what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 17 of 17 RSS Feed

Files Date: 2014-05-21

Zed Attack Proxy 2.3.1 Windows Installer
Posted May 21, 2014
Authored by Psiinon | Site owasp.org

The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing. ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually. Windows installer.

Changes: Bug fixes.
tags | tool, web, vulnerability
systems | windows
SHA-256 | fd47a9374db59f4b3afe123975016976e532f71752fe45571336d16636ebc39a
Zed Attack Proxy 2.3.1 Mac OS X Release
Posted May 21, 2014
Authored by Psiinon | Site owasp.org

The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing. ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually. Mac OS X release.

Changes: Bug fixes.
tags | tool, web, vulnerability
systems | apple, osx
SHA-256 | 417d9208ea3df826f3641131f0f8c2c475cf56f7926f51be1a6c8b155c06b1c9
Tor-ramdisk i686 UClibc-based Linux Distribution x86 20140520
Posted May 21, 2014
Authored by Anthony G. Basile | Site opensource.dyc.edu

Tor-ramdisk is an i686 uClibc-based micro Linux distribution whose only purpose is to host a Tor server in an environment that maximizes security and privacy. Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. Security is enhanced by employing a monolithically compiled GRSEC/PAX patched kernel and hardened system tools. Privacy is enhanced by turning off logging at all levels so that even the Tor operator only has access to minimal information. Finally, since everything runs in ephemeral memory, no information survives a reboot, except for the Tor configuration file and the private RSA key which may be exported/imported by FTP. x86_64 version.

Changes: This release updates tor to version 0.2.4.22, the kernel to 3.14.4 plus Gentoo's hardened-patches, and openssh to 6.6p1. The bump in tor adds an important block to authority signing keys that were used on authorities vulnerable to the "heartbleed" bug in OpenSSL, CVE-2014-0160. The bump in the kernel addresses the pty layer race condition memory corruption, CVE-2014-0196. Upgrading is strongly recommended.
tags | tool, kernel, peer2peer
systems | linux
advisories | CVE-2014-0160, CVE-2014-0196
SHA-256 | 3306c7e085052181a0b7cb7150f2e6a86adc9942ce70c90c6ca896ea79857940
Panda Security Privilege Escalation
Posted May 21, 2014
Authored by Kyriakos Economou

All users of the following (and possibly earlier) versions of Panda security products for Windows are vulnerable to a local privilege escalation which allows a local attacker to elevate privileges from any account type and execute code as SYSTEM, thus obtaining full access over the compromised host.

tags | advisory, local
systems | windows
advisories | CVE-2014-3450
SHA-256 | bd05592c98a9bbeefe7ba5ee744232314670a99e8285c1dafadcf505cd119f51
BSS Continuity CMS 4.2.22640.0 SQL Injection
Posted May 21, 2014
Authored by Jerzy Kramarz

BSS Continuity CMS version 4.2.22640.0 suffers from a remote blind SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2014-3446
SHA-256 | 43feb3cbd99eaefa88765c3c9103eabad8285af84513ee137eec680d6360a86e
BSS Continuity CMS 4.2.22640.0 Denial Of Service
Posted May 21, 2014
Authored by Jerzy Kramarz

BSS Continuity CMS version 4.2.22640.0 suffers from a denial of service vulnerability.

tags | advisory, denial of service
advisories | CVE-2014-3447
SHA-256 | d7e9e0e3d9e9e78fbf9acded3c17d9c2499a49a7fd4828f158617351e69206d1
BSS Continuity CMS 4.2.22640.0 Code Execution
Posted May 21, 2014
Authored by Jerzy Kramarz

BSS Continuity CMS version 4.2.22640.0 suffers from a remote code execution vulnerability via an unauthenticated file upload.

tags | exploit, remote, code execution, file upload
advisories | CVE-2014-3448
SHA-256 | f64096d831fab8b5daddf9da0cef7ef566ab842ef369e375cbf0cbd1cc51fd22
BSS Continuity CMS 4.2.22640.0 Authentication Bypass
Posted May 21, 2014
Authored by Jerzy Kramarz

BSS Continuity CMS version4.2.22640.0 suffers from a direct access bypass vulnerability.

tags | exploit, bypass
advisories | CVE-2014-3449
SHA-256 | e3ab30109477b8b881798256ebec26615cccca5ae9a61b5ba335a7b9e3e124c4
DIR-605L Disclosure / Bypass
Posted May 21, 2014
Authored by laalaa

DIR-605L suffers from password disclosure and authentication bypass vulnerabilities.

tags | exploit, vulnerability, bypass, info disclosure
SHA-256 | 34ebc0a7494b884a027be858fbef805a053014d262af42c2fac420268583749f
Artikel CMS Cross Site Scripting
Posted May 21, 2014
Authored by Renzi

Artikel CMS suffers from a cross site scripting vulnerability. Note that this finding houses site-specific data.

