what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 15 of 15 RSS Feed

Files Date: 2014-03-27

EMC VPLEX GeoSynchrony 5.2.1 Traversal / Session Timeout
Posted Mar 27, 2014
Site emc.com

EMC VPLEX GeoSynchrony versions 4.0 through 5.2.1 suffer from path traversal, timeout validity, session fixation, and various other vulnerabilities.

tags | advisory, vulnerability
advisories | CVE-2002-2443, CVE-2011-1044, CVE-2011-3389, CVE-2011-4110, CVE-2012-0814, CVE-2012-2136, CVE-2012-5166, CVE-2013-1667, CVE-2014-0632, CVE-2014-0633, CVE-2014-0634, CVE-2014-0635
SHA-256 | 865ebcefce882874598ff43ecc2a95087b307183385a9a725bb5ad0baf892e95
Lynis Auditing Tool 1.4.8
Posted Mar 27, 2014
Authored by Michael Boelen | Site cisofy.com

Lynis is an auditing tool for Unix (specialists). It scans the system and available software to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated auditing, software patch management, vulnerability and malware scanning of Unix based systems.

Changes: This release adds several improvements like extending accounting, new suggestions, and changes to the LILO boot loader test.
tags | tool, scanner
systems | unix
SHA-256 | f219bc254464ef8993fb659f9292a4727fd23f7a0e3d6eb13f379ebdd70464f4
rexx Recruitment Cross Site Scripting
Posted Mar 27, 2014
Site redteam-pentesting.de

RedTeam Pentesting discovered a cross site scripting vulnerability in rexx Recruitment's user registration page during a penetration test. If attackers can persuade users to click on a prepared link or redirected them to such a link from an attacker-controlled website, they are able to run arbitrary JavaScript code in the context of the rexx Recruitment installation's domain.

tags | exploit, arbitrary, javascript, xss
advisories | CVE-2014-1224
SHA-256 | 2b99dd93bd3ef7fa35d56eedd30ce42a17be27a43d0080a86eaa47f243c72d0b
Ubuntu Security Notice USN-2157-1
Posted Mar 27, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2157-1 - This updates ClamAV to a new major version in order to gain new detection technologies and maintain proper compatibility with the virus signature database.

tags | advisory, virus
systems | linux, ubuntu
SHA-256 | e939e10d723485fa7d87d05fd414e3c150f24977ecd1d8c5f7f892a15c5d3e57
ePhone Disk 1.0.2 LFI / Command Injection / DoS
Posted Mar 27, 2014
Authored by LariX4, Vulnerability Laboratory | Site vulnerability-lab.com

ePhone Disk version 1.0.2 for iOS suffers from denial of service, command injection, and local file inclusion vulnerabilities.

tags | exploit, denial of service, local, vulnerability, file inclusion
systems | apple, ios
SHA-256 | 876448f07c5c05553462fd3177290aada26c9cd5919baeae2680fd062cfff2f7
Gentoo Linux Security Advisory 201403-08
Posted Mar 27, 2014
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201403-8 - PlRPC uses Storable which allows for code execution prior to Authentication. Versions less than 0.202.0-r2 are affected.

tags | advisory, code execution
systems | linux, gentoo
advisories | CVE-2013-7284
SHA-256 | 543d28c7468a493b70182a4dead709907d9e78d7845ca1422846ad3dfd04face
Easy FileManager 1.1 Local File Inclusion / Shell Upload
Posted Mar 27, 2014
Authored by Katharina S.L., Vulnerability Laboratory | Site vulnerability-lab.com

Easy FileManager version 1.1 for iOS suffers from local file inclusion and remote shell upload vulnerabilities.

tags | exploit, remote, shell, local, vulnerability, file inclusion
systems | apple, ios
SHA-256 | 4b5d69b0cae3c7cd9e89f17f629e2e25283338e269c0c4155401deba8739d35b
Joomla Kunena 3.0.4 Cross Site Scripting
Posted Mar 27, 2014
Authored by Qoppa

Joomla Kunena component version 3.0.4 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 5824c2fb1d088d434657130d4759d89055357306437bfbb01644799d4d520267
My Photo Wifi Share & PS 1.1 Command Injection
Posted Mar 27, 2014
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

My Photo Wifi Share & PS 1.1 for iOS suffers from a local command injection vulnerability.

tags | exploit, local
systems | apple, ios
SHA-256 | e53e7d5c9f0ee9f794d19da2f54e4d471361b0256775259c8d71dc2f551e08df
USB Attacks Need Physical Access Right? Not Any More...
Posted Mar 27, 2014
Authored by Andy Davis | Site nccgroup.com

NCC Group Research Director Andy Davis presented 'USB Attacks Need Physical Access Right? Not Any More...' at this year's BlackHat Asia in Singapore. Due to recent advances in a number of remoting technologies, USB attacks can now be launched over a network. The talk went into detail about how these technologies work, the resulting impact on the world of USB bugs and included a live demo remotely triggering a USB kernel bug in Windows 2012 server.

tags | paper, kernel
systems | windows
SHA-256 | 6b69c9ca16bc7b4b25c8eaf51bdad117771585a02daec7c27db6c045043dfa9c
Lazybone Studios WiFi Music 1.0 LFI / Upload
Posted Mar 27, 2014
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

Lazybone Studios WiFi Music 1.0 for iOS suffers from local file inclusion and remote shell upload vulnerabilities.

tags | exploit, remote, shell, local, vulnerability, file inclusion
systems | apple, ios
SHA-256 | 11ad45715114d7c206751facff6d0a7e57d0ce6d720031cf785b958467b939ed
Dell SonicWall EMail Security Appliance 7.4.5 XSS
Posted Mar 27, 2014
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

Dell SonicWall EMail Security Appliance version 7.4.5 suffers from persistent cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 0cfbd724c69d47de7c17ff8278ec80b9408046b5efab05889637c9e367bece9d
FTP Drive + HTTP 1.0.4 Code Execution
Posted Mar 27, 2014
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

Gummy Bear Studios FTP Drive + HTTP Server version 1.0.4 for iOS suffers from a code execution vulnerability.

tags | exploit, web, code execution
systems | apple, ios
SHA-256 | b239f066427e1022589e0ecbdd1ac1858155184f9aae8a056e457651de06e2eb
Monoprice.com Cart Enumeration
Posted Mar 27, 2014
Authored by Jason Khanlar

Monoprice.com suffers from a shopping cart enumeration and arbitrary modification vulnerability.

tags | exploit, arbitrary
SHA-256 | 7b9f5cdc8364d0860d1cf8260917384a3a43ecb7c6e7ba1fc99e01b8224f6e12
LinEx Password Reset
Posted Mar 27, 2014
Authored by N B Sri Harsha

LinEx suffers from a remote password reset vulnerability.

tags | exploit, remote
SHA-256 | 569bcb618840b33281332aff7f027c187d8587d4ff30e0e14d3c71181a5ecbc3
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close