what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 13 of 13 RSS Feed

Files Date: 2013-08-26

Debian Security Advisory 2742-1
Posted Aug 26, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2742-1 - It was discovered that PHP, a general-purpose scripting language commonly used for web application development, did not properly process embedded NUL characters in the subjectAltName extension of X.509 certificates. Depending on the application and with insufficient CA-level checks, this could be abused for impersonating other users.

tags | advisory, web, php
systems | linux, debian
advisories | CVE-2013-4248
SHA-256 | 94d9e680a062358787e25ec659acc74944e9b260376d2f8e2978f25085b91e0e
Mac OS X Sudo Password Bypass
Posted Aug 26, 2013
Authored by Todd C. Miller, juan vazquez, joev | Site metasploit.com

This Metasploit module gains a session with root permissions on versions of OS X with sudo binary vulnerable to CVE-2013-1775. Tested working on Mac OS 10.7-10.8.4, and possibly lower versions. If your session belongs to a user with Administrative Privileges (the user is in the sudoers file and is in the "admin group"), and the user has ever run the "sudo" command, it is possible to become the super user by running `sudo -k` and then resetting the system clock to 01-01-1970. This Metasploit module will fail silently if the user is not an admin or if the user has never run the sudo command.

tags | exploit, root
systems | apple, osx
advisories | CVE-2013-1775, OSVDB-90677
SHA-256 | 861501e9890ef0e4cff6780f3ce32dadf2038337f7e60f127a1275773d181e73
Belkin G Wireless Router Code Execution
Posted Aug 26, 2013
Authored by Aodrulez

Belkin G Wireless Router remote code execution proof of concept exploit.

tags | exploit, remote, code execution, proof of concept
SHA-256 | 43beacbd1d2f3672fb7be34a7a3f2b6f9fabf3623fbe5cb404ae146733cc6365
Cisco Ironport Cross Site Request Forgery / Cross Site Scripting
Posted Aug 26, 2013
Authored by Pedro Andujar

Cisco IronPort Security Management Appliance M170 version 7.9.1-030 suffers from cross site scripting and cross site request forgery vulnerabilities.

tags | exploit, vulnerability, xss, csrf
systems | cisco
advisories | CVE-2013-3396, CVE-2013-3395
SHA-256 | 40a0643dbab499a3f46d60fad23c407a10df8680b8e1f4e8115ef3aed8b93719
CM3 AcoraCMS XSS / CSRF / Redirection / Disclosure
Posted Aug 26, 2013
Authored by Pedro Andujar

CM3 AcoraCMS versions 6.0.6/1a, 6.0.2/1a, 5.5.7/12b, and 5.5.0/1b-p1 suffer from cross site request forgery, cross site scripting, information disclosure, weak cookies, and URL redirection vulnerabilities.

tags | exploit, vulnerability, xss, info disclosure, csrf
advisories | CVE-2013-4722, CVE-2013-4723, CVE-2013-4724, CVE-2013-4725, CVE-2013-4726, CVE-2013-4727, CVE-2013-4728
SHA-256 | f65adb8d5d4537a8f1aff22cba3e550a87e391426812fdba7c08849a765bdb48
libtiff 3.9.5 Integer Overflow
Posted Aug 26, 2013
Authored by x90c

libtiff versions 3.9.5 and below suffer from an integer overflow vulnerability.

tags | exploit, overflow
SHA-256 | e047e24940fc1946d2bd9e6123520ff4837f2a59b4ec6f49e5d2d1e28babd003
WordPress Simple Login Registration 1.0.1 Cross Site Scripting
Posted Aug 26, 2013
Authored by Dylan Irzi

WordPress Simple Login Registration version 1.0.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 8eaaf8d9c59f71217d63637d3dbbbe789fbc7b92081e36db7effd8b1901a4a06
Musicbox 2.3.8 Cross Site Scripting / Shell Upload / SQL Injection
Posted Aug 26, 2013
Authored by DevilScreaM

Musicbox version 2.3.8 suffers from cross site scripting, remote shell upload, and remote SQL injection vulnerabilities.

tags | exploit, remote, shell, vulnerability, xss, sql injection
SHA-256 | 20cfed76192734cf617e94e030e36c6d5394c6401ca591e0ff39e54db386abe2
Wi-fEye Wireless Pentesting Tool 1.0 Beta
Posted Aug 26, 2013
Authored by Zaid Al-Quraishi | Site wi-feye.za1d.com

Wi-fEye is designed to help with network penetration testing. It allows the user to perform a number of powerful attack automatically including WEP/WPA cracking, session hijacking and more.

Changes: Various updates.
tags | tool, wireless
systems | unix
SHA-256 | 9611698676e916490e7e33d98b18839292c0c6cd89d52c1228a8bc0865e2cd69
Debian Security Advisory 2741-1
Posted Aug 26, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2741-1 - Several vulnerabilities have been discovered in the Chromium web browser.

tags | advisory, web, vulnerability
systems | linux, debian
advisories | CVE-2013-2887, CVE-2013-2900, CVE-2013-2901, CVE-2013-2902, CVE-2013-2903, CVE-2013-2904, CVE-2013-2905
SHA-256 | bdd10a6aa033fcc7c6611dd7a8e6b25e019466b4bb621cfcb18e5dff400ad50d
Obehotel CMS Denial Of Service / SQL Injection
Posted Aug 26, 2013
Authored by Juan Carlos Garcia

Obehotel CMS suffers from denial of service, insecure transit, directory listing, and remote SQL injection vulnerabilities.

tags | exploit, remote, denial of service, vulnerability, sql injection
SHA-256 | d5574eb95b9c81f907d0fcbec02ac11f615600255a8fae6dcf88f94ba7394837
xml2 Fuzzer 1.0
Posted Aug 26, 2013
Authored by x90c

xml2 Fuzzer is a fuzzing utility that daemonizes in order to fuzz the client side of a web browser.

tags | web, fuzzer
SHA-256 | 6ce1679a18a737f7e82c37dd5a21cc85bfe82165cf1e8c95fb312c29f4e930d0
WordPress Post-Gallery Cross Site Scripting
Posted Aug 26, 2013
Authored by IeDb

The WordPress Post-Gallery plugin suffers from a cross site scripting vulnerability. Note that this finding houses site-specific data.

tags | exploit, xss
SHA-256 | a27e312e77262e178eaa8ddeb54a389448031e07bf31d9f1a766423a417f183c
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close