exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 15 of 15 RSS Feed

Files Date: 2014-05-14

PayPal Filter Bypass
Posted May 14, 2014
Authored by Ateeq ur Rehman Khan, Vulnerability Laboratory | Site vulnerability-lab.com

PayPal's service application and common service API suffers from filter bypass and script injection vulnerabilities.

tags | exploit, vulnerability
SHA-256 | c043a3f24bc5a9b427759567dde2ae82c5b50379ced5b12ba993537f2bd035eb
Red Hat Security Advisory 2014-0500-01
Posted May 14, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-0500-01 - Red Hat Satellite is a systems management tool for Linux-based infrastructures. It allows for provisioning, monitoring, and remote management of multiple Linux deployments with a single, centralized tool. Apache Struts is a framework for building web applications with Java. It was found that the Struts 1 ActionForm object allowed access to the 'class' parameter, which is directly mapped to the getClass() method. A remote attacker could use this flaw to manipulate the ClassLoader used by an application server running Struts 1. This could lead to remote code execution under certain conditions.

tags | advisory, java, remote, web, code execution
systems | linux, redhat
advisories | CVE-2014-0114
SHA-256 | 053eff3848e4c3323f01275daa23b1e1daef01bac18cef89f48a1661ee568d5c
Red Hat Security Advisory 2014-0498-01
Posted May 14, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-0498-01 - Fuse ESB Enterprise is an integration platform based on Apache ServiceMix. It was found that the Struts 1 ActionForm object allowed access to the 'class' parameter, which is directly mapped to the getClass() method. A remote attacker could use this flaw to manipulate the ClassLoader used by an application server running Struts 1. This could lead to remote code execution under certain conditions.

tags | advisory, remote, code execution
systems | linux, redhat
advisories | CVE-2014-0114
SHA-256 | 3e5f89f145def43de588d0721a600340738c1ea9eb26430a4c4f834dd52d984f
Red Hat Security Advisory 2014-0497-01
Posted May 14, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-0497-01 - Red Hat JBoss Fuse, based on Apache ServiceMix, provides a small-footprint, flexible, open source enterprise service bus and integration platform. It was found that the Struts 1 ActionForm object allowed access to the 'class' parameter, which is directly mapped to the getClass() method. A remote attacker could use this flaw to manipulate the ClassLoader used by an application server running Struts 1. This could lead to remote code execution under certain conditions.

tags | advisory, remote, code execution
systems | linux, redhat
advisories | CVE-2014-0114
SHA-256 | 05112fa5138fd82396c980f77a6914edfd660c9bf09fec3eb3388fae84907976
Red Hat Security Advisory 2014-0496-01
Posted May 14, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-0496-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update fixes multiple vulnerabilities in Adobe Flash Player. These vulnerabilities are detailed in the Adobe Security Bulletin APSB14-14, listed in the References section. Multiple flaws were found in the way flash-plugin displayed certain SWF content. An attacker could use these flaws to create a specially crafted SWF file that would cause flash-plugin to crash or, potentially, execute arbitrary code when the victim loaded a page containing the malicious SWF content.

tags | advisory, web, arbitrary, vulnerability
systems | linux, redhat
advisories | CVE-2014-0510, CVE-2014-0516, CVE-2014-0517, CVE-2014-0518, CVE-2014-0519, CVE-2014-0520
SHA-256 | bb4482a95fc7d355619e99fa8cb0ebb34808aa82b6c3c7b6fdf2267b9d0aecc2
Ubuntu Security Notice USN-2211-1
Posted May 14, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2211-1 - Ilja van Sprundel discovered that libXfont incorrectly handled font metadata file parsing. A local attacker could use this issue to cause libXfont to crash, or possibly execute arbitrary code in order to gain privileges. Ilja van Sprundel discovered that libXfont incorrectly handled X Font Server replies. A malicious font server could return specially-crafted data that could cause libXfont to crash, or possibly execute arbitrary code. This issue only affected Ubuntu 10.04 LTS, Ubuntu 12.04 LTS, Ubuntu 12.10 and Ubuntu 13.10. Various other issues were also addressed.

