what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 15 of 15 RSS Feed

Files Date: 2014-05-14

PayPal Filter Bypass
Posted May 14, 2014
Authored by Ateeq ur Rehman Khan, Vulnerability Laboratory | Site vulnerability-lab.com

PayPal's service application and common service API suffers from filter bypass and script injection vulnerabilities.

tags | exploit, vulnerability
SHA-256 | c043a3f24bc5a9b427759567dde2ae82c5b50379ced5b12ba993537f2bd035eb
Red Hat Security Advisory 2014-0500-01
Posted May 14, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-0500-01 - Red Hat Satellite is a systems management tool for Linux-based infrastructures. It allows for provisioning, monitoring, and remote management of multiple Linux deployments with a single, centralized tool. Apache Struts is a framework for building web applications with Java. It was found that the Struts 1 ActionForm object allowed access to the 'class' parameter, which is directly mapped to the getClass() method. A remote attacker could use this flaw to manipulate the ClassLoader used by an application server running Struts 1. This could lead to remote code execution under certain conditions.

tags | advisory, java, remote, web, code execution
systems | linux, redhat
advisories | CVE-2014-0114
SHA-256 | 053eff3848e4c3323f01275daa23b1e1daef01bac18cef89f48a1661ee568d5c
Red Hat Security Advisory 2014-0498-01
Posted May 14, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-0498-01 - Fuse ESB Enterprise is an integration platform based on Apache ServiceMix. It was found that the Struts 1 ActionForm object allowed access to the 'class' parameter, which is directly mapped to the getClass() method. A remote attacker could use this flaw to manipulate the ClassLoader used by an application server running Struts 1. This could lead to remote code execution under certain conditions.

tags | advisory, remote, code execution
systems | linux, redhat
advisories | CVE-2014-0114
SHA-256 | 3e5f89f145def43de588d0721a600340738c1ea9eb26430a4c4f834dd52d984f
Red Hat Security Advisory 2014-0497-01
Posted May 14, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-0497-01 - Red Hat JBoss Fuse, based on Apache ServiceMix, provides a small-footprint, flexible, open source enterprise service bus and integration platform. It was found that the Struts 1 ActionForm object allowed access to the 'class' parameter, which is directly mapped to the getClass() method. A remote attacker could use this flaw to manipulate the ClassLoader used by an application server running Struts 1. This could lead to remote code execution under certain conditions.

tags | advisory, remote, code execution
systems | linux, redhat
advisories | CVE-2014-0114
SHA-256 | 05112fa5138fd82396c980f77a6914edfd660c9bf09fec3eb3388fae84907976
Red Hat Security Advisory 2014-0496-01
Posted May 14, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-0496-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update fixes multiple vulnerabilities in Adobe Flash Player. These vulnerabilities are detailed in the Adobe Security Bulletin APSB14-14, listed in the References section. Multiple flaws were found in the way flash-plugin displayed certain SWF content. An attacker could use these flaws to create a specially crafted SWF file that would cause flash-plugin to crash or, potentially, execute arbitrary code when the victim loaded a page containing the malicious SWF content.

tags | advisory, web, arbitrary, vulnerability
systems | linux, redhat
advisories | CVE-2014-0510, CVE-2014-0516, CVE-2014-0517, CVE-2014-0518, CVE-2014-0519, CVE-2014-0520
SHA-256 | bb4482a95fc7d355619e99fa8cb0ebb34808aa82b6c3c7b6fdf2267b9d0aecc2
Ubuntu Security Notice USN-2211-1
Posted May 14, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2211-1 - Ilja van Sprundel discovered that libXfont incorrectly handled font metadata file parsing. A local attacker could use this issue to cause libXfont to crash, or possibly execute arbitrary code in order to gain privileges. Ilja van Sprundel discovered that libXfont incorrectly handled X Font Server replies. A malicious font server could return specially-crafted data that could cause libXfont to crash, or possibly execute arbitrary code. This issue only affected Ubuntu 10.04 LTS, Ubuntu 12.04 LTS, Ubuntu 12.10 and Ubuntu 13.10. Various other issues were also addressed.

