what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 20 of 20 RSS Feed

Files Date: 2013-05-15 to 2013-05-16

Cisco Security Advisory 20130515-mse
Posted May 15, 2013
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Cisco TelePresence Supervisor MSE 8050 contains a vulnerability that may allow an unauthenticated, remote attacker to cause high CPU utilization and a reload of the affected system. Cisco has released free software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available.

tags | advisory, remote
systems | cisco
SHA-256 | d3e0d64b63c54ba0469aee4fa42dcf5ff5e60f7199f5afeb129bba00e9374e17
Red Hat Security Advisory 2013-0827-01
Posted May 15, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0827-01 - Openswan is a free implementation of Internet Protocol Security and Internet Key Exchange. IPsec uses strong cryptography to provide both authentication and encryption services. These services allow you to build secure tunnels through untrusted networks. When using Opportunistic Encryption, Openswan's pluto IKE daemon requests DNS TXT records to obtain public RSA keys of itself and its peers. A buffer overflow flaw was found in Openswan. If Opportunistic Encryption were enabled and an RSA key configured, an attacker able to cause a system to perform a DNS lookup for an attacker-controlled domain containing malicious records could cause Openswan's pluto IKE daemon to crash or, potentially, execute arbitrary code with root privileges. With "oe=yes" but no RSA key configured, the issue can only be triggered by attackers on the local network who can control the reverse DNS entry of the target system. Opportunistic Encryption is disabled by default.

tags | advisory, overflow, arbitrary, local, root, protocol
systems | linux, redhat
advisories | CVE-2013-2053
SHA-256 | 12cb976f5b69697a894c31503bb551690955b213858c4fa51b009f265a8d5326
Technical Cyber Security Alert 2013-134A
Posted May 15, 2013
Authored by US-CERT | Site us-cert.gov

Technical Cyber Security Alert 2013-134A - Select Microsoft software products contain multiple vulnerabilities. Microsoft has released updates to address these vulnerabilities.

tags | advisory, vulnerability
SHA-256 | 7714de8bb2671df1b661588d6aa17bc3ff066a21e79b5bb65dcefbf463b2b1e0
Drupal Google Authenticator Login 6.x / 7.x Access Bypass
Posted May 15, 2013
Authored by Ivo Van Geertruyen, Lode Vanstechelman | Site drupal.org

Drupal Google Authenticator Login versions 6.x and 7.x suffer from a couple of access bypass vulnerabilities.

tags | advisory, vulnerability
SHA-256 | 4fd844692eef3b5dbeab476ca9dc4f7e5099320e7f716570b6a7e73f12930035
Mandriva Linux Security Advisory 2013-165
Posted May 15, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-165 - Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code. Security researcher Cody Crews reported a method to call a content level constructor that allows for this constructor to have chrome privileged access. This affects chrome object wrappers and allows for write actions on objects when only read actions should be allowed. This can lead to cross-site scripting attacks. Various other issues have also been addressed.

tags | advisory, arbitrary, xss
systems | linux, mandriva
advisories | CVE-2013-0801, CVE-2013-1670, CVE-2013-1674, CVE-2013-1675, CVE-2013-1676, CVE-2013-1677, CVE-2013-1678, CVE-2013-1679, CVE-2013-1680, CVE-2013-1681
SHA-256 | 6813ee081c57ba799f2853ae698c47af47848d549fc213a9c911e753605181ee
Ubuntu Security Notice USN-1828-1
Posted May 15, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1828-1 - An flaw was discovered in the Linux kernel's perf_events interface. A local user could exploit this flaw to escalate privileges on the system.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2013-2094
SHA-256 | fd37035618e80606f4668e9c073a2afa7344c987b9afdf487036c675526a79ba
Red Hat Security Advisory 2013-0826-01
Posted May 15, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0826-01 - Adobe Reader allows users to view and print documents in Portable Document Format. This update fixes multiple security flaws in Adobe Reader. A specially-crafted PDF file could cause Adobe Reader to crash or, potentially, execute arbitrary code as the user running Adobe Reader when opened.

