exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 26 - 46 of 46 RSS Feed

Files Date: 2012-10-10 to 2012-10-11

Secunia Security Advisory 50872
Posted Oct 10, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in Google Chrome, which can be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability
SHA-256 | afe1d65e35dbbe1a9c1cfa5c676b1615f2ff45ac8825572f492acc944ebf0d97
Secunia Security Advisory 50815
Posted Oct 10, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ibrahim El-Sayed has reported a vulnerability in Interspire Email Marketer, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
SHA-256 | 36340834fdfe55f14266ee6273d60aa7c60fc2db52f81ec3bb410db047a660c5
Secunia Security Advisory 50807
Posted Oct 10, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for the kernel. This fixes a vulnerability, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and potentially gain escalated privileges.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
SHA-256 | 17921d9a1831d4918b758b2ec92bb98c1c3e3a11cd095cb59bc2e533191350eb
Apple iOS Default SSH Password
Posted Oct 10, 2012
Authored by H D Moore | Site metasploit.com

This Metasploit module exploits the default credentials of Apple iOS when it has been jailbroken and the passwords for the 'root' and 'mobile' users have not been changed.

tags | exploit, root
systems | apple
SHA-256 | 54dd4f5278bc9c7459a9eb628b204ee6a8e4bb9050d89979261c0c78390b9f3a
HP Security Bulletin HPSBOV02822 SSRT100966
Posted Oct 10, 2012
Authored by HP | Site hp.com

HP Security Bulletin HPSBOV02822 SSRT100966 - Potential vulnerabilities have been identified with HP Secure Web Server (SWS) for OpenVMS. The vulnerabilities could be remotely exploited to create a Denial of Service (DoS), unauthorized access, or unauthorized disclosure of information. Revision 1 of this advisory.

tags | advisory, web, denial of service, vulnerability
advisories | CVE-2011-0419, CVE-2011-1928, CVE-2011-3192, CVE-2011-3368, CVE-2011-3607, CVE-2011-4317, CVE-2012-0031
SHA-256 | 21c104d295b4ae2e63eb3ca4f8927d747e86151bd3754aa34134f75312b342b7
Microsoft Security Bulletin Summary For October 2012
Posted Oct 10, 2012
Site microsoft.com

This bulletin summary lists 7 released Microsoft security bulletins for October, 2012.

tags | advisory
SHA-256 | 7e0015e0216f26ed892c9ac46de20faa28af7c33d4117349b8637dce7f10465c
Logica HotScan SWIFT Alliance Access Interface Buffer Overflow
Posted Oct 10, 2012
Authored by Anil Pazvant

The Hotscan Listener interface is prone to a buffer overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied input. This allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted font file.

tags | advisory, remote, denial of service, overflow, arbitrary
advisories | CVE-2012-2624
SHA-256 | 4d82bb2cdd5e00df2473121e20ac99ab0fed22e38807dad251dcffec376681c6
Wing FTP Server 4.x Denial Of Service
Posted Oct 10, 2012
Authored by Anil Pazvant

Wing FTP server versions prior to 4.1.1 suffer from a denial of service vulnerability.

tags | advisory, denial of service
advisories | CVE-2012-4729
SHA-256 | 5218cc363cc8502cf2bb7b724b8e65515218ed7cc7fcb5b6190fbf513f38f13e
MS IE CVE-2012-4969 Analysis
Posted Oct 10, 2012
Authored by KAIST CSRC

This document is an analysis of the Microsoft Internet Explorer use-after-free vulnerability as noted in CVE-2012-4969.

tags | paper
advisories | CVE-2012-4969
SHA-256 | 71be4f13df3ab83a03a854c8af051074e8ab424be281df96d72b7c7300338be3
Microsoft Windows Privilege Escalation
Posted Oct 10, 2012
Authored by High-Tech Bridge SA | Site htbridge.com

High-Tech Bridge Security Research Lab has discovered a vulnerability in Microsoft Windows which could be exploited to escalate privileges under certain conditions. The vulnerability exists due to the "IKE and AuthIP IPsec Keying Modules" system service, which tries to load the wlbsctrl.dll DLL that is missing after default Windows installation. Proof of concept included.

tags | exploit, proof of concept
systems | linux, windows
SHA-256 | 59c748e21d43b8cf7dd9c2c3ce4ae6dbd13341240e0cfa60bbf3d2ee4d85b88e
TinyCMS 1.4 Local File Inclusion
Posted Oct 10, 2012
Authored by Phizo

TinyCMS versions 1.2 through 1.4 suffer from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
SHA-256 | bf76fb44a7c3064cbdd9616afb751e33dd5f67dd21c93ed1a6dd5b2f80c3ba67
VLC Player 2.0.3 ReadAV Arbitrary Code Execution
Posted Oct 10, 2012
Authored by Jean Pascal Pereira

VLC Player version 2.0.3 suffers from a ReadAV arbitrary code execution vulnerability.

tags | exploit, arbitrary, code execution
SHA-256 | b8d9e4b0937d2e4052d917d3fa45e638484b85c6cfa01eb95f048b90e9486e2f
Technical Cyber Security Alert 2012-283A
Posted Oct 10, 2012
Authored by US-CERT | Site us-cert.gov

Technical Cyber Security Alert 2012-283A - Select Microsoft software products contain multiple vulnerabilities. Microsoft has released updates to address these vulnerabilities.

tags | advisory, vulnerability
SHA-256 | d28aa6d4a5da0493cd355a00a8fe0309ef30dc9a848b8b3e88e8b4cd9f95977c
Opera 12.02 Cross Site Scripting
Posted Oct 10, 2012
Authored by volema.com

