exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 27 RSS Feed

Files Date: 2013-01-29 to 2013-01-30

DataLife Engine 9.7 PHP Code Injection
Posted Jan 29, 2013
Authored by EgiX | Site karmainsecurity.com

DataLife Engine version 9.7 suffers from a PHP code injection vulnerability in preview.php.

tags | exploit, php
advisories | CVE-2013-1412
SHA-256 | f9fca371c6cc4a2c4cbce0576e95fe335c2ff36d4ec6b96f3b9230f8bf8b8d3a
PFsense UTM Platform 2.0.1 XSS / CSRF
Posted Jan 29, 2013
Authored by Dimitris Strevinas

PFsense UTM Platform version 2.0.1 suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
SHA-256 | 45926ded3475024d0aef4360545bac2b39e3270b21031d2fb34960a446010ee1
Apple QuickTime Player 7.7.3 Out Of Bounds
Posted Jan 29, 2013
Authored by Debasish Mandal

Apple QuickTime Player Windows version 7.7.3 suffers from an out of bounds read vulnerability.

tags | exploit
systems | windows, apple
SHA-256 | 3d60aec0fbab876dd922d47e86103c69e20f4e9c1f873e349d83a0f172ffc979
Ruby on Rails JSON Processor YAML Deserialization Code Execution
Posted Jan 29, 2013
Authored by egypt, lian, jjarmoc | Site metasploit.com

This Metasploit module exploits a remote code execution vulnerability in the JSON request processor of the Ruby on Rails application framework. This vulnerability allows an attacker to instantiate a remote object, which in turn can be used to execute any ruby code remotely in the context of the application. This vulnerability is very similar to CVE-2013-0156. This Metasploit module has been tested successfully on RoR 3.0.9, 3.0.19, and 2.3.15. The technique used by this module requires the target to be running a fairly recent version of Ruby 1.9 (since 2011 or so). Applications using Ruby 1.8 may still be exploitable using the init_with() method, but this has not been demonstrated.

tags | exploit, remote, code execution, ruby
advisories | CVE-2013-0333
SHA-256 | 769b2cec718b2f5c0376d0da94e63d98f26719caaa5c210d5a2be3bf33552211
Adobe Reader XI Heap Overflow
Posted Jan 29, 2013
Authored by Nisso Kalim

Adobe Reader XI versions 11.x suffers from a heap overflow vulnerability.

tags | advisory, overflow
SHA-256 | e93727de120b805345d02968f070046cb2ce10e3faee74ce008a6633a0fdb4d2
Secunia Security Advisory 51938
Posted Jan 29, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Ruby on Rails, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory, ruby
SHA-256 | f8f2fda08519a9751c5bdec67f2f996af84c0564cbc21d2d177e11974a90327f
Secunia Security Advisory 51993
Posted Jan 29, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for libav. This fixes multiple vulnerabilities, where some have an unknown impact and others can be exploited by malicious people to compromise an application using the library.

tags | advisory, vulnerability
systems | linux, ubuntu
SHA-256 | bf31505f8243f243eee6339db3047943e840bf3ecaa78659562ff9632e30bcb3
Secunia Security Advisory 52004
Posted Jan 29, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Apple has acknowledged a vulnerability in Apple TV, which can be exploited by malicious people to compromise a user's device.

tags | advisory
systems | apple
SHA-256 | 9840930a77fca2f4cd3842453968b09047974315d55c6d17541a095360789604
Secunia Security Advisory 52002
Posted Jan 29, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two security issues and multiple vulnerabilities have been reported in Apple iOS, which can be exploited by malicious people to conduct cross-site scripting attacks, bypass certain security restrictions, and compromise a user's device.

tags | advisory, vulnerability, xss
systems | cisco, apple
SHA-256 | 31ff497d4f3b7b0479c3de4b8ce864679f6211c4c83c81478d03d0e11e141736
Secunia Security Advisory 51975
Posted Jan 29, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in FFmpeg, which can be exploited by malicious people to compromise an application using the library.

tags | advisory, vulnerability
SHA-256 | 076b706834305678cddbf7a406c81d6a5f943cea3b01ae77f6b08edc8aea4bf3
Secunia Security Advisory 52003
Posted Jan 29, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in libvirt, which can be exploited by malicious people to potentially compromise a vulnerable system.

tags | advisory
SHA-256 | 745124e07efbc9a073c26da55cce47a655a01e2796a59fd93f0aff3a72d75efe
Secunia Security Advisory 51999
Posted Jan 29, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for rubygem-activesupport. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
systems | linux, redhat
SHA-256 | f3d7078d3cf0a20d985472f1fdc53b66b74c96051b8b4671339dc41102a89af6
Secunia Security Advisory 51991
Posted Jan 29, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for ffmpeg. This fixes two vulnerabilities, which can be exploited by malicious people to compromise an application using the library.

