Exploit the possiblities
Showing 1 - 11 of 11 RSS Feed

Files Date: 2014-08-26

glibc __gconv_translit_find() Privilege Escalation
Posted Aug 26, 2014
Authored by Chris Evans, Tavis Ormandy

glibc __gconv_translit_find() single-fixed-byte heap metadata overflow local root exploit for Fedora 20 32-bit. This issue is not specific to Fedora, but the proof of concept is specifically for Fedora 20 32-bit.

tags | exploit, overflow, local, root, proof of concept
systems | linux, unix, fedora
advisories | CVE-2014-5119
MD5 | 793916b5756ad9ad1e630a13328c6fa9
Grand MA 300 Fingerprint Reader Weak PIN Verification
Posted Aug 26, 2014
Authored by Eric Sesterhenn | Site lsexperts.de

Grand MA 300/ID with firmware 6.60 has a weakness that allows the retrieval of the access pin from sniffed data, as well as a weakness that allows a fast brute-force attack on the pin.

tags | exploit
advisories | CVE-2014-5380, CVE-2014-5381
MD5 | 5eb76cc847bc8f032caa96b99771031d
Joomla Spider 2.8.3 SQL Injection
Posted Aug 26, 2014
Authored by Claudio Viviani

Joomla Spider video player version 2.8.3 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 01614578aad855b01cd60e75037b0465
vm-support 0.88 File Overwrite / Information Disclosure
Posted Aug 26, 2014
Authored by Dolev Farhi

vm-support version 0.88 suffers from file overwrite and sensitive information disclosure vulnerabilities.

tags | exploit, vulnerability, info disclosure
advisories | CVE-2014-4199, CVE-2014-4200
MD5 | 176f006651968940769f78a6d62c2d2b
Red Hat Security Advisory 2014-1098-01
Posted Aug 26, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-1098-01 - HttpClient is an HTTP/1.1 compliant HTTP agent implementation based on httpcomponents HttpCore. It was discovered that the HttpClient incorrectly extracted host name from an X.509 certificate subject's Common Name field. A man-in-the-middle attacker could use this flaw to spoof an SSL server using a specially crafted X.509 certificate. This issue was discovered by Florian Weimer of Red Hat Product Security.

tags | advisory, web, spoof
systems | linux, redhat
advisories | CVE-2012-6153
MD5 | 1617f346bc3f3515e3264cb0a7ccbbed
RSA Identity Management And Governance Authentication Bypass
Posted Aug 26, 2014
Site emc.com

RSA IMG systems configured with NovellIM as the authentication source may be subject to a potential authentication bypass vulnerability due to the fact that no password is required to authenticate legitimate users. A malicious user with knowledge of a valid user name can leverage this vulnerability to perform operations with the privileges of the authenticated user and potentially cause audit-attribution problems.

tags | advisory, bypass
advisories | CVE-2014-4619
MD5 | 7eb1e74417e42cb056337235926bc7f8
WordPress WPtouch Mobile 3.4.5 Shell Upload
Posted Aug 26, 2014
Authored by Don Tukulesto, k4L0ng666 | Site indonesiancoder.com

WordPress WPtouch Mobile plugin version 3.4.5 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
MD5 | 781ab393c0cbc485feac83af160c181f
WordPress ShortCode 0.2.3 Local File Inclusion
Posted Aug 26, 2014
Authored by Christian Galeone, Mehdi Karout

WordPress ShortCode plugin version 0.2.3 suffers from a local file inclusion vulnerability. Note that this finding houses site-specific data.

tags | exploit, local, file inclusion
advisories | CVE-2014-5465
MD5 | e9e0cbc51c5ba1fe73910e62d162c42a
HP Security Bulletin HPSBMU03076 2
Posted Aug 26, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU03076 2 - Potential security vulnerabilities have been identified with HP Systems Insight Manager running on Linux and Windows which could be exploited remotely resulting in multiple vulnerabilities. Revision 2 of this advisory.

tags | advisory, vulnerability
systems | linux, windows
advisories | CVE-2010-5298, CVE-2014-0076, CVE-2014-0195, CVE-2014-0198, CVE-2014-0221, CVE-2014-0224, CVE-2014-3470
MD5 | fc0fb1a5c99c50587972068ea54dd519
Exploitation Of Hash Functions
Posted Aug 26, 2014
Authored by Deepanshu Khanna

This is a whitepaper that touches on various cryptography and discusses hash functions at a slightly greater length.

tags | paper
MD5 | 67bf0fb9a7af19573e2642a0ce66cc37
Nmap Port Scanner 6.47
Posted Aug 26, 2014
Authored by Fyodor | Site insecure.org

Nmap is a utility for port scanning large networks, although it works fine for single hosts. Sometimes you need speed, other times you may need stealth. In some cases, bypassing firewalls may be required. Not to mention the fact that you may want to scan different protocols (UDP, TCP, ICMP, etc.). Nmap supports Vanilla TCP connect() scanning, TCP SYN (half open) scanning, TCP FIN, Xmas, or NULL (stealth) scanning, TCP ftp proxy (bounce attack) scanning, SYN/FIN scanning using IP fragments (bypasses some packet filters), TCP ACK and Window scanning, UDP raw ICMP port unreachable scanning, ICMP scanning (ping-sweep), TCP Ping scanning, Direct (non portmapper) RPC scanning, Remote OS Identification by TCP/IP Fingerprinting, and Reverse-ident scanning. Nmap also supports a number of performance and reliability features such as dynamic delay time calculations, packet timeout and retransmission, parallel port scanning, detection of down hosts via parallel pings.

Changes: Integrated all IPv4 OS fingerprint submissions since June 2013. Added 366 fingerprints. Various other additions and updates.
tags | tool, remote, udp, tcp, protocol, nmap
systems | linux, unix
MD5 | 21577e7c7da2be170eb6c82d3e68ce5e
Page 1 of 1
Back1Next

File Archive:

December 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    15 Files
  • 2
    Dec 2nd
    2 Files
  • 3
    Dec 3rd
    1 Files
  • 4
    Dec 4th
    15 Files
  • 5
    Dec 5th
    15 Files
  • 6
    Dec 6th
    18 Files
  • 7
    Dec 7th
    17 Files
  • 8
    Dec 8th
    15 Files
  • 9
    Dec 9th
    13 Files
  • 10
    Dec 10th
    4 Files
  • 11
    Dec 11th
    41 Files
  • 12
    Dec 12th
    44 Files
  • 13
    Dec 13th
    25 Files
  • 14
    Dec 14th
    10 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close