exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 29 RSS Feed

Files Date: 2014-06-03

Hydra Network Logon Cracker 8.0
Posted Jun 3, 2014
Authored by van Hauser, thc | Site thc.org

THC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.

Changes: Added patch for xhydra that adds bruteforce generator to the GUI, initial interactive password authentication test for ssh, patch which adds Unicode support for the SMB module, and module for redis. Various bug fixes and enhancements also included.
tags | tool, web, cracker, imap
systems | cisco, unix
SHA-256 | 9fd3cb8f839767be7185e3c62642366d85bb9fec82fdf34d97d8a593c0b535c4
Red Hat Security Advisory 2014-0596-01
Posted Jun 3, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-0596-01 - The libtasn1 library provides Abstract Syntax Notation One parsing and structures management, and Distinguished Encoding Rules encoding and decoding functions. It was discovered that the asn1_get_bit_der() function of the libtasn1 library incorrectly reported the length of ASN.1-encoded data. Specially crafted ASN.1 input could cause an application using libtasn1 to perform an out-of-bounds access operation, causing the application to crash or, possibly, execute arbitrary code. Multiple incorrect buffer boundary check issues were discovered in libtasn1. Specially crafted ASN.1 input could cause an application using libtasn1 to crash.

tags | advisory, arbitrary
systems | linux, redhat
advisories | CVE-2014-3467, CVE-2014-3468, CVE-2014-3469
SHA-256 | f836b4e6265be37b61ebbaeb05c7c0654914fc9b847e41d68406944ce2824ce7
Red Hat Security Advisory 2014-0593-01
Posted Jun 3, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-0593-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A flaw was found in the way the Linux kernel's netfilter connection tracking implementation for Datagram Congestion Control Protocol packets used the skb_header_pointer() function. A remote attacker could use this flaw to send a specially crafted DCCP packet to crash the system or, potentially, escalate their privileges on the system. A flaw was found in the way the handle_rx() function handled large network packets when mergeable buffers were disabled. A privileged guest user could use this flaw to crash the host or corrupt QEMU process memory on the host, which could potentially result in arbitrary code execution on the host with the privileges of the QEMU process.

tags | advisory, remote, arbitrary, kernel, code execution, protocol
systems | linux, redhat
advisories | CVE-2014-0077, CVE-2014-2523
SHA-256 | e0af259e59818ab241512a60cb69f15bfc958b2f4f82dba792286e8e46eb78ae
Red Hat Security Advisory 2014-0595-01
Posted Jun 3, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-0595-01 - The GnuTLS library provides support for cryptographic algorithms and for protocols such as Transport Layer Security. A flaw was found in the way GnuTLS parsed session IDs from ServerHello messages of the TLS/SSL handshake. A malicious server could use this flaw to send an excessively long session ID value, which would trigger a buffer overflow in a connecting TLS/SSL client application using GnuTLS, causing the client application to crash or, possibly, execute arbitrary code.

tags | advisory, overflow, arbitrary, protocol
systems | linux, redhat
advisories | CVE-2014-3466
SHA-256 | be4ccb2c931432b2046f2813b240d9148cd02af051c850e1537fafb04a55bc68
Red Hat Security Advisory 2014-0597-01
Posted Jun 3, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-0597-01 - Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. A denial of service flaw was found in the way Squid processed certain HTTPS requests when the SSL Bump feature was enabled. A remote attacker could send specially crafted requests that could cause Squid to crash.

tags | advisory, remote, web, denial of service
systems | linux, redhat
advisories | CVE-2014-0128
SHA-256 | a93d86f1f5060ac79e0f3de5c45e337415845e6a955bd0933312513c4fbafde0
Red Hat Security Advisory 2014-0594-01
Posted Jun 3, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-0594-01 - The GnuTLS library provides support for cryptographic algorithms and for protocols such as Transport Layer Security. The gnutls packages also include the libtasn1 library, which provides Abstract Syntax Notation One parsing and structures management, and Distinguished Encoding Rules encoding and decoding functions. A flaw was found in the way GnuTLS parsed session IDs from ServerHello messages of the TLS/SSL handshake. A malicious server could use this flaw to send an excessively long session ID value, which would trigger a buffer overflow in a connecting TLS/SSL client application using GnuTLS, causing the client application to crash or, possibly, execute arbitrary code.

