what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 19 of 19 RSS Feed

Files Date: 2013-09-02 to 2013-09-03

Zoom Telephonics Bypass / Traversal / Improper Handling
Posted Sep 2, 2013
Authored by Kyle Lovett

Five models of the Zoom Telephonics ADSL modem/router line suffers from authentication bypass, plain-text credential storage, improper handling, and traversal vulnerabilities.

tags | exploit, vulnerability, file inclusion, info disclosure
advisories | CVE-2013-5622, CVE-2013-5627, CVE-2013-5624, CVE-2013-5623, CVE-2013-5628, CVE-2013-5631, CVE-2013-5632, CVE-2013-5633, CVE-2013-5620, CVE-2013-5626, CVE-2013-5629, CVE-2013-5621, CVE-2013-5625, CVE-2013-5630
SHA-256 | 44c6fde6671c4ea90e34564c3f3a20d93c0520abfb5edcbfb3a4dc36ffa44802
WinArchiver 3.2 SEH Buffer Overflow
Posted Sep 2, 2013
Authored by Pedro Guillen Nunez, Miguel Angel de Castro Simon, Josep Pi Rodriguez

WinArchiver version 3.2 suffers from a SEH-based buffer overflow vulnerability.

tags | advisory, overflow
advisories | CVE-2013-5660
SHA-256 | 6e206a8a5bb2693cb96ef406b23482f125a2165e42334ccf58a79646e69b5217
Wiz 5.0.3 User Mode Write Access Violation
Posted Sep 2, 2013
Authored by Pedro Guillen Nunez, Miguel Angel de Castro Simon, Josep Pi Rodriguez

Wiz version 5.0.3 suffers from a user mode write access violation vulnerability.

tags | advisory
advisories | CVE-2013-5659
SHA-256 | 63d43930c87c789aa57942fdecbe974ffb10518802ad97ec2eb9eb227bbc7784
PWStore 2010.8.30.0 Cross Site Scripting / Denial Of Service
Posted Sep 2, 2013
Authored by Pedro Guillen Nunez, Miguel Angel de Castro Simon, Josep Pi Rodriguez

PWStore version 2010.8.30.0 suffers from cross site scripting and denial of service vulnerabilities.

tags | advisory, denial of service, vulnerability, xss
advisories | CVE-2013-5657, CVE-2013-5658
SHA-256 | 62cf2734ff3e28570fd22dd8b33efaa47690cdfc48bd30e61e0caf0cb757102d
FuzeZip 1.0 SEH Buffer Overflow
Posted Sep 2, 2013
Authored by Pedro Guillen Nunez, Miguel Angel de Castro Simon, Josep Pi Rodriguez

FuzeZip version 1.0.0.131625 suffers from a SEH based overflow and stack based overflow which is protected by stack cookies.

tags | advisory, overflow
advisories | CVE-2013-5656
SHA-256 | 7997f627ad9bdf3236c4f71c63ca741f2fbd67c404def236820282873b3f4e8d
Gentoo Linux Security Advisory 201309-03
Posted Sep 2, 2013
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201309-3 - A buffer overflow in Xlockmore might allow remote attackers to cause a Denial of Service. Versions less than 5.43 are affected.

tags | advisory, remote, denial of service, overflow
systems | linux, gentoo
advisories | CVE-2012-4524, CVE-2013-4143
SHA-256 | 2d2e1635de685f4eeb9f823a8bd416409c0a7b50e399a1de015ce15a464b0f89
Gentoo Linux Security Advisory 201309-02
Posted Sep 2, 2013
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201309-2 - Multiple vulnerabilities have been found in strongSwan, possibly allowing remote attackers to authenticate as other users or cause a Denial of Service condition. Versions less than 5.1.0 are affected.

tags | advisory, remote, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2013-2054, CVE-2013-2944, CVE-2013-5018
SHA-256 | e5de6a7527422acc9f93e2938d3bd572a9d0efb8c22e1b9eec52ad5f16412f47
Mandriva Linux Security Advisory 2013-225
Posted Sep 2, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-225 - Fixed one critical bug in the DDOC parsing routines. By persuading a victim to open a specially-crafted DDOC file, a remote attacker could exploit this vulnerability to overwrite arbitrary files on the system with the privileges of the victim.

