exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 17 of 17 RSS Feed

Files Date: 2013-11-19

FreeBSD Security Advisory - OpenSSH AES-GCM Memory Corruption
Posted Nov 19, 2013
Site security.freebsd.org

FreeBSD Security Advisory - A memory corruption vulnerability exists in the post-authentication sshd process when an AES-GCM cipher (aes128-gcm@openssh.com or aes256-gcm@openssh.com) is selected during key exchange. If exploited, this vulnerability might permit code execution with the privileges of the authenticated user, thereby allowing a malicious user with valid credentials to bypass shell or command restrictions placed on their account.

tags | advisory, shell, code execution
systems | freebsd
advisories | CVE-2013-4548
SHA-256 | 878536e73df64b2ee9e3165866803aec2f9d6c286c5bb0c627ff2c9aed8e06fe
Mandriva Linux Security Advisory 2013-267
Posted Nov 19, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-267 - Updated java-1.7.0-openjdk packages fix security vulnerabilities. Multiple input checking flaws were found in the 2D component native image parsing code. Multiple improper permission check issues were discovered in the 2D, CORBA, JNDI, and Libraries components in OpenJDK. Various other issues have also been addressed.

tags | advisory, java, vulnerability
systems | linux, mandriva
advisories | CVE-2013-3829, CVE-2013-4002, CVE-2013-5772, CVE-2013-5774, CVE-2013-5778, CVE-2013-5780, CVE-2013-5782, CVE-2013-5783, CVE-2013-5784, CVE-2013-5790, CVE-2013-5797, CVE-2013-5800, CVE-2013-5802, CVE-2013-5803, CVE-2013-5804, CVE-2013-5809, CVE-2013-5814, CVE-2013-5817, CVE-2013-5820, CVE-2013-5823, CVE-2013-5825, CVE-2013-5829, CVE-2013-5830, CVE-2013-5838, CVE-2013-5840, CVE-2013-5842, CVE-2013-5849, CVE-2013-5850
SHA-256 | 8b32231f3be824fc65edd36c6c741a539c6f8764b9f0b2df3642c98ec0f554d7
EMC Document Sciences xPression XSS / CSRF / Redirect / SQL Injection
Posted Nov 19, 2013
Authored by Sertan Kolat, Omer Coskun | Site emc.com

EMC Document Sciences xPression suffers from cross site request forgery, cross site scripting, remote SQL injection, open redirect, and directory traversal vulnerabilities.

tags | advisory, remote, vulnerability, xss, sql injection, csrf
advisories | CVE-2013-6173, CVE-2013-6174, CVE-2013-6175, CVE-2013-6176, CVE-2013-6177
SHA-256 | e9ad599fa7aadd0343497f514a3525982b44b99c5dceb2b4c2ce1bfed295fcc7
Slackware Security Advisory - seamonkey Updates
Posted Nov 19, 2013
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New seamonkey packages are available for Slackware 14.0, 14.1, and -current to fix security issues.

tags | advisory
systems | linux, slackware
SHA-256 | a3301a042bc8d951719327c15f57d7d9ef9ae27d0ca6bb827933869ea6a87b72
Slackware Security Advisory - samba Updates
Posted Nov 19, 2013
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New samba packages are available for Slackware 14.0, 14.1, and -current to fix security issues. Related CVE Numbers: CVE-2013-4475,CVE-2013-4476.

tags | advisory
systems | linux, slackware
advisories | CVE-2013-4475, CVE-2013-4476
SHA-256 | 6077253fad54c06ed812c11cc13d9cb3628acec4c093751ec33306900bdd44f0
Kartoo Search Engine XSS / Remote File Inclusion
Posted Nov 19, 2013
Authored by Juan Carlos Garcia

Kartoo Search Engine suffers from information disclosure, cross site scripting, and remote file inclusion vulnerabilities.

tags | exploit, remote, vulnerability, code execution, xss, file inclusion, info disclosure
SHA-256 | ac0a06fa419a184ad1babb025e7077989ed37dedb335c4eb2588feb10cb78804
PineApp MailSecure Command Execution
Posted Nov 19, 2013
Authored by Ruben Garrote Garcia

PineApp MailSecure suffers from remote command execution and privilege escalation vulnerabilities. Versions 5099SK and below are affected.

tags | exploit, remote, vulnerability
SHA-256 | f4720369e3191a3088b42b913c93f939cec3f14bb0c79018eb4ffca7f1760e74
Appologics AirBeam 1.9.2 Code Execution / XSS
Posted Nov 19, 2013
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

Appologics AirBeam version 1.9.2 suffers from remote command execution and cross site scripting vulnerabilities.

