all things security
Showing 1 - 16 of 16 RSS Feed

Files Date: 2013-07-10 to 2013-07-11

Red Hat Security Advisory 2013-1041-01
Posted Jul 10, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1041-01 - Red Hat JBoss Web Framework Kit combines popular open source web frameworks into a single solution for Java applications. This release serves as a replacement for Red Hat JBoss Web Framework Kit 2.2.0, and includes bug fixes and enhancements.

tags | advisory, java, web
systems | linux, redhat
advisories | CVE-2013-2165
MD5 | 5081d41468f2b608f9bbf3f83583d5b7
Drupal Stage File Proxy 7.x Denial Of Service
Posted Jul 10, 2013
Authored by Mike Carper | Site drupal.org

Drupal Stage File Proxy third party module version 7.x suffers from a denial of service vulnerability.

tags | advisory, denial of service
MD5 | e54be617e62c2e8564ddbcfbbaea11a0
Adobe Reader 11.0.03 Insecure Third Party Components
Posted Jul 10, 2013
Authored by Stefan Kanthak

Adobe Reader version 11.0.03 installs multiple vulnerable third party components.

tags | advisory
MD5 | cd71fe44025412b986ed0da8790fef74
Drupal Hatch 7.x Cross Site Scripting
Posted Jul 10, 2013
Authored by Daniel Nitsche | Site drupal.org

Drupal Hatch third party theme version 7.x suffers from a cross site scripting vulnerability.

tags | advisory, xss
MD5 | b46e3f0ff3aebba770b8c5648150dfdf
Slackware Security Advisory - dbus Updates
Posted Jul 10, 2013
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New dbus packages are available for Slackware 14.0, and -current to fix a security issue. Related CVE Numbers: CVE-2013-2168.

tags | advisory
systems | linux, slackware
advisories | CVE-2013-2168
MD5 | 469aef0022f87af6fc522e8ca23ecead
Red Hat Security Advisory 2013-1035-01
Posted Jul 10, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1035-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update fixes three vulnerabilities in Adobe Flash Player. These vulnerabilities are detailed in the Adobe Security bulletin APSB13-17, listed in the References section. Specially-crafted SWF content could cause flash-plugin to crash or, potentially, execute arbitrary code when a victim loads a page containing the malicious SWF content. All users of Adobe Flash Player should install this updated package, which upgrades Flash Player to version 11.2.202.297.

tags | advisory, web, arbitrary, vulnerability
systems | linux, redhat
advisories | CVE-2013-3344, CVE-2013-3345, CVE-2013-3347
MD5 | ee29e7d59006e7e79bb89af8d5292f2b
Red Hat Security Advisory 2013-1034-01
Posted Jul 10, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1034-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Information leaks in the Linux kernel could allow a local, unprivileged user to leak kernel memory to user-space. An information leak was found in the Linux kernel's POSIX signals implementation. A local, unprivileged user could use this flaw to bypass the Address Space Layout Randomization security feature.

tags | advisory, kernel, local
systems | linux, redhat, osx
advisories | CVE-2012-6544, CVE-2012-6545, CVE-2013-0914, CVE-2013-1929, CVE-2013-3222, CVE-2013-3224, CVE-2013-3231, CVE-2013-3235
MD5 | 3357cd43c90176eff26b5e83907cf11d
Harvesting Phone Numbers Using Facebook And Yahoo
Posted Jul 10, 2013
Authored by Saurabh Sharma

This is an interesting write up which shows how a lack of standards between Internet giants can lead to the divulging of a person's phone number providing you know their login id and try out the forgotten password flow.

tags | paper
MD5 | 53b4e6704ca44c94b1044690282cffa5
Cisco Linksys E1200 / N300 Cross Site Scripting
Posted Jul 10, 2013
Authored by Carl Benedict

Cisco Linksys E1200 and N300 devices suffer from a cross site scripting vulnerability.

tags | exploit, xss
systems | cisco
advisories | CVE-2013-2679
MD5 | 786f947a05754626e5a1be8f8f948b62
Project Pier 0.8.8 XSS / Insecure Cookies
Posted Jul 10, 2013
Authored by Carl Benedict