tags | advisory, overflow, arbitrary, protocol
systems | linux, redhat
advisories | CVE-2014-3466, CVE-2014-3467, CVE-2014-3468, CVE-2014-3469
SHA-256 | 5383daf04f0ecec5ab448cbfb42ba4c12d0682950ec05432c8551747b9422d50
iScan Online Mobile 2.0.1 Command Injection
Posted Jun 3, 2014
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

iScan Online Mobile version 2.0.1 suffers from a command injection vulnerability.

tags | exploit
SHA-256 | a731c6d4bd6164a27e79d1384464ed90749504d9409a83ee5447f1340dd16584
Bluetooth Photo-File Share 2.1 LFI / File Upload
Posted Jun 3, 2014
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

Bluetooth Photo-File Share version 2.1 suffers from local file inclusion and remote file upload vulnerabilities.

tags | exploit, remote, local, vulnerability, file inclusion, file upload
SHA-256 | ba03a04131ebae4b1334c779e09e8be2223c8aa62629469e3302f05132dc4271
Transform Foundation Server 4.3.1 / 5.2 Cross Site Scripting
Posted Jun 3, 2014
Authored by Juan Francisco

Transform Foundation Server versions 4.3.1 and 5.2 suffer from a reflective cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2014-2577
SHA-256 | 891b715a94170fd468abbd07c7655472ee14b471ec028d6a9f769e3fee3dff15
F*EX 20140313-1 HTTP Response Splitting / Cross Site Scripting
Posted Jun 3, 2014
Authored by Eric Sesterhenn | Site lsexperts.de

F*EX version 20140313-1 suffers from HTTP response splitting and cross site scripting vulnerabilities.

tags | exploit, web, vulnerability, xss
advisories | CVE-2014-3875, CVE-2014-3876, CVE-2014-3877
SHA-256 | 4dc3b01fde7c0d86d616433b95f0ae326f207faf8f3d2b9d094c09535ccd6b6e
Infoware MapSuite Cross Site Scripting
Posted Jun 3, 2014
Authored by Christian Schneider | Site christian-schneider.net

Infoware MapSuite MapAPI versions prior to 1.0.36 and 1.1.49 suffer from a reflective cross site scripting vulnerability.

tags | advisory, xss
advisories | CVE-2014-2843
SHA-256 | a0374d8003ffe3e7290f14bab2cc67a1a285a2970e8d9f52c59bd22a87baf3d6
Infoware MapSuite Server-Side Request Forgery
Posted Jun 3, 2014
Authored by Christian Schneider | Site christian-schneider.net

Infoware MapSuite MapAPI versions prior to 1.0.36 and 1.1.49 suffer from a server-side request forgery vulnerability.

tags | advisory
advisories | CVE-2014-2233
SHA-256 | f817a9ede9c3d3be1b53a712a7d5ad315b452b0e0d7c0f60418a333f6e823954
AllReader 1.0 Local File Inclusion
Posted Jun 3, 2014
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

AllReader version 1.0 suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
SHA-256 | 86da03a60130cf0ffb26d558ecf466aeb1489c6ecac333130056673e4417827c
FCKeditor 2.6.10 Cross Site Scripting
Posted Jun 3, 2014
Authored by Robin Bailey

FCKeditor versions 2.6.10 and below suffer from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 2ec48d54bf9a14cbe9ab85def3491fe17cec2d397f640fcfcf655631a9c67d93
TigerCom My Assistant 1.1 Local File Inclusion
Posted Jun 3, 2014
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

TigerCom My Assistant version 1.1 suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
SHA-256 | e3522c306b0b47851c2701ae94fc8723ad5c8c10e6648ecb1c2f0fe3d9eaa944
Infoware MapSuite Path Traversal
Posted Jun 3, 2014
Authored by Christian Schneider | Site christian-schneider.net

Infoware MapSuite MapAPI versions prior to 1.0.36 and 1.1.49 suffer from a directory traversal vulnerability.

tags | advisory, file inclusion
advisories | CVE-2014-2232
SHA-256 | f187867cdbb5ab804e0b032eec0f21b90b4d473ca96af7c4a66d270aafc547e5
Adobe Acrobat / Reader XI-X AcroBroker Sandbox Bypass
Posted Jun 3, 2014
Authored by VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Adobe Acrobat and Reader. The vulnerability is caused by an input validation error in the "AcroBroker.exe" component when processing local file paths, which could be exploited by attackers to write malicious files to any location on the disk and bypass Adobe Acrobat's sandbox.

tags | advisory, local, bypass
advisories | CVE-2014-0512
SHA-256 | ad3287533d595d02f6981ed86baf9f122df0208c06a04a1ab44a7b0e85c867be
Privacy Pro 1.2 Local File Inclusion
Posted Jun 3, 2014
Authored by LariX4, Vulnerability Laboratory | Site vulnerability-lab.com

