what you don't know can hurt you
Showing 1 - 6 of 6 RSS Feed

Files Date: 2014-02-01

Packet Storm New Exploits For January, 2014
Posted Feb 1, 2014
Authored by Todd J. | Site packetstormsecurity.org

This archive contains all of the 146 exploits added to Packet Storm in January, 2014.

tags | exploit
systems | linux
MD5 | e4d4dff0ea525bbb623a6bb23ef93f3a
SkyBlueCanvas CMS Remote Code Execution
Posted Feb 1, 2014
Authored by Scott Parish | Site metasploit.com

This Metasploit module exploits an arbitrary command execution vulnerability in SkyBlueCanvas CMS version 1.1 r248-03 and below.

tags | exploit, arbitrary
advisories | CVE-2014-1683
MD5 | 20311c9ad751d71e993997ba846f0cb6
Apache Tomcat Manager Code Execution
Posted Feb 1, 2014
Authored by rangercha | Site metasploit.com

This Metasploit module can be used to execute a payload on Apache Tomcat servers that have an exposed "manager" application. The payload is uploaded as a WAR archive containing a jsp application using a POST request against the /manager/html/upload component. NOTE: The compatible payload sets vary based on the selected target. For example, you must select the Windows target to use native Windows payloads.

tags | exploit
systems | windows
advisories | CVE-2009-3843, CVE-2009-4189, CVE-2009-4188, CVE-2010-0557, CVE-2010-4094, CVE-2009-3548, OSVDB-60317, OSVDB-60670, OSVDB-60176
MD5 | 2d81d40bd43f5df5cfb5aa2845eadc35
Apache Struts Developer Mode OGNL Execution
Posted Feb 1, 2014
Authored by juan vazquez, Johannes Dahse, Andreas Nusser, Alvaro | Site metasploit.com

This Metasploit module exploits a remote command execution vulnerability in Apache Struts 2. The problem exists on applications running in developer mode, where the DebuggingInterceptor allows evaluation and execution of OGNL expressions, which allows remote attackers to execute arbitrary Java code. This Metasploit module has been tested successfully in Struts 2.3.16, Tomcat 7 and Ubuntu 10.04.

tags | exploit, java, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2012-0394, OSVDB-78276
MD5 | 9f98d7b1dba849fa1ff7ada5c575a868
Debian Security Advisory 2850-1
Posted Feb 1, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2850-1 - Florian Weimer of the Red Hat Product Security Team discovered a heap-based buffer overflow flaw in LibYAML, a fast YAML 1.1 parser and emitter library. A remote attacker could provide a YAML document with a specially-crafted tag that, when parsed by an application using libyaml, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application.

tags | advisory, remote, overflow, arbitrary
systems | linux, redhat, debian
advisories | CVE-2013-6393
MD5 | 227b6de16bc238aa40fde28a610376c3
Java PaaS / Cloud Services Security Issues
Posted Feb 1, 2014
Authored by Adam Gowdiak | Site security-explorations.com

Security Explorations discovered multiple security vulnerabilities in the environment of Oracle Java Cloud Service. Among a total of 28 issues found, there are 16 weaknesses that make it possible to completely break Java security sandbox of a target WebLogic server environment. An attacker can further leverage this to gain access to application deployments of other users of Oracle Java Cloud service in the same regional data center.

tags | advisory, java, vulnerability
MD5 | a0019f8f96169482dd33bb356b68fc81
Page 1 of 1
Back1Next

File Archive:

July 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    15 Files
  • 2
    Jul 2nd
    19 Files
  • 3
    Jul 3rd
    11 Files
  • 4
    Jul 4th
    0 Files
  • 5
    Jul 5th
    0 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    0 Files
  • 9
    Jul 9th
    0 Files
  • 10
    Jul 10th
    0 Files
  • 11
    Jul 11th
    0 Files
  • 12
    Jul 12th
    0 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    0 Files
  • 16
    Jul 16th
    0 Files
  • 17
    Jul 17th
    0 Files
  • 18
    Jul 18th
    0 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close