what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 19 of 19 RSS Feed

Files Date: 2013-12-17

Suricata IDPE 1.4.7
Posted Dec 17, 2013
Site openinfosecfoundation.org

Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and Barnyard2 tools.

Changes: The tag keywords session option was fixed. The combination of delayed detect and thresholding was fixed. An IP Reputation loading issue was fixed. IPv6 stream timeout packet setup was fixed. YAML parsing for detection engine options was fixed. Rule ordering for rules with multiple vars was fixed.
tags | tool, intrusion detection
systems | unix
SHA-256 | ae4a117d23a8a304f6fba9bd5b7442422b64e4d6bf5ac1e17312b8ee443a6bc9
Asterisk Project Security Advisory - AST-2013-007
Posted Dec 17, 2013
Authored by David Lee | Site asterisk.org

Asterisk Project Security Advisory - External control protocols, such as the Asterisk Manager Interface, often have the ability to get and set channel variables; this allows the execution of dial-plan functions. Dial-plan functions within Asterisk are incredibly powerful, which is wonderful for building applications using Asterisk. But during the read or write execution, certain dial-plan functions do much more. For example, reading the SHELL() function can execute arbitrary commands on the system Asterisk is running on. Writing to the FILE() function can change any file that Asterisk has write access to. When these functions are executed from an external protocol, that execution could result in a privilege escalation.

tags | advisory, arbitrary, shell, protocol
SHA-256 | d023c90a325ba8f94bb3cf31d665ef950f78277c35b78413f1a2879e54fbf60b
Asterisk Project Security Advisory - AST-2013-006
Posted Dec 17, 2013
Authored by Scott Griepentrog | Site asterisk.org

Asterisk Project Security Advisory - A 16 bit SMS message that contains an odd message length value will cause the message decoding loop to run forever. The message buffer is not on the stack but will be overflowed resulting in corrupted memory and an immediate crash.

tags | advisory, overflow
SHA-256 | 23fd2d5df026467da642f085725b6e9512c5c434b3c52f73e2cef1b5fa54e190
HP Security Bulletin HPSBHF02953
Posted Dec 17, 2013
Authored by HP | Site hp.com

HP Security Bulletin HPSBHF02953 - A potential security vulnerability has been identified with HP B-series SAN Network Advisor. The vulnerability could be exploited remotely resulting in code execution. Revision 1 of this advisory.

tags | advisory, code execution
advisories | CVE-2013-6810
SHA-256 | d98c113be04f6d6cead04a1a93db8863e99c46ce1bdea5e9a31118276c9b44a8
Ubuntu Security Notice USN-2056-1
Posted Dec 17, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2056-1 - It was discovered that DjVuLibre incorrectly handled certain memory operations. If a user or automated system were tricked into processing a specially crafted DjVu file, applications could be made to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2012-6535
SHA-256 | 53ee3dc1a87894466c917b6268a94748f60a6d85146f0816de76d57f02d46ca6
Red Hat Security Advisory 2013-1844-01
Posted Dec 17, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1844-01 - Red Hat JBoss Web Framework Kit combines popular open source web frameworks into a single solution for Java applications. The Apache Solr component is an open-source search server based on the Lucene Java search library. It was found that the SolrResourceLoader class in Apache Solr allowed loading of resources via absolute paths, or relative paths which were not sanitized for directory traversal. Some Solr components expose REST interfaces which load resources via SolrResourceLoader, using paths identified by REST parameters. A remote attacker could use this flaw to load arbitrary local files on the server via SolrResourceLoader, potentially resulting in information disclosure or remote code execution.

tags | advisory, java, remote, web, arbitrary, local, code execution, info disclosure
systems | linux, redhat
advisories | CVE-2012-6612, CVE-2013-6397, CVE-2013-6407, CVE-2013-6408
SHA-256 | 97a4ce4a342b2a707aeeecd5d5d4cd364e8fd2ec4a26deb46de5b61d4acca76e
Red Hat Security Advisory 2013-1842-01
Posted Dec 17, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1842-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. A denial of service flaw was found in the way Node.js handled pipelined HTTP requests. A remote attacker could use this flaw to send an excessive amount of HTTP requests over a network connection, causing Node.js to use an excessive amount of memory and possibly exit when all available memory is exhausted. Node.js is included in Red Hat Software Collections 1.0 as a Technology Preview.

