exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 26 - 50 of 400 RSS Feed

Files Date: 2013-10-01 to 2013-10-31

Red Hat Security Advisory 2013-1460-01
Posted Oct 29, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1460-01 - The rhev-hypervisor6 package provides a Red Hat Enterprise Virtualization Hypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor is a dedicated Kernel-based Virtual Machine hypervisor. It includes everything necessary to run and manage virtual machines: A subset of the Red Hat Enterprise Linux operating environment and the Red Hat Enterprise Virtualization Agent. Note: Red Hat Enterprise Virtualization Hypervisor is only available for the Intel 64 and AMD64 architectures with virtualization extensions. Upgrade Note: If you upgrade the Red Hat Enterprise Virtualization Hypervisor through the 3.2 Manager administration portal, the Host may appear with the status of "Install Failed". If this happens, place the host into maintenance mode, then activate it again to get the host back to an "Up" state

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2013-4282
SHA-256 | 43b8878126f2d8197447500e23a48bae3a714f62c8fe52e9b08b96ce1e28e43c
Apache / PHP Remote Command Execution
Posted Oct 29, 2013
Authored by noptrix | Site nullsecurity.net

Apache and PHP remote command execution exploit that leverages php5-cgi. Written in Python.

tags | exploit, remote, cgi, php, python
advisories | CVE-2012-1823
SHA-256 | e84173be8280a7b8f575e8f3452aec7371dc39379e8db2f2dff934de891370cd
Red Hat Security Advisory 2013-1476-01
Posted Oct 29, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1476-01 - Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to terminate unexpectedly or, potentially, execute arbitrary code with the privileges of the user running Firefox. It was found that the Firefox JavaScript engine incorrectly allocated memory for certain functions. An attacker could combine this flaw with other vulnerabilities to execute arbitrary code with the privileges of the user running Firefox.

tags | advisory, web, arbitrary, javascript, vulnerability
systems | linux, redhat
advisories | CVE-2013-5590, CVE-2013-5595, CVE-2013-5597, CVE-2013-5599, CVE-2013-5600, CVE-2013-5601, CVE-2013-5602, CVE-2013-5604
SHA-256 | 3c068c36e9c152a2f1a4ccdcdcc11b5f3b52e6eb75250554572367439033c82a
Red Hat Security Advisory 2013-1475-01
Posted Oct 29, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1475-01 - PostgreSQL is an advanced object-relational database management system. An array index error, leading to a heap-based out-of-bounds buffer read flaw, was found in the way PostgreSQL performed certain error processing using enumeration types. An unprivileged database user could issue a specially crafted SQL query that, when processed by the server component of the PostgreSQL service, would lead to a denial of service or disclosure of certain portions of server memory. A flaw was found in the way the pgcrypto contrib module of PostgreSQL initialized its internal random number generator. This could lead to random numbers with less bits of entropy being used by certain pgcrypto functions, possibly allowing an attacker to conduct other attacks.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2013-0255, CVE-2013-1900
SHA-256 | f016163d3aebfd09fc79cc341c042bd891dacb31ae347f0f6ee3492cc8ebf390
EMC NetWorker Information Disclosure
Posted Oct 29, 2013
Site emc.com

A vulnerability exists in EMC NetWorker that could allow exposure of sensitive information under specific circumstances. EMC NetWorker version 8.0.x is affected.

tags | advisory
advisories | CVE-2013-3285
SHA-256 | b065e24f0863cdfea51436716d40a59d9aba6197e39dffe532a7b7eaa0bf18e2
Olat CMS 7.8.0.1 Cross Site Scripting
Posted Oct 29, 2013
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

Olat CMS version 7.8.0.1 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 39f8f1c2c8222466efd3ca3ff8b44c69d993ead66bdbacc015256813cdc192dd
BlazeDVD 6.2 Buffer Overflow
Posted Oct 29, 2013
Authored by Mike Czumak

BlazeDVD version 6.2 SEH buffer overflow exploit that creates a malicious .plf file.

tags | exploit, overflow
SHA-256 | 0402fc513d6a45f0367fd4919f1fef0d3db1446cfc7c5861412a5c395ac44e6d
JBrute 0.97
Posted Oct 29, 2013
Authored by Gonzalo Camino

JBrute is a password cracking tool written in Java that uses both brute force and dictionary attack methodologies with a built-in rule pre-processor similar to John the Ripper. It supports several standard algorithms and several algorithms from proprietary applications (like Microsoft SQL Server, Oracle, SYBASE, and so on).

