exploit the possibilities
Showing 1 - 25 of 30 RSS Feed

Files Date: 2014-02-22

Mini HTTPd 1.21 Stack Buffer Overflow
Posted Feb 22, 2014
Authored by TheColonial

Mini HTTPd version 1.21 stack buffer overflow POST exploit for Windows XP SP3.

tags | exploit, overflow
systems | windows
SHA-256 | 6b9603bbda9cff25f4c22bcdc841389ee80652a11577c40f599cd58da168b97b
SolidWorks Workgroup PDM 2014 SP2 Arbitrary File Write
Posted Feb 22, 2014
Authored by Mohamed Shetta

SolidWorks Workgroup PDM 2014 SP2 suffers from an arbitrary file write vulnerability.

tags | exploit, arbitrary
SHA-256 | 5031db0895f8f86ccfac8994d8fada3d4c9910fce53ab7ccc8b1fed2ed1b9fb1
Subrion 3.1.1 Cross Site Request Forgery
Posted Feb 22, 2014
Authored by TUNISIAN CYBER

Subrion CMS 3.1.1 cross site request forgery exploit that adds an administrator.

tags | exploit, csrf
SHA-256 | 196ea2067b8fb16e7b8e88f1764e7c86b7d128377d20d4d793de983e73a095dc
Debian Security Advisory 2866-1
Posted Feb 22, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2866-1 - Suman Jana reported that GnuTLS, deviating from the documented behavior, considers a version 1 intermediate certificate as a CA certificate by default.

tags | advisory
systems | linux, debian
advisories | CVE-2014-1959
SHA-256 | 267bbb9a2b3339b537b0cb41a2ddf6033c2c06e9019ecfde71c400bd8e04dd45
Telligent Evolution 7.5.0.32466 Cross Site Scripting
Posted Feb 22, 2014
Authored by Jerzy Kramarz | Site portcullis-security.com

Telligent Evolution version 7.5.0.32466 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2014-1223
SHA-256 | ebf39516b15980bbdcc0d874db8a1a9772574ad44c2a961fd0d64eb09c67ff3e
GoldenEye HTTP Denial Of Service Tool 2.1
Posted Feb 22, 2014
Authored by Jan Seidl | Site wroot.org

GoldenEye is an HTTP/S Layer 7 denial of service testing tool. It uses KeepAlive (and Connection: keep-alive) paired with Cache-Control options to persist socket connection busting through caching (when possible) until it consumes all available sockets on the HTTP/S server.

Changes: Referer strings from search engines now only domain part hardcoded. Referer generation function now generates even more random referers. Evades Juniper Netscreen signature. Various other updates and improvements.
tags | tool, web, denial of service
SHA-256 | 80e0d5a7dde9e0323ed3e02e1089d03713fff0ff8625d27a202e927517f4fac8
44CON 2014 Call For Papers
Posted Feb 22, 2014
Site cfp.44con.com

The 44CON 2014 Call For Papers has been announced. 44CON is the UK's largest combined annual Security Conference and Training event. Taking place on the 11th and 12th of September at the ILEC Conference Centre near Earls Court, London, they will have a fully dedicated conference facility, including catering, private bar and daily Gin O'Clock break.

tags | paper, conference
SHA-256 | 6bc536a50e23a496e3230d06a708b5250cdf7295a20a23091f6f4ba6bae6f2b9
CMSMadeSimple 1.11.10 Cross Site Scripting
Posted Feb 22, 2014
Authored by HauntIT

CMSMadeSimple version 1.11.10 suffers from fourteen cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | a5774bb267898276c4969bdf9b9b4b4526766ff535c3954c1cd6596f037ea7fa
IBM BPMS 8.0.0.1 Privilege Escalation / Disclosure
Posted Feb 22, 2014
Authored by 0in

IBM BPMS version 8.0.0.1 suffers from account reconfiguration, privilege escalation, and information disclosure vulnerabilities.

tags | exploit, vulnerability, info disclosure
SHA-256 | 5bc100973e8ede6772241ce111902e09ddd52ed35ab950dc88c83434e0e6ca4f
ILIAS 4.4.1 Cross Site Scripting / Shell Upload
Posted Feb 22, 2014
Authored by HauntIT

ILIAS version 4.4.1 suffers from cross site scripting and remote shell upload vulnerabilities.

