Exploit the possiblities
Showing 1 - 13 of 13 RSS Feed

Files Date: 2014-08-25

ntopng 1.2.0 Cross Site Scripting
Posted Aug 25, 2014
Authored by Steffen Bauch

ntopng version 1.2.0 suffers from a cross site scripting vulnerability using monitored network traffic.

tags | exploit, xss
advisories | CVE-2014-5464
MD5 | 20394abc5f724426f7f626f6fc7bba57
Dragonfly 1.0.5 Remote Code Execution
Posted Aug 25, 2014
Authored by coco, leex

Dragonfly gem version 1.0.5 that is used for image processing suffers from a code execution vulnerability.

tags | exploit, code execution
MD5 | c62b66fc940adcd313d9d720810df054
VTLS-Virtua SQL Injection
Posted Aug 25, 2014
Authored by Jose Tozo

VTLS-Virtua versions under 2014.X and all of 2013.2.X suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2014-2081
MD5 | 07f1a35e60c62a13a64ee7785ce29656
Barracuda Networks Web Security Flex Appliance 4.x XSS
Posted Aug 25, 2014
Authored by Benjamin Kunz Mejri | Site vulnerability-lab.com

Barracuda Networks Web Security Flex Appliance application version 4.x suffers from multiple persistent cross site scripting vulnerabilities.

tags | exploit, web, vulnerability, xss
MD5 | 5538a911aaefd7b265bc56b169a401f7
Debian Security Advisory 3011-1
Posted Aug 25, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3011-1 - It was discovered that MediaWiki, a website engine for collaborative work, is vulnerable to JSONP injection in Flash (CVE-2014-5241) and clickjacking between OutputPage and ParserOutput (CVE-2014-5243). The vulnerabilities are addressed by upgrading MediaWiki to the new upstream version 1.19.18, which includes additional changes.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2014-5241, CVE-2014-5243
MD5 | 211cac82f52906b63d45d7de433cb5cd
Debian Security Advisory 3010-1
Posted Aug 25, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3010-1 - Several vulnerabilities were discovered in Django, a high-level Python web development framework.

tags | advisory, web, vulnerability, python
systems | linux, debian
advisories | CVE-2014-0480, CVE-2014-0481, CVE-2014-0482, CVE-2014-0483
MD5 | f1cfbc78478b0ddc18b07ec08e41fb48
Red Hat Security Advisory 2014-1091-01
Posted Aug 25, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-1091-01 - The mod_wsgi adapter is an Apache module that provides a WSGI-compliant interface for hosting Python-based web applications within Apache. It was found that mod_wsgi did not properly drop privileges if the call to setuid() failed. If mod_wsgi was set up to allow unprivileged users to run WSGI applications, a local user able to run a WSGI application could possibly use this flaw to escalate their privileges on the system. Note: mod_wsgi is not intended to provide privilege separation for WSGI applications. Systems relying on mod_wsgi to limit or sandbox the privileges of mod_wsgi applications should migrate to a different solution with proper privilege separation.

tags | advisory, web, local, python
systems | linux, redhat
advisories | CVE-2014-0240
MD5 | b71161344f1778fc2613e72d74d8d4d6
Ubuntu Security Notice USN-2139-2
Posted Aug 25, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2139-2 - USN-2319-1 fixed vulnerabilities in OpenJDK 7. Due to an upstream regression, verifying of the init method call would fail when it was done from inside a branch when stack frames are activated. This update fixes the problem. Various other issues were also addressed.

tags | advisory, vulnerability
systems | linux, ubuntu
advisories | CVE-2014-4223, CVE-2014-4262, CVE-2014-4263, CVE-2014-4264
MD5 | e7c60783ce5b3a9a26710aa6e116c86d
Barracuda Networks Web Security Flex 4.1 XSS
Posted Aug 25, 2014
Authored by Benjamin Kunz Mejri | Site vulnerability-lab.com

Barracuda Networks Web Security Flex version 4.1 suffers from multiple persistent cross site scripting vulnerabilities.

tags | exploit, web, vulnerability, xss
MD5 | 7fd42d5148eeef0e83389a4243365bb3
Bypass Antivirus Dynamic Analysis
Posted Aug 25, 2014
Authored by Emeric Nasi

In this paper the author describes AV methods and focuses on how to fool antivirus emulation systems. They set themselves a challenge to find half a dozen ways to bypass AV dynamic analysis by using a fully undetectable decryption stub.

tags | paper, virus
MD5 | c4de1d2cdfde42f5957a9af64bb2de38
SSDP Amplification Scanner
Posted Aug 25, 2014

SSDP amplification scanner written in Python. Makes use of Scapy.

tags | exploit, tool, python
MD5 | dfc27673f907456fb104eb06f3a59b7b
Air Transfer Iphone 1.3.9 Arbitrary File Download
Posted Aug 25, 2014
Authored by SaMaN

Air Transfer Iphone version 1.3.9 suffers from remote denial of service and unauthenticated file access vulnerabilities.

tags | exploit, remote, denial of service, vulnerability
systems | apple, iphone
MD5 | da7440f7bf7a7876e69310fca0107eb5
MEHR Automation System Arbitrary File Download
Posted Aug 25, 2014
Authored by alieye

MEHR Automation System suffers from an arbitrary file download vulnerability.

tags | exploit, arbitrary
MD5 | 4d2f2e65abc52c51304a550e9f76b52f
Page 1 of 1
Back1Next

File Archive:

November 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    22 Files
  • 2
    Nov 2nd
    28 Files
  • 3
    Nov 3rd
    10 Files
  • 4
    Nov 4th
    1 Files
  • 5
    Nov 5th
    5 Files
  • 6
    Nov 6th
    15 Files
  • 7
    Nov 7th
    15 Files
  • 8
    Nov 8th
    13 Files
  • 9
    Nov 9th
    9 Files
  • 10
    Nov 10th
    9 Files
  • 11
    Nov 11th
    3 Files
  • 12
    Nov 12th
    2 Files
  • 13
    Nov 13th
    15 Files
  • 14
    Nov 14th
    17 Files
  • 15
    Nov 15th
    19 Files
  • 16
    Nov 16th
    15 Files
  • 17
    Nov 17th
    19 Files
  • 18
    Nov 18th
    4 Files
  • 19
    Nov 19th
    2 Files
  • 20
    Nov 20th
    9 Files
  • 21
    Nov 21st
    15 Files
  • 22
    Nov 22nd
    23 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close