Changes: Various updates, bug fixes, and parameters added.
tags | tool, java, cracker
SHA-256 | b6c69e1f756b77729e18afd6c66c9ca1c8854466b8b9630deded0f3187f6bc73
ASUS RT-N13U Backdoor Account
Posted Oct 29, 2013
Authored by Shellster

The ASUS RT-N13U home router comes configured with an administrative root shell with a default password and is available via telnetd. Changing the password on the web interface does not remediate the issue.

tags | exploit, web, shell, root
SHA-256 | ecd490cdd8df6d6a8157d63cac98201e4d8df54dcb1b076013ed6fe6f001b466
Ops View Pre 4.4.1 Blind SQL Injection
Posted Oct 29, 2013
Authored by Jesus Oquendo

Ops View version pre 4.4.41 suffers from a remote blind SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2013-5694
SHA-256 | 92acf8e21feac8586d79811c350e5a6dedf7fd0f2d984f37157264df9d4b6078
sup Remote Command Execution
Posted Oct 29, 2013
Authored by joernchen

sup versions prior to 0.14.1.1 and prior to 0.13.2.1 suffer from an arbitrary command execution vulnerability via a forged content type of an email attachment.

tags | exploit, arbitrary
SHA-256 | 7f25065280e73ca0e7c1a1f6429061cd9ee6353dfc98cf483575c0a5d76a0da5
WordPress Curvo Shell Upload
Posted Oct 29, 2013
Authored by Byakuya

WordPress Curvo theme suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
SHA-256 | c265d8b2cc6ce8faadfecc0108e2b0d861d13d909118a052dac7b78a99e62f9f
GTX CMS 2013 Optima XSS / SQL Injection
Posted Oct 29, 2013
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

GTX CMS 2013 Optima suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
SHA-256 | 15b0c869a76223dd746013e56d764bd49329bdf34f6ac55cc179e1aaf8849e87
Google Play Billing Bypass
Posted Oct 29, 2013
Authored by Dominik Schurmann

All Google Play Billing Library 3 versions before Oct, 8 distributed via Android SDK and marketbilling on Googlecode are susceptible to impersonation and signature verification vulnerabilities.

tags | advisory, vulnerability, bypass
SHA-256 | f68f31523fe048d0a532378407c09820e34245d3b9aac37fc00b428562210019
WordPress MoneyTheme Cross Site Scripting / Shell Upload
Posted Oct 29, 2013
Authored by DevilScreaM

WordPress MoneyTheme suffers from cross site scripting and remote shell upload vulnerabilities.

tags | exploit, remote, shell, vulnerability, xss
SHA-256 | 118f2518be3ef83f488608e39f34988f8e8d867943df4d1309be1c8476a48492
GNU Transport Layer Security Library 3.2.5
Posted Oct 28, 2013
Authored by Simon Josefsson, Nikos Mavrogiannopoulos | Site gnu.org

GnuTLS is a secure communications library implementing the SSL and TLS protocols and technologies around them. It provides a simple C language application programming interface (API) to access the secure communications protocols, as well as APIs to parse and write X.509, PKCS #12, OpenPGP, and other required structures. It is intended to be portable and efficient with a focus on security and interoperability.

