what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 15 of 15 RSS Feed

Files Date: 2013-11-30

ABB MicroSCADA wserver.exe Remote Code Execution
Posted Nov 30, 2013
Authored by juan vazquez, Brian Gorenc | Site metasploit.com

This Metasploit module exploits a remote stack buffer overflow vulnerability in ABB MicroSCADA. The issue is due to the handling of unauthenticated EXECUTE operations on the wserver.exe component, which allows arbitrary commands. The component is disabled by default, but required when a project uses the SCIL function WORKSTATION_CALL. This Metasploit module has been tested successfully on ABB MicroSCADA Pro SYS600 9.3 over Windows XP SP3 and Windows 7 SP1.

tags | exploit, remote, overflow, arbitrary
systems | windows
SHA-256 | 0bdf9a94501d5619a20ed028d746c3734042d2dd9d819b70fa7fbb4ef414fa5d
Ametys CMS 3.5.2 XPath Injection
Posted Nov 30, 2013
Authored by LiquidWorm | Site zeroscience.mk

Ametys CMS version 3.5.2 suffers from an XPath injection vulnerability. Input passed via the 'lang' POST parameter in the newsletter plugin is not properly sanitized before being used to construct an XPath query for XML data.

tags | exploit
SHA-256 | c5dbcda0f10c655d76ff28210efc04294966ced89d00fa641314117ecc195ed1
Kingsoft Office Writer 2012 8.1.0.3385 Buffer Overflow
Posted Nov 30, 2013
Authored by Julien Ahrens | Site rcesecurity.com

Kingsoft Office Writer 2012 version 8.1.0.3385 SEH buffer overflow exploit that creates a malicious .wps file that pops calc.exe.

tags | exploit, overflow
advisories | CVE-2013-3934
SHA-256 | b7d9ad349ded8a5a19c71d80cba93ff175a9354bd4e6012b41c0c8d3a2f14174
Gentoo Linux Security Advisory 201311-22
Posted Nov 30, 2013
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201311-22 - Multiple vulnerabilities have been found in Namazu, worst of which allows remote attackers to cause a Denial of Service condition. Versions less than 2.0.21 are affected.

tags | advisory, remote, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2009-5028, CVE-2011-4345, CVE-2011-4711
SHA-256 | cf1c03efd75bf2533cc1c1a5ef8b465bdf5305a5b8eb4bd14243711d106e2c38
Gentoo Linux Security Advisory 201311-21
Posted Nov 30, 2013
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201311-21 - A heap-based buffer overflow in cpio might allow a remote rmt server to execute arbitrary code or cause a Denial of Service condition. Versions less than 2.11 are affected.

tags | advisory, remote, denial of service, overflow, arbitrary
systems | linux, gentoo
advisories | CVE-2010-0624
SHA-256 | ad033b6440ffd791abb4c68830d89b3569db4426500c37f2f7a3efe34d81876a
Gentoo Linux Security Advisory 201311-20
Posted Nov 30, 2013
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201311-20 - A heap-based buffer overflow in Okular might allow a remote attacker to execute arbitrary code or cause a Denial of Service condition. Versions less than 4.4.5-r2 are affected.

tags | advisory, remote, denial of service, overflow, arbitrary
systems | linux, gentoo
advisories | CVE-2010-2575
SHA-256 | 90d2f60d08781dc417b053575206a5874d29481f531479378ff20936a57968c7
Gentoo Linux Security Advisory 201311-19
Posted Nov 30, 2013
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201311-19 - Multiple vulnerabilities have been found in rssh, allowing local attackers to bypass access restrictions. Versions less than 2.3.4 are affected.

tags | advisory, local, vulnerability
systems | linux, gentoo
advisories | CVE-2012-2252, CVE-2012-3478
SHA-256 | 2cfca946aed87f93230a6b6e24c15593789e28cee281ff97f52258c3b9f27c16
Gentoo Linux Security Advisory 201311-18
Posted Nov 30, 2013
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201311-18 - Multiple Denial of Service vulnerabilities have been found in Unbound. Versions less than 1.4.13_p2 are affected.

tags | advisory, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2011-4528, CVE-2011-4869
SHA-256 | 3dff5969d86693a7dab8a560bda4867b086561ac001da064348a4988c97d21b3
Debian Security Advisory 2807-1
Posted Nov 30, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2807-1 - Mikulas Patocka discovered an integer overflow in the parsing of HTML tables in the Links web browser. This can only be exploited when running Links in graphical mode.

tags | advisory, web, overflow
systems | linux, debian
advisories | CVE-2013-6050
SHA-256 | ba5a92b5b80509e542694170e4e9e8527491de2d75490fd48b0d59c5569aee23
Gentoo Linux Security Advisory 201311-17
Posted Nov 30, 2013
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201311-17 - Multiple vulnerabilities were found in Perl, the worst of which could allow a local attacker to cause a Denial of Service condition. Versions less than 5.12.3-r1 are affected.

tags | advisory, denial of service, local, perl, vulnerability
systems | linux, gentoo
advisories | CVE-2008-5302, CVE-2008-5303, CVE-2010-1158, CVE-2011-0761, CVE-2011-1487
SHA-256 | 17bc7911b1233ec593e55fce4bd6168ee82f0df54d00136756cc65e61e2a42aa
Debian Security Advisory 2806-1
Posted Nov 30, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2806-1 - It was discovered that nbd-server, the server for the Network Block Device protocol, did incorrect parsing of the access control lists, allowing access to any hosts with an IP address sharing a prefix with an allowed address.

tags | advisory, protocol
systems | linux, debian
SHA-256 | 398f2e5d0075f4755d9ccc3540ba884827feb9034ec784f85499eec4a5909ef4
Debian Security Advisory 2805-1
Posted Nov 30, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2805-1 - joernchen of Phenoelit discovered two command injection flaws in Sup, a console-based email client. An attacker might execute arbitrary command if the user opens a maliciously crafted email.

tags | advisory, arbitrary
systems | linux, debian
advisories | CVE-2013-4478, CVE-2013-4479
SHA-256 | 5739388c0a7982317759271534e33911f76ce90521112509c624b3d0475a21c3
PHP Bugs Tutorial
Posted Nov 30, 2013
Authored by cr4wl3r

This tutorial on bugs in PHP code covers remote file inclusion, SQL injection, file disclosure, and much more. Written in Indonesian.

tags | paper, remote, php, sql injection, file inclusion
SHA-256 | 393606eec0109757ddbf4016a45ac214a4c84078e4af86faf4fd016ee8bd422c
WordPress Folo Theme Cross Site Scripting
Posted Nov 30, 2013
Authored by Darksnipper

WordPress Folo theme suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 6f6a0b653d47d002c0d96429481f77236becff3c3cf8a84c7c394b20619c5ffb
Joomla JMultimedia Command Execution
Posted Nov 30, 2013
Authored by Rafay Baloch, Deepankar Arora

Joomla JMultimedia component remote shell upload exploit.

tags | exploit, remote, shell
SHA-256 | 60512e22d6ce24750d26196501efc9831992d71d5a81d6681e45d2ad7ddfc47f
Page 1 of 1
Back1Next

File Archive:

December 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    0 Files
  • 2
    Dec 2nd
    41 Files
  • 3
    Dec 3rd
    25 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close