what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 26 - 46 of 46 RSS Feed

Files Date: 2012-03-15 to 2012-03-16

EMC NetWorker (Legato) 7.6 SP3 Invalid Read Access
Posted Mar 15, 2012
Authored by Luigi Auriemma | Site aluigi.org

EMC NetWorker (Legato) versions 7.6 SP3 (7.6.3.2 Build 860) and below suffer from an invalid read access vulnerability.

tags | exploit
systems | linux
SHA-256 | 9ea24b40665e9f5dcba92fbbe403938d3b548eadadc65b9a1a986d44479c992e
Epson EventManager 2.50 Denial Of Service
Posted Mar 15, 2012
Authored by Luigi Auriemma | Site aluigi.org

Epson EventManager versions 2.50 and below suffer from a remote denial of service vulnerability.

tags | exploit, remote, denial of service
systems | linux
SHA-256 | e9ed7d61f4b3e9141efd05f83faf0bccc4dfb4b5e305505630db6036832c77cd
lshell 0.9.15
Posted Mar 15, 2012
Authored by Ignace Mouzannar | Site lshell.ghantoos.org

lshell lets you restrict a user's shell environment to limited sets of commands, choose to enable or disable any command over SSH (e.g. SCP, SFTP, rsync, etc.), log user's commands, implement timing restrictions, and more.

Changes: This major release adds many features, from live configuration reloading to wildcard use, and fixes many major bugs.
tags | tool, shell
systems | unix
SHA-256 | e0c15e05fe5c02cd057f800604bc09cdea79a4698550660db5ecfb15234fac0e
Cisco Security Advisory 20120314-fwsm
Posted Mar 15, 2012
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - The Cisco Catalyst 6500 Series Firewall Services Module (FWSM) contains a Protocol Independent Multicast (PIM) Denial of Service Vulnerability. Cisco has released free software updates that address this vulnerability. There are no workarounds available that mitigate this vulnerability.

tags | advisory, denial of service, protocol
systems | cisco
advisories | CVE-2012-0356
SHA-256 | b2d753db8670f511ab233fbc0da85ac98cdb6404ff6af24d3fb8bac84211ab37
Cisco Security Advisory 20120314-asa
Posted Mar 15, 2012
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Cisco ASA 5500 Series Adaptive Security Appliances (ASA) and Cisco Catalyst 6500 Series ASA Services Module (ASASM) are affected by the following vulnerabilities: * Cisco ASA UDP Inspection Engine Denial of Service Vulnerability * Cisco ASA Threat Detection Denial of Service Vulnerability * Cisco ASA Syslog Message 305006 Denial of Service Vulnerability * Protocol-Independent Multicast Denial of Service Vulnerability These vulnerabilities are independent of each other; a release that is affected by one of the vulnerabilities may not be affected by the others. Cisco has released free software updates that address these vulnerabilities. Workarounds are available to mitigate some of the vulnerabilities.

tags | advisory, denial of service, udp, vulnerability, protocol
systems | cisco
advisories | CVE-2012-0353, CVE-2012-0354, CVE-2012-0355, CVE-2012-0356
SHA-256 | 990c9a606064bf238d98e228790139578f19956f848e51c0a0e2979bcdd36a50
Cisco Security Advisory 20120314-asaclient
Posted Mar 15, 2012
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - The Cisco Clientless VPN solution as deployed by Cisco ASA 5500 Series Adaptive Security Appliances (Cisco ASA) uses an ActiveX control on client systems to perform port forwarding operations. Microsoft Windows-based systems that are running Internet Explorer or another browser that supports Microsoft ActiveX technology may be affected if the system has ever connected to a device that is running the Cisco Clientless VPN solution. A remote, unauthenticated attacker who could convince a user to connect to a malicious web page could exploit this issue to execute arbitrary code on the affected machine with the privileges of the web browser. The affected ActiveX control is distributed to endpoint systems by Cisco ASA. However, the impact of successful exploitation of this vulnerability is to the endpoint system only and does not compromise Cisco ASA devices. Cisco has released free software updates that address this vulnerability. Workarounds that mitigate this vulnerability are available.

