exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 76 - 100 of 611 RSS Feed

Files Date: 2013-02-01 to 2013-02-28

Ubuntu Security Notice USN-1741-1
Posted Feb 22, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1741-1 - Suleiman Souhlal, Salman Qazi, Aaron Durbin and Michael Davidson discovered a race condition in the Linux kernel's ptrace syscall. An unprivileged local attacker could exploit this flaw to run programs as an administrator.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2013-0871
SHA-256 | eb2c5bd4dfc428ab867253b2af2dcc1b2cdd1973887db258045f6a16c3a74b25
Ubuntu Security Notice USN-1740-1
Posted Feb 22, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1740-1 - Suleiman Souhlal, Salman Qazi, Aaron Durbin and Michael Davidson discovered a race condition in the Linux kernel's ptrace syscall. An unprivileged local attacker could exploit this flaw to run programs as an administrator.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2013-0871
SHA-256 | e1fdabab72af4143124c0ab88ecbab3fccaa33dddd0986932cf63009220ed845
Ubuntu Security Notice USN-1739-1
Posted Feb 22, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1739-1 - Suleiman Souhlal, Salman Qazi, Aaron Durbin and Michael Davidson discovered a race condition in the Linux kernel's ptrace syscall. An unprivileged local attacker could exploit this flaw to run programs as an administrator.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2013-0871
SHA-256 | 58b0c3ab55d814a0de2780b66cfcb90279094bfa49ea7e219cbc6f285d43ef49
Ubuntu Security Notice USN-1738-1
Posted Feb 22, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1738-1 - Suleiman Souhlal, Salman Qazi, Aaron Durbin and Michael Davidson discovered a race condition in the Linux kernel's ptrace syscall. An unprivileged local attacker could exploit this flaw to run programs as an administrator.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2013-0871
SHA-256 | 473f39dbfe2b310d358455320893c8f03c0a0e0f16502df8f41ca7601bbddbe8
Ubuntu Security Notice USN-1737-1
Posted Feb 22, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1737-1 - Suleiman Souhlal, Salman Qazi, Aaron Durbin and Michael Davidson discovered a race condition in the Linux kernel's ptrace syscall. An unprivileged local attacker could exploit this flaw to run programs as an administrator.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2013-0871
SHA-256 | d4706f73edfaf7396bc83d22e3a782836f94b2cdf76572a50614650e19abd845
Ubuntu Security Notice USN-1745-1
Posted Feb 22, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1745-1 - Suleiman Souhlal, Salman Qazi, Aaron Durbin and Michael Davidson discovered a race condition in the Linux kernel's ptrace syscall. An unprivileged local attacker could exploit this flaw to run programs as an administrator.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2013-0871
SHA-256 | 9d4310af2ab2d674ea50ec8b0a5935369bae9e6f1691b71538f3f19cf84afb53
Ubuntu Security Notice USN-1744-1
Posted Feb 22, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1744-1 - Suleiman Souhlal, Salman Qazi, Aaron Durbin and Michael Davidson discovered a race condition in the Linux kernel's ptrace syscall. An unprivileged local attacker could exploit this flaw to run programs as an administrator.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2013-0871
SHA-256 | 93d1156c3ee62445d44798d63acaf85ec5c33b8f8d64eeca80c0636e8ada95dc
HexInject 1.5
Posted Feb 22, 2013
Authored by crossbower | Site hexinject.sourceforge.net

HexInject is a hexadecimal and raw packet injector and sniffer. It can be easily combined with other tools to provide a powerful command line framework for raw network access. It will automatically set the correct checksum (IP, TCP, UDP, ICMP).

Changes: HexInject has now reached version 1.5 and a few changes have been made. In particular the features have been redistributed between multiple tools, following the unix philosophy.
tags | tool, udp, sniffer, tcp
systems | unix
SHA-256 | 329f0686069988ac0dae4a00082b205ac9669bc8e202d4b112c600bcbc198ce9
ipset 6.17
Posted Feb 22, 2013
Authored by Jan Engelhardt | Site ipset.netfilter.org

ipset allows administration of sets of IP addresses/networks, ports, MAC addresses, and interfaces, which are stored in hash or bitmap data structures. These can then be used in conjunction with iptables to do fast presence lookups.

Changes: This release fixes timeout value corruption on "set resize" and incorrect error messages during syntax errors.
tags | tool
systems | unix
SHA-256 | 7987bb8de1b0490b32084ab72165ae53038e497a96ab9940920280d8068629b0
Ubuntu Security Notice USN-1736-1
Posted Feb 22, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1736-1 - Suleiman Souhlal, Salman Qazi, Aaron Durbin and Michael Davidson discovered a race condition in the Linux kernel's ptrace syscall. An unprivileged local attacker could exploit this flaw to run programs as an administrator.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2013-0871
SHA-256 | c377309fa89eacd116ebdc9e511fcb0898f5c0337e541264181832f66e9e1c9c
Linux/x86 Shadow File Permission Change Shellcode
Posted Feb 22, 2013
Authored by Hamza Megahed

