seeing is believing
Showing 1 - 16 of 16 RSS Feed

Files Date: 2014-03-19

Ocportal 9.0.11 Cross Site Scripting / Local File Inclusion
Posted Mar 19, 2014
Authored by Hossein Hezami

Ocportal version 9.0.11 suffers from cross site scripting and local file inclusion vulnerabilities.

tags | exploit, local, vulnerability, xss, file inclusion
MD5 | a254b1acb7b488dbfe75b9c5570d85fb
Red Hat Security Advisory 2014-0316-01
Posted Mar 19, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-0316-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. Several information disclosure flaws were found in the way Thunderbird processed malformed web content. An attacker could use these flaws to gain access to sensitive information such as cross-domain content or protected memory addresses or, potentially, cause Thunderbird to crash.

tags | advisory, web, arbitrary, info disclosure
systems | linux, redhat
advisories | CVE-2014-1493, CVE-2014-1497, CVE-2014-1505, CVE-2014-1508, CVE-2014-1509, CVE-2014-1510, CVE-2014-1511, CVE-2014-1512, CVE-2014-1513, CVE-2014-1514
MD5 | edfa1aad3304598cd12c0b60d21752d0
Debian Security Advisory 2881-1
Posted Mar 19, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2881-1 - Multiple security issues have been found in Iceweasel, Debian's version of the Mozilla Firefox web browser: Multiple memory safety errors, out of bound reads, use-after-frees and other implementation errors may lead to the execution of arbitrary code, information disclosure, denial of service.

tags | advisory, web, denial of service, arbitrary, info disclosure
systems | linux, debian
advisories | CVE-2014-1493, CVE-2014-1497, CVE-2014-1505, CVE-2014-1508, CVE-2014-1510, CVE-2014-1511, CVE-2014-1512, CVE-2014-1513, CVE-2014-1514
MD5 | eea1a9a8d4de42f97cb4e988f8ec3fb0
MP3Info 0.8.5 SEH Buffer Overflow
Posted Mar 19, 2014
Authored by Ayman Sagy

MP3Info version 0.8.5 SEH buffer overflow exploit.

tags | exploit, overflow
advisories | CVE-2006-2465, OSVDB-30945
MD5 | 254430695a8035bce92ed9fcc84f8f3c
MeiuPic 2.1.2 Local File Inclusion
Posted Mar 19, 2014
Authored by Hossein Hezami

MeiuPic version 2.1.2 suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
MD5 | 8b33c5b0692711390ccad2ef0877635f
Chat2 Cross Site Scripting / SQL Injection
Posted Mar 19, 2014
Authored by Hossein Hezami

Chat2 suffers from cross site scripting and remote blind SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
MD5 | 6e0bc373fb166196337cba1bfdf98647
Bigace 2.7.5 LFI / XSS / SQL Injection
Posted Mar 19, 2014
Authored by Hossein Hezami

Bigace version 2.7.5 suffers from cross site scripting, local file inclusion, and remote blind SQL injection vulnerabilities.

tags | exploit, remote, local, vulnerability, xss, sql injection, file inclusion
MD5 | 34bd407d9dc9232d8a2f3d709eced1f8
GuppY 4.6.26 XSS / CRLF Injection
Posted Mar 19, 2014
Authored by Hossein Hezami

GuppY version 4.6.26 suffers from cross site scripting and CRLF injection vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 083248f11c7a5efe5883dd8c8781ff6f
SePortal 2.5 SQL Injection
Posted Mar 19, 2014
Authored by jsass

SePortal version 2.5 suffers from a remote SQL injection vulnerability in the sp_id variable of staticpages.php. This version has already had known SQL injection vulnerabilities noted in 2011.

tags | exploit, remote, php, vulnerability, sql injection
MD5 | f51d1357d4d3888c9747456feb1d399a
litepublisher 5.72 Cross Site Scripting
Posted Mar 19, 2014
Authored by Hossein Hezami

litepublisher version 5.72 suffers from a cross site scripting vulnerability due to embedding a vulnerable version of swfupload.swf.

tags | exploit, xss
MD5 | 8c351836eee959b9c827e1a1877fc72f
ChatNess 2.5 Session Fixation
Posted Mar 19, 2014
Authored by Hossein Hezami

ChatNess version 2.5 suffers from a session fixation vulnerability.

tags | exploit
MD5 | 788e2ce6602613ed5dac0b5320d8d01d
Loadbalancer.org Enterprise VA SSH Private Key Exposure
Posted Mar 19, 2014
Authored by xistence | Site metasploit.com

Loadbalancer.org ships a public/private key pair on Enterprise virtual appliances version 7.5.2 that allows passwordless authentication to any other LB Enterprise box. Since the key is easily retrievable, an attacker can use it to gain unauthorized remote access as root.

tags | exploit, remote, root
MD5 | e01474e1689d8e393565267014bdc316
Secure rm 1.2.13
Posted Mar 19, 2014
Authored by Matthew Gauthier | Site srm.sourceforge.net

Secure rm (srm) is a command-line compatible rm(1) which completely destroys file contents before unlinking. The goal is to provide drop in security for users who wish to prevent command line recovery of deleted information, even if the machine is compromised.

Changes: OS X resource fork removal was fixed.
tags | tool
systems | unix
MD5 | 123f8fbf086a5c50aadb2a23991b9416
Quantum vmPRO Backdoor Command
Posted Mar 19, 2014
Authored by xistence | Site metasploit.com

This Metasploit module abuses a backdoor command in vmPRO 3.1.2. Any user, even without admin privileges, can get access to the restricted SSH shell. By using the hidden backdoor "shell-escape" command it's possible to drop to a real root bash shell.

tags | exploit, shell, root, bash
MD5 | 07b55130b9d63fa1f4c280bb1f90fde6
NTP Spoofed "monlist query" Denial Of Service Proof Of Concept
Posted Mar 19, 2014
Authored by Mark Osborne

NTP_SPQUERY.C is a spoofed "monlist query" program which can generate packets like those used in reflected amplification NTP attacks that were common in early 2014. Written entirely in C, it requires no special libs or header files. It has been designed to run on most LINUXs.

tags | exploit, denial of service, spoof, proof of concept
MD5 | b1b7e74fd45bd5a336855af010521b6e
LACSEC 2014 Call For Presentations
Posted Mar 19, 2014
Site lacnic.net

LACSEC 2014 Call For Presentations - The 9th Network Security Event for Latin America and the Caribbean will be held in Cancun, Mexico May 4th through the 9th, 2014.

tags | paper, conference
MD5 | 39bdcc3b45262ac90f068945fc9632ae
Page 1 of 1
Back1Next

File Archive:

October 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    15 Files
  • 2
    Oct 2nd
    16 Files
  • 3
    Oct 3rd
    15 Files
  • 4
    Oct 4th
    15 Files
  • 5
    Oct 5th
    11 Files
  • 6
    Oct 6th
    6 Files
  • 7
    Oct 7th
    2 Files
  • 8
    Oct 8th
    1 Files
  • 9
    Oct 9th
    13 Files
  • 10
    Oct 10th
    16 Files
  • 11
    Oct 11th
    15 Files
  • 12
    Oct 12th
    23 Files
  • 13
    Oct 13th
    13 Files
  • 14
    Oct 14th
    12 Files
  • 15
    Oct 15th
    2 Files
  • 16
    Oct 16th
    16 Files
  • 17
    Oct 17th
    16 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close