what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 21 of 21 RSS Feed

Files Date: 2013-07-29

PineApp Mail-SeCure test_li_connection.php Arbitrary Command Execution
Posted Jul 29, 2013
Authored by juan vazquez, Dave Weinstein | Site metasploit.com

This Metasploit module exploits a command injection vulnerability on PineApp Mail-SeCure 3.70. The vulnerability exists on the test_li_connection.php component, due to the insecure usage of the system() php function. This Metasploit module has been tested successfully on PineApp Mail-SeCure 3.70.

tags | exploit, php
SHA-256 | f986755f0d0b80f4f24f3b0cebb979f77db7ba99a7a250f60cf38a00b1bfde1c
PineApp Mail-SeCure ldapsyncnow.php Arbitrary Command Execution
Posted Jul 29, 2013
Authored by juan vazquez, Dave Weinstein | Site metasploit.com

This Metasploit module exploits a command injection vulnerability on PineApp Mail-SeCure 3.70. The vulnerability exists on the ldapsyncnow.php component, due to the insecure usage of the shell_exec() php function. This Metasploit module has been tested successfully on PineApp Mail-SeCure 3.70.

tags | exploit, php
SHA-256 | 6d5046291504d28d39d79d096fba6a69e382c338c97f38b517a66277e740b9dd
PineApp Mail-SeCure livelog.html Arbitrary Command Execution
Posted Jul 29, 2013
Authored by juan vazquez, temp66 | Site metasploit.com

This Metasploit module exploits a command injection vulnerability on PineApp Mail-SeCure 3.70. The vulnerability exists on the livelog.html component, due to the insecure usage of the shell_exec() php function. This Metasploit module has been tested successfully on PineApp Mail-SeCure 3.70.

tags | exploit, php
SHA-256 | 51fca1c0fcae3623e2c9c69f04d8e43a10745b7c2cfa4634796a3d1d61a9cf15
MS13-005 HWND_BROADCAST Low to Medium Integrity Privilege Escalation
Posted Jul 29, 2013
Authored by Tavis Ormandy, Axel Souchet | Site metasploit.com

The Windows kernel does not properly isolate broadcast messages from low integrity applications from medium or high integrity applications. This allows commands to be broadcasted to an open medium or high integrity command prompts allowing escalation of privileges. We can spawn a medium integrity command prompt, after spawning a low integrity command prompt, by using the Win+Shift+# combination to specify the position of the command prompt on the taskbar. We can then broadcast our command and hope that the user is away and doesn't corrupt it by interacting with the UI. Broadcast issue affects versions Windows Vista, 7, 8, Server 2008, Server 2008 R2, Server 2012, RT. But Spawning a command prompt with the shortcut key does not work in Vista so you will have to check if the user is already running a command prompt and set SPAWN_PROMPT false. The WEB technique will execute a powershell encoded payload from a Web location. The FILE technique will drop an executable to the file system, set it to medium integrity and execute it. The TYPE technique will attempt to execute a powershell encoded payload directly from the command line but it may take some time to complete.

tags | exploit, web, kernel
systems | windows
advisories | CVE-2013-0008, OSVDB-88966
SHA-256 | ec4132f8b9ac70f158c3461e225396c2635aeb7d0ad1f9877329265b9fd215b8
FluxBB 1.5.3 XSS / CSRF / URL Redirection
Posted Jul 29, 2013
Authored by LiquidWorm | Site zeroscience.mk

FluxBB version 1.5.3 suffers from cross site scripting, cross site request forgery, and URL redirection vulnerabilities.

tags | exploit, vulnerability, xss, csrf
SHA-256 | 3d2a429f0d7f7702aac350cfb0a31594ad3302501c55568dfa29c8812f3a4a6e
Debian Security Advisory 2731-1
Posted Jul 29, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2731-1 - Yarom and Falkner discovered that RSA secret keys in applications using the libgcrypt11 library, for example GnuPG 2.x, could be leaked via a side channel attack, where a malicious local user could obtain private key information from another user on the system.