58 bytes small execve-chmod 0777 /etc/shadow shellcode for Linux/x86.

tags | x86, shellcode
systems | linux
SHA-256 | a7f6493c29eaa6c5fa86369bc555ea86838321fabca4aca34bb09f26984c32dd
Linux/x86 Shell Execution Shellcode
Posted Feb 22, 2013
Authored by Hamza Megahed

23 bytes small execve /bin/sh shellcode for Linux/x86.

tags | x86, shellcode
systems | linux
SHA-256 | d6b39c58a3c5f85d506995a5d2b4b63f707d3d7f118f009cf9b1909a38419148
Linux/x86 Force Reboot Shellcode
Posted Feb 22, 2013
Authored by Hamza Megahed

36 bytes small force reboot shellcode for Linux/x86.

tags | x86, shellcode
systems | linux
SHA-256 | 4af8bcec4662f3215eea45c30529922a6381e79360c9d59e073b9d4ee57cbb73
Linux/x86 IPTables Flush Shellcode
Posted Feb 22, 2013
Authored by Hamza Megahed

43 bytes small iptables --flush shellcode for Linux/x86.

tags | x86, shellcode
systems | linux
SHA-256 | 724c023a48011a434ae6876d4022242b2f07b993c7d5fe8ea80010c17bbf50c1
Linux/x86 SSH Remote Port Forwarding Shellcode
Posted Feb 22, 2013
Authored by Hamza Megahed

87 bytes small remote SSH port forwarding shellcode for Linux/x86.

tags | remote, x86, shellcode
systems | linux
SHA-256 | f1ff60a24af967087acc64652b1858b4962898f89fb98d997d17aa1d1caac459
Skype Community Cross Site Scripting
Posted Feb 22, 2013
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

Skype Community suffers from a mail encoding vulnerability that allows for cross site scripting.

tags | exploit, xss
SHA-256 | f875298ab79c2bac8df467b2c5020347cac0994efeb657b8bd749495b90c5e33
Ubuntu Security Notice USN-1735-1
Posted Feb 22, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1735-1 - Nadhem Alfardan and Kenny Paterson discovered that the TLS protocol as used in OpenSSL was vulnerable to a timing side-channel attack known as the "Lucky Thirteen" issue. A remote attacker could use this issue to perform plaintext-recovery attacks via analysis of timing data. A vulnerability was discovered in the OpenJDK JRE related to information disclosure and data integrity. An attacker could exploit this to cause a denial of service. This issue only affected Ubuntu 12.10. Various other issues were also addressed.

tags | advisory, remote, denial of service, protocol, info disclosure
systems | linux, ubuntu
advisories | CVE-2013-0169, CVE-2013-1484, CVE-2013-1485, CVE-2013-0169, CVE-2013-1484, CVE-2013-1485, CVE-2013-1486, CVE-2013-1487
SHA-256 | 2261cb93a882de20b7e4c81f5368c093e6bdc017b92efb2dc8c82925d609cdd8
Oracle 11g Stealth Password Cracking
Posted Feb 21, 2013
Authored by Esteban Martinez Fayo | Site appsecinc.com

Team SHATTER Security Advisory - There is a flaw in the way that Authentication Session Keys are generated and protected by Oracle Database Server during the authentication process. It is possible to use this flaw to perform unlimited password guesses (cracking) of any user password in a similar way as if the password hash would be available. Oracle Database version 11gR1 and 11gR2 are affected.

tags | advisory
advisories | CVE-2012-3137
SHA-256 | 6de8cff55b66f1dae7efecbf927e6903f0d40a21e1f69993bb4e363b2732b39d
Oracle Alter FBA Table SQL Injection
Posted Feb 21, 2013
Authored by Martin Rakhmanov | Site appsecinc.com

Team SHATTER Security Advisory - Renaming a table having flashback archive using specially crafted table name triggers internal SQL injection. This allows users to execute code with elevated privileges. Oracle Database Enterprise Edition version 11.1 and 11.2 are affected.

tags | advisory, sql injection
advisories | CVE-2012-1751
SHA-256 | fe12a85f642cabb0360ed843da29b8d6e66283d99716b980d61f47a9ad23614c
HP Security Bulletin HPSBMU02836 SSRT101056
Posted Feb 21, 2013
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU02836 SSRT101056 - Potential security vulnerabilities have been identified with HP ArcSight Connector Appliance and HP ArcSight Logger. These vulnerabilities could be exploited remotely to allow disclosure of information, command injection and cross-site scripting (XSS). Revision 1 of this advisory.

tags | advisory, vulnerability, xss
advisories | CVE-2012-2960, CVE-2012-3286, CVE-2012-5198, CVE-2012-5199
SHA-256 | 14f9abc7c565329aeda8e943a1d8fa34bb61bd4bb69850d90b97b588c089d5d0
Red Hat Security Advisory 2013-0552-01
Posted Feb 21, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0552-01 - In accordance with the Red Hat Enterprise Virtualization Errata Support Policy, the support for Red Hat Enterprise Virtualization 2 will end on 1st March, 2013. Customers are recommended to upgrade their existing Red Hat Enterprise Virtualization 2.x installations to version 3.0. The upgrade from RHEV Manager version 2.2 running on Microsoft Windows to Red Hat Enterprise Virtualization Manager 3.0 running on Red Hat Enterprise Linux is fully supported and requires no downtime, during the upgrade all virtual machines will continue to run without loss of service.

