exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 26 RSS Feed

Files Date: 2013-09-04 to 2013-09-05

Red Hat Security Advisory 2013-1207-01
Posted Sep 4, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1207-01 - Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. This release serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.1.0, and includes bug fixes and enhancements.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2012-3499, CVE-2012-4558, CVE-2013-1862, CVE-2013-1896, CVE-2013-1921, CVE-2013-2172, CVE-2013-4112
SHA-256 | 5901122a41b3c707199dcef52f8fcc20b27be7396f67f5ee0ebd8627b1da4a1a
Red Hat Security Advisory 2013-1208-01
Posted Sep 4, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1208-01 - Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. This release serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.1.0, and includes bug fixes and enhancements.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2012-3499, CVE-2012-4558, CVE-2013-1862, CVE-2013-1896, CVE-2013-1921, CVE-2013-2172, CVE-2013-4112
SHA-256 | 4c67189dd2412944774f91813aa9f57e5d13eb719310378e25bc38718363f345
Red Hat Security Advisory 2013-1205-01
Posted Sep 4, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1205-01 - Red Hat Storage is a software only, scale-out storage solution that provides flexible and agile unstructured data storage for the enterprise. Multiple insecure temporary file creation flaws were found in Red Hat Storage server. A local user on the Red Hat Storage server could use these flaws to cause arbitrary files to be overwritten as the root user via a symbolic link attack. These issues were discovered by Gowrishankar Rajaiyan of Red Hat and Kurt Seifried of the Red Hat Security Response Team.

tags | advisory, arbitrary, local, root
systems | linux, redhat
advisories | CVE-2013-4157
SHA-256 | 5eb35eee4d9b8b779e4e6d73b1f9303211796f35dd5cda28b466dd6e52c7fd0e
Red Hat Security Advisory 2013-1206-01
Posted Sep 4, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1206-01 - Red Hat CloudForms Management Engine provides the insight, control, and automation needed to address the challenges of managing virtual environments. Multiple directory traversal flaws were found in Red Hat CloudForms Management Engine. A remote, unauthenticated attacker could use these flaws to upload arbitrary code, and have that code executed with root privileges on Red Hat CloudForms Management Engine. This issue was discovered by Ramon de C Valle of the Red Hat Product Security Team.

tags | advisory, remote, arbitrary, root
systems | linux, redhat
advisories | CVE-2013-2068
SHA-256 | 2bc27614554ec7c20993d7681d45769e0f61299b7f5d3d143fc1be8fadf472d8
Red Hat Security Advisory 2013-1204-01
Posted Sep 4, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1204-01 - HAProxy provides high availability, load balancing, and proxying for TCP and HTTP-based applications. A flaw was found in the way HAProxy handled requests when the proxy's configuration had certain rules that use the hdr_ip criterion. A remote attacker could use this flaw to crash HAProxy instances that use the affected configuration. In Red Hat OpenShift Enterprise, the HAProxy cartridge is added to your application when you select to have your application scaled.

tags | advisory, remote, web, tcp
systems | linux, redhat
advisories | CVE-2013-2175
SHA-256 | 87445996d9a6688eed4fd08e67fd8efc1c2900b43eb36d7630e20a0fea666ed8
Red Hat Security Advisory 2013-1203-01
Posted Sep 4, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1203-01 - RubyGems is the Ruby standard for publishing and managing third-party libraries. It was found that, when using RubyGems, the connection could be redirected from HTTPS to HTTP. This could lead to a user believing they are installing a gem via HTTPS, when the connection may have been silently downgraded to HTTP. It was found that RubyGems did not verify SSL connections. This could lead to man-in-the-middle attacks.

tags | advisory, web, ruby
systems | linux, redhat
advisories | CVE-2012-2125, CVE-2012-2126
SHA-256 | 98bd5acd03320da5d6dee11a77fed60af3d34bcc0358ced0aa99427404e73579
Red Hat Security Advisory 2013-1209-01
Posted Sep 4, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1209-01 - Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. This release serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.1.0, and includes bug fixes and enhancements.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2012-3499, CVE-2012-4558, CVE-2013-1862, CVE-2013-1896, CVE-2013-1921, CVE-2013-2172, CVE-2013-4112
SHA-256 | 6cf3bd895141886cd470faf254f2c7748848793a92e23f6c3eb202098f7fcb55
Packet Storm Advisory 2013-0903-1 - Apple Safari Heap Buffer Overflow
Posted Sep 4, 2013
Authored by Vitaliy Toropov | Site packetstormsecurity.com

