Exploit the possiblities

Recent Files

Files RSS Feed
Hashcat Advanced Password Recovery 4.1.0 Source Code
Posted Feb 21, 2018
Authored by Kartan | Site hashcat.net

Hashcat is an advanced GPU hash cracking utility that includes the World's fastest md5crypt, phpass, mscash2 and WPA / WPA2 cracker. It also has the first and only GPGPU-based rule engine, focuses on highly iterated modern hashes, single dictionary-based attacks, and more. This is the source code release.

Changes: Options added and removed. Many hash modes added. Various other fixes and improvements.
tags | tool, cracker
systems | unix
Hashcat Advanced Password Recovery 4.1.0 Binary Release
Posted Feb 21, 2018
Authored by Kartan | Site hashcat.net

Hashcat is an advanced GPU hash cracking utility that includes the World's fastest md5crypt, phpass, mscash2 and WPA / WPA2 cracker. It also has the first and only GPGPU-based rule engine, focuses on highly iterated modern hashes, single dictionary-based attacks, and more. This is the binary release.

Changes: Options added and removed. Many hash modes added. Various other fixes and improvements.
tags | tool, cracker
Yab Quarx 2.4.3 Cross Site Scripting
Posted Feb 21, 2018
Authored by Preethi Koroth

Yab Quarx versions 2.4.3 and below suffer from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
Red Hat Security Advisory 2018-0336-01
Posted Feb 20, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0336-01 - Red Hat Satellite is a systems management tool for Linux-based infrastructure. It allows for provisioning, remote management, and monitoring of multiple Linux deployments with a single centralized tool. This update provides Satellite 6.3 packages for Red Hat Enterprise Linux 7 Satellite server. For the full list of new features provided by Satellite 6.3, see the Release Notes linked to in the references section. See the Satellite 6 Installation Guide for detailed instructions on how to install a new Satellite 6.3 environment, or the Satellite 6 Upgrading and Updating guide for detailed instructions on how to upgrade from prior versions of Satellite 6.

tags | advisory, remote
systems | linux, redhat
Ubuntu Security Notice USN-3577-1
Posted Feb 20, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3577-1 - Jann Horn discovered that CUPS permitted HTTP requests with the Host header set to "localhost.localdomain" from the loopback interface. If a user were tricked in to opening a specially crafted website in their web browser, an attacker could potentially exploit this to obtain sensitive information or control printers, via a DNS rebinding attack.

tags | advisory, web
systems | linux, ubuntu
Red Hat Security Advisory 2018-0334-01
Posted Feb 20, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-0334-01 - Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 64.0.3282.167. Security Fix: chromium-browser: incorrect derived class instantiation in v8.

tags | advisory, web
systems | linux, redhat
Ubuntu Security Notice USN-3576-1
Posted Feb 20, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3576-1 - Vivian Zhang and Christoph Anton Mitterer discovered that libvirt incorrectly disabled password authentication when the VNC password was set to an empty string. A remote attacker could possibly use this issue to bypass authentication, contrary to expectations. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. Daniel P. Berrange discovered that libvirt incorrectly handled validating SSL/TLS certificates. A remote attacker could possibly use this issue to obtain sensitive information. This issue only affected Ubuntu 17.10. Various other issues were also addressed.

tags | advisory, remote
systems | linux, ubuntu
Ubuntu Security Notice USN-3575-1
Posted Feb 20, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3575-1 - It was discovered that QEMU incorrectly handled guest ram. A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. David Buchanan discovered that QEMU incorrectly handled the VGA device. A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. This issue was only addressed in Ubuntu 17.10. Various other issues were also addressed.

tags | advisory, denial of service
systems | linux, ubuntu
MagniComp SysInfo mcsiwrapper Privilege Escalation
Posted Feb 20, 2018
Authored by Brendan Coles, Daniel Lawson, Romain Trouve | Site metasploit.com

This Metasploit module attempts to gain root privileges on systems running MagniComp SysInfo versions prior to 10-H64. The .mcsiwrapper suid executable allows loading a config file using the '--configfile' argument. The 'ExecPath' config directive is used to set the executable load path. This Metasploit module abuses this functionality to set the load path resulting in execution of arbitrary code as root. This Metasploit module has been tested successfully with SysInfo version 10-H63 on Fedora 20 x86_64, 10-H32 on Fedora 27 x86_64, 10-H10 on Debian 8 x86_64, and 10-GA on Solaris 10u11 x86.

tags | exploit, arbitrary, x86, root
systems | linux, solaris, debian, fedora
Radiant CMS 1.1.4 Cross Site Scripting
Posted Feb 20, 2018
Authored by Suparna Kachroo

Radiant CMS version 1.1.4 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
Gentoo Linux Security Advisory 201802-06
Posted Feb 20, 2018
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201802-6 - A vulnerability in LibreOffice might allow remote attackers to read arbitrary files. Versions less than 5.4.5.1 are affected.

tags | advisory, remote, arbitrary
systems | linux, gentoo
Gentoo Linux Security Advisory 201802-05
Posted Feb 20, 2018
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201802-5 - A vulnerability has been found in Ruby which may allow for arbitrary command execution. Versions less than 2.2.9:2.2 are affected.

