what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 14 of 14 RSS Feed

Files Date: 2013-10-31

ImpressPages CMS 3.6 Arbitrary File Deletion
Posted Oct 31, 2013
Authored by LiquidWorm | Site zeroscience.mk

ImpressPages CMS version 3.6 suffers from a remote arbitrary file deletion vulnerability.

tags | exploit, remote, arbitrary
SHA-256 | 55f5e488a59a727c9c92aeb95d6419bf6d920f6c808093b6c87d621b4fca8d1f
Varnish Cache Denial Of Service
Posted Oct 31, 2013
Authored by Ilia Sharov

If Varnish receives a certain illegal request, and the subroutine 'vcl_error{}' restarts the request, the varnishd worker process will crash with an assert. The varnishd management process will restart the worker process, but there will be a brief interruption of service and the cache will be emptied, causing more traffic to go to the backend. Versions 2.0.x, 2.1.x, and 3.0.x are affected.

tags | exploit, denial of service
advisories | CVE-2013-4484
SHA-256 | 4dd3ca412788a9fb651556055e5db955a3a0bfa4211fe82cd6b19131b95892b1
ImpressPages CMS 3.6 Cross Site Scripting / SQL Injection
Posted Oct 31, 2013
Authored by LiquidWorm | Site zeroscience.mk

ImpressPages CMS version 3.6 suffers from multiple SQL injection vulnerabilities that can be leveraged to commit cross site scripting attacks.

tags | exploit, vulnerability, xss, sql injection
SHA-256 | c0158b9660a832da42931529dc82169695f27a37b147d2ca11d07463c6ad3622
Samhain File Integrity Checker 3.1.0
Posted Oct 31, 2013
Authored by Rainer Wichmann | Site samhain.sourceforge.net

Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.

Changes: Support for sha2-256 has been added and some bugs have been fixed.
tags | tool, tcp, intrusion detection
systems | linux, unix, solaris, aix, hpux, unixware
SHA-256 | 0b9b8133861fd612bc23681afd5cfdecbe1aafae9c0de5e0504f64a25432e301
Joomla Joomleague Shell Upload
Posted Oct 31, 2013
Authored by wantexz

Joomla Joomleague component suffers from a remote shell upload vulnerability due to having Open Flash Chart included.

tags | exploit, remote, shell
SHA-256 | 0f1ae71621285e8b0eb83e4a3f53e542a05b8297d22083756687db822c368fe3
Unicorn WB-3300NR Cross Site Request Forgery
Posted Oct 31, 2013
Authored by absane

Unicorn WB-3300NR router version 1 with firmware 5.07.18_ko_UIS02 suffers from multiple cross site request forgery vulnerabilities.

tags | exploit, vulnerability, csrf
SHA-256 | 496e96adcbb5d5029e4f736e58b001b81d66548809c3f0e582abb2d278aee835
Ubuntu Security Notice USN-2010-1
Posted Oct 31, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2010-1 - Multiple memory safety issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted message with scripting enabled, an attacker could possibly exploit these to cause a denial of service via application crash, or potentially execute arbitrary code with the privileges of the user invoking Thunderbird. Jordi Chancel discovered that HTML select elements could display arbitrary content. If a user had scripting enabled, an attacker could potentially exploit this to conduct URL spoofing or clickjacking attacks. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, spoof
systems | linux, ubuntu
advisories | CVE-2013-5590, CVE-2013-5591, CVE-2013-5593, CVE-2013-5604, CVE-2013-5595, CVE-2013-5596, CVE-2013-5597, CVE-2013-5600, CVE-2013-5601, CVE-2013-5602, CVE-2013-5603, CVE-2013-1739, CVE-2013-5590, CVE-2013-5591, CVE-2013-5593, CVE-2013-5595, CVE-2013-5596, CVE-2013-5597, CVE-2013-5599, CVE-2013-5600, CVE-2013-5601, CVE-2013-5602, CVE-2013-5603, CVE-2013-5604
SHA-256 | 0c6808080c7cedb8770ce4507d3e211181be6fbe5089acc561b682ec9cd4352d
Red Hat Security Advisory 2013-1490-01
Posted Oct 31, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1490-01 - The kernel-rt packages contain the Linux kernel, the core of any Linux operating system. A flaw was found in the way IP packets with an Internet Header Length of zero were processed in the skb_flow_dissect() function in the Linux kernel. A remote attacker could use this flaw to trigger an infinite loop in the kernel, leading to a denial of service. A flaw was found in the way the Linux kernel's IPv6 implementation handled certain UDP packets when the UDP Fragmentation Offload feature was enabled. A remote attacker could use this flaw to crash the system or, potentially, escalate their privileges on the system.

