what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 16 of 16 RSS Feed

Files Date: 2013-03-27

AWS XMS 2.5 Path Traversal
Posted Mar 27, 2013
Authored by High-Tech Bridge SA | Site htbridge.ch

AWS XMS version 2.5 suffers from a path traversal vulnerability.

tags | exploit, file inclusion
advisories | CVE-2013-2474
SHA-256 | e8265b5ddbb691c7801baa5e82a4c792f1e07efb41722fd028d1429b5c701edf
McAfee Virtual Technician (MVT) 6.5.0.2101 Unsafe Active-X
Posted Mar 27, 2013
Authored by High-Tech Bridge SA | Site htbridge.ch

McAfee Virtual Technician (MVT) 6.5.0.2101 suffers from an exposed unsafe active-x method.

tags | exploit, activex
advisories | CVE-2012-5879
SHA-256 | 55fc445bc2332b108a292b07dc1275003a836cf017d276122b75dab94844b2a7
BIND 9 Memory Consumption
Posted Mar 27, 2013
Authored by Matthew Horsfall | Site kb.isc.org

A critical defect in BIND 9 allows an attacker to cause excessive memory consumption in named or other programs linked to libdns.

tags | advisory
advisories | CVE-2013-2266
SHA-256 | 7cda4cd2685e259b72b8a7f277f48a6fa21ea4dcfa18ce25de752b2336680f23
PsychoStats 3.2.2b Blind SQL Injection
Posted Mar 27, 2013
Authored by Mohamed from ALG

PsychoStats version 3.2.2b suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 6939fa06a31241d32f01ab10763e0f55e5a577b21d1456f8fa1c91b354697f10
Konftel 300IP 2.1.2 Reboot Bypass
Posted Mar 27, 2013
Authored by Todor Donev

Konftel 300IP SIP-based conference phone versions 2.1.2 and below remote bypass reboot exploit.

tags | exploit, remote
SHA-256 | 9e507e381e6d3283aca016657d917380e4a9531c10b62c0736789e6838811a3f
Slackware Security Advisory - dhcp Updates
Posted Mar 27, 2013
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New dhcp packages are available for Slackware 12.1, 12.2, 13.0, 13.1, 13.37, 14.0, and -current to fix a security issue. Related CVE Numbers: CVE-2013-2266.

tags | advisory
systems | linux, slackware
advisories | CVE-2013-2266
SHA-256 | 863cc58feb36ee13f39bbaf2e6dfc10aac80a162251030487d679e1f6fefcbf3
Atmail WebMail 7.0.2 Cross Site Scripting
Posted Mar 27, 2013
Authored by Vicente Aguilera Diaz

Atmail WebMail versions 7.0.2 and below suffer from a reflective cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2013-2585
SHA-256 | ff5341ba2491f38ee1944030bf777bbf3463e21753cdd0caff3312068641c1b0
HP Security Bulletin HPSBUX02857 SSRT101103
Posted Mar 27, 2013
Authored by HP | Site hp.com

HP Security Bulletin HPSBUX02857 SSRT101103 - Potential security vulnerabilities have been identified in Java Runtime Environment (JRE) and Java Developer Kit (JDK) running on HP-UX. These vulnerabilities could allow remote unauthorized access, disclosure of information, and other exploits. Revision 1 of this advisory.

tags | advisory, java, remote, vulnerability
systems | hpux
advisories | CVE-2012-1541, CVE-2012-3213, CVE-2012-3342, CVE-2013-0169, CVE-2013-0351, CVE-2013-0409, CVE-2013-0419, CVE-2013-0423, CVE-2013-0424, CVE-2013-0425, CVE-2013-0426, CVE-2013-0427, CVE-2013-0428, CVE-2013-0429, CVE-2013-0431, CVE-2013-0432, CVE-2013-0433, CVE-2013-0434, CVE-2013-0435, CVE-2013-0437, CVE-2013-0438, CVE-2013-0440, CVE-2013-0441, CVE-2013-0442, CVE-2013-0443, CVE-2013-0444, CVE-2013-0445, CVE-2013-0446
SHA-256 | 6892130ed5ebb8b6ff22fb91977bf86f18307a331290e7af9035764ba196688e
Joomla Component JCE File Upload Remote Code Execution
Posted Mar 27, 2013
Authored by temp66 | Site metasploit.com