A heap memory buffer overflow vulnerability exists within the WebKit's JavaScriptCore JSArray::sort(...) method. This method accepts the user-defined JavaScript function and calls it from the native code to compare array items. If this compare function reduces array length, then the trailing array items will be written outside the "m_storage->m_vector[]" buffer, which leads to the heap memory corruption. This finding was purchased through the Packet Storm Bug Bounty program.

tags | advisory, overflow, arbitrary, javascript, code execution, bug bounty, packet storm
systems | apple, osx, iphone, ios
advisories | CVE-2012-3748
SHA-256 | 84bd76ba4dce1e485a3431a2c7bbd07c262e86f184ca05e0931fac224f9ab746
Packet Storm Exploit 2013-0903-1 - Apple Safari Heap Buffer Overflow
Posted Sep 4, 2013
Authored by Vitaliy Toropov | Site packetstormsecurity.com

A heap memory buffer overflow vulnerability exists within the WebKit's JavaScriptCore JSArray::sort(...) method. The exploit for this vulnerability is javascript code which shows how to use it for memory corruption of internal JS objects (Unit32Array and etc.) and subsequent arbitrary code execution (custom ARM/x64 payloads can be pasted into the JS code). This exploit affects Apple Safari version 6.0.1 for iOS 6.0 and OS X 10.7/8. Earlier versions may also be affected. It was obtained through the Packet Storm Bug Bounty program.

tags | exploit, overflow, arbitrary, javascript, code execution, bug bounty, packet storm
systems | apple, osx, iphone, ios
advisories | CVE-2012-3748
SHA-256 | 14c94c8c5cb510aa3236b42b9618aa54726915b4e116afea229961e936fb158d
MS13-059 Microsoft Internet Explorer CFlatMarkupPointer Use-After-Free
Posted Sep 4, 2013
Authored by corelanc0d3r, sinn3r | Site metasploit.com

This is a memory corruption bug found in Microsoft Internet Explorer. On IE 9, it seems to only affect certain releases of mshtml.dll. For example: This Metasploit module can be used against version 9.0.8112.16446, but not for 9.0.8112.16421. IE 8 requires a different way to trigger the vulnerability, but not currently covered by this module. The issue is specific to the browser's IE7 document compatibility, which can be defined in X-UA-Compatible, and the content editable mode must be enabled. An "onmove" event handler is also necessary to be able to trigger the bug, and the event will be run twice before the crash. The first time is due to the position change of the body element, which is also when a MSHTML!CFlatMarkupPointer::`vftable' object is created during a "SelectAll" command, and this object will be used later on for the crash. The second onmove event seems to be triggered by a InsertButton (or Insert-whatever) command, which is also responsible for the free of object CFlatMarkupPointer during page rendering. The EnsureRecalcNotify() function will then still return an invalid reference to CFlatMarkupPointer (stored in EBX), and then passes this on to the next functions (GetLineInfo -> QIClassID). When this reference arrives in function QIClassID, an access violation finally occurs when the function is trying to call QueryInterface() with the bad reference, and this results a crash. Successful control of the freed memory may leverage arbitrary code execution under the context of the user. Note: It is also possible to see a different object being freed and used, doesn't always have to be CFlatMarkupPointer.

tags | exploit, arbitrary, code execution
advisories | CVE-2013-3184, OSVDB-96182
SHA-256 | c9fced33ed8b3ca4912bdf0536174294180b31d03023d16a997c87ccf960f2fd
HP LoadRunner lrFileIOService ActiveX WriteFileString Remote Code Execution
Posted Sep 4, 2013
Authored by juan vazquez, Brian Gorenc | Site metasploit.com

This Metasploit module exploits a vulnerability on the lrFileIOService ActiveX, as installed with HP LoadRunner 11.50. The vulnerability exists in the WriteFileString method, which allow the user to write arbitrary files. It's abused to drop a payload embedded in a dll, which is later loaded through the Init() method from the lrMdrvService control, by abusing an insecure LoadLibrary call. This Metasploit module has been tested successfully on IE8 on Windows XP. Virtualization based on the Low Integrity Process, on Windows Vista and 7, will stop this module because the DLL will be dropped to a virtualized folder, which isn't used by LoadLibrary.

tags | exploit, arbitrary, activex
systems | windows
advisories | CVE-2013-4798, OSVDB-95642
SHA-256 | 4190aaee2f0f7797aa2729616b04019ec0f364bcd4a09603637a82a20624f5f6
Kiwicon Seven Call For Papers
Posted Sep 4, 2013
Site kiwicon.org

Kiwicon Seven Call For Papers - This year Kiwicon will be held from November 9th through 10th, 2013 at the Opera House in Wellington, New Zealand.