tags | advisory, remote, denial of service, kernel, udp
systems | linux, redhat
advisories | CVE-2013-0343, CVE-2013-2888, CVE-2013-2892, CVE-2013-2893, CVE-2013-2895, CVE-2013-2896, CVE-2013-4299, CVE-2013-4343, CVE-2013-4345, CVE-2013-4348, CVE-2013-4350, CVE-2013-4387
SHA-256 | 940f925cc01d5946698f3c8f547317f6ac1c6b045d85b6aabe0408192318c0ec
Mandriva Linux Security Advisory 2013-264
Posted Oct 31, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-264 - Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. The mozilla firefox packages has been upgraded to the latest ESR version which is unaffected by these security flaws.

tags | advisory
systems | linux, mandriva
advisories | CVE-2013-1739, CVE-2013-5590, CVE-2013-5595, CVE-2013-5597, CVE-2013-5599, CVE-2013-5600, CVE-2013-5601, CVE-2013-5602, CVE-2013-5604
SHA-256 | 2d83524add9483617df11c7c7f0b74ea9124d1053549342cd71184886957c77f
Debian Security Advisory 2788-1
Posted Oct 31, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2788-1 - Multiple security issues have been found in iceweasel, Debian's version other implementation errors may lead to the execution of arbitrary code.

tags | advisory, arbitrary
systems | linux, debian
advisories | CVE-2013-5590, CVE-2013-5595, CVE-2013-5597, CVE-2013-5599, CVE-2013-5600, CVE-2013-5601, CVE-2013-5602, CVE-2013-5604
SHA-256 | a6fb9434789c59d2f49dcdd2676f826a9246d6ecf38d0a3b3eea51e3b8576b56
AudioCoder 0.8.22 SEH Buffer Overflow
Posted Oct 31, 2013
Authored by Mike Czumak

AudioCoder version 0.8.22 SEH buffer overflow exploit that spawns calc.exe.

tags | exploit, overflow
SHA-256 | b4cbb03bdcdbcd5c2dec4f6aed6de902c1e1f8bfca55b28882a5495f981304c1
Watermark Master 2.2.23 Buffer Overflow
Posted Oct 31, 2013
Authored by metacom

Watermark Master version 2.2.23 suffers from a buffer overflow vulnerability.

tags | exploit, overflow
SHA-256 | 6d6388481f96aa5d4cd3dab7c54eedac3a960c2006de898b7e9d865544e64183
WordPress WP-Checkout Cross Site Scripting / Shell Upload
Posted Oct 31, 2013
Authored by DevilScreaM

WordPress WP-Checkout plugin suffers from cross site scripting and remote shell upload vulnerabilities. Note that this advisory has site-specific information.

tags | exploit, remote, shell, vulnerability, xss
SHA-256 | 8b75a731806da2c71e99adf68bf4ec4bcc441e9e2a626f2793e02907deffc994
Apache + PHP 5.x Remote Code Execution Python Exploit #2
Posted Oct 31, 2013
Authored by noptrix | Site nullsecurity.net

Apache and PHP remote command execution exploit that leverages php5-cgi. Written in Python. Version 2 of this exploit.

Changes: Multi-threaded scanner and connect-back shell added. Various bug fixes and it now allows an input file for scanning.
tags | exploit, remote, cgi, php, python
advisories | CVE-2012-1823
SHA-256 | 4ff30abedfc2e5c88bf249761ca4192667e3ca89365d9bc9e3bbbe21546e6d28
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close