tags | advisory, local
systems | linux, debian
advisories | CVE-2013-4242
SHA-256 | f0a1666c4812d4dc7cb9b02be9a71e7f903c37c2ee68d1a36864059533ee2595
Ubuntu Security Notice USN-1911-1
Posted Jul 29, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1911-1 - It was discovered that Little CMS did not properly verify certain memory allocations. If a user or automated system using Little CMS were tricked into opening a specially crafted file, an attacker could cause Little CMS to crash.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2013-4160
SHA-256 | c54d93e57fe6f1c6159d8072be1042ae818e7c132c0787c9995ef18ce37ff500
EMC NetWorker Information Disclosure
Posted Jul 29, 2013
Site emc.com

A vulnerability exists in EMC NetWorker that could allow exposure of certain sensitive configuration information under specific circumstances. Versions affected include EMC NetWorker 8.0.0.x, 8.0.1.x, and 7.6.x.x.

tags | advisory
advisories | CVE-2013-0943
SHA-256 | 9dec0bf3a8508498074bb32c9d7dcad0227b5a46110ee20ca656d7dbb5260323
FreeBSD Security Advisory - NFS Incorrect Privilege Validation
Posted Jul 29, 2013
Authored by Tim Zingelman, Christopher Key, Rick Macklem | Site security.freebsd.org

FreeBSD Security Advisory - The kernel incorrectly uses client supplied credentials instead of the one configured in exports(5) when filling out the anonymous credential for a NFS export, when -network or -host restrictions are used at the same time. The remote client may supply privileged credentials (e.g. the root user) when accessing a file under the NFS share, which will bypass the normal access checks.

tags | advisory, remote, kernel, root
systems | freebsd
advisories | CVE-2013-4851
SHA-256 | d672bbe3c1c06396c194b1f5062f4d67d79b24f02a60b7a89344ec0f57fe8219
FreeBSD Security Advisory - BIND Denial Of Service
Posted Jul 29, 2013
Authored by Maxim Shudrak | Site security.freebsd.org

FreeBSD Security Advisory - Due to a software defect a specially crafted query which includes malformed rdata, could cause named(8) to crash with an assertion failure and rejecting the malformed query. This issue affects both recursive and authoritative-only nameservers.

tags | advisory
systems | freebsd
advisories | CVE-2013-4854
SHA-256 | f1c6bd390fafc6b86654d596d7ddcfa62102f4a0aa7b681a7a87ed56ead922b7
Debian Security Advisory 2730-1
Posted Jul 29, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2730-1 - Yarom and Falkner discovered that RSA secret keys could be leaked via a side channel attack, where a malicious local user could obtain private key information from another user on the system.

tags | advisory, local
systems | linux, debian
advisories | CVE-2013-4242
SHA-256 | a9eb5a7847a3399ecba5950187fddf262cc33613e718ae36cd8548159d9c4643
Ubuntu Security Notice USN-1910-1
Posted Jul 29, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1910-1 - Maxim Shudrak discovered that Bind incorrectly handled certain malformed rdata. A remote attacker could use this flaw with a specially crafted query to cause Bind to stop responding, resulting in a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2013-4854
SHA-256 | 0897033390d296a9ef63ec8183d77ea83c2dfac3bcece6cc232c0f4c8928b234
Mandriva Linux Security Advisory 2013-202
Posted Jul 29, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-202 - The RFC 5011 implementation in rdata.c in ISC BIND 9.7.x and 9.8.x before 9.8.5-P2, 9.8.6b1, 9.9.x before 9.9.3-P2, and 9.9.4b1, and DNSco BIND 9.9.3-S1 before 9.9.3-S1-P1 and 9.9.4-S1b1, allows remote attackers to cause a denial of service via a query with a malformed RDATA section that is not properly handled during construction of a log message, as exploited in the wild in July 2013. The updated packages for Enterprise Server 5 have been patched to correct this issue. The updated packages for Business Server 1 have been upgraded to the 9.9.3-P2 version which is not vulnerable to this issue.

