what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 8 of 8 RSS Feed

Files Date: 2013-07-23

FOSCAM IP-Cameras Improper Access Restrictions
Posted Jul 23, 2013
Authored by Core Security Technologies, Andres Blanco, Flavio de Cristofaro | Site coresecurity.com

Core Security Technologies Advisory - Due to improper access restrictions, the FOSCAM FI8620 device allows a remote attacker the ability to browse and access arbitrary files from the directories '/tmpfs/' and '/log/' without requiring authentication. This could allow disclosure of access credentials and more.

tags | exploit, remote, arbitrary
advisories | CVE-2013-2574
SHA-256 | adaec8a2f891fe9f46be77e8f4377c1af9e6f99fbc5b6ffa63687d17c42b396c
Download | Favorite | View
Nginx 1.3.9 / 1.4.0 Exploit Documentation
Posted Jul 23, 2013
Authored by Kingcope

This whitepaper document how the brute forcing exploit works for a buffer overflow vulnerability in nginx versions 1.3.9 and 1.4.0 on x86.

tags | paper, overflow, x86
advisories | CVE-2013-2028
SHA-256 | 83e7a76cda024bdc1720e8569cb20218c76aa3c5b8a8f5ddfad4818e03f8afe9
Download | Favorite | View
Surge FTP 23c8 Buffer Overflow
Posted Jul 23, 2013
Authored by Anil Pazvant

Surge FTP server versions 23c8 and below suffer from a buffer overflow vulnerability.

tags | advisory, overflow
advisories | CVE-2013-4742
SHA-256 | 8371e4e6a2219b80f0cdd60273de6526a797aaa7f16bbda2d393ad1b7b415834
Download | Favorite | View
Juniper Secure Access Cross Site Scripting
Posted Jul 23, 2013
Authored by Anil Pazvant

Juniper Secure Access software suffers from a reflective cross site scripting vulnerability.

tags | advisory, xss
systems | juniper
advisories | CVE-2012-5460
SHA-256 | 1e91a40814ce854dfbc08417fc774b84fa293848396a5db20ca9b655cc2fc7d0
Download | Favorite | View
AISec2013 Call For Papers
Posted Jul 23, 2013
Site sites.google.com

The AISec2013 Call For Papers has been announced. It will take place on November 4, 2013 in Berlin, Germany held in conjunction with ACM CCS 2013.

tags | paper, conference
SHA-256 | 53efede4578c200fd9c576434367a341ae6f2db5816ac342f3f7e01796a79fd2
Download | Favorite | View
D-Link Devices UPnP SOAP Command Execution
Posted Jul 23, 2013
Authored by Michael Messner, juan vazquez | Site metasploit.com

Different D-Link Routers are vulnerable to OS command injection in the UPnP SOAP interface. Since it is a blind OS command injection vulnerability, there is no output for the executed command when using the CMD target. Additionally, two targets are included, to start a telnetd service and establish a session over it, or deploy a native mipsel payload. This Metasploit module has been tested successfully on DIR-300, DIR-600, DIR-645, DIR-845 and DIR-865. According to the vulnerability discoverer, more D-Link devices may affected.

tags | exploit
advisories | OSVDB-94924
SHA-256 | 01d435ac6d062114f47621077e0eb7f0d7eaf8b4b14cc6838696243a3e34377f
Download | Favorite | View
Foreman (Red Hat OpenStack/Satellite) Code Injection
Posted Jul 23, 2013
Authored by Ramon de C Valle | Site metasploit.com

This Metasploit module exploits a code injection vulnerability in the 'create' action of 'bookmarks' controller of Foreman and Red Hat OpenStack/Satellite (Foreman 1.2.0-RC1 and earlier).

tags | exploit
systems | linux, redhat
advisories | CVE-2013-2121, OSVDB-94671
SHA-256 | c5c9607b201bbed12138b9c01832cadc3f0585df9c929779954f3b1deff22316
Download | Favorite | View
VMware vCenter Chargeback Manager ImageUploadServlet Arbitrary File Upload
Posted Jul 23, 2013
Authored by Andrea Micalizzi, juan vazquez | Site metasploit.com

This Metasploit module exploits a code execution flaw in VMware vCenter Chargeback Manager, where the ImageUploadServlet servlet allows unauthenticated file upload. The files are uploaded to the /cbmui/images/ web path, where JSP code execution is allowed. The module has been tested successfully on VMware vCenter Chargeback Manager 2.0.1 on Windows 2003 SP2.

tags | exploit, web, code execution, file upload
systems | windows
advisories | CVE-2013-3520, OSVDB-94188
SHA-256 | b08962941512b5b8079fa8c0192f78e7fa07e4194e7eadc4c084e0b8ccd390a5
Download | Favorite | View
Page 1 of 1
Back1Next

File Archive:

May 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    44 Files
  • 2
    May 2nd
    5 Files
  • 3
    May 3rd
    11 Files
  • 4
    May 4th
    0 Files
  • 5
    May 5th
    0 Files
  • 6
    May 6th
    28 Files
  • 7
    May 7th
    3 Files
  • 8
    May 8th
    4 Files
  • 9
    May 9th
    54 Files
  • 10
    May 10th
    12 Files
  • 11
    May 11th
    0 Files
  • 12
    May 12th
    0 Files
  • 13
    May 13th
    17 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    0 Files
  • 17
    May 17th
    0 Files
  • 18
    May 18th
    0 Files
  • 19
    May 19th
    0 Files
  • 20
    May 20th
    0 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Site Links
News by Month
News Tags
Files by Month
File Tags
File Directory
About Us
History & Purpose
Contact Information
Terms of Service
Privacy Statement
Copyright Information
Services
Security Services
Hosting By
Rokasec
close