tags | paper, conference
SHA-256 | 4f6f43514822d7432f2721e32c7f1839de33dab0b2718b8e17c27f4f87d81724
RSA Archer GRC 5.4 Open Redirect / Improper Restriction
Posted Sep 4, 2013
Site emc.com

RSA Archer GRC 5.4 platform contains fixes for security vulnerabilities that could potentially be exploited by malicious users to compromise the affected system. These include improper restriction of user login and an open redirect.

tags | advisory, vulnerability
advisories | CVE-2013-3276, CVE-2013-3277
SHA-256 | 20a38a39c53f806a3d8493e1e2c9b80d826f13eaf2beec9a5288eef7dcfe44a8
Red Hat Security Advisory 2013-1199-01
Posted Sep 4, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1199-01 - The openstack-nova packages provide OpenStack Compute, which provides services for provisioning, managing, and using virtual machine instances. It was found that the fixes for CVE-2013-1664 and CVE-2013-1665, released via RHSA-2013:0657, did not fully correct the issues in the Extensible Markup Language parser used by Nova. A remote attacker could use this flaw to send a specially-crafted request to a Nova API, causing Nova to consume an excessive amount of CPU and memory, or possibly crash.

tags | advisory, remote
systems | linux, redhat
advisories | CVE-2013-2256, CVE-2013-4179, CVE-2013-4185, CVE-2013-4261
SHA-256 | 48bd532988ffc4e333703861c5d49cbda2575ccba826e960fdadcb6c3ddb00a0
Red Hat Security Advisory 2013-1201-01
Posted Sep 4, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1201-01 - V8 is Google's open source JavaScript engine. A type confusion issue was found in the V8 JavaScript engine. An attacker could use this flaw to cause a denial of service or, potentially, execute arbitrary code. Note: Exploitation of this issue requires, at the least, execution of malicious JavaScript. In the standard use case of ruby193-v8 in Red Hat OpenStack it is unlikely that a scenario exists where this would occur. Users of ruby193-v8 are advised to upgrade to these updated packages, which correct this issue.

tags | advisory, denial of service, arbitrary, javascript
systems | linux, redhat
advisories | CVE-2013-2882
SHA-256 | dda3ef8eee7bef0bc7e192af4c4aa763a9211d0b13d45ef570f4accaa673c227
Red Hat Security Advisory 2013-1198-01
Posted Sep 4, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1198-01 - The openstack-cinder packages provide OpenStack Volume, which provides services to manage and access block storage volumes for use by virtual machine instances. It was found that the fixes for CVE-2013-1664 and CVE-2013-1665, released via RHSA-2013:0658, did not fully correct the issues in the Extensible Markup Language parser used by Cinder. A remote attacker could use this flaw to send a specially-crafted request to a Cinder API, causing Cinder to consume an excessive amount of CPU and memory, or possibly crash.

tags | advisory, remote
systems | linux, redhat
advisories | CVE-2013-4183, CVE-2013-4202
SHA-256 | bf0a9935b89a5e2ba5f94b642a5c64343167399e4f8f6e662d79e007bc99297b
Red Hat Security Advisory 2013-1200-01
Posted Sep 4, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1200-01 - The python-glanceclient package provides a client for the OpenStack Glance API. It was discovered that the Python Glance client did not properly check SSL certificates. An attacker could use this flaw to conduct man-in-the-middle attacks.

tags | advisory, python
systems | linux, redhat
advisories | CVE-2013-4111
SHA-256 | 8a471846aaba41d7cfe353f29d1130bf5901fd229e1be4bd25a6b0bd11e033c1
Red Hat Security Advisory 2013-1197-01
Posted Sep 4, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1197-01 - OpenStack Swift is a highly available, distributed, eventually consistent object/blob store. A denial of service flaw in OpenStack Swift allowed attackers to fill the object server with object tombstones. This could lead to subsequent requests from legitimate users taking an excessive amount of time. This issue was discovered by Peter Portante of Red Hat. All users of openstack-swift are advised to upgrade to these updated packages, which correct this issue. After installing this update, the OpenStack Swift services will be restarted automatically.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2013-4155
SHA-256 | 8b10a1abc86a724a376a3b6a3fe8c9f249eee7b14635d6647b660ff7b75c9c6d
Red Hat Security Advisory 2013-1195-01
Posted Sep 4, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1195-01 - Red Hat OpenStack 3.0 includes a custom Red Hat Enterprise Linux 6.4 kernel. These custom kernel packages include support for network namespaces, this support is required to facilitate advanced OpenStack Networking deployments. A flaw was found in the way the Linux kernel's Stream Control Transmission Protocol implementation handled duplicate cookies. If a local user queried SCTP connection information at the same time a remote attacker has initialized a crafted SCTP connection to the system, it could trigger a NULL pointer dereference, causing the system to crash.

