exploit the possibilities
Showing 1 - 17 of 17 RSS Feed

Files Date: 2013-11-19 to 2013-11-20

FreeBSD Security Advisory - OpenSSH AES-GCM Memory Corruption
Posted Nov 19, 2013
Site security.freebsd.org

FreeBSD Security Advisory - A memory corruption vulnerability exists in the post-authentication sshd process when an AES-GCM cipher (aes128-gcm@openssh.com or aes256-gcm@openssh.com) is selected during key exchange. If exploited, this vulnerability might permit code execution with the privileges of the authenticated user, thereby allowing a malicious user with valid credentials to bypass shell or command restrictions placed on their account.

tags | advisory, shell, code execution
systems | freebsd
advisories | CVE-2013-4548
SHA-256 | 878536e73df64b2ee9e3165866803aec2f9d6c286c5bb0c627ff2c9aed8e06fe
Mandriva Linux Security Advisory 2013-267
Posted Nov 19, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-267 - Updated java-1.7.0-openjdk packages fix security vulnerabilities. Multiple input checking flaws were found in the 2D component native image parsing code. Multiple improper permission check issues were discovered in the 2D, CORBA, JNDI, and Libraries components in OpenJDK. Various other issues have also been addressed.

tags | advisory, java, vulnerability
systems | linux, mandriva
advisories | CVE-2013-3829, CVE-2013-4002, CVE-2013-5772, CVE-2013-5774, CVE-2013-5778, CVE-2013-5780, CVE-2013-5782, CVE-2013-5783, CVE-2013-5784, CVE-2013-5790, CVE-2013-5797, CVE-2013-5800, CVE-2013-5802, CVE-2013-5803, CVE-2013-5804, CVE-2013-5809, CVE-2013-5814, CVE-2013-5817, CVE-2013-5820, CVE-2013-5823, CVE-2013-5825, CVE-2013-5829, CVE-2013-5830, CVE-2013-5838, CVE-2013-5840, CVE-2013-5842, CVE-2013-5849, CVE-2013-5850
SHA-256 | 8b32231f3be824fc65edd36c6c741a539c6f8764b9f0b2df3642c98ec0f554d7
EMC Document Sciences xPression XSS / CSRF / Redirect / SQL Injection
Posted Nov 19, 2013
Authored by Sertan Kolat, Omer Coskun | Site emc.com

EMC Document Sciences xPression suffers from cross site request forgery, cross site scripting, remote SQL injection, open redirect, and directory traversal vulnerabilities.

tags | advisory, remote, vulnerability, xss, sql injection, csrf
advisories | CVE-2013-6173, CVE-2013-6174, CVE-2013-6175, CVE-2013-6176, CVE-2013-6177
SHA-256 | e9ad599fa7aadd0343497f514a3525982b44b99c5dceb2b4c2ce1bfed295fcc7
Slackware Security Advisory - seamonkey Updates
Posted Nov 19, 2013
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New seamonkey packages are available for Slackware 14.0, 14.1, and -current to fix security issues.

tags | advisory
systems | linux, slackware
SHA-256 | a3301a042bc8d951719327c15f57d7d9ef9ae27d0ca6bb827933869ea6a87b72
Slackware Security Advisory - samba Updates
Posted Nov 19, 2013
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New samba packages are available for Slackware 14.0, 14.1, and -current to fix security issues. Related CVE Numbers: CVE-2013-4475,CVE-2013-4476.

tags | advisory
systems | linux, slackware
advisories | CVE-2013-4475, CVE-2013-4476
SHA-256 | 6077253fad54c06ed812c11cc13d9cb3628acec4c093751ec33306900bdd44f0
Kartoo Search Engine XSS / Remote File Inclusion
Posted Nov 19, 2013
Authored by Juan Carlos Garcia

Kartoo Search Engine suffers from information disclosure, cross site scripting, and remote file inclusion vulnerabilities.

tags | exploit, remote, vulnerability, code execution, xss, file inclusion, info disclosure
SHA-256 | ac0a06fa419a184ad1babb025e7077989ed37dedb335c4eb2588feb10cb78804
PineApp MailSecure Command Execution
Posted Nov 19, 2013
Authored by Ruben Garrote Garcia

PineApp MailSecure suffers from remote command execution and privilege escalation vulnerabilities. Versions 5099SK and below are affected.

tags | exploit, remote, vulnerability
SHA-256 | f4720369e3191a3088b42b913c93f939cec3f14bb0c79018eb4ffca7f1760e74
Appologics AirBeam 1.9.2 Code Execution / XSS
Posted Nov 19, 2013
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

Appologics AirBeam version 1.9.2 suffers from remote command execution and cross site scripting vulnerabilities.

