Twenty Year Anniversary
Showing 1 - 18 of 18 RSS Feed

Files Date: 2014-04-25

Wireshark 1.8.12/1.10.5 wiretap/mpeg.c Stack Buffer Overflow
Posted Apr 25, 2014
Authored by j0sm1, Wesley Neelen | Site metasploit.com

This Metasploit module triggers a stack buffer overflow in Wireshark versions 1.8.12/1.10.5 and below by generating an malicious file.

tags | exploit, overflow
advisories | CVE-2014-2299
MD5 | c1d1883ef4ffcc01f9e239f60c1474e6
Mac OS X NFS Mount Privilege Escalation
Posted Apr 25, 2014
Authored by joev, Kenzley Alphonse | Site metasploit.com

This exploit leverage a stack overflow vulnerability to escalate privileges. The vulnerable function nfs_convert_old_nfs_args does not verify the size of a user-provided argument before copying it to the stack. As a result by passing a large size, a local user can overwrite the stack with arbitrary content. Mac OS X Lion Kernel versions equal to and below xnu-1699.32.7 except xnu-1699.24.8 are affected.

tags | exploit, overflow, arbitrary, kernel, local
systems | apple, osx
MD5 | 5e92458e6004639f97065439cc18b2ba
HP Security Bulletin HPSBMU03017 2
Posted Apr 25, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU03017 2 - A potential security vulnerability has been identified with HP Software Connect-IT running OpenSSL. The Heartbleed vulnerability was detected in specific OpenSSL versions. OpenSSL is a 3rd party product that is embedded with some of HP Software products. This bulletin objective is to notify HP Software customers about products affected by the Heartbleed vulnerability. Note: The Heartbleed vulnerability (CVE-2014-0160) is a vulnerability found in the OpenSSL product cryptographic software library product. This weakness potentially allows disclosure of information protected, under normal conditions, by the SSL/TLS protocol. Revision 2 of this advisory.

tags | advisory, protocol
advisories | CVE-2014-0160
MD5 | ef84200786ec191e733715c33de5b956
VideoWhisper 7 Cross Site Scripting
Posted Apr 25, 2014
Authored by Mahmoud Ghorbanzadeh

VideoWhisper version 7 for Drupal suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2014-2715
MD5 | 420ae5908f83a2a2be00b7009860fe51
Depot WiFi 1.0.0 Code Execution / Local File Inclusion
Posted Apr 25, 2014
Authored by Benjamin Kunz Mejri | Site vulnerability-lab.com

Depot WiFi version 1.0.0 for iOS suffers from code execution and local file inclusion vulnerabilities.

tags | exploit, local, vulnerability, code execution, file inclusion
systems | apple, ios
MD5 | 89ce18d0f4c5d07f5485e2204b90e74b
GeoCore MAX DB 7.3.3 Blind SQL Injection
Posted Apr 25, 2014
Authored by Esac

GeoCore MAX DB version 7.3.3 suffers from a time-based remote blind SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | fa87c2b7acee25605a4406675eed639a
HP Security Bulletin HPSBMU03023
Posted Apr 25, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU03023 - A potential security vulnerability has been identified in HP BladeSystem c-Class Virtual Connect Support Utility (VCSU) running OpenSSL on Linux and Windows. This is the OpenSSL vulnerability known as "Heartbleed" which could be exploited remotely resulting in disclosure of information. The Virtual Connect firmware itself is not vulnerable to CVE-2014-0160 (Heartbleed), however, the installer component in versions 4.10 and 4.20 of Virtual Connect does have the vulnerability, and should be replaced with versions 4.10b or 4.20b, or the latest version of Virtual Connect Support Utility referenced below. The VCSU vulnerability is only present during the firmware upgrade process. Revision 1 of this advisory.

tags | advisory
systems | linux, windows
advisories | CVE-2014-0160
MD5 | d7bb9f8a879ea43726b0ac8ad88bed2c
WordPress iMember360is 3.9.001 XSS / Disclosure / Code Execution
Posted Apr 25, 2014
Authored by Everett Griffiths

WordPress iMember360is plugin versions 3.8.012 through 3.9.001 suffers from arbitrary code execution, database credential disclosure, arbitrary user deletion, and cross site scripting vulnerabilities.

tags | exploit, arbitrary, vulnerability, code execution, xss, info disclosure
MD5 | d359e63a8e1d080f3473c5684422d0e0
HP Security Bulletin HPSBST03016
Posted Apr 25, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBST03016 - A potential security vulnerability has been identified in HP P2000 G3 MSA Array Systems, HP MSA 2040 Storage, and HP MSA 1040 Storage running OpenSSL.This is the OpenSSL vulnerability known as "Heartbleed" which could be exploited remotely resulting in disclosure of information. Revision 1 of this advisory.