tags | exploit, remote, shell, vulnerability, xss
SHA-256 | c0661e7076cb96d3a4d5d6f668620a2b19c64b24aebb226ce42ff039d7da7091
CNNVD Cross Site Scripting
Posted Feb 22, 2014
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

CNNVD.org.cn suffers from filter bypass and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | ea97a2f0e9e90599d272a80276d4c4e7c4867e0356641442db74930ab6ce768b
ASUS Router Authentication Bypass / Cross Site Scripting
Posted Feb 22, 2014
Authored by Harry Sintonen

ASUS routers suffer from authentication bypass and cross site scripting vulnerabilities, among the recent flurry of other issues that have surfaced.

tags | exploit, vulnerability, xss, bypass
SHA-256 | 6edc73bc09482eb4146ba7e7fb7884eac6f18e8dcfb66db1d1ad2bd22fd6087e
InterWorx Web Control Panel Cross Site Scripting
Posted Feb 22, 2014
Authored by Eric Flokstra

InterWorx Web Control Panel version 5.0.12 build 569 suffers from a cross site scripting vulnerability.

tags | exploit, web, xss
advisories | CVE-2014-2035
SHA-256 | 955f6d56ae74fedcfe4e5e3b116ba99d361954921a81dec6f868f9a530f5bcfa
Slackware Security Advisory - gnutls Updates
Posted Feb 22, 2014
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New gnutls packages are available for Slackware 14.0, 14.1, and -current to fix a security issue.

tags | advisory
systems | linux, slackware
advisories | CVE-2014-1959
SHA-256 | b1bcf86b50f13945e4651ed0ce9e77e77e5768f77e86c3da6c298710f5d17100
Red Hat Security Advisory 2014-0196-01
Posted Feb 22, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-0196-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update fixes multiple vulnerabilities in Adobe Flash Player. These vulnerabilities are detailed in the Adobe Security bulletin APSB14-07, listed in the References section. Specially-crafted SWF content could cause flash-plugin to crash or, potentially, execute arbitrary code when a victim loads a page containing the malicious SWF content. All users of Adobe Flash Player should install this updated package, which upgrades Flash Player to version 11.2.202.341.

tags | advisory, web, arbitrary, vulnerability
systems | linux, redhat
advisories | CVE-2014-0498, CVE-2014-0499, CVE-2014-0502
SHA-256 | 03252ceafb915633f418a58306c46d3c67d076e73055b5e2d6fc69c4a5d1415c
Mandriva Linux Security Advisory 2014-047
Posted Feb 22, 2014
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2014-047 - Multiple vulnerabilities has been discovered and corrected in postgresql. Granting a role without ADMIN OPTION is supposed to prevent the grantee from adding or removing members from the granted role, but this restriction was easily bypassed by doing SET ROLE first. The security impact is mostly that a role member can revoke the access of others, contrary to the wishes of his grantor. Unapproved role member additions are a lesser concern, since an uncooperative role member could provide most of his rights to others anyway by creating views or SECURITY DEFINER functions. The primary role of PL validator functions is to be called implicitly during CREATE FUNCTION, but they are also normal SQL functions that a user can call explicitly. Calling a validator on a function actually written in some other language was not checked for and could be exploited for privilege-escalation purposes. Various other issues have also been addressed.

tags | advisory, vulnerability
systems | linux, mandriva
advisories | CVE-2014-0060, CVE-2014-0061, CVE-2014-0062, CVE-2014-0063, CVE-2014-0064, CVE-2014-0065, CVE-2014-0066, CVE-2014-0067
SHA-256 | c056bd5ca9b35038413312e652959f8070f5e5ff57a1435e0827ea375cacaa0a
Gentoo Linux Security Advisory 201402-26
Posted Feb 22, 2014
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201402-26 - Multiple vulnerabilities have been found in libssh, allowing attackers to execute arbitrary code or cause Denial of Service. Versions less than 0.5.3 are affected.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2012-4559, CVE-2012-4560, CVE-2012-4561, CVE-2012-4562, CVE-2012-6063
SHA-256 | 54bc1c3293e955ccb3036adb8153e9f984fd1924bbf3e67b7588d7e7d05af3f8
Gentoo Linux Security Advisory 201402-25
Posted Feb 22, 2014
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201402-25 - A vulnerability in OpenSSL's handling of TLS handshakes could result in a Denial of Service condition. Versions less than 1.0.1f are affected.