tags | advisory, vulnerability
systems | linux, ubuntu
SHA-256 | e1ff122a88c54155c71a58d78833994b525b8e9f56ef9073292bc707c3b359b7
Secunia Security Advisory 51980
Posted Jan 29, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in Symfony, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory, vulnerability
SHA-256 | 38c9e43a5b9f8023220849289de8c8ef89f56af8e1a55a0e5694c9dcbfc7d8cb
Secunia Security Advisory 51989
Posted Jan 29, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Cisco IOS XR, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | cisco, osx
SHA-256 | 2d0aa8eff7c68934048cdf9b9b664df016672f45e7126aead14b00c428e92ee8
Secunia Security Advisory 51927
Posted Jan 29, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Junaid Hussain has discovered a vulnerability in the SolveMedia plugin for WordPress, which can be exploited by malicious people to conduct cross-site request forgery attacks.

tags | advisory, csrf
SHA-256 | f1a22067428b97770336fc3844a27c0134696405a3eb8250b6a3346d3f8bcfc7
Secunia Security Advisory 51982
Posted Jan 29, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for libssh. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | linux, ubuntu
SHA-256 | 7270662bfd73dc1abd94d5b8a3a40bc34dd88b721f38401e99d507209844dec5
Secunia Security Advisory 52006
Posted Jan 29, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - IBM has acknowledged multiple vulnerabilities in IBM WebSphere Message Broker, which can be exploited by malicious people to disclose potentially sensitive information, manipulate certain data, cause a DoS (Denial of Service), and potentially compromise a vulnerable system.

tags | advisory, denial of service, vulnerability
SHA-256 | 7588dd596008f36665dd121fe499bc546228d65b930f3ad91025e6e6e237a0ca
Secunia Security Advisory 52001
Posted Jan 29, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for libvirt. This fixes a vulnerability, which can be exploited by malicious people to potentially compromise a vulnerable system.

tags | advisory
systems | linux, redhat
SHA-256 | de476f7d369b16edb237506430b1a189fa7102ba1f02365997d72587783506c3
Secunia Security Advisory 52009
Posted Jan 29, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - IBM has acknowledged a vulnerability in IBM Tivoli Directory Integrator, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
SHA-256 | 564fe0fa8884922975dfcacb1158acc7d99addeef19447001188ea5a76b276b6
Secunia Security Advisory 51949
Posted Jan 29, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Rapid7 has reported two vulnerabilities in Portable UPnP SDK, which can be exploited by malicious people to compromise an application using the library.

tags | advisory, vulnerability
SHA-256 | 60b12f77e6a02e68eac2bc58f4a3d6ae3a3fcb9079974300c0a08fbf73f18d13
Red Hat Security Advisory 2013-0202-01
Posted Jan 29, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0202-01 - Ruby on Rails is a model–view–controller framework for web application development. Active Support provides support and utility classes used by the Ruby on Rails framework. A flaw was found in the way Active Support performed the parsing of JSON requests by translating them to YAML. A remote attacker could use this flaw to execute arbitrary code with the privileges of a Ruby on Rails application, perform SQL injection attacks, or bypass the authentication using a specially-created JSON request.

tags | advisory, remote, web, arbitrary, sql injection, ruby
systems | linux, redhat
advisories | CVE-2013-0333
SHA-256 | 677405cc6f27592547c54fbd53303da5f833360860544cfa0aad5d9de7076d40
Red Hat Security Advisory 2013-0201-01
Posted Jan 29, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0201-01 - Ruby on Rails is a model–view–controller framework for web application development. Active Support provides support and utility classes used by the Ruby on Rails framework. A flaw was found in the way Active Support performed the parsing of JSON requests by translating them to YAML. A remote attacker could use this flaw to execute arbitrary code with the privileges of a Ruby on Rails application, perform SQL injection attacks, or bypass the authentication using a specially-created JSON request.

tags | advisory, remote, web, arbitrary, sql injection, ruby
systems | linux, redhat
advisories | CVE-2013-0333
SHA-256 | 7085d262054b23233cc05f55745aba2be87d32348b742f0737def218a860a95f
Red Hat Security Advisory 2013-0199-01
Posted Jan 29, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0199-01 - The libvirt library is a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. In addition, libvirt provides tools for remote management of virtualized systems. A flaw was found in the way libvirtd handled connection cleanup under certain error conditions. A remote attacker able to establish a read-only connection to libvirtd could use this flaw to crash libvirtd or, potentially, execute arbitrary code with the privileges of the root user.

tags | advisory, remote, arbitrary, root
systems | linux, redhat
advisories | CVE-2013-0170
SHA-256 | 9b0926897ef2c7c11cb24ab1e055d63e9d0b4aadfbd76cf8b9d00499296212ff
Ubuntu Security Notice USN-1707-1
Posted Jan 29, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1707-1 - Yong Chuan Koh discovered that libssh incorrectly handled certain negotiation requests. A remote attacker could use this to cause libssh to crash, resulting in a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2013-0176
SHA-256 | 2a67a8edbc2942f40a6dcc4eeb9ad04e3853fe87333ab4951b991ce2693bdb61
Page 1 of 2
Back12Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close