what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 13 of 13 RSS Feed

Files Date: 2013-07-05

rsyslog ElasticSearch Memory Corruption
Posted Jul 5, 2013
Authored by Markus Vervier, Marius Ionescu | Site lsexperts.de

rsyslog ElasticSearch plugin suffers from a double free memory corruption. rsyslog versions 7.4.0 stable through 7.4.1 stable and 7.3.2 devel through 7.5.1 devel are affected.

tags | advisory
advisories | CVE-2013-4758
SHA-256 | c9b79425a99d604dd1c1d69b803474783b1a91144c92fa3d3e6e0ef941f7e904
Mobile Atlas Creator 1.9.12 Command Injection
Posted Jul 5, 2013
Authored by Ateeq ur Rehman Khan, Vulnerability Laboratory | Site vulnerability-lab.com

Mobile Atlas Creator version 1.9.12 suffers from a persistent command injection vulnerability.

tags | exploit
SHA-256 | f782e5902de4275bb7b5adaa183c0d4c747bce44cd3bab55fceeb1a40385b58a
AVAST Antivirus 8.0.1489 Code Execution
Posted Jul 5, 2013
Authored by Ateeq ur Rehman Khan, Vulnerability Laboratory | Site vulnerability-lab.com

AVAST Antivirus version 8.0.1489 suffers from persistent code execution and local command path injection vulnerabilities.

tags | exploit, local, vulnerability, code execution
SHA-256 | 8ecf8181f21169c642a4a0a31e6d0947fcf73c786bf9c817cc6ab29eb8b0971f
PayPal QR Labs Authentication Bypass
Posted Jul 5, 2013
Authored by Cernica Ionut Cosmin, Vulnerability Laboratory | Site vulnerability-lab.com

PayPal QR Labs service web application suffers from an authentication bypass vulnerability.

tags | exploit, web, bypass
SHA-256 | 6a9fdca282918dda1d753416f04613cacaac1cfaeb31ea7a0d4f63894717b193
OpenVZ Kernel 2.6.32 Memory Leaks
Posted Jul 5, 2013
Authored by Jonathan Salwan

OpenVZ kernel version 2.6.32 suffers from multiple memory leaks.

tags | advisory, kernel, memory leak
advisories | CVE-2013-2239
SHA-256 | 8564ad61e7645a172b677d9f8cf2e6d215eaeb5a393a80fab15d31814d976364
AVAST Universal Core Installer Local Code Injection
Posted Jul 5, 2013
Authored by Ateeq ur Rehman Khan, Vulnerability Laboratory | Site vulnerability-lab.com

AVAST Universal Core Installer suffers from multiple local code injection vulnerabilities.

tags | exploit, local, vulnerability
SHA-256 | d157be7350a06d72912af114c10abafc2eabcb2a8255d4bc08053f47fe292f02
AVAST Internet Security Suite 8.0.1489 Local Code Injection
Posted Jul 5, 2013
Authored by Ateeq ur Rehman Khan, Vulnerability Laboratory | Site vulnerability-lab.com

AVAST Internet Security Suite version 8.0.1489 suffers from multiple persistent local code injection vulnerabilities.

tags | exploit, local, vulnerability
SHA-256 | 587328ff9a6e43db57b3ccf6c05768dcd53ca7791ad5264bd6d8bcfe835aaaa9
Microsoft Advanced Notice Security Bulletin Summary For July, 2013
Posted Jul 5, 2013
Site microsoft.com

This bulletin summary lists 7 released Microsoft security bulletins for July, 2013.

tags | advisory
SHA-256 | e4506b01766750d19320b2a2a3b3d209ada180bb1c37f4e96961f17b01f7b0d6
Ubuntu Security Notice USN-1900-1
Posted Jul 5, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1900-1 - Dmitry Monakhov reported a race condition flaw the Linux ext4 filesystem that can expose stale data. An unprivileged user could exploit this flaw to cause an information leak. An information leak was discovered in the Linux kernel's tkill and tgkill system calls when used from compat processes. A local user could exploit this flaw to examine potentially sensitive kernel memory. A format string vulnerability was discovered in Broadcom B43 wireless driver for the Linux kernel. A local user could exploit this flaw to gain administrative privileges. Various other issues were also addressed.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2012-4508, CVE-2013-2141, CVE-2013-2852, CVE-2012-4508, CVE-2013-2141, CVE-2013-2852
SHA-256 | b1bcfb63b4c3b8dd01cdcabf8077b93364a3e94d0951fb54fadb9f35a122db85
Ubuntu Security Notice USN-1899-1
Posted Jul 5, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1899-1 - Dmitry Monakhov reported a race condition flaw the Linux ext4 filesystem that can expose stale data. An unprivileged user could exploit this flaw to cause an information leak. An information leak was discovered in the Linux kernel's tkill and tgkill system calls when used from compat processes. A local user could exploit this flaw to examine potentially sensitive kernel memory. A format string vulnerability was discovered in Broadcom B43 wireless driver for the Linux kernel. A local user could exploit this flaw to gain administrative privileges. Various other issues were also addressed.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2012-4508, CVE-2013-2141, CVE-2013-2852, CVE-2012-4508, CVE-2013-2141, CVE-2013-2852
SHA-256 | 593e00f04b6483ec844d0d0014bec0a0aa260fbb699fc4a75dbcdbfcd38c245d
Ubuntu Security Notice USN-1898-1
Posted Jul 5, 2013
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1898-1 - The TLS protocol 1.2 and earlier can encrypt compressed data without properly obfuscating the length of the unencrypted data, which allows man-in-the-middle attackers to obtain plaintext content by observing length differences during a series of guesses in which a provided string potentially matches an unknown string in encrypted and compressed traffic. This is known as a CRIME attack in HTTP. Other protocols layered on top of TLS may also make these attacks practical. This update disables compression for all programs using SSL and TLS provided by the OpenSSL library. To re-enable compression for programs that need compression to communicate with legacy services, define the variable OPENSSL_DEFAULT_ZLIB in the program's environment. Various other issues were also addressed.

tags | advisory, web, protocol
systems | linux, ubuntu
advisories | CVE-2012-4929
SHA-256 | 8f41933da3ccfc96d26d440c47a8d58948a5fb5d36e17ad70d3cf7dc3959fdbe
Microsoft Windows 98/ME/2000/XP/2003 HTML Help File Hijack
Posted Jul 5, 2013
Authored by Luigi Auriemma, Eduardo Braun Prado

Multiple Microsoft Windows 98/ME/2000/XP/2003 HTML Help file loading hijack vulnerabilities exist. Proof of concept included.

tags | exploit, vulnerability, proof of concept
systems | linux, windows
SHA-256 | 84465488b511cd9a9bc47e5238c9e17dffafd6132f7761481d27a835c68d1123
Mobile Application Hacking Diary Part 1
Posted Jul 5, 2013
Authored by CWH Underground, ZeQ3uL, diF

Mobile Application Hacking Diary whitepaper part one.

tags | paper
SHA-256 | e4c6024f8478fdc045b8579a4c2724e32ec5a10026f2eff6c54bd0d3f6b96044
Page 1 of 1
Back1Next

File Archive:

December 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    0 Files
  • 2
    Dec 2nd
    41 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close