Exploit the possiblities
Showing 1 - 18 of 18 RSS Feed

Files Date: 2014-04-10

iVault Private P&V 1.1 Directory Traversal
Posted Apr 10, 2014
Authored by Benjamin Kunz Mejri | Site vulnerability-lab.com

iVault Private P&V version 1.1 for iOS suffers from a directory traversal vulnerability.

tags | exploit
systems | apple, ios
MD5 | 3540d5d3e25c8b25616bc4539fd94fe6
AppFish Offline Coder 2.2 Persistent Script Insertion
Posted Apr 10, 2014
Authored by Benjamin Kunz Mejri | Site vulnerability-lab.com

AppFish Offline Coder version 2.2 for iOS suffers from a persistent script insertion vulnerability.

tags | exploit
systems | apple, ios
MD5 | 1d501cb3bbcae122a005b5e0ceb34b79
Zed Attack Proxy 2.3.0 Windows Installer
Posted Apr 10, 2014
Authored by Psiinon | Site owasp.org

The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing. ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually. Windows installer.

Changes: Support for non standard apps. Input Vector scripts. More API Support. Keyboard shortcuts. New UI Options. Various other improvements and additions.
tags | tool, web, vulnerability
systems | windows
MD5 | 6b34e8ed3719ba9fc660d51b9b7b15b0
BlueMe Bluetooth 5.0 Code Execution
Posted Apr 10, 2014
Authored by Benjamin Kunz Mejri | Site vulnerability-lab.com

BlueMe Bluetooth version 5.0 for iOS suffers from a code execution vulnerability.

tags | exploit, code execution
systems | apple, ios
MD5 | 196b7aabef4dddb0ecd2a08f9d082d8c
Red Hat Security Advisory 2014-0396-01
Posted Apr 10, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-0396-01 - The rhev-hypervisor6 package provides a Red Hat Enterprise Virtualization Hypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor is a dedicated Kernel-based Virtual Machine hypervisor. It includes everything necessary to run and manage virtual machines: a subset of the Red Hat Enterprise Linux operating environment and the Red Hat Enterprise Virtualization Agent. Important: This update is an emergency security fix being provided outside the scope of the published support policy for Red Hat Enterprise Virtualization listed in the References section. In accordance with the support policy for Red Hat Enterprise Virtualization, Red Hat Enterprise Virtualization Hypervisor 3.2 will not receive future security updates.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2014-0160
MD5 | f33c2e8e75c4aba424288fca6116ce1d
Mandriva Linux Security Advisory 2014-075
Posted Apr 10, 2014
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2014-075 - The BEGIN regular expression in the awk script detector in magic/Magdir/commands in file before 5.15 uses multiple wildcards with unlimited repetitions, which allows context-dependent attackers to cause a denial of service via a crafted ASCII file that triggers a large amount of backtracking, as demonstrated via a file with many newline characters. The updated php packages have been upgraded to the 5.5.11 version which is not vulnerable to this issue. Also, the timezonedb PHP PECL module has been updated to the latest 2014.2 version. Additionally, the PECL packages which requires so has been rebuilt for php-5.5.11.

tags | advisory, denial of service, php
systems | linux, mandriva
advisories | CVE-2013-7345
MD5 | f8dc6dfefae97484c4635ae5be3d4ef7
Debian Security Advisory 2899-1
Posted Apr 10, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2899-1 - Michael Meffie discovered that in OpenAFS, a distributed filesystem, an attacker with the ability to connect to an OpenAFS fileserver can trigger a buffer overflow, crashing the fileserver, and potentially permitting the execution of arbitrary code.

tags | advisory, overflow, arbitrary
systems | linux, debian
advisories | CVE-2014-0159
MD5 | 55ea66c560789688719040d4ea10fde8
Sendy 1.1.9.1 SQL Injection
Posted Apr 10, 2014
Authored by necro369

Sendy version 1.1.9.1 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 1064627d408df5c3eaf4979d2ba1bf44
CMS United Cross Site Scripting
Posted Apr 10, 2014
Authored by Renzi

CMS United suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 3b3568851ec784a0d4ff955ef2014f62
CMS eaZy SQL Injection
Posted Apr 10, 2014
Authored by Renzi

CMS eaZy suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 3843b8ee0bcdfd021cb7b917ece6940d
Zed Attack Proxy 2.3.0 Linux Release
Posted Apr 10, 2014
Authored by Psiinon | Site owasp.org

The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing. ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually. Linux release.

