Exploit the possiblities
Showing 1 - 25 of 31 RSS Feed

Files Date: 2014-02-22

Mini HTTPd 1.21 Stack Buffer Overflow
Posted Feb 22, 2014
Authored by TheColonial

Mini HTTPd version 1.21 stack buffer overflow POST exploit for Windows XP SP3.

tags | exploit, overflow
systems | windows, xp
MD5 | 7b34382264978011c67ce00ea9d6c4bd
SolidWorks Workgroup PDM 2014 SP2 Arbitrary File Write
Posted Feb 22, 2014
Authored by Mohamed Shetta

SolidWorks Workgroup PDM 2014 SP2 suffers from an arbitrary file write vulnerability.

tags | exploit, arbitrary
MD5 | 23329368fcece1b98fa69b90da524bbc
Subrion 3.1.1 Cross Site Request Forgery
Posted Feb 22, 2014
Authored by TUNISIAN CYBER

Subrion CMS 3.1.1 cross site request forgery exploit that adds an administrator.

tags | exploit, csrf
MD5 | 9eb361b9825001d51f1ef108e2bd1537
Debian Security Advisory 2866-1
Posted Feb 22, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2866-1 - Suman Jana reported that GnuTLS, deviating from the documented behavior, considers a version 1 intermediate certificate as a CA certificate by default.

tags | advisory
systems | linux, debian
advisories | CVE-2014-1959
MD5 | e3e5ba82a6fcc37ece1b7138be7a65f8
Telligent Evolution 7.5.0.32466 Cross Site Scripting
Posted Feb 22, 2014
Authored by Jerzy Kramarz | Site portcullis-security.com

Telligent Evolution version 7.5.0.32466 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2014-1223
MD5 | 418a8d28ea92e6af230e2b8d3e1fb468
GoldenEye HTTP Denial Of Service Tool 2.1
Posted Feb 22, 2014
Authored by Jan Seidl | Site wroot.org

GoldenEye is an HTTP/S Layer 7 denial of service testing tool. It uses KeepAlive (and Connection: keep-alive) paired with Cache-Control options to persist socket connection busting through caching (when possible) until it consumes all available sockets on the HTTP/S server.

Changes: Referer strings from search engines now only domain part hardcoded. Referer generation function now generates even more random referers. Evades Juniper Netscreen signature. Various other updates and improvements.
tags | tool, web, denial of service
MD5 | 48ab4033310bab4f52f22ef185184453
44CON 2014 Call For Papers
Posted Feb 22, 2014
Site cfp.44con.com

The 44CON 2014 Call For Papers has been announced. 44CON is the UK's largest combined annual Security Conference and Training event. Taking place on the 11th and 12th of September at the ILEC Conference Centre near Earls Court, London, they will have a fully dedicated conference facility, including catering, private bar and daily Gin O'Clock break.

tags | paper, conference
MD5 | dd4d59aa00fb66ff2a47b8145a35b8ff
CMSMadeSimple 1.11.10 Cross Site Scripting
Posted Feb 22, 2014
Authored by HauntIT

CMSMadeSimple version 1.11.10 suffers from fourteen cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | e5514aef5b5ae36b97bceafbe7132d0a
IPv6 Toolkit 1.5.3
Posted Feb 22, 2014
Authored by Fernando Gont | Site si6networks.com

SI6 Networks' IPv6 toolkit is a security assessment and troubleshooting tool for the IPv6 protocols. It can send arbitrary IPv6-based packets.

