what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 8 of 8 RSS Feed

Files Date: 2013-12-15 to 2013-12-16

HP Security Bulletin HPSBGN02952
Posted Dec 15, 2013
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN02952 - A potential security vulnerability has been identified with HP Application Lifecycle Manager (ALM) running JBoss application server. This vulnerability could be exploited remotely to allow code execution. Revision 1 of this advisory.

tags | advisory, code execution
advisories | CVE-2013-4810
SHA-256 | b30f271b757401886554de4dfbd2e10bc1f7d66f3e0a19a69b7169dc91228181
HP Security Bulletin HPSBGN02951
Posted Dec 15, 2013
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN02951 - Potential security vulnerabilities have been identified with HP Operations Orchestration. The vulnerabilities could be exploited to allow cross-site scripting (XSS) and cross-site request forgery (CSRF). Revision 1 of this advisory.

tags | advisory, vulnerability, xss, csrf
advisories | CVE-2013-6191, CVE-2013-6192
SHA-256 | c269b1d60b3e90c5acb18d71d9329cd95b5832a4b458d1d64dba90e4d65129fd
Gentoo Linux Security Advisory 201312-10
Posted Dec 15, 2013
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201312-10 - A buffer overflow in libsmi might allow a context-dependent attacker to execute arbitrary code. Versions less than 0.4.8-r1 are affected.

tags | advisory, overflow, arbitrary
systems | linux, gentoo
advisories | CVE-2010-2891
SHA-256 | 6aa435a29cce58ebaef5ee97b49c52c0045e0a66e59825d2106d819f7b61b00c
Gentoo Linux Security Advisory 201312-09
Posted Dec 15, 2013
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201312-9 - Multiple vulnerabilities have been found in cabextract, allowing remote attackers to execute arbitrary code or cause a Denial of Service condition. Versions less than 1.3 are affected.

tags | advisory, remote, denial of service, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2010-2800, CVE-2010-2801
SHA-256 | 8cdb78dc586c4b23f55ef5470d748fdd81b5e9636acdcbc0d181c4649c5021ad
Debian Security Advisory 2817-1
Posted Dec 15, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2817-1 - Timo Warns reported multiple integer overflow vulnerabilities in libtar, a library for manipulating tar archives, which can result in the execution of arbitrary code.

tags | advisory, overflow, arbitrary, vulnerability
systems | linux, debian
advisories | CVE-2013-4397
SHA-256 | f3c71858a5f19feeca680c031798b02da6f0c617f5783c05975cb2a9f23b7313
PHP openssl_x509_parse() Memory Corruption
Posted Dec 15, 2013
Authored by Stefan Esser

The PHP function openssl_x509_parse() uses a helper function called asn1_time_to_time_t() to convert timestamps from ASN1 string format into integer timestamp values. The parser within this helper function is not binary safe and can therefore be tricked to write up to five NUL bytes outside of an allocated buffer. This problem can be triggered by x509 certificates that contain NUL bytes in their notBefore and notAfter timestamp fields and leads to a memory corruption that might result in arbitrary code execution.

tags | exploit, arbitrary, php, code execution
advisories | CVE-2013-6420
SHA-256 | 7406038cb1adf87acf1e03364bbd761251c6d8fc531065990b85c245ae25fbe4
Bio Basespace SDK 0.1.7 API Key Exposure
Posted Dec 15, 2013
Authored by Larry W. Cashdollar

The Bio Basespace SDK 0.1.7 Ruby Gem API client code passes the API_KEY to a curl command. This exposes the api key to the shell and process table. Another user on the system could snag the api key by just monitoring the process table.

tags | advisory, shell, info disclosure, ruby
SHA-256 | d611161b7de257aeced569b86efb86407334ac528739835cfa78af454f079352
iScripts AutoHoster PHP Code Injection
Posted Dec 15, 2013
Authored by i-Hmx

iScripts AutoHoster suffers from file disclosure, PHP code injection, file disclosure, and remote SQL injection vulnerabilities.

tags | exploit, remote, php, vulnerability, sql injection, info disclosure
SHA-256 | e688d35feae61acb5dcdfa1966f1c4b19724883860f61ef17d40a6500a340e63
Page 1 of 1
Back1Next

File Archive:

March 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    13 Files
  • 3
    Mar 3rd
    15 Files
  • 4
    Mar 4th
    0 Files
  • 5
    Mar 5th
    0 Files
  • 6
    Mar 6th
    16 Files
  • 7
    Mar 7th
    31 Files
  • 8
    Mar 8th
    16 Files
  • 9
    Mar 9th
    13 Files
  • 10
    Mar 10th
    9 Files
  • 11
    Mar 11th
    0 Files
  • 12
    Mar 12th
    0 Files
  • 13
    Mar 13th
    10 Files
  • 14
    Mar 14th
    6 Files
  • 15
    Mar 15th
    17 Files
  • 16
    Mar 16th
    22 Files
  • 17
    Mar 17th
    13 Files
  • 18
    Mar 18th
    0 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    16 Files
  • 21
    Mar 21st
    13 Files
  • 22
    Mar 22nd
    5 Files
  • 23
    Mar 23rd
    6 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close