what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 12 of 12 RSS Feed

Files Date: 2014-04-01

Packet Storm New Exploits For March, 2014
Posted Apr 1, 2014
Authored by Todd J. | Site packetstormsecurity.com

This archive contains all of the 220 exploits added to Packet Storm in March, 2014.

tags | exploit
systems | linux
SHA-256 | 51349b5abbde8e1fd6bd4fef4c6c16203f245c7bcdb7688e99fad92c2497ef0d
Aircrack-ng Wireless Network Tools 1.2 Beta 3
Posted Apr 1, 2014
Site aircrack-ng.org

aircrack-ng is a set of tools for auditing wireless networks. It's an enhanced/reborn version of aircrack. It consists of airodump (an 802.11 packet capture program), aireplay (an 802.11 packet injection program), aircrack (static WEP and WPA-PSK cracking), airdecap (decrypts WEP/WPA capture files), and some tools to handle capture files (merge, convert, etc.).

Changes: A buffer overflow was finally fixed for good. An issue with invalid channels when scanning (108, 125, etc.) that was due to radiotap parsing was fixed. The radiotap parser was updated to the latest git version. There were other small fixes.
tags | tool, wireless
systems | unix
SHA-256 | 2d22ae13360d466ffff1699cb1300ce5f807ffe9762314bb60ee49d9d2efe98d
Ubuntu Security Notice USN-2158-1
Posted Apr 1, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2158-1 - Stephan Mueller reported an error in the Linux kernel's ansi cprng random number generator. This flaw makes it easier for a local attacker to break cryptographic protections. Nico Golde and Fabian Yamaguchi reported buffer underflow errors in the implementation of the XFS filesystem in the Linux kernel. A local user with CAP_SYS_ADMIN could exploit these flaw to cause a denial of service (memory corruption) or possibly other unspecified issues. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2013-4345, CVE-2013-6382, CVE-2014-1690
SHA-256 | 7be186da02dc9637de795e1d1ebb3e3f3911bac940397c36f5cb4ade06b2be03
RSA Adaptive Authentication 6.x / 7.x XSS / XFS
Posted Apr 1, 2014
Site emc.com

RSA Adaptive Authentication (On-Premise) versions 6.x and 7.x suffer from cross site scripting and cross frame scripting vulnerabilities that could potentially be exploited by malicious users to compromise the affected system.

tags | advisory, vulnerability, xss
advisories | CVE-2014-0637, CVE-2014-0638
SHA-256 | 7504949cc5ee1b2d26d592e5024b387d054461fd32f3fb8b2b1a6e2db518a28f
Debian Security Advisory 2893-1
Posted Apr 1, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2893-1 - Two vulnerabilities were fixed in Openswan, an IKE/IPsec implementation for Linux.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2013-2053, CVE-2013-6466
SHA-256 | 46c874585db91e02896fab1d9cb81e40f1fbae61ac26f26ca4c2726e58ceecae
Coloured ELF File Dissector
Posted Apr 1, 2014
Authored by nitr0us

This code dissects the internal data structures in ELF files. It supports x86 and x86_64 archs and runs under Linux.

tags | tool, x86
systems | linux, unix
SHA-256 | f8636edd94e628d8a05706d8252fa410c215dd08dce94844785f2866ad7bbf50
Red Hat Security Advisory 2014-0350-01
Posted Apr 1, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-0350-01 - In accordance with the Red Hat Enterprise MRG Life Cycle policy, the Red Hat Enterprise MRG product, which includes MRG-Messaging, MRG-Realtime, and MRG-Grid, Version 1 offering for Red Hat Enterprise Linux 5 was retired as of March 31, 2014, and support is no longer provided. Accordingly, Red Hat will no longer provide updated packages, including Critical impact security patches or urgent priority bug fixes, for MRG-Messaging, MRG-Realtime, and MRG-Grid Version 1 on Red Hat Enterprise Linux 5 after March 31, 2014. In addition, technical support through Red Hat's Global Support Services will no longer be provided for Red Hat Enterprise MRG Version 1 on Red Hat Enterprise Linux 5 after this date.