Changes: Minor issues are addressed.
tags | tool, arbitrary, scanner, protocol
systems | unix
MD5 | 61d91579ecb2df1431b73b587ebd4e13
IBM BPMS 8.0.0.1 Privilege Escalation / Disclosure
Posted Feb 22, 2014
Authored by 0in

IBM BPMS version 8.0.0.1 suffers from account reconfiguration, privilege escalation, and information disclosure vulnerabilities.

tags | exploit, vulnerability, info disclosure
MD5 | bf05e32fd785964166d12192970638af
ILIAS 4.4.1 Cross Site Scripting / Shell Upload
Posted Feb 22, 2014
Authored by HauntIT

ILIAS version 4.4.1 suffers from cross site scripting and remote shell upload vulnerabilities.

tags | exploit, remote, shell, vulnerability, xss
MD5 | e4c6ba8e6571fe0dc7a8076bdaf474c4
CNNVD Cross Site Scripting
Posted Feb 22, 2014
Authored by Benjamin Kunz Mejri | Site vulnerability-lab.com

CNNVD.org.cn suffers from filter bypass and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 96481088e5dbc7db11e3ec3a1c8fe871
ASUS Router Authentication Bypass / Cross Site Scripting
Posted Feb 22, 2014
Authored by Harry Sintonen

ASUS routers suffer from authentication bypass and cross site scripting vulnerabilities, among the recent flurry of other issues that have surfaced.

tags | exploit, vulnerability, xss, bypass
MD5 | b279b669b64a724bae3e2726e9edf374
InterWorx Web Control Panel Cross Site Scripting
Posted Feb 22, 2014
Authored by Eric Flokstra

InterWorx Web Control Panel version 5.0.12 build 569 suffers from a cross site scripting vulnerability.

tags | exploit, web, xss
advisories | CVE-2014-2035
MD5 | d0c7f7dedbf966975f0b81d646177e74
Slackware Security Advisory - gnutls Updates
Posted Feb 22, 2014
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New gnutls packages are available for Slackware 14.0, 14.1, and -current to fix a security issue.

tags | advisory
systems | linux, slackware
advisories | CVE-2014-1959
MD5 | fd9fc1da08a5f02ec9610c8de9122cfe
Red Hat Security Advisory 2014-0196-01
Posted Feb 22, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-0196-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update fixes multiple vulnerabilities in Adobe Flash Player. These vulnerabilities are detailed in the Adobe Security bulletin APSB14-07, listed in the References section. Specially-crafted SWF content could cause flash-plugin to crash or, potentially, execute arbitrary code when a victim loads a page containing the malicious SWF content. All users of Adobe Flash Player should install this updated package, which upgrades Flash Player to version 11.2.202.341.

tags | advisory, web, arbitrary, vulnerability
systems | linux, redhat
advisories | CVE-2014-0498, CVE-2014-0499, CVE-2014-0502
MD5 | d183e77233cba2450d0f445bcfd07e45
Mandriva Linux Security Advisory 2014-047
Posted Feb 22, 2014
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2014-047 - Multiple vulnerabilities has been discovered and corrected in postgresql. Granting a role without ADMIN OPTION is supposed to prevent the grantee from adding or removing members from the granted role, but this restriction was easily bypassed by doing SET ROLE first. The security impact is mostly that a role member can revoke the access of others, contrary to the wishes of his grantor. Unapproved role member additions are a lesser concern, since an uncooperative role member could provide most of his rights to others anyway by creating views or SECURITY DEFINER functions. The primary role of PL validator functions is to be called implicitly during CREATE FUNCTION, but they are also normal SQL functions that a user can call explicitly. Calling a validator on a function actually written in some other language was not checked for and could be exploited for privilege-escalation purposes. Various other issues have also been addressed.

tags | advisory, vulnerability
systems | linux, mandriva
advisories | CVE-2014-0060, CVE-2014-0061, CVE-2014-0062, CVE-2014-0063, CVE-2014-0064, CVE-2014-0065, CVE-2014-0066, CVE-2014-0067
MD5 | fcdfc8c6d750bce086986bbb6ea900c1
Gentoo Linux Security Advisory 201402-26
Posted Feb 22, 2014
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201402-26 - Multiple vulnerabilities have been found in libssh, allowing attackers to execute arbitrary code or cause Denial of Service. Versions less than 0.5.3 are affected.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2012-4559, CVE-2012-4560, CVE-2012-4561, CVE-2012-4562, CVE-2012-6063
MD5 | 004bf2595c8077fa2e0b2ca02e5bb59f
Gentoo Linux Security Advisory 201402-25
Posted Feb 22, 2014
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201402-25 - A vulnerability in OpenSSL's handling of TLS handshakes could result in a Denial of Service condition. Versions less than 1.0.1f are affected.