tags | advisory
advisories | CVE-2014-0160
MD5 | 1126a2cae8daa899a9c1369058978d5a
HP Security Bulletin HPSBMU02895 SSRT101253 2
Posted Apr 25, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU02895 SSRT101253 2 - Potential security vulnerabilities have been identified with HP Data Protector. These vulnerabilities could be remotely exploited to allow an increase of privilege, create a Denial of Service (DoS), or execute arbitrary code. Revision 2 of this advisory.

tags | advisory, denial of service, arbitrary, vulnerability
advisories | CVE-2013-2344, CVE-2013-2345, CVE-2013-2346, CVE-2013-2347, CVE-2013-2348, CVE-2013-2349, CVE-2013-2350, CVE-2013-6194, CVE-2013-6195
MD5 | efd2eac43af521cdcc6e83f02166a8d8
Debian Security Advisory 2906-1
Posted Apr 25, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2906-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service, information leak or privilege escalation.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, debian
advisories | CVE-2013-0343, CVE-2013-2147, CVE-2013-2889, CVE-2013-2893, CVE-2013-4162, CVE-2013-4299, CVE-2013-4345, CVE-2013-4512, CVE-2013-4587, CVE-2013-6367, CVE-2013-6380, CVE-2013-6381, CVE-2013-6382, CVE-2013-6383, CVE-2013-7263, CVE-2013-7264, CVE-2013-7265, CVE-2013-7339, CVE-2014-0101, CVE-2014-1444, CVE-2014-1445, CVE-2014-1446, CVE-2014-1874, CVE-2014-2039, CVE-2014-2523, CVE-2103-2929
MD5 | f613033ad285f2bace4384c533093667
Debian Security Advisory 2912-1
Posted Apr 25, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2912-1 - Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in the execution of arbitrary code, breakouts of the Java sandbox, information disclosure or denial of service.

tags | advisory, java, denial of service, arbitrary, vulnerability, info disclosure
systems | linux, debian
advisories | CVE-2014-0429, CVE-2014-0446, CVE-2014-0451, CVE-2014-0452, CVE-2014-0453, CVE-2014-0456, CVE-2014-0457, CVE-2014-0458, CVE-2014-0459, CVE-2014-0460, CVE-2014-0461, CVE-2014-0462, CVE-2014-1876, CVE-2014-2397, CVE-2014-2398, CVE-2014-2403, CVE-2014-2405, CVE-2014-2412, CVE-2014-2414, CVE-2014-2421, CVE-2014-2423, CVE-2014-2427
MD5 | 39ae53ed3488752c8098bac4c77fe659
WordPress Work-The-Flow 1.2.1 Shell Upload
Posted Apr 25, 2014
Authored by nopesled

WordPress Work-The-Flow plugin version 1.2.1 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
MD5 | 47c3c851c37db9b68fe46d03c70935ca
Kolibri 2.0 Stack Buffer Overflow
Posted Apr 25, 2014
Authored by Polunchis

Kolibri version 2.0 GET request stack buffer overflow exploit that spawns a bindshell on TCP/4444.

tags | exploit, overflow, tcp
MD5 | f94a81f95f22810ef479da3bbf04f01f
InfraRecorder 0.53 Unicode Buffer Overflow
Posted Apr 25, 2014
Authored by Osanda Malith

InfraRecorder version 0.53 suffers from a unicode buffer overflow vulnerability.

tags | exploit, denial of service, overflow
MD5 | b81093b36ed94c0eea149c99d406ff9f
WordPress Echelon Theme Shell Upload
Posted Apr 25, 2014
Authored by th3rockst3r

The WordPress Echelon theme suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
MD5 | 650579ea6f120de4ce14622b61ca22d7
xnews 3-0-0 Cross Site Scripting
Posted Apr 25, 2014
Authored by kurdish hackers team | Site kurdteam.org

xnews version 3-0-0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 3881e9a3a6e9cfe722d4473e851a2898
Live.com UI Redress Attack
Posted Apr 25, 2014
Authored by Sandeep Kamble

Live.com suffered from a UI redressing attack.

tags | advisory
MD5 | 7fcd97aa8696696d7a2fc07d09037f8e
Page 1 of 1
Back1Next

Want To Donate?


Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

File Archive:

June 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    14 Files
  • 2
    Jun 2nd
    1 Files
  • 3
    Jun 3rd
    3 Files
  • 4
    Jun 4th
    18 Files
  • 5
    Jun 5th
    21 Files
  • 6
    Jun 6th
    8 Files
  • 7
    Jun 7th
    16 Files
  • 8
    Jun 8th
    18 Files
  • 9
    Jun 9th
    5 Files
  • 10
    Jun 10th
    2 Files
  • 11
    Jun 11th
    21 Files
  • 12
    Jun 12th
    32 Files
  • 13
    Jun 13th
    15 Files
  • 14
    Jun 14th
    16 Files
  • 15
    Jun 15th
    4 Files
  • 16
    Jun 16th
    1 Files
  • 17
    Jun 17th
    2 Files
  • 18
    Jun 18th
    14 Files
  • 19
    Jun 19th
    0 Files
  • 20
    Jun 20th
    0 Files
  • 21
    Jun 21st
    0 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close