tags | advisory, arbitrary
systems | linux, redhat
advisories | CVE-2013-2549, CVE-2013-2718, CVE-2013-2719, CVE-2013-2720, CVE-2013-2721, CVE-2013-2722, CVE-2013-2723, CVE-2013-2724, CVE-2013-2725, CVE-2013-2726, CVE-2013-2727, CVE-2013-2729, CVE-2013-2730, CVE-2013-2731, CVE-2013-2732, CVE-2013-2733, CVE-2013-2734, CVE-2013-2735, CVE-2013-2736, CVE-2013-2737, CVE-2013-3337, CVE-2013-3338, CVE-2013-3339, CVE-2013-3340, CVE-2013-3341
SHA-256 | 3abd73f01e78888390ff9f7748d746e37f079e3b4cd03d89b9ea8f7acdd4d1b1
SSH User Code Execution
Posted May 15, 2013
Authored by Spencer McIntyre | Site metasploit.com

This Metasploit module utilizes a stager to upload a base64 encoded binary which is then decoded, chmod'ed and executed from the command shell.

tags | exploit, shell
advisories | CVE-1999-0502
SHA-256 | 4e828bd76fd9d92b7193f91ff6cdf47c21ab888c351730fc0b672b1bdfa5d5fb
Ubuntu Security Notice USN-1827-1
Posted May 15, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1827-1 - An flaw was discovered in the Linux kernel's perf_events interface. A local user could exploit this flaw to escalate privileges on the system.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2013-2094
SHA-256 | d084c927d37fa7856a86a1c67d0cb08ce49025ed4b65ba08c08ee16befb718f3
Ubuntu Security Notice USN-1826-1
Posted May 15, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1826-1 - An flaw was discovered in the Linux kernel's perf_events interface. A local user could exploit this flaw to escalate privileges on the system.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2013-2094
SHA-256 | 48f6afef383991ac79f1dbdacf15e1d7e2ad5d5db8a458e6f8e361b6505c3ccb
Ubuntu Security Notice USN-1825-1
Posted May 15, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1825-1 - An flaw was discovered in the Linux kernel's perf_events interface. A local user could exploit this flaw to escalate privileges on the system.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2013-2094
SHA-256 | f288e8151e0a1203f7ac5f4deed6ee57292f26d67ab3ed7e7e441bc75e05c650
Debian Security Advisory 2668-1
Posted May 15, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2668-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service, information leak or privilege escalation.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, debian
advisories | CVE-2012-2121, CVE-2012-3552, CVE-2012-4461, CVE-2012-4508, CVE-2012-6537, CVE-2012-6539, CVE-2012-6540, CVE-2012-6542, CVE-2012-6544, CVE-2012-6545, CVE-2012-6546, CVE-2012-6548, CVE-2012-6549, CVE-2013-0349, CVE-2013-0914, CVE-2013-1767, CVE-2013-1773, CVE-2013-1774, CVE-2013-1792, CVE-2013-1796, CVE-2013-1798, CVE-2013-1826, CVE-2013-1860, CVE-2013-1928, CVE-2013-1929, CVE-2013-2015, CVE-2013-2634, CVE-2013-3222
SHA-256 | f66b5875b109e5f665558463b3f9c59ae0cb8985c108bda014534f43c51d2b5f
HP Security Bulletin HPSBUX02859 SSRT101144 3
Posted May 15, 2013
Authored by HP | Site hp.com

HP Security Bulletin HPSBUX02859 SSRT101144 3 - A potential security vulnerability has been identified with HP-UX running XNTP. The vulnerability could be exploited remotely to create a Denial of Service (DoS) or execute arbitrary code. Revision 3 of this advisory.