tags | advisory, denial of service
systems | linux, gentoo
advisories | CVE-2013-4353
SHA-256 | dc177282d243b8879ad0b5b085aa003520dc2c9504ed6635ff0590bdc37c0499
Gentoo Linux Security Advisory 201402-24
Posted Feb 22, 2014
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201402-24 - Multiple vulnerabilities have been discovered in GnuPG and Libgcrypt, which may result in execution of arbitrary code, Denial of Service, or the disclosure of private keys. Versions less than 2.0.22 are affected.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2012-6085, CVE-2013-4242, CVE-2013-4351, CVE-2013-4402
SHA-256 | b179c24948b12fd20220e710cd0fc8df88dcb5a2e4985677436d991735781ae4
Gentoo Linux Security Advisory 201402-23
Posted Feb 22, 2014
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201402-23 - Multiple vulnerabilities have been found in libXfont, the worst of which allow for local privilege escalation. Versions less than 1.4.7 are affected.

tags | advisory, local, vulnerability
systems | linux, gentoo
advisories | CVE-2011-2895, CVE-2013-6462
SHA-256 | 1cfd0d5f0fb45806d0f2f9036f3ae48ed7e9656364f91bdf2bfb40c33c748933
Gentoo Linux Security Advisory 201402-22
Posted Feb 22, 2014
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201402-22 - A heap-based buffer overflow in TCPTrack might allow a remote attacker to execute arbitrary code. Versions less than 1.4.2 are affected.

tags | advisory, remote, overflow, arbitrary
systems | linux, gentoo
advisories | CVE-2011-2903
SHA-256 | ed7d1c7c7983fbe5c6a0fc0434bd45572d8a04b05d945a883f877ca58302826d
Gentoo Linux Security Advisory 201402-21
Posted Feb 22, 2014
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201402-21 - Multiple vulnerabilities have been found in libTIFF, allowing remote attackers to execute arbitrary code or cause Denial of Service. Versions less than 4.0.3-r6 are affected.

tags | advisory, remote, denial of service, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2012-4447, CVE-2012-4564, CVE-2013-1960, CVE-2013-1961, CVE-2013-4231, CVE-2013-4232, CVE-2013-4244
SHA-256 | 707bad1294ac3b0a266eaeb2ec4cb55aa7008c0ab780cd9c1f258db6072baa3a
Gentoo Linux Security Advisory 201402-20
Posted Feb 22, 2014
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201402-20 - Multiple vulnerabilities have been found in KVIrc, the worst of which allows remote attackers to execute arbitrary code. Versions less than 4.1_pre4693 are affected.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2010-2451, CVE-2010-2452, CVE-2010-2785
SHA-256 | c61e316675969c2cfb76e436110b34ef9afcd12d0323484e5485524a38a3a01e
Mandriva Linux Security Advisory 2014-046
Posted Feb 22, 2014
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2014-046 - Cross-site scripting vulnerability in import.php in phpMyAdmin before 4.1.7 allows remote authenticated users to inject arbitrary web script or HTML via a crafted filename in an import action. This upgrade provides the latest phpmyadmin version to address this vulnerability. Additionally phpseclib packages has been added due to new dependencies.

tags | advisory, remote, web, arbitrary, php, xss
systems | linux, mandriva
advisories | CVE-2014-1879
SHA-256 | 5499c576a7df330914ff676519142bf62bd04f5f2be1cdd03102f3ae2e614994
Gentoo Linux Security Advisory 201402-19
Posted Feb 22, 2014
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201402-19 - A buffer overflow in libtar might allow remote attackers to execute arbitrary code or cause a Denial of Service condition. Versions less than 1.2.20-r2 are affected.

tags | advisory, remote, denial of service, overflow, arbitrary
systems | linux, gentoo
advisories | CVE-2013-4397
SHA-256 | 551d7905d4ffe777cd040b0ada4455c1bf57e0d94c1391a2b1c629e783ccfac8
Page 1 of 2
Back12Next

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    26 Files
  • 18
    May 18th
    4 Files
  • 19
    May 19th
    17 Files
  • 20
    May 20th
    2 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    6 Files
  • 24
    May 24th
    19 Files
  • 25
    May 25th
    5 Files
  • 26
    May 26th
    12 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close