Changes: This release added new ciphersuites with Camellia, SHA2-256, and SHA2-384. A buffer overflow in the DANE library was corrected and several minor improvements were made.
tags | protocol, library
SHA-256 | c6fbcdcd32b2f38cca3bbfa10759556d66f4795ac6e6e50503f2ee5c08c081b7
Mandos Encrypted File System Unattended Reboot Utility 1.6.2
Posted Oct 28, 2013
Authored by Teddy | Site fukt.bsnet.se

The Mandos system allows computers to have encrypted root file systems and at the same time be capable of remote or unattended reboots. The computers run a small client program in the initial RAM disk environment which will communicate with a server over a network. All network communication is encrypted using TLS. The clients are identified by the server using an OpenPGP key that is unique to each client. The server sends the clients an encrypted password. The encrypted password is decrypted by the clients using the same OpenPGP key, and the password is then used to unlock the root file system.

Changes: A GnuTLS connection problem was finally fixed. A key generation bug that caused bad keys to be generated was also fixed
tags | tool, remote, root
systems | linux
SHA-256 | 6813d0b16b92618b0fef1b7fe92bb5a791828234de88360d218974919a608688
Nagios Looking Glass 1.1.0 Beta 2 Local File Inclusion
Posted Oct 28, 2013
Authored by Vyacheslav Egoshin

Nagios Looking Glass versions 1.1.0 beta 2 and below suffer from a local file inclusion vulnerability.

tags | advisory, local, file inclusion
SHA-256 | b559942ca1d79679b01289352c21da35b85fe34317420496d47a3ec476513f4a
MobileIron 4.5.4 Cross Site Scripting
Posted Oct 28, 2013
Authored by Marc Ruef, Pascal Schaufelberger

MobileIron version 4.5.4 suffers from a cross site scripting vulnerability in the device registration functionality.

tags | exploit, xss
SHA-256 | 0086a60987e5725b61729a566ad575d52c9d7f81ffe6150d619bb1da469fb747
ILIAS eLearning 4.3.4 / 4.4 Cross Site Scripting
Posted Oct 28, 2013
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

ILIAS eLearning CMS versions 4.3.4 and 4.4 suffer from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 59f2e84c3cc83759cdb50071ff2bddc46f93834010bcb679cfd619392d3bbd7d
WatchGuard Firewall XTM 11.7.4u1 Buffer Overflow Perl Exploit
Posted Oct 28, 2013
Authored by Jerome Nokin | Site funoverip.net

WatchGuard Firewall XTM version 11.7.4u1 suffers from a remote buffer overflow vulnerability in the handling of the sessionid cookie. This is the perl version of the exploit.

tags | exploit, remote, overflow, perl
advisories | CVE-2013-6021
SHA-256 | 45ceb4ca62ced50ff5102abdde412ea0e3161ebbaec885e97cd203a93e46c185
WatchGuard Firewall XTM 11.7.4u1 Buffer Overflow Metasploit Module
Posted Oct 28, 2013
Authored by st3n | Site funoverip.net

WatchGuard Firewall XTM version 11.7.4u1 suffers from a remote buffer overflow vulnerability in the handling of the sessionid cookie. This is the Metasploit module version of the exploit.

tags | exploit, remote, overflow
advisories | CVE-2013-6021
SHA-256 | 25e73d8a0ef4e8e0a8edf7728db4ae486de866a485e52d6b0401d2ff36d67792
Struts 2.3.15.3 Cross Site Scripting
Posted Oct 28, 2013
Authored by Nebula

Struts version 2.3.15.3 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | c6554f49acdc80a0d54e90157d4de1ee7f01933f3569c0eb965debf94761230d
Netgear ReadyNAS Remote Command Execution
Posted Oct 28, 2013
Authored by anonymous, Craig Young

Proof of concept exploit that demonstrates remote command execution on Netgear ReadyNAS.

tags | exploit, remote, proof of concept
SHA-256 | 7ae30b42d1addf06dce009c2571e44ead9195cf7589aebbb33dbd101756f76dd
Ops View Pre 4.4.1 Cross Site Scripting
Posted Oct 28, 2013
Authored by Jesus Oquendo

Ops View version pre 4.4.41 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2013-5695
SHA-256 | f03cc918c29800f4fb81785310e92c629c35a77aaa048713a3b86f607b6c1b59
Page 2 of 16
Back12345Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close