tags | exploit, remote, vulnerability, xss
SHA-256 | 8ce9c3cce7b6c656de8a899d4ab00a7c1296eda6d0e3a58196b6908a77ea2dda
Mandriva Linux Security Advisory 2013-266
Posted Nov 19, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-266 - Updated java-1.6.0-openjdk packages fix security vulnerabilities. Multiple input checking flaws were found in the 2D component native image parsing code. Multiple improper permission check issues were discovered in the 2D, CORBA, JNDI, and Libraries components in OpenJDK. Various other issues were also addressed.

tags | advisory, java, vulnerability
systems | linux, mandriva
advisories | CVE-2013-3829, CVE-2013-4002, CVE-2013-5772, CVE-2013-5774, CVE-2013-5778, CVE-2013-5780, CVE-2013-5782, CVE-2013-5783, CVE-2013-5784, CVE-2013-5790, CVE-2013-5797, CVE-2013-5802, CVE-2013-5803, CVE-2013-5804, CVE-2013-5809, CVE-2013-5814, CVE-2013-5817, CVE-2013-5820, CVE-2013-5823, CVE-2013-5825, CVE-2013-5829, CVE-2013-5830, CVE-2013-5840, CVE-2013-5842, CVE-2013-5849, CVE-2013-5850
SHA-256 | 80f00ff11dce05f1425ec1702654ef4d49baaf3e1c0ad1a7b758127c08efd279
Skidata RFID Freemotion.Gate Remote Command Execution
Posted Nov 19, 2013
Authored by Dennis Kelly

Skidata RFID Freemotion.Gate suffers from having an unauthenticated web service that allows for arbitrary remote command execution. Version 4.1.3.5 is affected. Earlier versions may also be affected.

tags | exploit, remote, web, arbitrary
SHA-256 | 5960d3c57db6941d9902fb1693d0b272bfb2b78c683a42584efc3cae2c07e1a6
Slackware Security Advisory - openssh Updates
Posted Nov 19, 2013
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New openssh packages are available for Slackware 14.1 and -current to fix a security issue. Related CVE Numbers: CVE-2013-4548.

tags | advisory
systems | linux, slackware
advisories | CVE-2013-4548
SHA-256 | 0ec99ec21c4e670141a83c9c5c98eeacd33c86ad07dc08457b0a9ce52e6e078b
Slackware Security Advisory - mozilla-firefox Updates
Posted Nov 19, 2013
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New mozilla-firefox packages are available for Slackware 13.37, 14.0, 14.1, and -current to fix security issues.

tags | advisory
systems | linux, slackware
SHA-256 | 9664ec4fa4f868a394369a03400a8bfe78ad9682a2d514267d32851202799dd8
Gentoo Linux Security Advisory 201311-10
Posted Nov 19, 2013
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201311-10 - Multiple vulnerabilities have been found in GraphicsMagick, allowing remote attackers to execute arbitrary code or cause a Denial of Service condition. Versions prior to 1.3.18 are affected.

tags | advisory, remote, denial of service, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2008-1097, CVE-2009-1882, CVE-2009-3736, CVE-2013-4589
SHA-256 | e0c124eaa158477a4b9518946b776b08c9ff20ff126ef0c29d0bd17f28158e99
PayPal GP+ Cross Site Scripting
Posted Nov 19, 2013
Authored by Ibrahim El-Sayed, Vulnerability Laboratory | Site vulnerability-lab.com

PayPal GP+ suffered from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 82b4d2446d4e666d8de3ecba090bd79d3921f13222e99bdf744771566fa7f9c6
PayPal Billsafe Cross Site Scripting
Posted Nov 19, 2013
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

Persistent script injection vulnerabilities were discovered in the PayPal Billsafe offering.

tags | exploit, vulnerability
SHA-256 | 2101e5745f62b7776999a807cd3411d014cb2d594bcffda669016a2200ef03b9
PayPal China Malicious Redirect
Posted Nov 19, 2013
Authored by Vulnerability Laboratory | Site vulnerability-lab.com

Remote attackers could influence a redirect in PayPal's www.paypal-biz.com site.

tags | exploit, remote
SHA-256 | ad30199576977fc30c90bdbd761713466c98d568a6beb827da07a26044a103e7
pyClamd 0.3.4
Posted Nov 19, 2013
Authored by Alexandre Norman | Site xael.org

pyClamd is a python interface to Clamd (Clamav daemon). By using pyClamd, you can add virus detection capabilities to your python software in an efficient and easy way. Instead of pyClamav which uses libclamav, pyClamd may be used by a closed source product.

Changes: Bug correction in scan_stream. Other bug corrections. ClamdUnixSocket is now able to get the Unix socket name from /etc/clamav/clamd.conf.
tags | tool, virus, python
systems | unix
SHA-256 | 584dd97f3067a9f977c593ea1c13174712dcb8a4d4857a6ead77439f78d4e7e8
Page 1 of 1
Back1Next

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    26 Files
  • 18
    May 18th
    4 Files
  • 19
    May 19th
    17 Files
  • 20
    May 20th
    0 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close