Twenty Year Anniversary

Recent Files

Files RSS Feed
TOR Virtual Network Tunneling Tool 0.3.3.6
Posted May 24, 2018
Authored by Roger Dingledine | Site tor.eff.org

Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).

Changes: Tor 0.3.3.6 is the first stable release in the 0.3.3 series. It backports several important fixes from the 0.3.4.1-alpha. The Tor 0.3.3 series includes controller support and other improvements for v3 onion services, official support for embedding Tor within other applications, and our first non-trivial module written in the Rust programming language. (Rust is still not enabled by default when building Tor.) And as usual, there are numerous other smaller bugfixes, features, and improvements.
tags | tool, remote, local, peer2peer
systems | unix
D-Link DSL-2750B OS Command Injection
Posted May 24, 2018
Authored by p, Marcin Bury | Site metasploit.com

This Metasploit module exploits a remote command injection vulnerability in D-Link DSL-2750B devices. Vulnerability can be exploited through "cli" parameter that is directly used to invoke "ayecli" binary. Vulnerable firmwares are from 1.01 up to 1.03.

tags | exploit, remote
Ubuntu Security Notice USN-3598-2
Posted May 24, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3598-2 - USN-3598-1 fixed a vulnerability in curl. This update provides the corresponding update for Ubuntu 12.04 ESM. Phan Thanh discovered that curl incorrectly handled certain FTP paths. An attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
Ubuntu Security Notice USN-3659-1
Posted May 24, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3659-1 - Frediano Ziglio discovered that Spice incorrectly handled certain client messages. An attacker could possibly use this to cause Spice to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
Red Hat Security Advisory 2018-1713-01
Posted May 24, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-1713-01 - The UnboundID LDAP SDK for Java is a free Java library for communicating with LDAP directory servers and performing related tasks like reading and writing LDIF, encoding and decoding data using base64 and ASN.1 BER, and performing secure communications. The following packages have been upgraded to a later upstream version: unboundid-ldapsdk. Issues addressed include an access control vulnerability.

tags | advisory, java
systems | linux, redhat
PHP Login And User Management 4.1.0 Shell Upload
Posted May 24, 2018
Authored by Reginald Dodd

PHP Login and User Management versions 4.1.0 and below suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell, php
Microsoft Internet Explorer 11 Vbscript Code Execution
Posted May 24, 2018
Authored by smgorelik

Microsoft Internet Explorer 11 on Windows 7 x64/x86 suffers from a vbscript code execution vulnerability.

tags | exploit, x86, code execution
systems | windows, 7
Ubuntu Security Notice USN-3658-1
Posted May 24, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3658-1 - It was discovered that the procps-ng top utility incorrectly read its configuration file from the current working directory. A local attacker could possibly use this issue to escalate privileges. It was discovered that the procps-ng ps tool incorrectly handled memory. A local user could possibly use this issue to cause a denial of service. It was discovered that libprocps incorrectly handled the file2strvec function. A local attacker could possibly use this to execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, local
systems | linux, ubuntu
PaulNews 1.0 Cross Site Scripting / SQL Injection
Posted May 24, 2018
Authored by Ozkan Mustafa Akkus

PaulNews version 1.0 suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
LikeSoftware CMS Cross Site Request Forgery / Shell Upload
Posted May 24, 2018
Authored by Mr.7z

LikeSoftware CMS suffers from cross site request forgery and remote shell upload vulnerabilities.

tags | exploit, remote, shell, vulnerability, csrf
Red Hat Security Advisory 2018-1711-01
Posted May 24, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-1711-01 - The rhev-hypervisor7 package provides a Red Hat Enterprise Virtualization Hypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor is a dedicated Kernel-based Virtual Machine hypervisor. It includes everything necessary to run and manage virtual machines: A subset of the Red Hat Enterprise Linux operating environment and the Red Hat Enterprise Virtualization Agent. Issues addressed include a bypass vulnerability.

tags | advisory, kernel, bypass
systems | linux, redhat
GNU glibc Local Buffer Overflow
Posted May 24, 2018
Authored by Jameel Nabbo

GNU glibc versions prior to 2.27 suffer from a buffer overflow vulnerability.

tags | exploit, overflow
NewsBee CMS 1.4 Cross Site Request Forgery
Posted May 24, 2018
Authored by indoushka

NewsBee CMS version 1.4 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
HP Security Bulletin MFSBGN03808 1
Posted May 24, 2018
Authored by HP | Site hp.com

HP Security Bulletin MFSBGN03808 1 - A potential security vulnerability has been identified in Micro Focus Universal CMDB/CMS and Micro Focus UCMDB Browser. The vulnerability could be remotely exploited to allow Cross-Site Scripting (XSS). Revision 1 of this advisory.

tags | advisory, xss
EU MRV Regulatory Complete Solution 1 SQL Injection
Posted May 24, 2018
Authored by Veyselxan

