    Sep 2nd
    5 Files
  • 3
    Sep 3rd
    3 Files
  • 4
    Sep 4th
    13 Files
  • 5
    Sep 5th
    16 Files
  • 6
    Sep 6th
    15 Files
  • 7
    Sep 7th
    20 Files
  • 8
    Sep 8th
    16 Files
  • 9
    Sep 9th
    4 Files
  • 10
    Sep 10th
    2 Files
  • 11
    Sep 11th
    15 Files
  • 12
    Sep 12th
    19 Files
  • 13
    Sep 13th
    20 Files
  • 14
    Sep 14th
    38 Files
  • 15
    Sep 15th
    31 Files
  • 16
    Sep 16th
    1 Files
  • 17
    Sep 17th
    7 Files
  • 18
    Sep 18th
    15 Files
  • 19
    Sep 19th
    40 Files
  • 20
    Sep 20th
    8 Files
  • 21
    Sep 21st
    1 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close