Exploit the possiblities
Showing 1 - 18 of 18 RSS Feed

Files Date: 2014-09-03

wtmpclean 0.8.1
Posted Sep 3, 2014
Authored by Davide Madrisan | Site davide.madrisan.googlepages.com

wtmpClean is a tool for Unix which clears a given user from the wtmp database.

Changes: Modularized the source code. Various bug fixes and improvements.
tags | tool, rootkit
systems | unix
MD5 | 40e00074e6c02e1062fca4cfb87b7e24
BlackCat CMS 1.0.3 Cross Site Scripting
Posted Sep 3, 2014
Authored by High-Tech Bridge SA | Site htbridge.com

BlackCat CMS version 1.0.3 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2014-5259
MD5 | 2b8c89599dcf1e906c09067dbbb815d2
MyWebSQL 3.4 Cross Site Scripting
Posted Sep 3, 2014
Authored by High-Tech Bridge SA | Site htbridge.com

MyWebSQL version 3.4 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2014-4735
MD5 | f56dde0cb83e8dd51c765417c7d55f65
WordPress Advanced Access Manager 2.8.2 File Write / Code Execution
Posted Sep 3, 2014
Authored by Tom Adams

WordPress Advanced Access Manager plugin version 2.8.2 suffers from arbitrary file write and code execution vulnerabilities.

tags | exploit, arbitrary, vulnerability, code execution
advisories | CVE-2014-6059
MD5 | f12eef062128d0f94117b656f45950c2
Mpay24 Payment Module 1.5 Information Disclosure / SQL Injection
Posted Sep 3, 2014
Authored by Eldar Marcussen

Mpay24 Payment Module versions 1.5 and below suffer from information disclosure and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection, info disclosure
advisories | CVE-2014-2008, CVE-2014-2009
MD5 | d91cc4e0bea733e9fd33f4bedc70a421
Jenkins 1.578 Cross Site Request Forgery / Command Execution
Posted Sep 3, 2014
Authored by Vadodil Joel Varghese

Jenkins version 1.578 suffers from cross site request forgery and command execution vulnerabilities.

tags | exploit, vulnerability, csrf
MD5 | 108809237391b47f63ea6995601f2699
HP Security Bulletin HPSBGN03099
Posted Sep 3, 2014
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN03099 - A potential security vulnerability has been identified with HP IceWall SSO Dfw, SSO Agent and MCRP running OpenSSL. The vulnerability could be exploited remotely resulting in disclosure of information. Revision 1 of this advisory.

tags | advisory
advisories | CVE-2014-3508
MD5 | 95c3e39501f058e88b098532b0089c97
Mandriva Linux Security Advisory 2014-172
Posted Sep 3, 2014
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2014-172 - The gdImageCreateFromXpm function in gdxpm.c in libgd, as used in PHP 5.4.26 and earlier, allows remote attackers to cause a denial of service via a crafted color table in an XPM file. file before 5.19 does not properly restrict the amount of data read during a regex search, which allows remote attackers to cause a denial of service via a crafted file that triggers backtracking during processing of an awk rule. Various other issues have also been addressed. The updated php packages have been upgraded to the 5.5.16 version resolve these security flaws. Additionally, php-apc has been rebuilt against the updated php packages and the php-timezonedb packages has been upgraded to the 2014.6 version.

tags | advisory, remote, denial of service, php
systems | linux, mandriva
advisories | CVE-2014-2497, CVE-2014-3538, CVE-2014-3587, CVE-2014-3597, CVE-2014-5120
MD5 | 233ab8bdca7744b6ef82e432fd9e42ad
Mandriva Linux Security Advisory 2014-173
Posted Sep 3, 2014
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2014-173 - An integer overflow in liblzo before 2.07 allows attackers to cause a denial of service or possibly code execution in applications using performing LZO decompression on a compressed payload from the attacker. Busybox bundles part of the liblzo code, containing the lzo1x_decompress_safe function, which is affected by this issue.

