exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 16 of 16 RSS Feed

Files Date: 2013-07-10 to 2013-07-11

Red Hat Security Advisory 2013-1041-01
Posted Jul 10, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1041-01 - Red Hat JBoss Web Framework Kit combines popular open source web frameworks into a single solution for Java applications. This release serves as a replacement for Red Hat JBoss Web Framework Kit 2.2.0, and includes bug fixes and enhancements.

tags | advisory, java, web
systems | linux, redhat
advisories | CVE-2013-2165
SHA-256 | 01a332930e3b54aa66e37d38faf5261be617f0a2b3b9a9b5193cf5c0fd7a030f
Drupal Stage File Proxy 7.x Denial Of Service
Posted Jul 10, 2013
Authored by Mike Carper | Site drupal.org

Drupal Stage File Proxy third party module version 7.x suffers from a denial of service vulnerability.

tags | advisory, denial of service
SHA-256 | 23967aa8e46741d57dfe02f01047b63ebac959fb12239ac77670027003d32d69
Adobe Reader 11.0.03 Insecure Third Party Components
Posted Jul 10, 2013
Authored by Stefan Kanthak

Adobe Reader version 11.0.03 installs multiple vulnerable third party components.

tags | advisory
SHA-256 | 92867cb438017412891299d6363d515d6e808f27508933657856de2352bdc38c
Drupal Hatch 7.x Cross Site Scripting
Posted Jul 10, 2013
Authored by Daniel Nitsche | Site drupal.org

Drupal Hatch third party theme version 7.x suffers from a cross site scripting vulnerability.

tags | advisory, xss
SHA-256 | f13583226935979ac339ab88cc43455edebe5790b423925913ad8bfd7f015381
Slackware Security Advisory - dbus Updates
Posted Jul 10, 2013
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New dbus packages are available for Slackware 14.0, and -current to fix a security issue. Related CVE Numbers: CVE-2013-2168.

tags | advisory
systems | linux, slackware
advisories | CVE-2013-2168
SHA-256 | 6abf1900c85eae20f638426b2b7e6222d61f46c0eac24cd85c96f33b1e60511f
Red Hat Security Advisory 2013-1035-01
Posted Jul 10, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1035-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update fixes three vulnerabilities in Adobe Flash Player. These vulnerabilities are detailed in the Adobe Security bulletin APSB13-17, listed in the References section. Specially-crafted SWF content could cause flash-plugin to crash or, potentially, execute arbitrary code when a victim loads a page containing the malicious SWF content. All users of Adobe Flash Player should install this updated package, which upgrades Flash Player to version 11.2.202.297.

tags | advisory, web, arbitrary, vulnerability
systems | linux, redhat
advisories | CVE-2013-3344, CVE-2013-3345, CVE-2013-3347
SHA-256 | e8bc26abdaf96a6fb979f546c978c89aea6c18520be6a6a31742796a55e81afe
Red Hat Security Advisory 2013-1034-01
Posted Jul 10, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1034-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Information leaks in the Linux kernel could allow a local, unprivileged user to leak kernel memory to user-space. An information leak was found in the Linux kernel's POSIX signals implementation. A local, unprivileged user could use this flaw to bypass the Address Space Layout Randomization security feature.

tags | advisory, kernel, local
systems | linux, redhat, osx
advisories | CVE-2012-6544, CVE-2012-6545, CVE-2013-0914, CVE-2013-1929, CVE-2013-3222, CVE-2013-3224, CVE-2013-3231, CVE-2013-3235
SHA-256 | 34121c82d03fd50f83ba71ea63684236a7136524febb537bcf818b837e55a165
Harvesting Phone Numbers Using Facebook And Yahoo
Posted Jul 10, 2013
Authored by Saurabh Sharma

This is an interesting write up which shows how a lack of standards between Internet giants can lead to the divulging of a person's phone number providing you know their login id and try out the forgotten password flow.

tags | paper
SHA-256 | 54cfc1e7c3d85e9fef4c9c925d0a5b5c5893147a3941b1b2fa5eebd76c51e92a
Cisco Linksys E1200 / N300 Cross Site Scripting
Posted Jul 10, 2013
Authored by Carl Benedict