tags | advisory
systems | linux, redhat, windows
SHA-256 | c50b91c502da9056e729946a5d451a8df385851f224db15587a947e0fe9c225c
Red Hat Security Advisory 2013-0544-01
Posted Feb 21, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0544-01 - Red Hat Subscription Asset Manager acts as a proxy for handling subscription information and software updates on client machines. It was discovered that Katello did not properly check user permissions when handling certain requests. An authenticated remote attacker could use this flaw to download consumer certificates or change settings of other users' systems if they knew the target system's UUID. A vulnerability in rubygem-ldap_fluff allowed a remote attacker to bypass authentication and log into Subscription Asset Manager when a Microsoft Active Directory server was used as the back-end authentication server.

tags | advisory, remote
systems | linux, redhat
advisories | CVE-2012-5561, CVE-2012-5603, CVE-2012-5604, CVE-2012-6109, CVE-2012-6496, CVE-2013-0162, CVE-2013-0183, CVE-2013-0184
SHA-256 | 40ed8cc02a824cba926dc987492cb7cfa65beb82b844986c7ceface61e3927c2
Red Hat Security Advisory 2013-0548-01
Posted Feb 21, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0548-01 - Red Hat CloudForms is an on-premise hybrid cloud Infrastructure-as-a-Service product that lets you create and manage private and public clouds. It provides self-service computing resources to users in a managed, governed, and secure way. Three flaws were found in rubygem-rack. A remote attacker could use these flaws to perform a denial of service attack against applications using rubygem-rack. It was found that documentation created by rubygem-rdoc was vulnerable to a cross-site scripting attack. If such documentation was accessible over a network, and a remote attacker could trick a user into visiting a specially-crafted URL, it would lead to arbitrary web script execution in the context of the user's session. As rubygem-rdoc is used for creating documentation for Ruby source files, it is not a common scenario to make such documentation accessible over the network.

tags | advisory, remote, web, denial of service, arbitrary, xss, ruby
systems | linux, redhat
advisories | CVE-2012-6109, CVE-2013-0162, CVE-2013-0183, CVE-2013-0184, CVE-2013-0256
SHA-256 | 7eeecf4bd61add69a8fdb62e0fc678b6962eaa82560b226a399c33ad350a2198
Red Hat Security Advisory 2013-0549-01
Posted Feb 21, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0549-01 - The redhat-ds-base packages provide Red Hat Directory Server, which is an LDAPv3 compliant server. The base packages include the Lightweight Directory Access Protocol server and command-line utilities for server administration. A flaw was found in the way the 389 Directory Server daemon handled access control instructions using certificate groups. If an LDAP user that had a certificate group defined attempted to bind to the directory server, it would cause ns-slapd to enter an infinite loop and consume an excessive amount of CPU time.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2012-0833
SHA-256 | dcc5bc41f9e0012dc142cd0fe93552492f5d9cd278e58d24ffb573240480fcfc
Ubuntu Security Notice USN-1734-1
Posted Feb 21, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1734-1 - Joshua Harlow discovered that Nova would allow XML entity processing. A remote unauthenticated attacker could exploit this using the Nova API to cause a denial of service via resource exhaustion.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2013-1664, CVE-2013-1664
SHA-256 | 6d3859f8e73a01c731e048bd1058cbd83ecde2953d41aa5b88921039d3de8376
Page 4 of 25
Back23456Next

File Archive:

September 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    2 Files
  • 2
    Sep 2nd
    21 Files
  • 3
    Sep 3rd
    0 Files
  • 4
    Sep 4th
    17 Files
  • 5
    Sep 5th
    34 Files
  • 6
    Sep 6th
    29 Files
  • 7
    Sep 7th
    11 Files
  • 8
    Sep 8th
    25 Files
  • 9
    Sep 9th
    0 Files
  • 10
    Sep 10th
    0 Files
  • 11
    Sep 11th
    26 Files
  • 12
    Sep 12th
    23 Files
  • 13
    Sep 13th
    17 Files
  • 14
    Sep 14th
    22 Files
  • 15
    Sep 15th
    16 Files
  • 16
    Sep 16th
    0 Files
  • 17
    Sep 17th
    0 Files
  • 18
    Sep 18th
    19 Files
  • 19
    Sep 19th
    60 Files
  • 20
    Sep 20th
    23 Files
  • 21
    Sep 21st
    15 Files
  • 22
    Sep 22nd
    8 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    17 Files
  • 26
    Sep 26th
    3 Files
  • 27
    Sep 27th
    13 Files
  • 28
    Sep 28th
    5 Files
  • 29
    Sep 29th
    12 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close