tags | advisory
systems | linux, redhat
SHA-256 | cd873cffc56110a6277ed5100b3cf1927fc60dd1697c0c4746a46f66da108a64
Red Hat Security Advisory 2014-0349-01
Posted Apr 1, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-0349-01 - In accordance with the Red Hat Enterprise Linux Errata Support Policy, Advanced Mission Critical for Red Hat Enterprise Linux 5.3 was retired as of March 31, 2014, and support is no longer provided. Accordingly, Red Hat will no longer provide updated packages, including Critical impact security patches or urgent priority bug fixes, for Red Hat Enterprise Linux 5.3 AMC after March 31, 2014. In addition, technical support through Red Hat's Global Support Services for Red Hat Enterprise Linux 5.3 AMC will no longer be provided after this date. We encourage customers to plan their migration from Red Hat Enterprise Linux 5.3 to a more recent release of Red Hat Enterprise Linux 5 or 6. As a benefit of the Red Hat subscription model, customers can use their active subscriptions to entitle any system on a currently supported Red Hat Enterprise Linux 5 release or Red Hat Enterprise Linux 6 release .

tags | advisory
systems | linux, redhat
SHA-256 | 6c0c4939a5c297720e8f792dce2af29c0d5d1b0b3e9ab0334d699d9f9cb11e19
Debian Security Advisory 2892-1
Posted Apr 1, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2892-1 - Several vulnerabilities have been found in a2ps, an 'Anything to PostScript' converter and pretty-printer.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2001-1593, CVE-2014-0466
SHA-256 | f02e70102dc257c70529fa7590ef5674358e8fbe0adba94dadafa4ef5b36f358
30 Issues In Oracle Java Cloud Service
Posted Apr 1, 2014
Authored by Adam Gowdiak | Site security-explorations.com

Security Explorations decided to release technical details and accompanying proof of concept codes for security vulnerabilities discovered in the environment of Oracle Java Cloud Service. Enclosed are two pdfs detailing the issues along with a zip file filled with proof of concept code. The release of data is due to Oracle's continued failure to properly handle vulnerability reports.

tags | exploit, java, vulnerability, proof of concept
systems | linux
SHA-256 | 8da74747f63ecbeaf0436376646b7870ac187a6fd484dcb90371ecdd3d8b7be4
Tag3 Blind SQL Injection
Posted Apr 1, 2014
Authored by Felipe Andrian Peixoto

Tag3 suffers from a remote blind SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 3817b9d23f5104d67462c80dfa298f2b350ac1e081c6a6b2db06dd5a3194af96
Red Hat Security Advisory 2014-0348-01
Posted Apr 1, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-0348-01 - Xalan-Java is an XSLT processor for transforming XML documents into HTML, text, or other XML document types. It was found that the secure processing feature of Xalan-Java had insufficient restrictions defined for certain properties and features. A remote attacker able to provide Extensible Stylesheet Language Transformations content to be processed by an application using Xalan-Java could use this flaw to bypass the intended constraints of the secure processing feature. Depending on the components available in the classpath, this could lead to arbitrary remote code execution in the context of the application server running the application that uses Xalan-Java.

tags | advisory, java, remote, arbitrary, code execution
systems | linux, redhat
advisories | CVE-2014-0107
SHA-256 | bdb331dd996b149d2da81881cadcb6fc4dc3bee816b1a1caa8a1b478cd6b1e54
Page 1 of 1
Back1Next

File Archive:

June 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    19 Files
  • 2
    Jun 2nd
    16 Files
  • 3
    Jun 3rd
    28 Files
  • 4
    Jun 4th
    0 Files
  • 5
    Jun 5th
    0 Files
  • 6
    Jun 6th
    19 Files
  • 7
    Jun 7th
    23 Files
  • 8
    Jun 8th
    11 Files
  • 9
    Jun 9th
    10 Files
  • 10
    Jun 10th
    4 Files
  • 11
    Jun 11th
    0 Files
  • 12
    Jun 12th
    0 Files
  • 13
    Jun 13th
    0 Files
  • 14
    Jun 14th
    0 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    0 Files
  • 18
    Jun 18th
    0 Files
  • 19
    Jun 19th
    27 Files
  • 20
    Jun 20th
    65 Files
  • 21
    Jun 21st
    10 Files
  • 22
    Jun 22nd
    8 Files
  • 23
    Jun 23rd
    6 Files
  • 24
    Jun 24th
    6 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    15 Files
  • 28
    Jun 28th
    14 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close