Changes: Support for non standard apps. Input Vector scripts. More API Support. Keyboard shortcuts. New UI Options. Various other improvements and additions.
tags | tool, web, vulnerability
systems | linux, unix
MD5 | 62e4e9143d117a5258a6a6be111a64b2
Zed Attack Proxy 2.3.0 Mac OS X Release
Posted Apr 10, 2014
Authored by Psiinon | Site owasp.org

The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing. ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually. Mac OS X release.

Changes: Support for non standard apps. Input Vector scripts. More API Support. Keyboard shortcuts. New UI Options. Various other improvements and additions.
tags | tool, web, vulnerability
systems | apple, osx
MD5 | 59097f705ec0e9da27314a740d179d04
Bleed Out Heartbleed Command Line Tool 1.0.0.10
Posted Apr 10, 2014
Authored by John Leitch

Bleed Out is a command line tool written in C# for targeting instances of OpenSSL made vulnerable by the prolific "Heartbleed" bug. The tool aggressively exploits the OpenSSL vulnerability, dumping both ASCII and binary data to files. It also checks the uniqueness of each chunk before persisting it, to ensure that duplicate chunks are not saved.

Changes: Fixed exploitability test. Fixed argument validation. Fixed port exhaustion issue. Misc fixes. Minor CLI tweaks. Improved string searching. Added args for configuring retry. Changed target framework to .NET 4 for XP compatibility.
tags | exploit
advisories | CVE-2014-0160
MD5 | 556bee55b098ed777aa41261833a26a6
sn00p 0.8
Posted Apr 10, 2014
Authored by noptrix | Site nullsecurity.net

sn00p is a modular tool written in bourne shell and designed to chain and automate security tools and tests. It parses target definitions from the command line and runs corresponding modules afterwards. sn00p can also parse a given nmap logfile for open tcp and udp ports. All results will be logged in specified directories and a report can subsequently be generated.

tags | tool, shell, udp, tcp
systems | unix
MD5 | 1c43f2013de4503121385882a2201b27
OpenSSL Heartbeat (Heartbleed) Information Leak
Posted Apr 10, 2014
Authored by Neel Mehta, juan vazquez, Christian Mehlmauer, wvu, Jared Stafford, Matti, Riku, Antti, FiloSottile | Site metasploit.com

This Metasploit module implements the OpenSSL Heartbleed attack. The problem exists in the handling of heartbeat requests, where a fake length can be used to leak memory data in the response. Services that support STARTTLS may also be vulnerable.

tags | exploit
advisories | CVE-2014-0160
MD5 | 5e21c0cfcfe3a4db2ab5cf1b792b201d
DNS Spider Multithreaded Bruteforcer 0.5
Posted Apr 10, 2014
Authored by noptrix | Site noptrix.net

DNS Spider is a multithreaded bruteforcer of subdomains that leverages a wordlist and/or character permutation.

Changes: Fixed extracted ip addresses from rrset answers. Renamed file (removed version string). Removed trailing whitespaces and color output. Changed banner.
tags | tool, scanner
systems | unix
MD5 | fadca11e2252f7a09df5958b488b0a08
WebLife CMS SQL Injection
Posted Apr 10, 2014
Authored by Renzi

WebLife CMS suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 3c27ed5e8cce80de06f98bd532336c6a
Bleed Out Heartbleed Command Line Tool 1.0.0.0
Posted Apr 10, 2014
Authored by John Leitch

Bleed Out is a command line tool written in C# for targeting instances of OpenSSL made vulnerable by the prolific "Heartbleed" bug. The tool aggressively exploits the OpenSSL vulnerability, dumping both ASCII and binary data to files. It also checks the uniqueness of each chunk before persisting it, to ensure that duplicate chunks are not saved.

tags | exploit
advisories | CVE-2014-0160
MD5 | 8d7cd7939ece8eec8251fa06723c752d
Page 1 of 1
Back1Next

File Archive:

December 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    15 Files
  • 2
    Dec 2nd
    2 Files
  • 3
    Dec 3rd
    1 Files
  • 4
    Dec 4th
    15 Files
  • 5
    Dec 5th
    15 Files
  • 6
    Dec 6th
    18 Files
  • 7
    Dec 7th
    17 Files
  • 8
    Dec 8th
    15 Files
  • 9
    Dec 9th
    13 Files
  • 10
    Dec 10th
    4 Files
  • 11
    Dec 11th
    41 Files
  • 12
    Dec 12th
    42 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close