tags | advisory, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2014-0209, CVE-2014-0210, CVE-2014-0211
SHA-256 | 0bbf8ea90bc59f76ed3140c2991e87eeb3a271aa7e0d9baa9cb00269fe2e309a
Red Hat Security Advisory 2014-0486-01
Posted May 14, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-0486-01 - IBM Java SE version 7 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2013-6629, CVE-2013-6954, CVE-2014-0429, CVE-2014-0446, CVE-2014-0448, CVE-2014-0449, CVE-2014-0451, CVE-2014-0452, CVE-2014-0453, CVE-2014-0454, CVE-2014-0455, CVE-2014-0457, CVE-2014-0458, CVE-2014-0459, CVE-2014-0460, CVE-2014-0461, CVE-2014-1876, CVE-2014-2398, CVE-2014-2401, CVE-2014-2402, CVE-2014-2409, CVE-2014-2412, CVE-2014-2414, CVE-2014-2420, CVE-2014-2421, CVE-2014-2423, CVE-2014-2427, CVE-2014-2428
SHA-256 | 536d12cae6ea15d0d648b278cd51e8722b13f68ca7c008ded9487330b2408cb6
Microsoft Security Bulletin Re-Release For May, 2014
Posted May 14, 2014
Site microsoft.com

This bulletin summary lists eight released Microsoft security bulletins for May, 2014.

tags | advisory
SHA-256 | ad2ae328fe0ca9b376f428091798be9248922edd0760978743a6635134fbbaa0
Linux Kernel 3.15-rc4 PTY Race Condition
Posted May 14, 2014
Authored by Matthew Daley

Linux Kernel versions above 3.14-rc1 and below 3.15-rc4 raw mode PTY local echo race condition privilege escalation proof of concept exploit. This bug also affects kernel 2.6.31-rc3 and newer.

tags | exploit, kernel, local, proof of concept
systems | linux
advisories | CVE-2014-0196
SHA-256 | 3e2aeb3682476066fd47d615fa123347b94017a25a410fef128e012fea785cdf
eInstruction Workspace Sudo Misconfiguration
Posted May 14, 2014
Authored by Martin von Gagern

eInstruction Workspace uses sudo in an insecure manner that allows for root level privilege escalation.

tags | advisory, root
SHA-256 | ea967f9ad83bf0e22c8940b19015e0016abf72dd45fb095cd48e3e8f29765f83
Config Push snmpset Utility
Posted May 14, 2014
Authored by Michael Killebrew

This is a tool to span /8-sized networks quickly sending snmpset requests with default or otherwise specified community string to Cisco devices.

tags | tool
systems | cisco, unix
SHA-256 | b86a2a908433c19de36ea1175325ee36464ca7207db1d895a2e453787e1e203d
TFTPD32 / TFTPD64 4.5 Denial Of Service
Posted May 14, 2014
Authored by j0s3h4x0r

TFTPD32 / TFTPD64 version 4.5 denial of service proof of concept exploit.

tags | exploit, denial of service, proof of concept
SHA-256 | 42ed4ff9640def9f6fd33839dbae3c49f7b55a97232a7a177c395e0d6dbfe8ce
Easy File Sharing Web Server 6.8 Buffer Overflow
Posted May 14, 2014
Authored by superkojiman

Easy File Sharing Web Server version 6.8 suffers from a stack buffer overflow vulnerability.

tags | exploit, web, overflow
SHA-256 | 2b38f752e2f37e486df594774fc746aafc4525d616523a2f4e218fe2e7b1ebd2
K-Lite CODEC 10.45 Memory Corruption
Posted May 14, 2014
Authored by Aryan Bayaninejad

K-Lite CODEC version 10.45 suffers from a memory corruption vulnerability.

tags | exploit
SHA-256 | d866181716739a014909a1b7cf8fe59173e3754af89939afdbecc013c6736e72
Elastic Search File Read / Append
Posted May 14, 2014
Authored by Jeff Geiger | Site github.com

Elastic Search remote code execution exploit that leverages an issue which allows an attacker to read from and append to files on the system.

tags | exploit, remote, code execution
advisories | CVE-2014-3120
SHA-256 | 3299ff251ab0622ef68d21295c55f1a9622443f4a48b3ce749e6045ef42c4ae0
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close