exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 362 RSS Feed

Files Date: 2014-01-01 to 2014-01-31

Ubuntu Security Notice USN-2091-1
Posted Jan 30, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2091-1 - This update disables the OTR v1 protocol to prevent protocol downgrade attacks.

tags | advisory, protocol
systems | linux, ubuntu
SHA-256 | c785bdb9b935770e2dfc02fa917fcde92b56401145719f85d6cd84d605e27ca4
Ektron CMS Account Hijacking
Posted Jan 30, 2014
Authored by Mark Litchfield | Site securatary.com

This whitepaper discusses how to perform a take over of the Ektron CMS. It demonstrates how to hijack the builtin and admin accounts.

tags | exploit
SHA-256 | 4051126d4a1554f5aa1a371e3823fe1746489da90272c4a0bd3f21fffb9a0ce0
Slackware Security Advisory - bind Updates
Posted Jan 30, 2014
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New bind packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix a security issue.

tags | advisory
systems | linux, slackware
advisories | CVE-2014-0591
SHA-256 | 191246e4649b609e4202d26d8789784f17b49c0d1ab475bc653ac4de35be5b5c
Smashing Bitcoin BrainWallets For Fun And Profit
Posted Jan 30, 2014
Authored by Simo Ben Youssef

This whitepaper discusses how attackers use dictionary-based brute-force attacks to steal other people's bitcoins. Proof of concept tools are included.

tags | paper, proof of concept
SHA-256 | d3b473fd72aba55764c5b793c9300a33b4bc94411e4282b14f400213f149aa0d
WordPress Amerisale-Re Remote Shell Upload
Posted Jan 30, 2014
Authored by T3rm!nat0r5

This Metasploit module exploits an arbitrary PHP file upload in the WordPress Amerisale-Re third party plugin.

tags | exploit, arbitrary, php, file upload
SHA-256 | 1977a861af86c1bb609eab4c6885099d74ee40712c458de75397e40bdcfb1bea
LinPHA 1.3.4 Cross Site Request Forgery / Cross Site Scripting
Posted Jan 30, 2014
Authored by killall-9

LinPHA version 1.3.4 suffers from cross site request forgery and persistent cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
SHA-256 | dd1112c814225c6d2b24116f1d99bcf78fed4941a42afe5ea7e7f980af1746d0
Amin'z Tech CMS Shell Upload / SQL Injection
Posted Jan 30, 2014
Authored by ACC3SS

Amin'z Tech CMS suffers from remote shell upload and a remote SQL injection vulnerability that allows for login bypass.

tags | exploit, remote, shell, sql injection
SHA-256 | c992e7712a27df499ae4bc3d17ca86548e65261cdd7eaa0f75a9c314525437d6
Drupal Tribune 6.x / 7.x Cross Site Scripting
Posted Jan 30, 2014
Authored by Raynald Mirville | Site drupal.org

Drupal Tribune third party module versions 6.x and 7.x suffer from a cross site scripting vulnerability.

tags | advisory, xss
SHA-256 | 8922901cd06fd3a4a6b5033006c05d50258b696c4b87a583e0b6d71bc6fbce48
Drupal Services 7.x Access Bypass
Posted Jan 30, 2014
Authored by wedge, prjcarr | Site drupal.org

Drupal Services third party module version 7.x suffers from multiple access bypass vulnerabilities.

tags | advisory, vulnerability
SHA-256 | 2d54f256cc810c69585b7137d0fd722f6cc26ab73d4785ab51345dc1c38f18ce
NCH Software Inventoria 3.45 Cross Site Scripting
Posted Jan 30, 2014
Authored by LiquidWorm | Site zeroscience.mk

NCH Software Inventoria version 3.45 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 013ce0474eb3119edf8938629f3cf1485ee96a3afaa5234d50e9c770f8c001ad
Lynis Auditing Tool 1.4.0
Posted Jan 30, 2014
Authored by Michael Boelen | Site cisofy.com

Lynis is an auditing tool for Unix (specialists). It scans the system and available software to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated auditing, software patch management, vulnerability and malware scanning of Unix based systems.

Changes: This release adds several improvements to support AIX better, hostid creation, ignoring of the LANG value, and extension of a few tests.
tags | tool, scanner
systems | unix
SHA-256 | fb2cda4617d1625eeed6c9d9ba9aa64a72737f25b4b8bff588a69620d7c4f1cb
Slackware Security Advisory - mozilla-nss Updates
Posted Jan 30, 2014
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New mozilla-nss packages are available for Slackware 14.0, 14.1, and -current to fix a security issue.

tags | advisory
systems | linux, slackware
advisories | CVE-2013-1740
SHA-256 | 985394a529eb8e2dc205f756adfa22da2611ace7eea571d769bc2a3506915047
Gentoo Linux Security Advisory 201401-33
Posted Jan 30, 2014
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201401-33 - A vulnerability has been found in the Digest-Base Perl module, allowing remote attackers to execute arbitrary code. Versions less than 1.170.0 are affected.

tags | advisory, remote, arbitrary, perl
systems | linux, gentoo
advisories | CVE-2011-3597
SHA-256 | 073b067938255df59111607a647be7a61207ceda164ae0bab0a2f2e8b3d64f0f
Gentoo Linux Security Advisory 201401-34
Posted Jan 30, 2014
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201401-34 - Multiple vulnerabilities have been found in BIND, possibly resulting in Denial of Service. Versions less than 9.9.4_p2 are affected.