tags | advisory, denial of service
systems | linux, gentoo
advisories | CVE-2013-4353
MD5 | d0d86018a5c5912f81e52698176a3cd3
Gentoo Linux Security Advisory 201402-24
Posted Feb 22, 2014
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201402-24 - Multiple vulnerabilities have been discovered in GnuPG and Libgcrypt, which may result in execution of arbitrary code, Denial of Service, or the disclosure of private keys. Versions less than 2.0.22 are affected.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2012-6085, CVE-2013-4242, CVE-2013-4351, CVE-2013-4402
MD5 | 3986886fb402c959ccbc27956ae2a19c
Gentoo Linux Security Advisory 201402-23
Posted Feb 22, 2014
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201402-23 - Multiple vulnerabilities have been found in libXfont, the worst of which allow for local privilege escalation. Versions less than 1.4.7 are affected.

tags | advisory, local, vulnerability
systems | linux, gentoo
advisories | CVE-2011-2895, CVE-2013-6462
MD5 | d38df16aa06a3b4cad213b6046b4a1c8
Gentoo Linux Security Advisory 201402-22
Posted Feb 22, 2014
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201402-22 - A heap-based buffer overflow in TCPTrack might allow a remote attacker to execute arbitrary code. Versions less than 1.4.2 are affected.

tags | advisory, remote, overflow, arbitrary
systems | linux, gentoo
advisories | CVE-2011-2903
MD5 | 6bd4d40dde0da9f38b628e0b29de8866
Gentoo Linux Security Advisory 201402-21
Posted Feb 22, 2014
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201402-21 - Multiple vulnerabilities have been found in libTIFF, allowing remote attackers to execute arbitrary code or cause Denial of Service. Versions less than 4.0.3-r6 are affected.

tags | advisory, remote, denial of service, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2012-4447, CVE-2012-4564, CVE-2013-1960, CVE-2013-1961, CVE-2013-4231, CVE-2013-4232, CVE-2013-4244
MD5 | ab18423357c61451848c2603309ef271
Gentoo Linux Security Advisory 201402-20
Posted Feb 22, 2014
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201402-20 - Multiple vulnerabilities have been found in KVIrc, the worst of which allows remote attackers to execute arbitrary code. Versions less than 4.1_pre4693 are affected.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2010-2451, CVE-2010-2452, CVE-2010-2785
MD5 | 5a3669dd22262babc7506ede53f7cf54
Mandriva Linux Security Advisory 2014-046
Posted Feb 22, 2014
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2014-046 - Cross-site scripting vulnerability in import.php in phpMyAdmin before 4.1.7 allows remote authenticated users to inject arbitrary web script or HTML via a crafted filename in an import action. This upgrade provides the latest phpmyadmin version to address this vulnerability. Additionally phpseclib packages has been added due to new dependencies.

tags | advisory, remote, web, arbitrary, php, xss
systems | linux, mandriva
advisories | CVE-2014-1879
MD5 | 89e05eeb0780ae57bc0765fff6dba71d
Page 1 of 2
Back12Next

File Archive:

December 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    15 Files
  • 2
    Dec 2nd
    2 Files
  • 3
    Dec 3rd
    1 Files
  • 4
    Dec 4th
    15 Files
  • 5
    Dec 5th
    15 Files
  • 6
    Dec 6th
    18 Files
  • 7
    Dec 7th
    17 Files
  • 8
    Dec 8th
    15 Files
  • 9
    Dec 9th
    13 Files
  • 10
    Dec 10th
    4 Files
  • 11
    Dec 11th
    41 Files
  • 12
    Dec 12th
    42 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close