EU MRV Regulatory Complete Solution version 1 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
Red Hat Security Advisory 2018-1710-01
Posted May 24, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-1710-01 - The ovirt-node-ng packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. Issues addressed include a bypass vulnerability.

tags | advisory, bypass
systems | linux, redhat
Red Hat Security Advisory 2018-1707-01
Posted May 24, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-1707-01 - Librelp is an easy-to-use library for the Reliable Event Logging Protocol protocol. RELP is a general-purpose, extensible logging protocol. Issues addressed include a buffer overflow vulnerability.

tags | advisory, overflow, protocol
systems | linux, redhat
Red Hat Security Advisory 2018-1703-01
Posted May 24, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-1703-01 - Librelp is an easy-to-use library for the Reliable Event Logging Protocol protocol. RELP is a general-purpose, extensible logging protocol. Issues addressed include a buffer overflow vulnerability.

tags | advisory, overflow, protocol
systems | linux, redhat
Honeywell XL Web Controller Cross Site Scripting / SQL Injection
Posted May 24, 2018
Authored by t4rkd3vilz

Honeywell XL Web Controller suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, web, vulnerability, xss, sql injection
Timber 1.1 Cross Site Request Forgery
Posted May 24, 2018
Authored by Borna Nematzadeh

Timber version 1.1 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
Easy File Uploader 1.7 Shell Upload
Posted May 24, 2018
Authored by indoushka

Easy File Uploader version 1.7 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell, file upload
Red Hat Security Advisory 2018-1702-01
Posted May 24, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-1702-01 - Librelp is an easy-to-use library for the Reliable Event Logging Protocol protocol. RELP is a general-purpose, extensible logging protocol. Issues addressed include a buffer overflow vulnerability.

tags | advisory, overflow, protocol
systems | linux, redhat
OpenDaylight SQL Injection
Posted May 24, 2018
Authored by Jameel Nabbo

OpenDaylight suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
ASP.NET jVideo Kit 1.0 SQL Injection
Posted May 24, 2018
Authored by Ozkan Mustafa Akkus

ASP.NET jVideo Kit version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection, asp
WordPress Peugeot Music 1.0 Shell Upload / Cross Site Request Forgery
Posted May 24, 2018
Authored by Mr.7z

WordPress Peugeot Music plugin version 1.0 suffers from cross site request forgery and remote shell upload vulnerabilities.

tags | exploit, remote, shell, vulnerability, csrf
View Older Files →

Want To Donate?


Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

Recent News

News RSS Feed
Police Are Using Amazon's Face Recognition Service
Posted May 23, 2018

tags | headline, government, privacy, amazon
Zuckerberg's European Parliament Testimony Criticized
Posted May 23, 2018

tags | headline, government, privacy, data loss, facebook
FBI Inflated Encrypted Device Figures, Misleading Public
Posted May 23, 2018

tags | headline, government, privacy, usa, phone, apple, fbi, cryptography
Who's Afraid Of Kaspersky?
Posted May 23, 2018

tags | headline, malware, virus, russia, cyberwar, conference
Greenwich University Hit With Massive Data Breach Fine
Posted May 22, 2018

tags | headline, privacy, britain, data loss
Spectre Chip Security Vulnerability Strikes Again
Posted May 22, 2018

tags | headline, flaw, intel
Comcast Website Bug Leaks Xfinity Customer Data
Posted May 22, 2018

tags | headline, privacy, data loss, flaw
High-End Router Flinger DrayTek Admits To Zero Day In Bunch Of Vigor Kit
Posted May 22, 2018

tags | headline, wireless, flaw, zero day
Teen Phone Monitoring App Leaked Thousands Of Passwords
Posted May 21, 2018

tags | headline, privacy, phone, data loss, password, spyware
Google Offers Free DDoS Protection Services For Democracy
Posted May 21, 2018

tags | headline, government, denial of service, google
View More News →

File Archive:

May 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    15 Files
  • 2
    May 2nd
    17 Files
  • 3
    May 3rd
    30 Files
  • 4
    May 4th
    29 Files
  • 5
    May 5th
    2 Files
  • 6
    May 6th
    3 Files
  • 7
    May 7th
    13 Files
  • 8
    May 8th
    27 Files
  • 9
    May 9th
    17 Files
  • 10
    May 10th
    15 Files
  • 11
    May 11th
    8 Files
  • 12
    May 12th
    2 Files
  • 13
    May 13th
    8 Files
  • 14
    May 14th
    7 Files
  • 15
    May 15th
    43 Files
  • 16
    May 16th
    19 Files
  • 17
    May 17th
    16 Files
  • 18
    May 18th
    15 Files
  • 19
    May 19th
    3 Files
  • 20
    May 20th
    7 Files
  • 21
    May 21st
    15 Files
  • 22
    May 22nd
    40 Files
  • 23
    May 23rd
    64 Files
  • 24
    May 24th
    55 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

News Tags

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close