exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 51 - 61 of 61 RSS Feed

Files Date: 2013-02-21 to 2013-02-22

Alt-N MDaemon WebAdmin Remote Code Execution
Posted Feb 21, 2013
Authored by Demetris Papapetrou, QSecure | Site qsecure.com.cy

The Alt-N MDaemon version 13.0.3 WebAdmin application suffers from a remote code execution vulnerability via the user account import facility.

tags | exploit, remote, code execution
SHA-256 | b1e0f846c97665c28984ae715b8e4178e351676b7e1aef82d5ac59c0302500d2
Alt-N MDaemon WorldClient Credential Disclosure
Posted Feb 21, 2013
Authored by Demetris Papapetrou, QSecure | Site qsecure.com.cy

The Alt-N MDaemon version 13.0.3 WorldClient application suffers from a credential disclosure vulnerability. This is possible because the application replies to a request with a response that contains the credentials in an encoded (reversible) format.

tags | exploit, info disclosure
SHA-256 | 5e526cfd34acc8dc5cebe4e940c88c797073c12adce735bb8dc9adf90132aebf
glFusion 1.2.2 Cross Site Scripting
Posted Feb 21, 2013
Authored by High-Tech Bridge SA | Site htbridge.com

glFusion version 1.2.2 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2013-1466
SHA-256 | 6306b577c5a62df9e36abe88ce8b0307d8747c5119f8cf35f07026923b542faa
Ubuntu Security Notice USN-1731-1
Posted Feb 21, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1731-1 - Stuart Stent discovered that Cinder would allow XML entity processing. A remote unauthenticated attacker could exploit this using the Cinder API to cause a denial of service via resource exhaustion.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2013-1664, CVE-2013-1664
SHA-256 | ef9e505dbeaa2ad430eea778d8ab79ad8cdd420cc8284cb9889efcadf8e51957
Ubuntu Security Notice USN-1730-1
Posted Feb 21, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1730-1 - Nathanael Burton discovered that Keystone did not properly verify disabled users. An authenticated but disabled user would continue to have access rights that were removed. Jonathan Murray discovered that Keystone would allow XML entity processing. A remote unauthenticated attacker could exploit this to cause a denial of service via resource exhaustion. Authenticated users could also use this to view arbitrary files on the Keystone server. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2013-0282, CVE-2013-0282, CVE-2013-1664, CVE-2013-1665
SHA-256 | 40cd9b1218bf350a4f1e6f5441962aa2cec841a1855cb9bd3ea8fb2559367309
Red Hat Security Advisory 2013-0533-01
Posted Feb 21, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0533-01 - Security: JBoss Web Services leaked side-channel data when distributing symmetric keys, allowing a remote attacker to recover the entire plain text form of a symmetric key. Spring framework could possibly evaluate Expression Language expressions twice, allowing a remote attacker to execute arbitrary code in the context of the application server, or to obtain sensitive information from the server.

tags | advisory, remote, web, arbitrary
systems | linux, redhat
advisories | CVE-2009-5066, CVE-2011-2487, CVE-2011-2730, CVE-2011-4575, CVE-2012-0034, CVE-2012-0874, CVE-2012-3369, CVE-2012-3370, CVE-2012-5370, CVE-2012-5478
SHA-256 | d0d6dd86868163ea86659cbce4e62fa346ab23fec9600a6fe72c27a787121386
Red Hat Security Advisory 2013-0532-01
Posted Feb 21, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0532-01 - Oracle Java SE version 7 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update fixes several vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. Further information about these flaws can be found on the Oracle Java SE Critical Patch Update Advisory page, listed in the References section. All users of java-1.7.0-oracle are advised to upgrade to these updated packages, which provide Oracle Java 7 Update 15 and resolve these issues. All running instances of Oracle Java must be restarted for the update to take effect.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2013-0169, CVE-2013-1484, CVE-2013-1485, CVE-2013-1486, CVE-2013-1487
SHA-256 | 715f873e25410bc468e412c2a033bb64beb683efec1499c2641f64dcbd2dd75b
Red Hat Security Advisory 2013-0531-01
Posted Feb 21, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0531-01 - Oracle Java SE version 6 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update fixes three vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. Further information about these flaws can be found on the Oracle Java SE Critical Patch Update Advisory page, listed in the References section. All users of java-1.6.0-sun are advised to upgrade to these updated packages, which provide Oracle Java 6 Update 41. All running instances of Oracle Java must be restarted for the update to take effect.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2013-0169, CVE-2013-1486, CVE-2013-1487
SHA-256 | 02aadfa81bfc8c12143738a124655e974f4700f9e9aebca7ab5638be2cd5ef43
Debian Security Advisory 2630-1
Posted Feb 21, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2630-1 - Sumit Soni discovered that PostgreSQL,an object-relational SQL database, could be forced to crash when an internal function was called with invalid arguments, resulting in denial of service.

tags | advisory, denial of service
systems | linux, debian
advisories | CVE-2013-0255
SHA-256 | 68e6406bf02a36ed88b2b1ddae4498139d15e7cbd52cc26578fcb88b80a2a64b
phpMyRecipes 1.2.2 SQL Injection
Posted Feb 21, 2013
Authored by cr4wl3r

phpMyRecipes version 1.2.2 remote SQL injection exploit.

tags | exploit, remote, sql injection
SHA-256 | 48cf9d477ec7a80c51ed5ab37dd272196f3a99397e30828b2d1164825dd48df9
RTTucson Quotations Database Authentication Bypass
Posted Feb 21, 2013
Authored by cr4wl3r

RTTucson Quotations Database Script suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
SHA-256 | cdcaa384c92df2bf334a9b66417054e96b8f61a54b8d21f9c18d3692cc3dc645
Page 3 of 3
Back123Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close