exploit the possibilities
Showing 1 - 11 of 11 RSS Feed

Files Date: 2014-06-02

s3dvt Privilege Escalation
Posted Jun 2, 2014
Authored by Hector Marco, Ismael Ripoll

s3dvt suffers from a local privilege escalation vulnerability due to a lack of checking the setuid() return code.

tags | advisory, local
advisories | CVE-2013-6876
MD5 | 5223f59a5afab714e8ed88beb17f8a7a
Red Hat Security Advisory 2014-0590-01
Posted Jun 2, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-0590-01 - JBoss Enterprise Application Platform is a platform for Java applications, which integrates the JBoss Application Server with JBoss Hibernate and JBoss Seam. It was found that the secure processing feature of Xalan-Java had insufficient restrictions defined for certain properties and features. A remote attacker able to provide Extensible Stylesheet Language Transformations content to be processed by an application using Xalan-Java could use this flaw to bypass the intended constraints of the secure processing feature. Depending on the components available in the classpath, this could lead to arbitrary remote code execution in the context of the application server running the application that uses Xalan-Java.

tags | advisory, java, remote, arbitrary, code execution
systems | linux, redhat
advisories | CVE-2014-0107
MD5 | ba4c0f63ffa363226040ec88e757ca6a
Red Hat Security Advisory 2014-0591-01
Posted Jun 2, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-0591-01 - JBoss Enterprise Application Platform is a platform for Java applications, which integrates the JBoss Application Server with JBoss Hibernate and JBoss Seam. It was found that the secure processing feature of Xalan-Java had insufficient restrictions defined for certain properties and features. A remote attacker able to provide Extensible Stylesheet Language Transformations content to be processed by an application using Xalan-Java could use this flaw to bypass the intended constraints of the secure processing feature. Depending on the components available in the classpath, this could lead to arbitrary remote code execution in the context of the application server running the application that uses Xalan-Java.

tags | advisory, java, remote, arbitrary, code execution
systems | linux, redhat
advisories | CVE-2014-0107
MD5 | 7d82341a1753f3b892049f95e1fade44
Ubuntu Security Notice USN-2229-1
Posted Jun 2, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2229-1 - Joonas Kuorilehto discovered that GnuTLS incorrectly handled Server Hello messages. A malicious remote server or a man in the middle could use this issue to cause GnuTLS to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2014-3466
MD5 | 0124d81be4ef4312f42a21c6d1a77f57
DCMTK Privilege Escalation
Posted Jun 2, 2014
Authored by Hector Marco

DCMTK versions prior to 3.6.1 suffer from a privilege escalation vulnerability.

tags | advisory
advisories | CVE-2013-6825
MD5 | c5712934f300e2170048abfcfe2b15e9
Xilisoft Video Converter Ultimate 7.8.1 build-20140505 DLL Hijacking
Posted Jun 2, 2014
Authored by Osanda Malith

Xilisoft Video Converter Ultimate version 7.8.1 build-20140505 suffers from a DLL hijacking vulnerability.

tags | exploit
systems | windows
advisories | CVE-2014-3860
MD5 | 0ffd9dc1af419b2db05747d4b863ad16
Cetil Cross Site Scripting
Posted Jun 2, 2014
Authored by Felipe Andrian Peixoto

Software made by Cetil but now distributed for free by the Brazilian government suffers from a cross site scripting vulnerability. Note that this finding houses site-specific data.

tags | exploit, xss
MD5 | 389d4cc8da1d9a09201445bc5fbd5cce
Digital Whisper Electronic Magazine #51
Posted Jun 2, 2014
Authored by cp77fk4r, digitalwhisper

Digital Whisper Electronic Magazine issue 51. Written in Hebrew.

tags | magazine
MD5 | 89cce1f8fd71ddd8ce13de11eb186ffd
Ubuntu 12.04 3.x x86_64 perf_swevent_init Local Root
Posted Jun 2, 2014
Authored by Vitaly Nikolenko

Ubuntu 12.04 3.x x86_64 perf_swevent_init local kernel root exploit. Based on semtex.c.

tags | exploit, kernel, local, root
systems | linux, ubuntu
advisories | CVE-2013-2094
MD5 | 94de45a0e6f9685a1cccb740f7d7e2ff
Easy File Management Web Server 5.3 Buffer Overflow
Posted Jun 2, 2014
Authored by Julien Ahrens | Site rcesecurity.com

Easy File Management Web Server version 5.3 USERID remote buffer overflow exploit.

tags | exploit, remote, web, overflow
MD5 | 812e9b899b8fff4928463ec1818eab7c
WordPress Participants Database 1.5.4.8 SQL Injection
Posted Jun 2, 2014
Authored by Yarubo Research Team

WordPress Participants Database plugin versions 1.5.4.8 and below suffer from an arbitrary remote SQL injection vulnerability.

tags | exploit, remote, arbitrary, sql injection
MD5 | d6e1afcc6cd5694fc6b843b581eab617
Page 1 of 1
Back1Next

File Archive:

July 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    34 Files
  • 2
    Jul 2nd
    15 Files
  • 3
    Jul 3rd
    9 Files
  • 4
    Jul 4th
    8 Files
  • 5
    Jul 5th
    2 Files
  • 6
    Jul 6th
    3 Files
  • 7
    Jul 7th
    1 Files
  • 8
    Jul 8th
    15 Files
  • 9
    Jul 9th
    15 Files
  • 10
    Jul 10th
    20 Files
  • 11
    Jul 11th
    17 Files
  • 12
    Jul 12th
    16 Files
  • 13
    Jul 13th
    2 Files
  • 14
    Jul 14th
    1 Files
  • 15
    Jul 15th
    20 Files
  • 16
    Jul 16th
    27 Files
  • 17
    Jul 17th
    7 Files
  • 18
    Jul 18th
    5 Files
  • 19
    Jul 19th
    12 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close