packetstorm_rss' Journal
 
 [Most Recent Entries] [Calendar View] [Friends]

Below are 20 journal entries, after skipping by the 40 most recent ones recorded in packetstorm_rss' LiveJournal:

    [ << Previous 20 -- Next 20 >> ]
    Friday, December 27th, 2013
    4:19 pm
    AWS Elastic Beanstalk Code Execution

    http://packetstormsecurity.com/files/124607/awsbeanstalk-exec.txt

    Amazon Web Services Elastic Beanstalk suffers from a code execution vulnerability.
    Thursday, December 26th, 2013
    5:25 pm
    Lynis Auditing Tool 1.3.8

    http://packetstormsecurity.com/files/124601/lynis-1.3.8.tar.gz

    Lynis is an auditing tool for Unix (specialists). It scans the system and available software to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated auditing, software patch management, vulnerability and malware scanning of Unix based systems.
    5:19 pm
    GNUnet P2P Framework 0.10.0

    http://packetstormsecurity.com/files/124600/gnunet-0.10.0.tar.gz

    GNUnet is a peer-to-peer framework with focus on providing security. All peer-to-peer messages in the network are confidential and authenticated. The framework provides a transport abstraction layer and can currently encapsulate the network traffic in UDP (IPv4 and IPv6), TCP (IPv4 and IPv6), HTTP, or SMTP messages. GNUnet supports accounting to provide contributing nodes with better service. The primary service build on top of the framework is anonymous file sharing.
    5:27 pm
    WordPress WP-Cron 1.1.5 Cross Site Scripting

    http://packetstormsecurity.com/files/124602/wpcron-xss.txt

    WordPress WP-Cron Dashboard plugin version 1.1.5 suffers from a cross site scripting vulnerability.
    5:17 pm
    Mandriva Linux Security Advisory 2013-302

    http://packetstormsecurity.com/files/124599/MDVSA-2013-302.txt

    Mandriva Linux Security Advisory 2013-302 - Bryan Quigley discovered an integer underflow in pixman. If a user were tricked into opening a specially crafted file, an attacker could cause a denial of service via application crash.
    5:28 pm
    AskApache 3.0 Cross Site Request Forgery

    http://packetstormsecurity.com/files/124603/askapache-xsrf.txt

    AskApache Firefox Adsense WordPress plugin version 3.0 suffers from a cross site request forgery vulnerability.
    5:12 pm
    RBS Change 3.6.8 Cross Site Scripting

    http://packetstormsecurity.com/files/124597/rbschange-xss.txt

    RBS Change version 3.6.8 suffers from a cross site scripting vulnerability.
    5:02 pm
    eFront LMS 3.6.14 File Upload / Path Disclosure

    http://packetstormsecurity.com/files/124595/efront-uploaddisclose.txt

    eFront LMS version 3.6.14 suffers from arbitrary file upload, file read, and path disclosure vulnerabilities.
    4:59 pm
    ipset_list 2.9

    http://packetstormsecurity.com/files/124594/ipset_list-2.9.tar.gz

    ipset_list is a wrapper script for listing sets of the netfilter ipset program. It allows you to match and display sets, headers, and elements in various ways. Optionally, the output can be colorized.
    4:39 pm
    AFCommerce Remote File Inclusion

    http://packetstormsecurity.com/files/124588/afcommerce-rfi.txt

    AFCommerce aka Amazing Flash Commerce suffers from a remote file inclusion vulnerability.
    4:44 am
    Windows Live Movie Maker 2011 Denial Of Service

    http://packetstormsecurity.com/files/124596/wlmm-dos.txt

    Windows Live Movie Maker 2011 suffers from a denial of service vulnerability.
    4:33 am
    JForum Cross Site Request Forgery

    http://packetstormsecurity.com/files/124598/jforum-xsrf.txt

    JForum suffers from a cross site request forgery vulnerability.
    Wednesday, December 25th, 2013
    2:02 pm
    Malheur Malware Analyzer 0.5.4

    http://packetstormsecurity.com/files/124591/malheur-0.5.4.tar.gz

    Malheur is a tool for automatic analysis of program behavior recorded from malicious software (malware). It is designed to support the regular analysis of malicious software and the development of detection and defense measures. It allows for identifying novel classes of malware with similar behavior and assigning unknown malware to discovered classes. It can be applied to recorded program behavior of various formats as long as monitored events are separated by delimiter symbols, e.g. as in reports generated by the popular malware sandboxes CWSandbox, Anubis, Norman Sandbox, and Joebox.
    2:33 am
    Google Dorks Database

    http://packetstormsecurity.com/files/124593/ghdb.pdf

    This pdf is a large collection of Google Dorks that can be useful for automation of testing and researching specific systems.
    2:22 am
    RealNetworks RealPlayer 16 Buffer Overflow

    http://packetstormsecurity.com/files/124592/realplayer16-overflow.txt

    RealNetworks RealPlayer versions 16.0.3.51 and 16.0.2.32 buffer overflow exploit that spawns calc.exe.
    Tuesday, December 24th, 2013
    8:22 pm
    TOR Virtual Network Tunneling Tool 0.2.4.20

    http://packetstormsecurity.com/files/124586/tor-0.2.4.20.tar.gz

    Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).
    7:02 pm
    EMC Replication Manager Unquoted File Path Enumeration

    http://packetstormsecurity.com/files/124584/ESA-2013-092.txt

    EMC Replication Manager allows a user to create scripts with unquoted element such as whitespace or other separators. This may allow local malicious users to access resources in a parent path and execute them. EMC Replication Manager versions prior to 5.5 are affected.
    6:02 pm
    EMC Watch4net Information Disclosure

    http://packetstormsecurity.com/files/124585/ESA-2013-091.txt

    EMC Watch4Net stores passwords of devices polled during monitoring in clear text in Watch4Net installation repository. This could allow a malicious user with access to Watch4Net installation repository to view those passwords. EMC Watch4Net versions prior to 6.3 are affected.
    Thursday, December 26th, 2013
    5:33 pm
    RealNetworks RealPlayer Version Attribute Buffer Overflow

    http://packetstormsecurity.com/files/124605/realplayer_ver_attribute_bof.rb.txt

    This Metasploit module exploits a stack-based buffer overflow vulnerability in version 16.0.3.51 and 16.0.2.32 of RealNetworks RealPlayer, caused by improper bounds checking of the version and encoding attributes inside the XML declaration. By persuading the victim to open a specially-crafted .RMP file, a remote attacker could execute arbitrary code on the system or cause the application to crash.
    5:30 pm
    WordPress Ad-minister 0.6 Cross Site Scripting

    http://packetstormsecurity.com/files/124604/wpadminister-xss.txt

    WordPress Ad-minister plugin version 0.6 suffers from a cross site scripting vulnerability.
[ << Previous 20 -- Next 20 >> ]
packetstorm_rss   About Sviesta Ciba