exploit the possibilities
Showing 1 - 16 of 16 RSS Feed

Files Date: 2014-10-06

VIGOR 2130 Command Injection / Cross Site Request Forgery
Posted Oct 6, 2014
Authored by Erik-Paul Dittmer, Victor van der Veen

VIGOR 2130 suffers from command injection and cross site request forgery vulnerabilities.

tags | exploit, vulnerability, csrf
MD5 | 1a11f9d6d1f6938635a07e6145820969
Mandos Encrypted File System Unattended Reboot Utility 1.6.9
Posted Oct 6, 2014
Authored by Teddy | Site fukt.bsnet.se

The Mandos system allows computers to have encrypted root file systems and at the same time be capable of remote or unattended reboots. The computers run a small client program in the initial RAM disk environment which will communicate with a server over a network. All network communication is encrypted using TLS. The clients are identified by the server using an OpenPGP key that is unique to each client. The server sends the clients an encrypted password. The encrypted password is decrypted by the clients using the same OpenPGP key, and the password is then used to unlock the root file system.

Changes: Changed to emit standard D-Bus signal when D-Bus properties change.
tags | tool, remote, root
systems | linux, unix
MD5 | b7b95806c13a14a1ff66acac8ba1c80b
Apache mod_cgi Remote Command Execution
Posted Oct 6, 2014
Authored by Federico Galatolo

Apache mod_cgi remote command execution exploit that leverages shellshock.

tags | exploit, remote
advisories | CVE-2014-6271
MD5 | b6ff8ab70d6e49e4abe026324320ec00
Postfix SMTP Shellshock
Posted Oct 6, 2014
Authored by fattymcwopr

Postfix SMTP with procmail shellshock exploit that affects versions 4.2.x up through 4.2.48.

tags | exploit
advisories | CVE-2014-6271
MD5 | baa2136b106320a65c8c33e13a5d66e4
Red Hat Security Advisory 2014-1359-01
Posted Oct 6, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-1359-01 - Polkit-qt is a library that lets developers use the PolicyKit API through a Qt-styled API. The polkit-qt library is used by the KDE Authentication Agent, which is a part of kdelibs. It was found that polkit-qt handled authorization requests with PolicyKit via a D-Bus API that is vulnerable to a race condition. A local user could use this flaw to bypass intended PolicyKit authorizations. This update modifies polkit-qt to communicate with PolicyKit via a different API that is not vulnerable to the race condition. All polkit-qt users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue.

tags | advisory, local
systems | linux, redhat
advisories | CVE-2014-5033
MD5 | d18981d7ad04553492c16ff9c6271475
CA Technologies GNU Bash Shellshock
Posted Oct 6, 2014
Authored by Ken Williams | Site www3.ca.com

CA Technologies is investigating multiple GNU Bash vulnerabilities, referred to as the "Shellshock" vulnerabilities, which were publicly disclosed on September 24-27, 2014. CVE identifiers CVE-2014-6271, CVE-2014-7169, CVE-2014-7186, CVE-2014-7187, CVE-2014-6277, and CVE-2014-6278 have been assigned to these vulnerabilities. These vulnerabilities could allow a local or remote attacker to utilize specially crafted input to execute arbitrary commands or code.

tags | advisory, remote, arbitrary, local, vulnerability, bash
advisories | CVE-2014-6271, CVE-2014-6277, CVE-2014-6278, CVE-2014-7169, CVE-2014-7186, CVE-2014-7187
MD5 | 4023510a267f233dc5466a8b9b0dc489
Gentoo Linux Security Advisory 201410-01
Posted Oct 6, 2014
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201410-1 - Multiple parsing flaws in Bash could allow remote attackers to inject code or cause a Denial of Service condition. Versions less than 4.2_p52 are affected.

tags | advisory, remote, denial of service, bash
systems | linux, gentoo
advisories | CVE-2014-6277, CVE-2014-6278, CVE-2014-7186, CVE-2014-7187
MD5 | e14fe4e0a7f25ed744e4b9d77c5d0e7c
Debian Security Advisory 3046-1
Posted Oct 6, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3046-1 - It was reported that MediaWiki, a website engine for collaborative work, allowed to load user-created CSS on pages where user-created JavaScript is not allowed. A wiki user could be tricked into performing actions by manipulating the interface from CSS, or JavaScript code being executed from CSS, on security-wise sensitive pages like Special:Preferences and Special:UserLogin. This update removes the separation of CSS and JavaScript module allowance.