tags | advisory, denial of service, arbitrary
systems | hpux
advisories | CVE-2009-0159, CVE-2009-3563
SHA-256 | 97b32abdd8e39e1e5b9feabde6030395b429177c1152753dcdf6fc4a860b318b
Ubuntu Security Notice USN-1824-1
Posted May 15, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1824-1 - Mathias Krause discovered an information leak in the Linux kernel's ISO 9660 CDROM file system driver. A local user could exploit this flaw to examine some of the kernel's heap memory. Mathias Krause discovered a flaw in xfrm_user in the Linux kernel. A local attacker with NET_ADMIN capability could potentially exploit this flaw to escalate privileges. A buffer overflow was discovered in the Linux Kernel's USB subsystem for devices reporting the cdc-wdm class. A specially crafted USB device when plugged-in could cause a denial of service (system crash) or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, overflow, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2012-6549, CVE-2013-1826, CVE-2013-1860, CVE-2013-1928, CVE-2013-2634, CVE-2012-6549, CVE-2013-1826, CVE-2013-1860, CVE-2013-1928, CVE-2013-2634
SHA-256 | 61cfd0da9e862caf667f2f7231d0b4d0ff7b68b7c6ba016808af14830d2d8422
Red Hat Security Advisory 2013-0825-01
Posted May 15, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0825-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update fixes multiple vulnerabilities in Adobe Flash Player. Specially-crafted SWF content could cause flash-plugin to crash or, potentially, execute arbitrary code when a victim loads a page containing the malicious SWF content.

tags | advisory, web, arbitrary, vulnerability
systems | linux, redhat
advisories | CVE-2013-2728, CVE-2013-3324, CVE-2013-3325, CVE-2013-3326, CVE-2013-3327, CVE-2013-3328, CVE-2013-3329, CVE-2013-3330, CVE-2013-3331, CVE-2013-3332, CVE-2013-3333, CVE-2013-3334, CVE-2013-3335
SHA-256 | 01dec1cb5d084648b494fcf4bf54146c495a5122490837b9ad92a8a177d8b1ea
Exponent CMS 2.2.0 Beta 3 LFI / SQL Injection
Posted May 15, 2013
Authored by High-Tech Bridge SA | Site htbridge.com

Exponent CMS version 2.2.0 beta 3 suffers from local file inclusion and remote SQL injection vulnerabilities.

tags | exploit, remote, local, vulnerability, sql injection, file inclusion
advisories | CVE-2013-3294, CVE-2013-3295
SHA-256 | c66432c06b6aeb8a14da0a5432997dffbde3bde7c22f8d34fad4191d2231131f
Quick Search 1.1.0.189 Buffer Overflow
Posted May 15, 2013
Authored by ariarat

Quick Search version 1.1.0.189 suffers from a buffer overflow vulnerability.

tags | exploit, overflow
SHA-256 | 14d59285c5ed109c4f6adeede8aa3624a3d43932eb94e78755c80a7b5a59e49d
Serva 32 TFTP 2.1.0 Denial Of Service
Posted May 15, 2013
Authored by Sapling

Serva 32 TFTP version 2.1.0 suffers from a buffer overflow that can lead to a denial of service vulnerability.

tags | exploit, denial of service, overflow
SHA-256 | 4e83b6cf9a0c72de0168d68fecbe328e506b687a9e335e93fd3f94d0fb79a278
WordPress wp-FileManager File Download
Posted May 15, 2013
Authored by ByEge

WordPress wp-FileManager plugin suffers from an arbitrary file download vulnerability.

tags | exploit, arbitrary, info disclosure
SHA-256 | 8dda5da2f213f0a8dcb61d7c80170b9f2a240cf5074032ff8c683bf0160e4594
Kloxo 6.1.12 Privilege Escalation
Posted May 15, 2013
Authored by juan vazquez, HTP | Site metasploit.com

Kloxo versions 6.1.12 and below contain two setuid root binaries. lxsuexec and lxrestart allow local privilege escalation to root from uid 48, Apache by default on CentOS 5.8, the operating system supported by Kloxo. This Metasploit module has been tested successfully with Kloxo 6.1.12 and 6.1.6.

tags | exploit, local, root
systems | linux, centos
SHA-256 | a70607f00778f48b03ab7e80bcb005fc5ae1a0f4e784ea6219b2ca83f16982c7
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close