tags | advisory, arbitrary, ruby
systems | linux, gentoo
Gentoo Linux Security Advisory 201802-04
Posted Feb 20, 2018
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201802-4 - Multiple vulnerabilities were found in MySQL, the worst of which may allow remote execution of arbitrary code. Versions less than 5.6.39 are affected.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, gentoo
Gentoo Linux Security Advisory 201802-03
Posted Feb 20, 2018
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201802-3 - Multiple vulnerabilities have been found in Mozilla Firefox, the worst of which may allow execution of arbitrary code. Versions less than 52.6.0 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
Apple Security Advisory 2018-02-19-3
Posted Feb 19, 2018
Authored by Apple | Site apple.com

Apple Security Advisory 2018-02-19-3 - tvOS 11.2.6 is now available and addresses a memory corruption vulnerability.

tags | advisory
systems | apple
Rootkit Hunter 1.4.6
Posted Feb 19, 2018
Authored by Michael Boelen | Site rootkit.nl

Rootkit Hunter scans files and systems for known and unknown rootkits, backdoors, and sniffers. The package contains one shell script, a few text-based databases, and optional Perl modules. It should run on almost every Unix variety except Solaris and NetBSD.

Changes: Added support for Alpine Linux (busybox). Added the Diamorphine LKM test. Added the ALLOWIPCPID configuration file option. Added the ALLOWIPCUSER configuration file option. Various other additions, improvements, and bug fixes made.
tags | tool, shell, perl, integrity, rootkit
systems | netbsd, unix, solaris
Debian Security Advisory 4119-1
Posted Feb 19, 2018
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4119-1 - Several security issues have been corrected in multiple demuxers and decoders of the libav multimedia library.

tags | advisory
systems | linux, debian
Gentoo Linux Security Advisory 201802-02
Posted Feb 19, 2018
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201802-2 - Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could result in the execution of arbitrary code. Versions less than 64.0.3282.167 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
Apple Security Advisory 2018-02-19-4
Posted Feb 19, 2018
Authored by Apple | Site apple.com

Apple Security Advisory 2018-02-19-4 - watchOS 4.2.3 is now available and addresses a memory corruption vulnerability.

tags | advisory
systems | apple
Apple Security Advisory 2018-02-19-2
Posted Feb 19, 2018
Authored by Apple | Site apple.com

Apple Security Advisory 2018-02-19-2 - macOS High Sierra 10.13.3 Supplemental Update is now available and addresses a memory corruption vulnerability.

tags | advisory
systems | apple
Apple Security Advisory 2018-02-19-1
Posted Feb 19, 2018
Authored by Apple | Site apple.com

Apple Security Advisory 2018-02-19-1 - iOS 11.2.6 is now available and addresses a memory corruption vulnerability.

tags | advisory
systems | apple, ios
Ubuntu Security Notice USN-3574-1
Posted Feb 19, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3574-1 - It was discovered that Bind incorrectly handled DNSSEC validation. An attacker could possibly use this to cause a denial of service.

tags | advisory, denial of service
systems | linux, ubuntu
Kentico CMS 11 Cross Site Scripting
Posted Feb 19, 2018
Authored by Keerati T.

Kentico CMS versions 9 through 11 suffer from a cross site scripting vulnerability.

tags | exploit, xss
Kentico CMS 11 Arbitrary Code Execution
Posted Feb 19, 2018
Authored by Keerati T.

Kentico CMS versions 9 through 11 suffer from a remote code execution vulnerability.

tags | exploit, remote, code execution
Bugzilla 4.4.12 / 5.0.3 Cross Site Request Forgery
Posted Feb 19, 2018
Authored by Holger Fuhrmannek | Site bugzilla.org

Bugzilla versions 2.16rc1 to 4.4.12 and 4.5.1 to 5.0.3 suffer from a cross site request forgery vulnerability.

tags | advisory, csrf
View Older Files →

Want To Donate?


Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

File Archive:

February 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    15 Files
  • 2
    Feb 2nd
    15 Files
  • 3
    Feb 3rd
    15 Files
  • 4
    Feb 4th
    13 Files
  • 5
    Feb 5th
    16 Files
  • 6
    Feb 6th
    15 Files
  • 7
    Feb 7th
    15 Files
  • 8
    Feb 8th
    15 Files
  • 9
    Feb 9th
    18 Files
  • 10
    Feb 10th
    8 Files
  • 11
    Feb 11th
    8 Files
  • 12
    Feb 12th
    17 Files
  • 13
    Feb 13th
    15 Files
  • 14
    Feb 14th
    15 Files
  • 15
    Feb 15th
    17 Files
  • 16
    Feb 16th
    18 Files
  • 17
    Feb 17th
    37 Files
  • 18
    Feb 18th
    2 Files
  • 19
    Feb 19th
    16 Files
  • 20
    Feb 20th
    11 Files
  • 21
    Feb 21st
    3 Files
  • 22
    Feb 22nd
    0 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

News Tags

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close