Opera appears to suffer from a cross site scripting vulnerability due to a content inspection issue with image/svg+xml.

tags | exploit, xss
SHA-256 | 47c58bfa83f5960e04d82e9e18ef5a405a829e835b66320e8d0d8cd3da1b9ba0
Dark Comet RAT SQL Injection / Arbitrary File Access
Posted Oct 10, 2012
Authored by Jesse Hertz, Shawn Denbow | Site matasano.com

This is a whitepaper from Matasano that documents multiple zero day vulnerabilities in Dark Comet RAT. These issues include remote SQL injection, man in the middle issues, and arbitrary file access.

tags | exploit, remote, arbitrary, vulnerability, sql injection
SHA-256 | 5fdcf5fad602c3cbdde40ce41d88d40d8290dff47e5bc4bbe9fddeba61cb22a4
Red Hat Security Advisory 2012-1346-01
Posted Oct 10, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1346-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update fixes several vulnerabilities in Adobe Flash Player. These vulnerabilities are detailed on the Adobe security page APSB12-22, listed in the References section. Specially-crafted SWF content could cause flash-plugin to crash or, potentially, execute arbitrary code when a victim loads a page containing the malicious SWF content.

tags | advisory, web, arbitrary, vulnerability
systems | linux, redhat
advisories | CVE-2012-5248, CVE-2012-5249, CVE-2012-5250, CVE-2012-5251, CVE-2012-5252, CVE-2012-5253, CVE-2012-5254, CVE-2012-5255, CVE-2012-5256, CVE-2012-5257, CVE-2012-5258, CVE-2012-5259, CVE-2012-5260, CVE-2012-5261, CVE-2012-5262, CVE-2012-5263, CVE-2012-5264, CVE-2012-5265, CVE-2012-5266, CVE-2012-5267, CVE-2012-5268, CVE-2012-5269, CVE-2012-5270, CVE-2012-5271, CVE-2012-5272
SHA-256 | fe52d2cd52383705b081903c0dab09a02ccaac94d90a3263f1e439fe61e76d68
Ubuntu Security Notice USN-1599-1
Posted Oct 10, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1599-1 - Pablo Neira Ayuso discovered a flaw in the credentials of netlink messages. An unprivileged local attacker could exploit this by getting a netlink based service, that relies on netlink credentials, to perform privileged actions.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2012-3520
SHA-256 | 97f627a7e057b15463f0a1a2f5d4e63676147038092fdff6afdd937a3f30f550
Ubuntu Security Notice USN-1598-1
Posted Oct 10, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1598-1 - An error was discovered in the Linux kernel's network TUN/TAP device implementation. A local user with access to the TUN/TAP interface (which is not available to unprivileged users until granted by a root user) could exploit this flaw to crash the system or potential gain administrative privileges.

tags | advisory, kernel, local, root
systems | linux, ubuntu
advisories | CVE-2012-2136
SHA-256 | 9e6e98f1d12d479aa751fca255131825ffe9ffe0e3735a640d668a1119355906
Red Hat Security Advisory 2012-1350-01
Posted Oct 10, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1350-01 - Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. Two flaws in Firefox could allow a malicious website to bypass intended restrictions, possibly leading to information disclosure, or Firefox executing arbitrary code. Note that the information disclosure issue could possibly be combined with other flaws to achieve arbitrary code execution.

tags | advisory, web, arbitrary, code execution, info disclosure
systems | linux, redhat
advisories | CVE-2012-1956, CVE-2012-3982, CVE-2012-3986, CVE-2012-3988, CVE-2012-3990, CVE-2012-3991, CVE-2012-3992, CVE-2012-3993, CVE-2012-3994, CVE-2012-3995, CVE-2012-4179, CVE-2012-4180, CVE-2012-4181, CVE-2012-4182, CVE-2012-4183, CVE-2012-4184, CVE-2012-4185, CVE-2012-4186, CVE-2012-4187, CVE-2012-4188
SHA-256 | c8d7292c8a6e60864621280d45d831aa43f4c5b9661f6df6ad09a301b22438f6
Red Hat Security Advisory 2012-1351-01
Posted Oct 10, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1351-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the processing of malformed content. Malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. Two flaws in Thunderbird could allow malicious content to bypass intended restrictions, possibly leading to information disclosure, or Thunderbird executing arbitrary code. Note that the information disclosure issue could possibly be combined with other flaws to achieve arbitrary code execution.

tags | advisory, arbitrary, code execution, info disclosure
systems | linux, redhat
advisories | CVE-2012-1956, CVE-2012-3982, CVE-2012-3986, CVE-2012-3988, CVE-2012-3990, CVE-2012-3991, CVE-2012-3992, CVE-2012-3993, CVE-2012-3994, CVE-2012-3995, CVE-2012-4179, CVE-2012-4180, CVE-2012-4181, CVE-2012-4182, CVE-2012-4183, CVE-2012-4184, CVE-2012-4185, CVE-2012-4186, CVE-2012-4187, CVE-2012-4188
SHA-256 | 04a92bb829de1fb8dac97dcd040a06a8fa9a0030cb8e56101023c6d8cd50f381
Red Hat Security Advisory 2012-1347-01
Posted Oct 10, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1347-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A flaw was found in the way socket buffers requiring TSO were handled by the sfc driver. If the skb did not fit within the minimum-size of the transmission queue, the network card could repeatedly reset itself. A remote attacker could use this flaw to cause a denial of service.

tags | advisory, remote, denial of service, kernel
systems | linux, redhat
advisories | CVE-2012-2319, CVE-2012-3412
SHA-256 | 6f66d7dd2d6f97c26921d531cc145e222d7eb29497db986be50430fd5b4aa23b
Page 2 of 2
Back12Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close