tags | advisory, remote, web, arbitrary, activex
systems | cisco, windows
advisories | CVE-2012-0358
SHA-256 | d5eb4f15929e22adebee6cabc4901b0a19fd375282c7f4226edd361bb721237f
Drupal Fancy Slide Cross Site Scripting
Posted Mar 15, 2012
Authored by Justin C. Klein Keane | Site drupal.org

The Fancy Slide module in Drupal 6.x suffers from a cross site scripting vulnerability.

tags | advisory, xss
SHA-256 | ce87c631b76cdb497819c7041674eeeb2c74a0e1c28234e06f9ed1159f8722b4
Drupal CKEditor / FCKeditor XSS / XSRF / Code Execution
Posted Mar 15, 2012
Authored by Heine Deelstra | Site drupal.org

CKEditor and FCKeditor modules in Drupal versions 6.x and 7.x suffer from PHP code execution, cross site request forgery, and cross site scripting vulnerabilities.

tags | advisory, php, vulnerability, code execution, xss, csrf
SHA-256 | aaa6ea9e677ff1cded922b9064a43bda0cfc2a65959bfa6b93813933823bdbd6
Drupal Language Icons Cross Site Scripting
Posted Mar 15, 2012
Authored by Frederik S. Olesen, Jose Reyero | Site drupal.org

The Language Icons module in Drupal versions 6.x and 7.x suffers from a cross site scripting vulnerability.

tags | advisory, xss
SHA-256 | 23998b93437f4e5eff6ba6b5bbb1023e4ebe011636d6dfbb2128663087bcaf03
WM Downloader 3.1.2.2.2010.04.15 Buffer Overflow
Posted Mar 15, 2012
Authored by KaHPeSeSe | Site metasploit.com

This Metasploit module exploits WM Downloader version 3.1.2.2.2010.04.15 that creates a malicious .m3u file that triggers a buffer overflow vulnerability to spawn calc.exe.

tags | exploit, overflow
SHA-256 | bb84df62bd9bf2bca8609ea6057761bbc630f7b9514ea708c2c6c8e89214497a
Carbylamine PHP Encoder
Posted Mar 15, 2012
Authored by Prakhar Prasad | Site code.google.com

Carbylamine PHP Encoder is a PHP Encoder for obfuscating/encoding PHP files so that antivirus detection signatures can be bypassed.

tags | tool, php, rootkit
systems | unix
SHA-256 | 6f197acdeea20ab9bfd507bc9b7b41f814bbf276f8f26d7b7d2f1d89744c1b14
Drupal 7.x Views Language Switcher Cross Site Scripting
Posted Mar 15, 2012
Authored by Chris Ruppel | Site drupal.org

The Views Language Switcher in Drupal version 7.x suffers from a cross site scripting vulnerability.

tags | advisory, xss
SHA-256 | a2cff07f9cea7897070db7e929d453738c928b2a089313802fc27cd3235a7dc0
NTG Haber Yazilim 1 SQL Injection
Posted Mar 15, 2012
Authored by 3spi0n

NTG Haber Yazilim version 1 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 914b8e8df58fa6f3377ea25bf850a0f6741cde17b85bcb1a1dca5504b808a031
Oracle Exadata Infiniband Switch Default Logins / Poor Configuration
Posted Mar 15, 2012
Authored by Larry W. Cashdollar

Oracle Exadata Infiniband Switch suffers from default logins and a world readable shadow file.

tags | exploit
SHA-256 | 7e5478fdcf18712f433486ced03cd8f6db6de63a872fcfdbfc813aea0e823206
Volusion Chat Cross Site Scripting
Posted Mar 15, 2012
Authored by Sony

Volusion Chat suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 270904e7e12f13596a1278f3d5039ba28bbf74c51d5ac4e023c842bd92bdc64a
WM Downloader 3.1.2.2.2010.04.15 Buffer Overflow
Posted Mar 15, 2012
Authored by KaHPeSeSe

