what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 15 of 15 RSS Feed

Files Date: 2013-04-18 to 2013-04-19

Fork CMS Local File Inclusion
Posted Apr 18, 2013
Authored by Rafay Baloch

Fork CMS suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
SHA-256 | dc9c3676bed4b6dd47b65dcd79362c247ada9470a4af9cb6c2e29524e8645942
Fork CMS Cross Site Request Forgery
Posted Apr 18, 2013
Authored by Rafay Baloch

Fork CMS suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | b1f5869ab5f633d45b74847ab258441ea7cf30e564f771344d4b1c00f8ba8c27
Fork CMS Cross Site Scripting
Posted Apr 18, 2013
Authored by Rafay Baloch

Fork CMS suffers from a stored cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 8c5fae34f52db9b2663429d8f941353d9efee87ca897544f51278843d7e9d2b8
SWFUpload CSRF / XSS / Object Injection
Posted Apr 18, 2013
Authored by KedAns-Dz

SWFUpload suffers from cross site scripting, cross site request forgery, and object injection vulnerabilities.

tags | exploit, vulnerability, xss, csrf
SHA-256 | 88f9aac6098d0e3258845fe60905a4307536ba1d86078b4b59c2122b60d3ea28
Oracle Java JavaFX Video Frame Decoding Remote Heap Overflow
Posted Apr 18, 2013
Authored by Florent Hochwelker | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Oracle Java. The vulnerability is caused by a heap overflow error within the JavaFX component when decoding certain video frames, which could be exploited by remote attackers to compromise a vulnerable system via a malicious web page.

tags | advisory, java, remote, web, overflow
SHA-256 | a2eb4b5d305a7ac6991835ccb5811297e7d48909f1c506568314ba2a5970316c
Matrix42 Service Store 5.3 SP3 Cross Site Scripting
Posted Apr 18, 2013
Authored by 43zsec

Matrix42 Service Store version 5.3 SP3 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | d431e07e2090b3ecb928537ec9c68ab0d5ece0d754b16cb65ebe58d7828b3216
Technical Cyber Security Alert 2013-107A
Posted Apr 18, 2013
Authored by US-CERT | Site us-cert.gov

Technical Cyber Security Alert 2013-107A - Oracle has released a Critical Patch Update (CPU) for Java SE. Oracle strongly recommends that customers apply CPU fixes as soon as possible.

tags | advisory, java
SHA-256 | 2bc33c1159b0fcbf4383d5702e542342e6335e5d00c4f2e7df5b6d43cc1a63a6
Intercepter Sniffer 0.9.7
Posted Apr 18, 2013
Authored by Ares | Site sniff.su

Intercepter is a sniffer that offers various capabilities including sniffing for password hashes related to ICQ/IRC/AIM/FTP/IMAP/POP3/SMTP/LDAP/BNC/SOCKS/HTTP/WWW/NNTP/CVS/TELNET/MRA/DC++/VNC/MYSQL and ORACLE. It also sniffs ICQ/AIM/JABBER/YAHOO/MSN/GADU-GADU/IRC and MRA protocols. It has a built-in arp poisoning module, can change MAC addresses of LAN adapters, and has various other interesting functionality.

Changes: New versions provides the ability to sniff the login and password of the target user that connects to SSH server and intercepts the session data such as commands.
tags | tool, web, sniffer, imap, protocol
SHA-256 | a7eeb7f0852c3f890b1cf069da1c6007331be8b19ddd6ca7025e8cfe208f0861
Free Float FTP Server USER Command Buffer Overflow
Posted Apr 18, 2013
Authored by D35m0nd142 | Site metasploit.com

Freefloat FTP Server is prone to an overflow condition. It fails to properly sanitize user-supplied input resulting in a stack-based buffer overflow. With a specially crafted 'USER' command, a remote attacker can potentially have an unspecified impact.