Project Pier version 0.8.8 suffers from cross site scripting and cookies that fail to set HttpOnly and Secure flags.

tags | exploit, xss
advisories | CVE-2013-3635, CVE-2013-3636, CVE-2013-3637
MD5 | 4f47e7c8d52c9c7111f35056d968181a
HP Security Bulletin HPSBST02896
Posted Jul 10, 2013
Authored by HP | Site hp.com

HP Security Bulletin HPSBST02896 - A potential security vulnerability has been identified with the HP StoreVirtual Storage. This vulnerability could be remotely exploited to gain unauthorized access to the device. All HP StoreVirtual Storage systems are equipped with a mechanism that allows HP support to access the underlying operating system if permission and access is provided by the customer. This functionality cannot be disabled today. HP has acknowledged this vulnerability and will provide a patch that will allow customers to disable the support access mechanism on or before July 17, 2013. HP StoreVirtual products are storage appliances that use a custom operating system, LeftHand OS, which is not accessible to the end user. Limited access is available to the user via the HP StoreVirtual Command-Line Interface (CLiQ) however root access is blocked. Root access may be requested by HP Support in some cases to help customers resolve complex support issues. To facilitate these cases, a challenge-response-based one-time password utility is employed by HP Support to gain root access to systems when the customer has granted permission and network access to the system. The one-time password utility protects the root access to prevent repeated access to the system with the same pass phrase. Root access to the LeftHand OS does not provide access to the user data being stored on the system. Revision 1 of this advisory.

tags | advisory, root
advisories | CVE-2013-2352
MD5 | cd7c46f395a9bb989fbe9457d6325b28
Jolix Media Player 1.1.0 Denial Of Service
Posted Jul 10, 2013
Authored by IndonesiaGokilTeam

Jolix Media Player version 1.1.0 suffers from a denial of service vulnerability.

tags | exploit, denial of service
MD5 | 65a36d7ebf467996428b3266e9936ae7
vBulletin Advanced User Tagging Cross Site Scripting
Posted Jul 10, 2013
Authored by []0iZy5

The vBulletin Advanced User Tagging module suffers from a stored cross site scripting vulnerability.

tags | exploit, xss
MD5 | 8e61473e1ebd025bd286810d021e02df
iVote 1.0.0 SQL Injection
Posted Jul 10, 2013
Authored by Ashiyane Digital Security Team

iVote version 1.0.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 95fe2e562632df55c25b3939d3d7760e
vBulletin vBShout Cross Site Scripting
Posted Jul 10, 2013
Authored by []0iZy5

The vBulletin vBShout module suffers from a stored cross site scripting vulnerability.

tags | exploit, xss
MD5 | ebcf98a0f2c4e1a68443ecd9db3545d3
Red Hat Security Advisory 2013-1029-01
Posted Jul 10, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1029-01 - Fuse MQ Enterprise, based on Apache ActiveMQ, is a standards compliant messaging system that is tailored for use in mission critical applications. This release of Fuse MQ Enterprise 7.1.0 roll up patch 1 is an update to Fuse MQ Enterprise 7.1.0 and includes bug fixes.

tags | advisory
systems | linux, redhat
advisories | CVE-2012-6092, CVE-2012-6551, CVE-2013-1879, CVE-2013-1880, CVE-2013-2035, CVE-2013-3060
MD5 | 245cc28c094a2b2a85ab2e6ec34c4f97
Page 1 of 1
Back1Next

File Archive:

July 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    2 Files
  • 2
    Jul 2nd
    3 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    4 Files
  • 5
    Jul 5th
    15 Files
  • 6
    Jul 6th
    15 Files
  • 7
    Jul 7th
    10 Files
  • 8
    Jul 8th
    2 Files
  • 9
    Jul 9th
    10 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    15 Files
  • 12
    Jul 12th
    19 Files
  • 13
    Jul 13th
    16 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    3 Files
  • 16
    Jul 16th
    2 Files
  • 17
    Jul 17th
    8 Files
  • 18
    Jul 18th
    11 Files
  • 19
    Jul 19th
    15 Files
  • 20
    Jul 20th
    11 Files
  • 21
    Jul 21st
    4 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close