Cisco Linksys E1200 and N300 devices suffer from a cross site scripting vulnerability.

tags | exploit, xss
systems | cisco
advisories | CVE-2013-2679
SHA-256 | d4ddb74d82c2fa1d4400b6358b8e0a2c48588deac58394aeddf97cfda04f7241
Project Pier 0.8.8 XSS / Insecure Cookies
Posted Jul 10, 2013
Authored by Carl Benedict

Project Pier version 0.8.8 suffers from cross site scripting and cookies that fail to set HttpOnly and Secure flags.

tags | exploit, xss
advisories | CVE-2013-3635, CVE-2013-3636, CVE-2013-3637
SHA-256 | 2918560d315e4539695819dcf44ec0282aedfe9049c3ea821e80e1958c16a5a6
HP Security Bulletin HPSBST02896
Posted Jul 10, 2013
Authored by HP | Site hp.com

HP Security Bulletin HPSBST02896 - A potential security vulnerability has been identified with the HP StoreVirtual Storage. This vulnerability could be remotely exploited to gain unauthorized access to the device. All HP StoreVirtual Storage systems are equipped with a mechanism that allows HP support to access the underlying operating system if permission and access is provided by the customer. This functionality cannot be disabled today. HP has acknowledged this vulnerability and will provide a patch that will allow customers to disable the support access mechanism on or before July 17, 2013. HP StoreVirtual products are storage appliances that use a custom operating system, LeftHand OS, which is not accessible to the end user. Limited access is available to the user via the HP StoreVirtual Command-Line Interface (CLiQ) however root access is blocked. Root access may be requested by HP Support in some cases to help customers resolve complex support issues. To facilitate these cases, a challenge-response-based one-time password utility is employed by HP Support to gain root access to systems when the customer has granted permission and network access to the system. The one-time password utility protects the root access to prevent repeated access to the system with the same pass phrase. Root access to the LeftHand OS does not provide access to the user data being stored on the system. Revision 1 of this advisory.

tags | advisory, root
advisories | CVE-2013-2352
SHA-256 | 2e9b18cb67798b475a2521dfd3867a24e5b7dc2f948f4d2eaa0d5993e01cdd0f
Jolix Media Player 1.1.0 Denial Of Service
Posted Jul 10, 2013
Authored by IndonesiaGokilTeam

Jolix Media Player version 1.1.0 suffers from a denial of service vulnerability.

tags | exploit, denial of service
SHA-256 | 58a89d1e3da8836bf1123d5ee7babaa98ef4c05d89af8efa24997efe039d05a0
vBulletin Advanced User Tagging Cross Site Scripting
Posted Jul 10, 2013
Authored by []0iZy5

The vBulletin Advanced User Tagging module suffers from a stored cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 6ed28ca288dcae1a8b8f0d68cc85dff22e78aa97f6261fca14b7e0c1dc5157e4
iVote 1.0.0 SQL Injection
Posted Jul 10, 2013
Authored by Ashiyane Digital Security Team

iVote version 1.0.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | e92df3a9e230ad705c3cf0adc85407a1af9aa864677da01463fad9083153b548
vBulletin vBShout Cross Site Scripting
Posted Jul 10, 2013
Authored by []0iZy5

The vBulletin vBShout module suffers from a stored cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 844de421a694dcead3927d9398d6bd3109acf31bac84da005eabee397e5ec914
Red Hat Security Advisory 2013-1029-01
Posted Jul 10, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1029-01 - Fuse MQ Enterprise, based on Apache ActiveMQ, is a standards compliant messaging system that is tailored for use in mission critical applications. This release of Fuse MQ Enterprise 7.1.0 roll up patch 1 is an update to Fuse MQ Enterprise 7.1.0 and includes bug fixes.

tags | advisory
systems | linux, redhat
advisories | CVE-2012-6092, CVE-2012-6551, CVE-2013-1879, CVE-2013-1880, CVE-2013-2035, CVE-2013-3060
SHA-256 | d49e98b69560ade66dc250b4e224a5e152fb3faf4decf17786576ec266c040d1
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close