tags | exploit, remote, overflow
advisories | OSVDB-69621
SHA-256 | 9b812ca885b40a06ed5af29596e9d126320a1646dbcbe6be64b5c81887642462
Cisco Security Advisory 20130417-nac
Posted Apr 18, 2013
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Cisco Network Admission Control (NAC) Manager contains a vulnerability that could allow an unauthenticated remote attacker to execute arbitrary code and take full control of the vulnerable system. A successful attack could allow an unauthenticated attacker to access, create or modify any information in the NAC Manager database. Cisco has released free software updates that address this vulnerability. There are no workarounds for this vulnerability.

tags | advisory, remote, arbitrary
systems | cisco
SHA-256 | 0b2fd9431ac6f3023d470247efac603d079d9cd4168dd50bc6a519460459b72f
SI6 Networks' IPv6 Toolkit 1.3.4
Posted Apr 18, 2013
Authored by Fernando Gont

This toolkit houses various IPv6 tools that have been tested to compile and run on Debian GNU/Linux 6.0, FreeBSD 9.0, NetBSD 5.1, OpenBSD 5.0, Mac OS 10.8.0, and Ubuntu 11.10.

Changes: IPv6-host tracking support in the scan6 tool. A new tool, address6, to analyze IPv6 addresses. Minor bug fixes.
tags | tool
systems | linux, netbsd, unix, freebsd, openbsd, debian, ubuntu
SHA-256 | 75ff27cd30407cd57f35a7646b82e6fede9cfc7e1fac089b3da43e547424af48
Ubuntu Security Notice USN-1803-1
Posted Apr 18, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1803-1 - It was discovered that the X.Org X server did not properly clear input events in certain circumstances. A local attacker with physical access could use this flaw to capture keystrokes.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2013-1940
SHA-256 | 0a8fc43b37e93e1260e0124d3f96f99613c73e4adbc0f22dda8909721d36cfa6
Debian Security Advisory 2661-1
Posted Apr 18, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2661-1 - David Airlie and Peter Hutterer of Red Hat discovered that xorg-server, the Xorg X server was vulnerable to an information disclosure flaw related to input handling and devices hotplug.

tags | advisory, info disclosure
systems | linux, redhat, debian
advisories | CVE-2013-1940
SHA-256 | ddec4e210a037caeffbc9a414e249bc38399f5e30f17b1044f4ffdad14f56b69
Red Hat Security Advisory 2013-0753-01
Posted Apr 18, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0753-01 - The IcedTea-Web project provides a Java web browser plug-in and an implementation of Java Web Start, which is based on the Netx project. It also contains a configuration tool for managing deployment settings for the plug-in and Web Start implementations. It was discovered that the IcedTea-Web plug-in incorrectly used the same class loader instance for applets with the same value of the codebase attribute, even when they originated from different domains. A malicious applet could use this flaw to gain information about and possibly manipulate applets from different domains currently running in the browser.

tags | advisory, java, web
systems | linux, redhat
advisories | CVE-2013-1926, CVE-2013-1927
SHA-256 | c1ce692c1521d0837522bfb3b37e40034340611dd97379e2d399b43394575abe
Red Hat Security Advisory 2013-0752-01
Posted Apr 18, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0752-01 - These packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Software Development Kit. Multiple flaws were discovered in the font layout engine in the 2D component. An untrusted Java application or applet could possibly use these flaws to trigger Java Virtual Machine memory corruption. Multiple improper permission check issues were discovered in the Beans, Libraries, JAXP, and RMI components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2013-0401, CVE-2013-1488, CVE-2013-1518, CVE-2013-1537, CVE-2013-1557, CVE-2013-1558, CVE-2013-1569, CVE-2013-2383, CVE-2013-2384, CVE-2013-2415, CVE-2013-2417, CVE-2013-2419, CVE-2013-2420, CVE-2013-2421, CVE-2013-2422, CVE-2013-2423, CVE-2013-2424, CVE-2013-2426, CVE-2013-2429, CVE-2013-2430, CVE-2013-2431, CVE-2013-2436
SHA-256 | 41d947531ed3d252e75fac4e4c2beb0c11832cfe342063df05ef1bf45c210ec0
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close