tags | advisory, remote, arbitrary
systems | linux, mandriva
advisories | CVE-2013-5648
SHA-256 | 00eba3769f6c26bc880ee29f23ceca071d3246112c5eecfb48159db88d1cbb92
Mandriva Linux Security Advisory 2013-224
Posted Sep 2, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-224 - Pedro Ribeiro and Huzaifa S. Sidhpurwala discovered multiple vulnerabilities in various tools shipped by the tiff library. Processing a malformed file may lead to denial of service or the execution of arbitrary code.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, mandriva
advisories | CVE-2013-4244
SHA-256 | d884754430c6583ac8b007978378c6bbb0dc76a3035da478c1c21be20416bfc1
Debian Security Advisory 2749-1
Posted Sep 2, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2749-1 - Colin Cuthbertson and Walter Doekes discovered two vulnerabilities in the SIP processing code of Asterisk - an open source PBX and telephony toolkit -, which could result in denial of service.

tags | advisory, denial of service, vulnerability
systems | linux, debian
advisories | CVE-2013-5641, CVE-2013-5642
SHA-256 | 64f259e26777b4eda664b410ea07d6756308f234bf56cbd36c690cf8ae3a017c
Slackware Security Advisory - gnutls Updates
Posted Sep 2, 2013
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New gnutls packages are available for Slackware 14.0 and -current to fix a security issue.

tags | advisory
systems | linux, slackware
advisories | CVE-2013-1619
SHA-256 | d2c6387efc945856664a72d145fbc9931f3ccd30292ea3c12bdaae3ef265eb12
Palms 3.6 SQL Injection
Posted Sep 2, 2013
Authored by Hossein Hezami

Palms version 3.6 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 1aa5484c2a82ec54fceee98744da5fa88ea2ceb2c745fec53f6c55ac32c4dfad
Palms 3.6 Cross Site Scripting
Posted Sep 2, 2013
Authored by Hossein Hezami

Palms version 3.6 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 37feb0677c587aacff966cd6ffd579536af08f6c2fbd34c1ab9cf4ab479943bd
GNU Transport Layer Security Library 3.2.4
Posted Sep 2, 2013
Authored by Simon Josefsson, Nikos Mavrogiannopoulos | Site gnu.org

GnuTLS is a secure communications library implementing the SSL and TLS protocols and technologies around them. It provides a simple C language application programming interface (API) to access the secure communications protocols, as well as APIs to parse and write X.509, PKCS #12, OpenPGP, and other required structures. It is intended to be portable and efficient with a focus on security and interoperability.

Changes: This release adds the RSA-PSK key exchange method. It has fixes in session ticket handling and in server certificate request handling, as well as other minor fixes and updates.
tags | protocol, library
SHA-256 | 119570af3eb83b411252bf617688b9b9143e4349f48657b7ebaea57d90ff707f
Gentoo Linux Security Advisory 201309-01
Posted Sep 2, 2013
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201309-1 - A NULL pointer dereference in Cyrus-SASL may allow remote attackers to cause a Denial of Service condition. Versions less than 2.1.26-r3 are affected.

tags | advisory, remote, denial of service
systems | linux, gentoo
advisories | CVE-2013-4122
SHA-256 | ab968551f4e15425cd83161245fa5213284ec0cc8224de16f469841985abbc43
Debian Security Advisory 2740-2
Posted Sep 2, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2740-2 - The wheezy part of the previous python-django update, DSA-2740-1, was incorrectly built and did not include all legacy symbolic links for the jquery Javascript library.

tags | advisory, javascript, python
systems | linux, debian
SHA-256 | 5e6816e5fa58781c3179ef4898e51fdfb7c6d1502467e3f7e26f061403e6e395
Debian Security Advisory 2748-1
Posted Sep 2, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2748-1 - Several denial-of-service vulnerabilities were discovered in the dcraw code base, a program for processing raw format images from digital cameras. This update corrects them in the copy that is embedded in the exactimage package.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2013-1438
SHA-256 | c9a0cab3e1f4a48b9b65d8a6dcb658b1a312ef348d95a3a39a6d4b3d5beb124d
WordPress IndiaNIC Testimonial 2.2 XSS / CSRF / SQL Injection
Posted Sep 2, 2013
Authored by RogueCoder

WordPress IndiaNIC Testimonial plugin version 2.2 suffers from cross site request forgery, cross site scripting, and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection, csrf
SHA-256 | 8a114d95eee5f58c8d052e9c08a3ac6cd312a696abb9a3f300be085897e9b1e3
Packet Storm New Exploits For August, 2013
Posted Sep 2, 2013
Authored by Todd J. | Site packetstormsecurity.com

This archive contains all of the 191 exploits added to Packet Storm in August, 2013.

tags | exploit
systems | linux
SHA-256 | 058cdd9ee708055a538eca696d3d41f58b70c1432ccddd8b82e1c322ee38d708
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close