WM Downloader version 3.1.2.2.2010.04.15 buffer overflow exploit that creates a malicious .m3u file.

tags | exploit, overflow
SHA-256 | e1bb4cff44fcd91ee1892d5520377ffc0e3b76fb4526b3ec88eaa16c92fa1267
FreeFloat FTP Server TEST Buffer Overflow
Posted Mar 15, 2012
Authored by KaHPeSeSe | Site metasploit.com

This Metasploit module exploits a FreeFloat FTP Server Buffer Overflow found in the TEST command.

tags | exploit, overflow
SHA-256 | 35f90de610d979dc9d840b4ee706c0b53cbf44e83f5efd4dc94f3cc41dca9ecd
Red Hat Security Advisory 2012-0387-01
Posted Mar 15, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0387-01 - Mozilla Firefox is an open source web browser. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. Two flaws were found in the way Firefox parsed certain Scalable Vector Graphics image files. A web page containing a malicious SVG image file could cause an information leak, or cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox.

tags | advisory, web, arbitrary
systems | linux, redhat
advisories | CVE-2012-0451, CVE-2012-0455, CVE-2012-0456, CVE-2012-0457, CVE-2012-0458, CVE-2012-0459, CVE-2012-0460, CVE-2012-0461, CVE-2012-0462, CVE-2012-0464
SHA-256 | 54c3b9a3bc3b539c19efaab86387cb31f5468f34c7133309f16ce134aab81c47
Red Hat Security Advisory 2012-0388-01
Posted Mar 15, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0388-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the processing of malformed content. Malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. Two flaws were found in the way Thunderbird parsed certain Scalable Vector Graphics image files. An HTML mail message containing a malicious SVG image file could cause an information leak, or cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird.

tags | advisory, arbitrary
systems | linux, redhat
advisories | CVE-2012-0451, CVE-2012-0455, CVE-2012-0456, CVE-2012-0457, CVE-2012-0458, CVE-2012-0459, CVE-2012-0460, CVE-2012-0461, CVE-2012-0462, CVE-2012-0464
SHA-256 | 3dd40ab51030e9ae870a195c9b560c97904e1bb39c116285b0e7dade2276f05e
360-FAAR Firewall Analysis Audit And Repair 0.1.7
Posted Mar 15, 2012
Authored by Dan Martin | Site sourceforge.net

360-FAAR Firewall Analysis Audit and Repair is an offline command line perl policy manipulation tool to filter, compare to logs, merge, translate and output firewall commands for new policies, in checkpoint dbedit or screenos commands.

Changes: This release adds a Cisco asa log reader and fixes many bugs in the Cisco and Netscreen policy readers.
tags | tool, perl
systems | unix
SHA-256 | 88fc63ec0972b2501852fc4f0e3308b885982bd391d185e2e5897765d93e3d45
Aloservicos SQL Injection
Posted Mar 15, 2012
Authored by the_cyber_nuxbie

Aloservicos suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 88305184c6874f6c295a06e0558e989bb656b56c6242fda21420750e78eed31b
Page 2 of 2
Back12Next

File Archive:

June 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    0 Files
  • 2
    Jun 2nd
    0 Files
  • 3
    Jun 3rd
    18 Files
  • 4
    Jun 4th
    21 Files
  • 5
    Jun 5th
    0 Files
  • 6
    Jun 6th
    57 Files
  • 7
    Jun 7th
    6 Files
  • 8
    Jun 8th
    0 Files
  • 9
    Jun 9th
    0 Files
  • 10
    Jun 10th
    12 Files
  • 11
    Jun 11th
    27 Files
  • 12
    Jun 12th
    38 Files
  • 13
    Jun 13th
    16 Files
  • 14
    Jun 14th
    14 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    16 Files
  • 18
    Jun 18th
    26 Files
  • 19
    Jun 19th
    0 Files
  • 20
    Jun 20th
    0 Files
  • 21
    Jun 21st
    0 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close