Privacy Pro version 1.2 suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
SHA-256 | b54e439d3b968769db819c8c71d8260531546f364025a1e7a0c4ba15c98fb50d
PHPBTTracker+ 2.2 SQL Injection
Posted Jun 3, 2014
Authored by BackBox Team

PHPBTTracker+ version 2.2 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | fa7aba15ea97d81250320431b72f208e37edc68b259942c15690e998aadf30a5
RSA Adaptive Authentication Cross Site Scripting
Posted Jun 3, 2014
Site emc.com

RSA Adaptive Authentication (Hosted) contains a security fix for a DOM cross site scripting vulnerability that may potentially be exploited as a result of improper input validation in the rsa_fso.swf file. RSA Adaptive Authentication (Hosted) version 11.0 is affected.

tags | advisory, xss
advisories | CVE-2014-2502
SHA-256 | fb519bf1c5552b4299cf24beb800b4273768174db4ff04cd6cffb04d2131eb14
Files Desk Pro 1.4 Local File Inclusion
Posted Jun 3, 2014
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

Files Desk Pro version 1.4 suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
SHA-256 | f8df8c9ba58375e5c89b98fca9f1d0fa6d9c8f5d25291aeb2050ac71859b5754
NG WifiTransfer Pro 1.1 Local File Inclusion
Posted Jun 3, 2014
Authored by LariX4, Vulnerability Laboratory | Site vulnerability-lab.com

NG WifiTransfer Pro version 1.1 suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
SHA-256 | 582cb0caa7b800b3eec240541ede7b6b7c23ca1a5e21863808c02a9b6214e277
Debian Security Advisory 2941-1
Posted Jun 3, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2941-1 - It was discovered that clean_html() function of lxml (pythonic bindings for the libxml2 and libxslt libraries) performed insufficient sanitisation for some non-printable characters. This could lead to cross-site scripting.

tags | advisory, xss
systems | linux, debian
advisories | CVE-2014-3146
SHA-256 | 280bdc31468dbbfe79487d5f5d96bff6d2824db0211c840de7cf89cd500e8cad
Debian Security Advisory 2943-1
Posted Jun 3, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2943-1 - Several vulnerabilities were found in PHP, a general-purpose scripting language commonly used for web application development.

tags | advisory, web, php, vulnerability
systems | linux, debian
advisories | CVE-2014-0185, CVE-2014-0237, CVE-2014-0238, CVE-2014-2270
SHA-256 | 14ceb25eecc0ebf2b0e99e958e18bd4f806ab39310e6a3cccdc09f253ced106d
Debian Security Advisory 2939-1
Posted Jun 3, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2939-1 - Several vulnerabilities were discovered in the chromium web browser.

tags | advisory, web, vulnerability
systems | linux, debian
advisories | CVE-2014-1743, CVE-2014-1744, CVE-2014-1745, CVE-2014-1746, CVE-2014-1747, CVE-2014-1748, CVE-2014-1749, CVE-2014-3152
SHA-256 | 8bd1510fc2baf0432374eb30629721f1fd882feb4c32590debd2523d8935400c
Page 1 of 2
Back12Next

File Archive:

January 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    0 Files
  • 2
    Jan 2nd
    13 Files
  • 3
    Jan 3rd
    5 Files
  • 4
    Jan 4th
    5 Files
  • 5
    Jan 5th
    9 Files
  • 6
    Jan 6th
    5 Files
  • 7
    Jan 7th
    0 Files
  • 8
    Jan 8th
    0 Files
  • 9
    Jan 9th
    18 Files
  • 10
    Jan 10th
    31 Files
  • 11
    Jan 11th
    30 Files
  • 12
    Jan 12th
    33 Files
  • 13
    Jan 13th
    25 Files
  • 14
    Jan 14th
    0 Files
  • 15
    Jan 15th
    0 Files
  • 16
    Jan 16th
    7 Files
  • 17
    Jan 17th
    25 Files
  • 18
    Jan 18th
    38 Files
  • 19
    Jan 19th
    6 Files
  • 20
    Jan 20th
    21 Files
  • 21
    Jan 21st
    0 Files
  • 22
    Jan 22nd
    0 Files
  • 23
    Jan 23rd
    24 Files
  • 24
    Jan 24th
    68 Files
  • 25
    Jan 25th
    22 Files
  • 26
    Jan 26th
    20 Files
  • 27
    Jan 27th
    17 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close