tags | advisory, remote, web, denial of service, javascript
systems | linux, redhat
advisories | CVE-2013-4450
SHA-256 | 6cc658b52fc2d5fd70d630a89cba0152aa0d9dba36215c7daf88a66a5521cfcd
Red Hat Security Advisory 2013-1843-01
Posted Dec 17, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1843-01 - Red Hat JBoss Portal is the open source implementation of the Java EE suite of services and Portal services running atop Red Hat JBoss Enterprise Application Platform. It comprises a set of offerings for enterprise customers who are looking for pre-configured profiles of JBoss Middleware components that have been tested and certified together to provide an integrated experience. Multiple cross-site scripting flaws were found in the GateIn Portal component. If a remote attacker could trick a user, who was logged into the GateIn Portal interface, into visiting a specially crafted URL, it would lead to arbitrary web script execution in the context of the user's GateIn Portal session.

tags | advisory, java, remote, web, arbitrary, xss
systems | linux, redhat
advisories | CVE-2013-4424
SHA-256 | 737ee86e47a3cb80cd24c313d93cd1b772ec24fd4b9be17b01e01de00421eecf
Gentoo Linux Security Advisory 201312-13
Posted Dec 17, 2013
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201312-13 - Multiple vulnerabilities have been found in Wireshark, allowing remote attackers to execute arbitrary code or cause Denial of Service. Versions less than 1.10.3 are affected.

tags | advisory, remote, denial of service, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2013-5717, CVE-2013-5718, CVE-2013-5719, CVE-2013-5720, CVE-2013-5721, CVE-2013-5722, CVE-2013-6336, CVE-2013-6337, CVE-2013-6338, CVE-2013-6339, CVE-2013-6340
SHA-256 | 71b1f9f5d4f6e6e9271d1457f98338b2c485f01913352a2c72c41314e44b9227
Gentoo Linux Security Advisory 201312-12
Posted Dec 17, 2013
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201312-12 - Multiple vulnerabilities have been discovered in MIT Kerberos 5, allowing execution of arbitrary code or Denial of Service. Versions less than 1.11.4 are affected.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2002-2443, CVE-2012-1014, CVE-2012-1015, CVE-2013-1416, CVE-2013-1417, CVE-2013-1418, CVE-2013-6800
SHA-256 | 2889e0196fe0b9aaeb676d58c3158d721d6a9e4252a764b323f60b1d630fde77
Exceed onDemand (EoD) MitM / Authentication Bypass / Hijacking
Posted Dec 17, 2013
Authored by Krzysztof Kotowicz, Slawomir Jasek

Exceed onDemand (EoD) suffers from session hijacking, password obfuscation, man-in-the-middle, and authentication bypass vulnerabilities. Proof of concept code provided.

tags | exploit, vulnerability, proof of concept
advisories | CVE-2013-6806, CVE-2013-6807, CVE-2013-6805, CVE-2013-6994
SHA-256 | 667344493d498ee4a511a4f3cb7bee65b956a21a9dc42e1d4bf5104530d4f3ad
Adobe Reader ToolButton Use After Free
Posted Dec 17, 2013
Site metasploit.com

This Metasploit module exploits an use after free condition on Adobe Reader versions 11.0.2, 10.1.6 and 9.5.4 and prior. The vulnerability exists while handling the ToolButton object, where the cEnable callback can be used to early free the object memory. Later use of the object allows triggering the use after free condition. This Metasploit module has been tested successfully on Adobe Reader 11.0.2, 10.0.4 and 9.5.0 on Windows XP SP3, as exploited in the wild in November, 2013.

advisories | CVE-2013-3346, OSVDB-96745
SHA-256 | d0dbf161cbc3db6f711c5aade3b3b43f7a5e9f4d7399cf1ba132b40664e9a097
Microsoft Windows ndproxy.sys Local Privilege Escalation
Posted Dec 17, 2013
Authored by juan vazquez, temp66, ryujin, Shahin Ramezany | Site metasploit.com

This Metasploit module exploits a flaw in the ndproxy.sys driver on Windows XP SP3 and Windows 2003 SP2 systems, exploited in the wild in November, 2013. The vulnerability exists while processing an IO Control Code 0x8fff23c8 or 0x8fff23cc, where user provided input is used to access an array unsafely, and the value is used to perform a call, leading to a NULL pointer dereference which is exploitable on both Windows XP and Windows 2003 systems. This Metasploit module has been tested successfully on Windows XP SP3 and Windows 2003 SP2. In order to work the service "Routing and Remote Access" must be running on the target system.