This Metasploit module exploits a vulnerability in the JCE component for Joomla!, which could allow an unauthenticated remote attacker to upload arbitrary files, caused by the fails to sufficiently sanitize user-supplied input. Sending specially-crafted HTTP request, a remote attacker could exploit this vulnerability to upload a malicious PHP script, which could allow the attacker to execute arbitrary PHP code on the vulnerable system. This Metasploit module has been tested successfully on the JCE Editor 1.5.71 and Joomla 1.5.26.

tags | exploit, remote, web, arbitrary, php
SHA-256 | d551a16563e5797049076716bcbb1d33f994204c2b5f2e12601d1eac4daa07b1
EMC Smarts NCM Improper Authentication
Posted Mar 27, 2013
Site emc.com

EMC Smarts Network Configuration Manager (NCM) version 9.2 contains fix for a vulnerability that could allow a malicious user to call certain supported Java Remote Method Invocation methods remotely without authentication. In addition, NCM System Management (SysAdmin) Console has known security vulnerabilities and EMC strongly advises customers to disable and not use this console until there is alternative solution from EMC.

tags | advisory, java, remote, vulnerability
advisories | CVE-2013-0935
SHA-256 | 0874e51f0ca690050aecbd9f317a22a366230b83c340be3b95f6baca5690e1b0
Ruby Thumbshooter Gem 0.1.5 Remote Command Execution
Posted Mar 27, 2013
Authored by Larry W. Cashdollar

Ruby Thumbshooter Gem version 0.1.5 suffers from a remote command execution vulnerability due to passing unsanitized user-supplied data to the shell.

tags | exploit, remote, shell, ruby
SHA-256 | 0652702d6e2f7b3bc1f88941a17af3a1b29f12b8f34ed087c62a57ec0db99e81
HP Security Bulletin HPSBOV02852 SSRT101108
Posted Mar 27, 2013
Authored by HP | Site hp.com

HP Security Bulletin HPSBOV02852 SSRT101108 - Potential security vulnerabilities have been identified in HP SSL for OpenVMS. These vulnerabilities could allow remote Denial of Service (DoS), unauthorized disclosure of information, unauthorized modification. Revision 1 of this advisory.

tags | advisory, remote, denial of service, vulnerability
advisories | CVE-2012-2333, CVE-2013-0166, CVE-2013-0169
SHA-256 | cb5cb5dfdeca2640750b4857366f5e36f9ac5ae17d59f19e92b7294ff275963c
KNet Web Server Buffer Overflow
Posted Mar 27, 2013
Authored by Myo Soe | Site yehg.net

KNet Web Server remote buffer overflow structure exception handler (SEH) exploit that binds a shell to port 4444.

tags | exploit, remote, web, overflow, shell
SHA-256 | 47691f149ab5a7936c21a7a8e27d067ba1468489b8a9fa89e9fe67cf5e7c24df
Lotus Domino 8.5.4 Cross Site Scripting
Posted Mar 27, 2013
Authored by MustLive

Lotus Domino versions 8.5.4 and below suffer from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 341d00e048b74b02c865cf233315d109c732984dccad4ca99ee5119609246fa4
GoldenEye HTTP Denial Of Service Tool
Posted Mar 27, 2013
Authored by Jan Seidl | Site wroot.org

GoldenEye is a python script that is meant for testing HTTP denial of service conditions leveraging HTTP Keep Alive and NoCache.

tags | web, denial of service, python
SHA-256 | f090e3454b0b8316183543c6e506a7d017615ac25c8b09f6a55b5012cb2ef17c
Usernamer 0.2
Posted Mar 27, 2013
Authored by Jan Seidl | Site wroot.org

Usernamer is a penetration testing tool to generate a list of possible usernames/logins (ex: John Doe Doeson) for user enumeration or bruteforcing. This tool also supports text-files with one name per line as input.

Changes: Bug fix release.
tags | tool, rootkit
systems | unix
SHA-256 | 75f2d3ac161fa0569232e5ce8b802ea530d7b3e34e503645d5c1cf8301c9a8ec
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close