tags | advisory, denial of service, overflow, code execution
systems | linux, mandriva
advisories | CVE-2014-4607
MD5 | 20869bb2d1ac107c3a40a75173043b66
Ubuntu Security Notice USN-2339-2
Posted Sep 3, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2339-2 - Daniel Genkin, Adi Shamir, and Eran Tromer discovered that Libgcrypt was susceptible to an adaptive chosen ciphertext attack via physical side channels. A local attacker could use this attack to possibly recover private keys.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2014-5270
MD5 | 4710cf1e69b599211ae202ccb51ea568
Ubuntu Security Notice USN-2339-1
Posted Sep 3, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2339-1 - Daniel Genkin, Adi Shamir, and Eran Tromer discovered that GnuPG was susceptible to an adaptive chosen ciphertext attack via physical side channels. A local attacker could use this attack to possibly recover private keys.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2014-5270
MD5 | 7bc20392fda02ee584727cdf4a0e769e
Gentoo Linux Security Advisory 201409-03
Posted Sep 3, 2014
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201409-3 - A vulnerability in dhcpcd can lead to a Denial of Service condition. Versions less than 6.4.3 are affected.

tags | advisory, denial of service
systems | linux, gentoo
advisories | CVE-2014-6060
MD5 | 31b0897c3169d55151e126070247bda3
Ubuntu Security Notice USN-2338-1
Posted Sep 3, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2338-1 - It was discovered that Lua incorrectly handled certain vararg functions with a large number of fixed parameters. An attacker could use this issue to cause Lua applications to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2014-5461
MD5 | 5b6535f399294088c3022fb75b343267
Debian Security Advisory 3018-1
Posted Sep 3, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3018-1 - Multiple security issues have been found in Iceweasel, Debian's version use-after-frees may lead to the execution of arbitrary code or denial of service.

tags | advisory, denial of service, arbitrary
systems | linux, debian
advisories | CVE-2014-1562, CVE-2014-1567
MD5 | 59983e9f3e4f82730e9af8a2b5f976ca
vBulletin 4.1.2 SQL Injection
Posted Sep 3, 2014
Authored by D35m0nd142

Automated SQL injection exploit for vBulletin versions 4.0.x through 4.1.2 that makes use of a vulnerability originally disclosed in May of 2011.

tags | exploit, sql injection
MD5 | 0be5ac6c9a1b2855a08e9d27a7aabe03
vtiger.com Cross Site Scripting
Posted Sep 3, 2014
Authored by Provensec

vtiger.com suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | d70db9d69882b38ec09e5e7ba069c73a
Mozilla Firefox Secret Leak
Posted Sep 3, 2014
Authored by Michal Zalewski

The recent release of Firefox 32 fixes another interesting image parsing issue found by afl. Following a refactoring of memory management code, the past few versions of the browser ended up using uninitialized memory for certain types of truncated images, which is easily measurable with a simple <canvas> + toDataURL() harness that examines all the fuzzer-generated test cases. Depending on a variety of factors, problems like that may leak secrets across web origins, or more prosaically, may help attackers bypass security measures such as ASLR. This code is a proof of concept for versions prior to 32.

tags | exploit, web, proof of concept, fuzzer
advisories | CVE-2014-1564
MD5 | 2235bb65ae6abe2af194f34a079a0f08
Olat Stored Cross Site Scripting
Posted Sep 3, 2014
Authored by Provensec, Ankit Bharathan

Olat suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | a8d32256e34f6cc6436f48a083bcc382
Page 1 of 1
Back1Next

Want To Donate?


Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

File Archive:

January 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    2 Files
  • 2
    Jan 2nd
    13 Files
  • 3
    Jan 3rd
    16 Files
  • 4
    Jan 4th
    39 Files
  • 5
    Jan 5th
    26 Files
  • 6
    Jan 6th
    40 Files
  • 7
    Jan 7th
    2 Files
  • 8
    Jan 8th
    16 Files
  • 9
    Jan 9th
    25 Files
  • 10
    Jan 10th
    28 Files
  • 11
    Jan 11th
    44 Files
  • 12
    Jan 12th
    32 Files
  • 13
    Jan 13th
    2 Files
  • 14
    Jan 14th
    4 Files
  • 15
    Jan 15th
    31 Files
  • 16
    Jan 16th
    15 Files
  • 17
    Jan 17th
    16 Files
  • 18
    Jan 18th
    24 Files
  • 19
    Jan 19th
    15 Files
  • 20
    Jan 20th
    5 Files
  • 21
    Jan 21st
    0 Files
  • 22
    Jan 22nd
    0 Files
  • 23
    Jan 23rd
    0 Files
  • 24
    Jan 24th
    0 Files
  • 25
    Jan 25th
    0 Files
  • 26
    Jan 26th
    0 Files
  • 27
    Jan 27th
    0 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close