tags | advisory, remote, kernel, local, protocol
systems | linux, redhat
advisories | CVE-2012-6544, CVE-2013-2146, CVE-2013-2206, CVE-2013-2224, CVE-2013-2232, CVE-2013-2237
SHA-256 | d5ef77e75670ebff030e7dddab7b389a3c95460ca7499a8cdc34edb9a49312f5
Red Hat Security Advisory 2013-1196-01
Posted Sep 4, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1196-01 - The Foreman packages provide facilities for rapidly deploying Red Hat OpenStack 3.0. These packages are provided as a Technology Preview. For more information on the scope and nature of support for items marked as Technology Preview, refer to https://access.redhat.com/support/offerings/techpreview/ A flaw was found in the API where insufficient privilege checks were conducted by the hosts controller, allowing any user with API access to control any host. A denial of service flaw was found in Foreman in the way user input was converted to a symbol. An authenticated user could create inputs that would lead to excessive memory consumption.

tags | advisory, web, denial of service
systems | linux, redhat
advisories | CVE-2013-4180, CVE-2013-4182
SHA-256 | ace03ac6c822c32d10672878283f671d20296faf2b7ffc77cdcc5a707e3a197a
Red Hat Security Advisory 2013-1193-01
Posted Sep 4, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1193-01 - JBoss Web is the web container, based on Apache Tomcat, in Red Hat JBoss Enterprise Application Platform. It provides a single deployment platform for the JavaServer Pages and Java Servlet technologies. A flaw was found in the way the DiskFileItem class handled NULL characters in file names. A remote attacker able to supply a serialized instance of the DiskFileItem class, which will be deserialized on a server, could use this flaw to write arbitrary content to any location on the server that is accessible to the user running the application server process.

tags | advisory, java, remote, web, arbitrary
systems | linux, redhat
advisories | CVE-2013-2185
SHA-256 | 1015edbe821c6e10452f4c776f4e796ed14ade7b37b51f99ee8072afb2a2d358
Red Hat Security Advisory 2013-1192-01
Posted Sep 4, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1192-01 - The Simple Protocol for Independent Computing Environments is a remote display protocol for virtual environments. SPICE users can access a virtualized desktop or server from the local system or any system with network access to the server. SPICE is used in Red Hat Enterprise Linux for viewing virtualized guests running on the Kernel-based Virtual Machine hypervisor or on Red Hat Enterprise Virtualization Hypervisors. A flaw was found in the way concurrent access to the clients ring buffer was performed in the spice-server library. A remote user able to initiate a SPICE connection to an application acting as a SPICE server could use this flaw to crash the application.

tags | advisory, remote, kernel, local, protocol
systems | linux, redhat
advisories | CVE-2013-4130
SHA-256 | 7f4b3e93d9d8909c46a3f1a38ae792c41223e25fe7076dbbfe59f229da3b0bbc
Red Hat Security Advisory 2013-1194-01
Posted Sep 4, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1194-01 - JBoss Web is the web container, based on Apache Tomcat, in Red Hat JBoss Enterprise Application Platform. It provides a single deployment platform for the JavaServer Pages and Java Servlet technologies. A flaw was found in the way the DiskFileItem class handled NULL characters in file names. A remote attacker able to supply a serialized instance of the DiskFileItem class, which will be deserialized on a server, could use this flaw to write arbitrary content to any location on the server that is accessible to the user running the application server process.

tags | advisory, java, remote, web, arbitrary
systems | linux, redhat
advisories | CVE-2013-2185
SHA-256 | 6f6d113bd6057b90caa24b61b15e39fadb34cbae8328babe5c75452e98647549
Debian Security Advisory 2750-1
Posted Sep 4, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2750-1 - Anton Kortunov reported a heap corruption in ImageMagick, a program collection and library for converting and manipulating image files. Crafted GIF files could cause ImageMagick to crash, potentially leading to arbitrary code execution.

tags | advisory, arbitrary, code execution
systems | linux, debian
advisories | CVE-2013-4298
SHA-256 | c117a7204fe133453799c4aacce5a1a414f7373f566200a07d89d84ace48ba67
DAVOSET 1.1.3
Posted Sep 4, 2013
Authored by MustLive

DAVOSET is a tool for committing distributed denial of service attacks using execution on other sites.

Changes: Cookie support added. Various other updates.
tags | denial of service
SHA-256 | 10d41aad71b7f29eaadbb288245f66fdd4a7a1d2f851b7485693f878deb86361
Page 1 of 2
Back12Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close