tags | exploit, remote, vulnerability, xss
SHA-256 | 8ce9c3cce7b6c656de8a899d4ab00a7c1296eda6d0e3a58196b6908a77ea2dda
Mandriva Linux Security Advisory 2013-266
Posted Nov 19, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-266 - Updated java-1.6.0-openjdk packages fix security vulnerabilities. Multiple input checking flaws were found in the 2D component native image parsing code. Multiple improper permission check issues were discovered in the 2D, CORBA, JNDI, and Libraries components in OpenJDK. Various other issues were also addressed.

tags | advisory, java, vulnerability
systems | linux, mandriva
advisories | CVE-2013-3829, CVE-2013-4002, CVE-2013-5772, CVE-2013-5774, CVE-2013-5778, CVE-2013-5780, CVE-2013-5782, CVE-2013-5783, CVE-2013-5784, CVE-2013-5790, CVE-2013-5797, CVE-2013-5802, CVE-2013-5803, CVE-2013-5804, CVE-2013-5809, CVE-2013-5814, CVE-2013-5817, CVE-2013-5820, CVE-2013-5823, CVE-2013-5825, CVE-2013-5829, CVE-2013-5830, CVE-2013-5840, CVE-2013-5842, CVE-2013-5849, CVE-2013-5850
SHA-256 | 80f00ff11dce05f1425ec1702654ef4d49baaf3e1c0ad1a7b758127c08efd279
Skidata RFID Freemotion.Gate Remote Command Execution
Posted Nov 19, 2013
Authored by Dennis Kelly

Skidata RFID Freemotion.Gate suffers from having an unauthenticated web service that allows for arbitrary remote command execution. Version 4.1.3.5 is affected. Earlier versions may also be affected.

tags | exploit, remote, web, arbitrary
SHA-256 | 5960d3c57db6941d9902fb1693d0b272bfb2b78c683a42584efc3cae2c07e1a6
Slackware Security Advisory - openssh Updates
Posted Nov 19, 2013
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New openssh packages are available for Slackware 14.1 and -current to fix a security issue. Related CVE Numbers: CVE-2013-4548.

tags | advisory
systems | linux, slackware
advisories | CVE-2013-4548
SHA-256 | 0ec99ec21c4e670141a83c9c5c98eeacd33c86ad07dc08457b0a9ce52e6e078b
Slackware Security Advisory - mozilla-firefox Updates
Posted Nov 19, 2013
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New mozilla-firefox packages are available for Slackware 13.37, 14.0, 14.1, and -current to fix security issues.

tags | advisory
systems | linux, slackware
SHA-256 | 9664ec4fa4f868a394369a03400a8bfe78ad9682a2d514267d32851202799dd8
Gentoo Linux Security Advisory 201311-10
Posted Nov 19, 2013
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201311-10 - Multiple vulnerabilities have been found in GraphicsMagick, allowing remote attackers to execute arbitrary code or cause a Denial of Service condition. Versions prior to 1.3.18 are affected.

tags | advisory, remote, denial of service, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2008-1097, CVE-2009-1882, CVE-2009-3736, CVE-2013-4589
SHA-256 | e0c124eaa158477a4b9518946b776b08c9ff20ff126ef0c29d0bd17f28158e99
PayPal GP+ Cross Site Scripting
Posted Nov 19, 2013
Authored by Ibrahim El-Sayed, Vulnerability Laboratory | Site vulnerability-lab.com

PayPal GP+ suffered from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 82b4d2446d4e666d8de3ecba090bd79d3921f13222e99bdf744771566fa7f9c6
PayPal Billsafe Cross Site Scripting
Posted Nov 19, 2013
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

Persistent script injection vulnerabilities were discovered in the PayPal Billsafe offering.

tags | exploit, vulnerability
SHA-256 | 2101e5745f62b7776999a807cd3411d014cb2d594bcffda669016a2200ef03b9
PayPal China Malicious Redirect
Posted Nov 19, 2013
Authored by Vulnerability Laboratory | Site vulnerability-lab.com

Remote attackers could influence a redirect in PayPal's www.paypal-biz.com site.

tags | exploit, remote
SHA-256 | ad30199576977fc30c90bdbd761713466c98d568a6beb827da07a26044a103e7
pyClamd 0.3.4
Posted Nov 19, 2013
Authored by Alexandre Norman | Site xael.org

pyClamd is a python interface to Clamd (Clamav daemon). By using pyClamd, you can add virus detection capabilities to your python software in an efficient and easy way. Instead of pyClamav which uses libclamav, pyClamd may be used by a closed source product.

Changes: Bug correction in scan_stream. Other bug corrections. ClamdUnixSocket is now able to get the Unix socket name from /etc/clamav/clamd.conf.
tags | tool, virus, python
systems | unix
SHA-256 | 584dd97f3067a9f977c593ea1c13174712dcb8a4d4857a6ead77439f78d4e7e8
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close