what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 14 of 14 RSS Feed

Files Date: 2014-04-02 to 2014-04-03

WordPress XCloner 3.1.0 Cross Site Request Forgery
Posted Apr 2, 2014
Authored by High-Tech Bridge SA | Site htbridge.com

WordPress XCloner plugin version 3.1.0 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
advisories | CVE-2014-2340
SHA-256 | 1b43ccd566ecc819a8631b2364333ccdce7ad4630d5ae45dac153d6588b86a9d
Capstone 2.1.2
Posted Apr 2, 2014
Authored by Nguyen Anh Quynh | Site capstone-engine.org

Capstone is a multi-architecture, multi-platform disassembly framework. It has a simple and lightweight architecture-neutral API, thread-safe by design, provides details on disassembled instruction, and more.

Changes: Now supports cross-compilation for all iDevices (iPhone/iPad/iPod). X86: does not print memory offset in negative form. Fixed a bug in X86 where Capstone cannot handle some short instructions. Print negative numbers in range [-9, -1] without prefix 0x (Arm, Arm64, Mips). Various other updates.
tags | tool
systems | linux, unix
SHA-256 | 49e41d662c5ed4dcd391ec4cfce75fb31ca4bfd245eba9e8f0cb69d6f6e8d7cc
MobileIron VSP / Sentry Authentication Bypass
Posted Apr 2, 2014
Authored by Nico Leidecker | Site trustmatta.com

MobileIron VSP versions prior to 5.9.1 and Sentry versions prior to 5.0 suffer from password obfuscation and XPath injection vulnerabilities.

tags | exploit, vulnerability
advisories | CVE-2013-7286, CVE-2014-1409
SHA-256 | d6a5bba8acefd20a11c0a78f4ae846a3e103e0ec9d568120f814bbe1909a34e1
Red Hat Security Advisory 2014-0355-01
Posted Apr 2, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-0355-01 - YAML is a data serialization format designed for human readability and interaction with scripting languages. LibYAML is a YAML parser and emitter written in C. A buffer overflow flaw was found in the way the libyaml library parsed URLs in YAML documents. An attacker able to load specially crafted YAML input to an application using libyaml could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. An integer overflow flaw was found in the way the libyaml library handled excessively long YAML tags. An attacker able to load specially crafted YAML input to application using libyaml could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application.

tags | advisory, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2013-6393, CVE-2014-2525
SHA-256 | 985b797772febf39f2a055c7e5717023fa52100140512e16f14531afd2fc7ee4
Drupal 7.26 Custom Search 7.x-1.13 Cross Site Scripting
Posted Apr 2, 2014
Authored by Justin C. Klein Keane

Drupal Custom Search module version 7.x-1.13 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 7bdbca78f76cdfb570405b85d714e31737dedaf8f1ea9202a2b52e26625e517d
Rhythm Software File Manager [HD] Disclosure / Escalation / Injection
Posted Apr 2, 2014
Authored by Wolfgang Ettlinger | Site sec-consult.com

Rhythm Software File Manager version 1.16.6 and Rhythm Software File Manager HD version 1.11.5 suffer from local file disclosure, privilege escalation, and unauthenticated remote command injection vulnerabilities.

tags | advisory, remote, local, vulnerability
SHA-256 | d2c9981bbbf77d707cbae26f950c18a38e350aeb4c84dd1f06e79d90a6679677
Ubuntu Security Notice USN-2159-1
Posted Apr 2, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2159-1 - It was discovered that NSS incorrectly handled wildcard certificates when used with internationalized domain names. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could be exploited to spoof SSL servers.

tags | advisory, remote, spoof
systems | linux, ubuntu
advisories | CVE-2014-1492
SHA-256 | 59eeaf80e77b5d2da5ea6c9291d43a73f0a90cc51e60b05e5644d1d1cffe0f68
Red Hat Security Advisory 2014-0354-01
Posted Apr 2, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-0354-01 - YAML is a data serialization format designed for human readability and interaction with scripting languages. LibYAML is a YAML parser and emitter written in C. A buffer overflow flaw was found in the way the libyaml library parsed URLs in YAML documents. An attacker able to load specially crafted YAML input to an application using libyaml could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. An integer overflow flaw was found in the way the libyaml library handled excessively long YAML tags. An attacker able to load specially crafted YAML input to application using libyaml could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application.

tags | advisory, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2013-6393, CVE-2014-2525
SHA-256 | 18cf675c1a778b82aff5215d8b922b230d0b956a2687269b1543c56ab9231935
Red Hat Security Advisory 2014-0353-01
Posted Apr 2, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-0353-01 - YAML is a data serialization format designed for human readability and interaction with scripting languages. LibYAML is a YAML parser and emitter written in C. A buffer overflow flaw was found in the way the libyaml library parsed URLs in YAML documents. An attacker able to load specially crafted YAML input to an application using libyaml could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. An integer overflow flaw was found in the way the libyaml library handled excessively long YAML tags. An attacker able to load specially crafted YAML input to application using libyaml could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application.

tags | advisory, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2013-6393, CVE-2014-2525
SHA-256 | 42f2a4af7313023b4447c83284b6e0c5a3c351bca32adbb02d8acaaceed775bb
iShare Your Moving Library 1.0 LFI / File Upload
Posted Apr 2, 2014
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

iShare Your Moving Library version 1.0 for iOS suffers from local file inclusion and remote file upload vulnerabilities.

tags | exploit, remote, local, vulnerability, file inclusion, file upload
systems | apple, ios
SHA-256 | d94407d4716a8dc010686a1ab391632cc35f1eaede798f733ee34e8638a1ee8f
Apple Security Advisory 2014-04-01-1
Posted Apr 2, 2014
Authored by Apple | Site apple.com

Apple Security Advisory 2014-04-01-1 - Safari 6.1.3 and Safari 7.0.3 are now available and address multiple security vulnerabilities.

tags | advisory, vulnerability
systems | apple
advisories | CVE-2013-2871, CVE-2013-2926, CVE-2013-2928, CVE-2013-6625, CVE-2014-1289, CVE-2014-1290, CVE-2014-1291, CVE-2014-1292, CVE-2014-1293, CVE-2014-1294, CVE-2014-1297, CVE-2014-1298, CVE-2014-1299, CVE-2014-1300, CVE-2014-1301, CVE-2014-1302, CVE-2014-1303, CVE-2014-1304, CVE-2014-1305, CVE-2014-1307, CVE-2014-1308, CVE-2014-1309, CVE-2014-1310, CVE-2014-1311, CVE-2014-1312, CVE-2014-1313, CVE-2014-1713
SHA-256 | 4cef548e7aad6ec6c0abcca4dcf5b8211f19aa0d0c88b3b825047c58177dc019
A10 Networks ACOS 2.7.0-P2 Buffer Overflow
Posted Apr 2, 2014
Authored by Francisco Perna

A10 Networks ACOS version 2.7.0-P2 suffers from a buffer overflow vulnerability.

tags | exploit, overflow
SHA-256 | fad867b999aa71b64950f57ef04bdfacb548b571cf4a00d26e8903e0a2f29fa5
Kyocera FS5250 Cross Site Scripting
Posted Apr 2, 2014
Authored by Jeff Sergeant

The Kyocera FS5250 printer suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | e975fa501f2382287ddafe16e11342fa8788d46be35d2169b1af61ad71e056ae
ICOMM 610 Wireless Modem Cross Site Request Forgery
Posted Apr 2, 2014
Authored by Blessen Thomas

ICOMM 610 wireless modem suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | 21f6e63b81cb81511aa9c5520164732e3b61380d8954cd91b6668d2b521cf7ba
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close