tags | exploit, remote
systems | windows
advisories | CVE-2013-5065
SHA-256 | 6dc1df60dff4c2b60d7508a57233b6b3e7f565f218bceb0acc2a53045b172ce0
FileMaster SY-IT 3.1 LFI / Shell Upload
Posted Dec 17, 2013
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

FileMaster SY-IT version 3.1 suffers from local file inclusion and remote shell upload vulnerabilities.

tags | exploit, remote, shell, local, vulnerability, file inclusion
SHA-256 | d623afdd8c607ee503bfcb865004fbe832b77d3b0dd6197468662cfcec09af18
Nvidia (nvsvc) Display Driver Service Local Privilege Escalation
Posted Dec 17, 2013
Authored by Peter Wintersmith | Site metasploit.com

The named pipe, \pipe\nsvr, has a NULL DACL allowing any authenticated user to interact with the service. It contains a stacked based buffer overflow as a result of a memmove operation. Note the slight spelling differences: the executable is 'nvvsvc.exe', the service name is 'nvsvc', and the named pipe is 'nsvr'. This exploit automatically targets nvvsvc.exe versions dated Nov 3 2011, Aug 30 2012, and Dec 1 2012. It has been tested on Windows 7 64-bit against nvvsvc.exe dated Dec 1 2012.

tags | exploit, overflow
systems | windows
advisories | CVE-2013-0109, OSVDB-88745
SHA-256 | 0f349a099dfe389df4103d5fcd64a8946ceb46eb2e65f1f35bee6b1e0624baf5
Adobe Reader ToolButton Use After Free
Posted Dec 17, 2013
Authored by Soroush Dalili, sinn3r, juan vazquez, temp66 | Site metasploit.com

This Metasploit module exploits an use after free condition on Adobe Reader versions 11.0.2, 10.1.6 and 9.5.4 and prior. The vulnerability exists while handling the ToolButton object, where the cEnable callback can be used to early free the object memory. Later use of the object allows triggering the use after free condition. This Metasploit module has been tested successfully on Adobe Reader 11.0.2 and 10.0.4, with IE and Windows XP SP3, as exploited in the wild in November, 2013. At the moment, this module doesn't support Adobe Reader 9 targets; in order to exploit Adobe Reader 9 the fileformat version of the exploit can be used.

tags | exploit
systems | windows
advisories | CVE-2013-3346, OSVDB-96745
SHA-256 | 138b5061095c157ac1ee1b8954ca08cb7b70e4dd78274f3ac703d12404ff91b1
Adobe Reader ToolButton Use After Free
Posted Dec 17, 2013
Authored by Soroush Dalili, sinn3r, juan vazquez, temp66 | Site metasploit.com

This Metasploit module exploits an use after free condition on Adobe Reader versions 11.0.2, 10.1.6 and 9.5.4 and prior. The vulnerability exists while handling the ToolButton object, where the cEnable callback can be used to early free the object memory. Later use of the object allows triggering the use after free condition. This Metasploit module has been tested successfully on Adobe Reader 11.0.2, 10.0.4 and 9.5.0 on Windows XP SP3, as exploited in the wild in November, 2013.

tags | exploit
systems | windows
advisories | CVE-2013-3346, OSVDB-96745
SHA-256 | d0dbf161cbc3db6f711c5aade3b3b43f7a5e9f4d7399cf1ba132b40664e9a097
MijoSearch 2.0.1 Cross Site Scripting / Exposure
Posted Dec 17, 2013
Authored by High-Tech Bridge SA | Site htbridge.com

MijoSearch Joomla plugin version 2.0.1 suffers from cross site scripting and information exposure vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2013-6878, CVE-2013-6879
SHA-256 | d49e666e31077ef43eaa1eb6dbab55cff4939a0e26917bfbac6027959838f389
QuickHeal AntiVirus 7.0.0.1 Stack Buffer Overflow
Posted Dec 17, 2013
Authored by Arash Allebrahim, Vulnerability Laboratory | Site vulnerability-lab.com

QuickHeal AntiVirus version 7.0.0.1 suffers from a stack buffer overflow vulnerability. Proof of concept exploits included.

tags | exploit, overflow, proof of concept
systems | linux
SHA-256 | 5c0341a83eb0f6fbff0af3a8f227cb5a86f6765e9bfc9d011b777576967ff528
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close