tags | exploit, xss
SHA-256 | 29b2e71cf0e6d4b0890cf06eccdc9b57dff712a333e877aaf3ad3f221e394afe
ClassAd Cross Site Scripting
Posted May 21, 2014
Authored by Renzi

ClassAd suffers from a cross site scripting vulnerability. Note that this finding houses site-specific data.

tags | exploit, xss
SHA-256 | 02a2c0b255ff4254797f868e19ff5ad1d09521aa1ffc45f92f2aa33e8a00bbef
Flying Cart Cross Site Scripting
Posted May 21, 2014
Authored by Renzi

Sites using Flying Cart suffer from a cross site scripting vulnerability. Note that this finding houses site-specific data.

tags | exploit, xss
SHA-256 | 94e71e6c1f57749ac86022d71ebb2690578d7642017877347bfa8c2e2f9cfb4e
Debian Security Advisory 2934-1
Posted May 21, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2934-1 - Several vulnerabilities were discovered in Django, a high-level Python web development framework.

tags | advisory, web, vulnerability, python
systems | linux, debian
advisories | CVE-2014-0472, CVE-2014-0473, CVE-2014-0474, CVE-2014-1418, CVE-2014-3730
SHA-256 | f3cac867348584be5c7e3a98278d62b519f5059a1407c982fa0160a95cfab217
Debian Security Advisory 2933-1
Posted May 21, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2933-1 - Several vulnerabilities were discovered in qemu-kvm, a full virtualization solution on x86 hardware.

tags | advisory, x86, vulnerability
systems | linux, debian
advisories | CVE-2013-4344, CVE-2014-2894
SHA-256 | 4609c037e37dde4bff9f2e2e89d521f16f72c77707b5de202ee9ad47dad1558a
Red Hat Security Advisory 2014-0520-01
Posted May 21, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-0520-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A flaw was found in the way the Linux kernel processed an authenticated COOKIE_ECHO chunk during the initialization of an SCTP connection. A remote attacker could use this flaw to crash the system by initiating a specially crafted SCTP handshake in order to trigger a NULL pointer dereference on the system. A race condition flaw, leading to heap-based buffer overflows, was found in the way the Linux kernel's N_TTY line discipline implementation handled concurrent processing of echo output and TTY write operations originating from user space when the underlying TTY driver was PTY. An unprivileged, local user could use this flaw to crash the system or, potentially, escalate their privileges on the system.

tags | advisory, remote, overflow, kernel, local
systems | linux, redhat
advisories | CVE-2014-0101, CVE-2014-0196
SHA-256 | cf3230577c1120f15292cc4b5ce4d76ea79c82dfeeb2391d814a2ba0d353662d
Red Hat Security Advisory 2014-0522-01
Posted May 21, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-0522-01 - MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. This update fixes several vulnerabilities in the MariaDB database server. These updated packages upgrade MariaDB to version 5.5.37.

tags | advisory, vulnerability
systems | linux, redhat
advisories | CVE-2014-0384, CVE-2014-2419, CVE-2014-2430, CVE-2014-2431, CVE-2014-2432, CVE-2014-2436, CVE-2014-2438, CVE-2014-2440
SHA-256 | 6c7b692716d4b3231366034b209f15ed6358a6cc0307d2637ae8cab01d54704d
FTP Rush 2.1.8 X.509 Validation
Posted May 21, 2014
Authored by Micha Borrmann | Site syss.de

FTP Rush version 2.1.8 fails to validate X.509 certificates.

tags | advisory
SHA-256 | 08db1ca6e7f0ad3753320343d94123a3e0682c3ebd85684834dbf71b50e8349d
Page 1 of 1
Back1Next

File Archive:

June 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    19 Files
  • 2
    Jun 2nd
    16 Files
  • 3
    Jun 3rd
    28 Files
  • 4
    Jun 4th
    0 Files
  • 5
    Jun 5th
    0 Files
  • 6
    Jun 6th
    19 Files
  • 7
    Jun 7th
    23 Files
  • 8
    Jun 8th
    11 Files
  • 9
    Jun 9th
    10 Files
  • 10
    Jun 10th
    4 Files
  • 11
    Jun 11th
    0 Files
  • 12
    Jun 12th
    0 Files
  • 13
    Jun 13th
    0 Files
  • 14
    Jun 14th
    0 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    0 Files
  • 18
    Jun 18th
    0 Files
  • 19
    Jun 19th
    27 Files
  • 20
    Jun 20th
    65 Files
  • 21
    Jun 21st
    10 Files
  • 22
    Jun 22nd
    8 Files
  • 23
    Jun 23rd
    6 Files
  • 24
    Jun 24th
    6 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    15 Files
  • 28
    Jun 28th
    14 Files
  • 29
    Jun 29th
    11 Files
  • 30
    Jun 30th
    7 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close