tags | advisory, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2014-0209, CVE-2014-0210, CVE-2014-0211
SHA-256 | 0bbf8ea90bc59f76ed3140c2991e87eeb3a271aa7e0d9baa9cb00269fe2e309a
Red Hat Security Advisory 2014-0486-01
Posted May 14, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-0486-01 - IBM Java SE version 7 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2013-6629, CVE-2013-6954, CVE-2014-0429, CVE-2014-0446, CVE-2014-0448, CVE-2014-0449, CVE-2014-0451, CVE-2014-0452, CVE-2014-0453, CVE-2014-0454, CVE-2014-0455, CVE-2014-0457, CVE-2014-0458, CVE-2014-0459, CVE-2014-0460, CVE-2014-0461, CVE-2014-1876, CVE-2014-2398, CVE-2014-2401, CVE-2014-2402, CVE-2014-2409, CVE-2014-2412, CVE-2014-2414, CVE-2014-2420, CVE-2014-2421, CVE-2014-2423, CVE-2014-2427, CVE-2014-2428
SHA-256 | 536d12cae6ea15d0d648b278cd51e8722b13f68ca7c008ded9487330b2408cb6
Microsoft Security Bulletin Re-Release For May, 2014
Posted May 14, 2014
Site microsoft.com

This bulletin summary lists eight released Microsoft security bulletins for May, 2014.

tags | advisory
SHA-256 | ad2ae328fe0ca9b376f428091798be9248922edd0760978743a6635134fbbaa0
Linux Kernel 3.15-rc4 PTY Race Condition
Posted May 14, 2014
Authored by Matthew Daley

Linux Kernel versions above 3.14-rc1 and below 3.15-rc4 raw mode PTY local echo race condition privilege escalation proof of concept exploit. This bug also affects kernel 2.6.31-rc3 and newer.

tags | exploit, kernel, local, proof of concept
systems | linux
advisories | CVE-2014-0196
SHA-256 | 3e2aeb3682476066fd47d615fa123347b94017a25a410fef128e012fea785cdf
eInstruction Workspace Sudo Misconfiguration
Posted May 14, 2014
Authored by Martin von Gagern

eInstruction Workspace uses sudo in an insecure manner that allows for root level privilege escalation.

tags | advisory, root
SHA-256 | ea967f9ad83bf0e22c8940b19015e0016abf72dd45fb095cd48e3e8f29765f83
Config Push snmpset Utility
Posted May 14, 2014
Authored by Michael Killebrew

This is a tool to span /8-sized networks quickly sending snmpset requests with default or otherwise specified community string to Cisco devices.

tags | tool
systems | cisco, unix
SHA-256 | b86a2a908433c19de36ea1175325ee36464ca7207db1d895a2e453787e1e203d
TFTPD32 / TFTPD64 4.5 Denial Of Service
Posted May 14, 2014
Authored by j0s3h4x0r

TFTPD32 / TFTPD64 version 4.5 denial of service proof of concept exploit.

tags | exploit, denial of service, proof of concept
SHA-256 | 42ed4ff9640def9f6fd33839dbae3c49f7b55a97232a7a177c395e0d6dbfe8ce
Easy File Sharing Web Server 6.8 Buffer Overflow
Posted May 14, 2014
Authored by superkojiman

Easy File Sharing Web Server version 6.8 suffers from a stack buffer overflow vulnerability.

tags | exploit, web, overflow
SHA-256 | 2b38f752e2f37e486df594774fc746aafc4525d616523a2f4e218fe2e7b1ebd2
K-Lite CODEC 10.45 Memory Corruption
Posted May 14, 2014
Authored by Aryan Bayaninejad

K-Lite CODEC version 10.45 suffers from a memory corruption vulnerability.

tags | exploit
SHA-256 | d866181716739a014909a1b7cf8fe59173e3754af89939afdbecc013c6736e72
Elastic Search File Read / Append
Posted May 14, 2014
Authored by Jeff Geiger | Site github.com

Elastic Search remote code execution exploit that leverages an issue which allows an attacker to read from and append to files on the system.

tags | exploit, remote, code execution
advisories | CVE-2014-3120
SHA-256 | 3299ff251ab0622ef68d21295c55f1a9622443f4a48b3ce749e6045ef42c4ae0
Page 1 of 1
Back1Next

File Archive:

June 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    19 Files
  • 2
    Jun 2nd
    16 Files
  • 3
    Jun 3rd
    28 Files
  • 4
    Jun 4th
    0 Files
  • 5
    Jun 5th
    0 Files
  • 6
    Jun 6th
    19 Files
  • 7
    Jun 7th
    23 Files
  • 8
    Jun 8th
    11 Files
  • 9
    Jun 9th
    10 Files
  • 10
    Jun 10th
    4 Files
  • 11
    Jun 11th
    0 Files
  • 12
    Jun 12th
    0 Files
  • 13
    Jun 13th
    0 Files
  • 14
    Jun 14th
    0 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    0 Files
  • 18
    Jun 18th
    0 Files
  • 19
    Jun 19th
    27 Files
  • 20
    Jun 20th
    65 Files
  • 21
    Jun 21st
    10 Files
  • 22
    Jun 22nd
    8 Files
  • 23
    Jun 23rd
    6 Files
  • 24
    Jun 24th
    6 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close