tags | advisory, javascript
systems | linux, debian
advisories | CVE-2014-7295
MD5 | f7589dc4e9d2f3e241f5d7c3deb5e578
Debian Security Advisory 3045-1
Posted Oct 6, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3045-1 - Several vulnerabilities were discovered in qemu, a fast processor emulator.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2014-0142, CVE-2014-0143, CVE-2014-0144, CVE-2014-0145, CVE-2014-0146, CVE-2014-0147, CVE-2014-0222, CVE-2014-0223, CVE-2014-3615, CVE-2014-3640
MD5 | 9b35204924e44edd284b20ee1afa2473
Debian Security Advisory 3044-1
Posted Oct 6, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3044-1 - Several vulnerabilities were discovered in qemu-kvm, a full virtualization solution on x86 hardware.

tags | advisory, x86, vulnerability
systems | linux, debian
advisories | CVE-2014-0142, CVE-2014-0143, CVE-2014-0144, CVE-2014-0145, CVE-2014-0146, CVE-2014-0147, CVE-2014-0222, CVE-2014-0223, CVE-2014-3615, CVE-2014-3640
MD5 | 3cd4013ba701af6fbda372a6d4b4b3bf
Debian Security Advisory 3042-1
Posted Oct 6, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3042-1 - Stefano Zacchiroli discovered a vulnerability in exuberant-ctags, a tool files cause ctags to enter an infinite loop until it runs out of disk space, resulting in denial of service.

tags | advisory, denial of service
systems | linux, debian
advisories | CVE-2014-7204
MD5 | 7ea6fe3a1e9da21d84dce58e6ec05813
Ultra Electronics 7.2.0.19 / 7.4.0.7 SQL Injection / Direction Creation
Posted Oct 6, 2014
Site osisecurity.com

Ultra Electronics versions 7.2.0.19 and 7.4.0.7 suffers from directory creation and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
MD5 | 8f6b8252a4f4033b464690cdfa3a7e70
Asx To MP3 2.7.5 Stack Buffer Overflow
Posted Oct 6, 2014
Authored by Amir Reza Tavakolian

Asx To MP3 version 2.7.5 suffers from a buffer overflow vulnerability.

tags | exploit, overflow
MD5 | 1957278ffa8a425a2dbdb20224b48546
PayPal Inc GP+ Cross Site Scripting
Posted Oct 6, 2014
Authored by Benjamin Kunz Mejri | Site vulnerability-lab.com

The PayPal Inc GP+ online service web application suffered from cross site scripting vulnerabilities.

tags | exploit, web, vulnerability, xss
MD5 | b0d21f8b3067a46e46cf726fdedad1e3
PayPal Here Cross Site Scripting
Posted Oct 6, 2014
Authored by Benjamin Kunz Mejri | Site vulnerability-lab.com

The PayPal Here mobile notify me online service web application suffered from multiple cross site scripting vulnerabilities.

tags | exploit, web, vulnerability, xss
MD5 | 502de5a25cab3b4666b22fd320561382
TeamSpeak Client 3.0.14 Buffer Overflow
Posted Oct 6, 2014
Authored by Christian Galeone, SpyEye

TeamSpeak Client version 3.0.14 suffers from a buffer overflow vulnerability.

tags | exploit, overflow
advisories | CVE-2014-7221, CVE-2014-7222
MD5 | 6ae4f9f99dbc558ab6b5d1659629a0b5
Page 1 of 1
Back1Next

File Archive:

May 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    16 Files
  • 2
    May 2nd
    8 Files
  • 3
    May 3rd
    8 Files
  • 4
    May 4th
    2 Files
  • 5
    May 5th
    1 Files
  • 6
    May 6th
    15 Files
  • 7
    May 7th
    22 Files
  • 8
    May 8th
    16 Files
  • 9
    May 9th
    17 Files
  • 10
    May 10th
    16 Files
  • 11
    May 11th
    3 Files
  • 12
    May 12th
    4 Files
  • 13
    May 13th
    25 Files
  • 14
    May 14th
    24 Files
  • 15
    May 15th
    78 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    16 Files
  • 18
    May 18th
    2 Files
  • 19
    May 19th
    1 Files
  • 20
    May 20th
    11 Files
  • 21
    May 21st
    21 Files
  • 22
    May 22nd
    20 Files
  • 23
    May 23rd
    36 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close