tags | advisory, remote, denial of service
systems | linux, mandriva
advisories | CVE-2013-4854
SHA-256 | 81f641183de26262e71f4b53dd49a153a27531ad1f983c82c624502231052b82
Debian Security Advisory 2729-1
Posted Jul 29, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2729-1 - OpenAFS, the implementation of the distributed filesystem AFS, has been updated to no longer use DES for the encryption of tickets. Additional migration steps are needed to fully set the update into effect.

tags | advisory
systems | linux, debian
advisories | CVE-2013-4134, CVE-2013-4135
SHA-256 | 404afb222135a19aaf78a3b157d3a4a64ca33cccc96fb95da671c31764342699
WebDisk 3.0.2 PhotoViewer iOS Command Execution
Posted Jul 29, 2013
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

WebDisk version 3.0.2 PhotoViewer for iOS suffers from a remote command execution vulnerability.

tags | exploit, remote
systems | cisco, ios
SHA-256 | a74a5bd33336150b25147766ce88ce05cc03a56a2927ac49301a7b6d2986f69b
Private Photos 1.0 Script Insertion
Posted Jul 29, 2013
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

Private Photos version 1.0 for iOS suffers from a persistent script insertion vulnerability.

tags | exploit
systems | cisco, ios
SHA-256 | 675393a5ef46624db7acc97471d1f5ccdb744cecce7d6c64116194fd6fc7a6b1
Nmap Port Scanner 6.40
Posted Jul 29, 2013
Authored by Fyodor | Site insecure.org

Nmap is a utility for port scanning large networks, although it works fine for single hosts. Sometimes you need speed, other times you may need stealth. In some cases, bypassing firewalls may be required. Not to mention the fact that you may want to scan different protocols (UDP, TCP, ICMP, etc.). Nmap supports Vanilla TCP connect() scanning, TCP SYN (half open) scanning, TCP FIN, Xmas, or NULL (stealth) scanning, TCP ftp proxy (bounce attack) scanning, SYN/FIN scanning using IP fragments (bypasses some packet filters), TCP ACK and Window scanning, UDP raw ICMP port unreachable scanning, ICMP scanning (ping-sweep), TCP Ping scanning, Direct (non portmapper) RPC scanning, Remote OS Identification by TCP/IP Fingerprinting, and Reverse-ident scanning. Nmap also supports a number of performance and reliability features such as dynamic delay time calculations, packet timeout and retransmission, parallel port scanning, detection of down hosts via parallel pings.

Changes: Various additions and updates.
tags | tool, remote, udp, tcp, protocol, nmap
systems | linux, unix
SHA-256 | ceb8bfd138006719443689787d71b3323b126491f6abda1d0a0d7f3d4f037b4b
OpenEMM-2013 8.10.380.hf13.0.066 Cross Site Scripting / SQL Injection
Posted Jul 29, 2013
Authored by drone

OpenEMM-2013 version 8.10.380.hf13.0.066 suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
SHA-256 | 14456af2c9a5b9e11fb7313fb343d5a731c447e6b28ffc4391db130a2ff55411
Aux Browser 3.0.2.6
Posted Jul 29, 2013
Authored by Dieyu

Aux Browser is a small tool for securely browsing the web. It uses a kernel level sandbox. This is the source code release.

tags | web, kernel
SHA-256 | 4e7ae933ed5c7c662f38541d51e9a11b35a3bbb01cccb2ecdcd074b345b8d0ba
Novell Client 2 SP3 Privilege Escalation
Posted Jul 29, 2013
Authored by sickness

Novell Client 2 SP3 suffers from a privilege escalation vulnerability.

tags | exploit
advisories | OSVDB-93718
SHA-256 | 90372d883442b6991b9af375b8d05bbaa5c31c066b8a21018779b94badc3881d
OllyDbg / Immunity Debugger Crash
Posted Jul 29, 2013
Authored by Dark-Puzzle

OllyDbg / Immunity debugger crash proof of concept denial of service exploit.

tags | exploit, denial of service, proof of concept
SHA-256 | 675d2824b19af798e908b299af4c63101ca4f8e7734c1c02006fdc9bf019156e
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close