tags | advisory, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2012-5166, CVE-2012-5688, CVE-2012-5689, CVE-2013-2266, CVE-2013-3919, CVE-2013-4854, CVE-2014-0591
SHA-256 | 08788290f886b257bb5cf19d5da72a1cebe9c1902c834380c2cebb552a875e12
Red Hat Security Advisory 2014-0108-01
Posted Jan 30, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-0108-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. It was found that the Xen hypervisor did not always lock 'page_alloc_lock' and 'grant_table.lock' in the same order. This could potentially lead to a deadlock. A malicious guest administrator could use this flaw to cause a denial of service on the host.

tags | advisory, denial of service, kernel
systems | linux, redhat
advisories | CVE-2013-4494
SHA-256 | 8f46a6282e67a95809d58fc3a16c9ecccc57553d3af6f14af2ff8aeda8c5d557
SimplyShare 1.4 Code Execution / Local File Inclusion / XSS
Posted Jan 29, 2014
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

SimplyShare version 1.4 suffers from code execution, local file inclusion, cross site scripting, and command injection vulnerabilities.

tags | exploit, local, vulnerability, code execution, xss, file inclusion
SHA-256 | 06435c185640907d6002f6d7fd2570bf5f5e4cdb4ee43a71600c2ccbb4d362f2
PCMAN FTP 2.07 ABOR Buffer Overflow
Posted Jan 29, 2014
Authored by Mahmod Mahajna

PCMAN FTP version 2.07 ABOR command buffer overflow exploit.

tags | exploit, overflow
advisories | OSVDB-94624
SHA-256 | 207aacc82b71408ec13209815ed8aa5c33dcdd9974eff7bed97d008df270fc01
haneWIN DNS Server 1.5.3 Buffer Overflow
Posted Jan 29, 2014
Authored by Dario Estrada

haneWIN DNS server version 1.5.3 structured exception handler (SEH) buffer overflow exploit.

tags | exploit, overflow
SHA-256 | 5ff4049dea782c7dcd51a3676c2edd85d01ac652a47a47c3bf62de5c0bf51ed3
PCMAN FTP 2.07 CWD Buffer Overflow
Posted Jan 29, 2014
Authored by Mahmod Mahajna

PCMAN FTP version 2.07 CWD command buffer overflow exploit.

tags | exploit, overflow
advisories | OSVDB-94624
SHA-256 | 686e1bb139fa8ceb51129b6bcc62b9df3c56b058ab7375350cf467d34d7e74da
Pandora FMS 5.0RC1 Code Execution
Posted Jan 29, 2014
Authored by xistence

Pandora FMS versions 5.0RC1 and below suffer from a code execution vulnerability.

tags | exploit, code execution
SHA-256 | 2ba4bc2c2183c5acbae565b860f5f9eabe987ba0a399d204e52fc3e2151facf0
WordPress Photocrati Cross Site Scripting
Posted Jan 29, 2014
Authored by ACC3SS

WordPress Photocrati Theme suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 2c0a0d09eabe3d8c389700133ca742ee4514f4b658e287ca801e58421be8784e
Sitecore XML Cross Site Scripting
Posted Jan 29, 2014
Authored by Mark Litchfield

Sitecore's special way of display XML controls allows for a cross site scripting attack.

tags | exploit, xss
SHA-256 | 332c44062becbe780354571679bbca0e59d1468bef6e56ac13e0ebfa8d53931a
A10 Networks Loadbalancer Directory Traversal
Posted Jan 28, 2014
Authored by xistence

A10 Networks Loadbalancer versions (Soft)AX 2.6.1-GR1-P5 and below and 2.7.0 build 217 and below suffer from a directory traversal vulnerability.

tags | exploit, file inclusion
SHA-256 | cd1d7881579b65ddec9b55be9bc64a68cfb6ab226deae42efa4a82f9439a111f
Oracle Reports Shell Uploader
Posted Jan 28, 2014
Authored by Dana Taylor

Oracle Reports pwnacle exploit that uploads a jsp shell to the target system using the URLPARAMETER vulnerability that allows for planting files.

tags | exploit, shell
advisories | CVE-2012-3153, CVE-2012-3152
SHA-256 | 3581d647b9a2e8009d1d33ce3190ed76df5b93ae7c3bb78683ead1f423d79945
Eventum 2.3.4 Incorrect Permissions / Code Injection
Posted Jan 28, 2014
Authored by High-Tech Bridge SA | Site htbridge.com

Eventum version 2.3.4 suffers from incorrect default permission and code injection vulnerabilities.

tags | exploit, vulnerability
advisories | CVE-2014-1631, CVE-2014-1632
SHA-256 | 7e14b6132c32b76074863b2d2bee5da28e1064c2155acfee7dc34c7d4969418f
Page 1 of 15
Back12345Next

File Archive:

April 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    10 Files
  • 2
    Apr 2nd
    26 Files
  • 3
    Apr 3rd
    40 Files
  • 4
    Apr 4th
    6 Files
  • 5
    Apr 5th
    26 Files
  • 6
    Apr 6th
    0 Files
  • 7
    Apr 7th
    0 Files
  • 8
    Apr 8th
    22 Files
  • 9
    Apr 9th
    14 Files
  • 10
    Apr 10th
    10 Files
  • 11
    Apr 11th
    13 Files
  • 12
    Apr 12th
    14 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    30 Files
  • 16
    Apr 16th
    10 Files
  • 17
    Apr 17th
    22 Files
  • 18
    Apr 18th
    45 Files
  • 19
    Apr 19th
    0 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close