Exploit the possiblities
Showing 1 - 24 of 24 RSS Feed

Files Date: 2014-09-17

Nokia Asha 501 Lock Bypass
Posted Sep 17, 2014
Authored by Hammad Shamsi

The Nokia Asha platform suffers from a lock code bypass vulnerability that allows for access to call records.

tags | exploit, bypass
MD5 | 5069dfc0c3a2f60acb67d9fd214f1acc
MODX Revolution 2.3.1-pl Cross Site Scripting
Posted Sep 17, 2014
Authored by High-Tech Bridge SA | Site htbridge.com

MODX Revolution version 2.3.1-pl suffers from a reflective cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2014-5451
MD5 | c9f4c76ea59500d8e946f3d410dc3d0f
webEdition 6.3.8.0 Path Traversal
Posted Sep 17, 2014
Authored by High-Tech Bridge SA | Site htbridge.com

webEdition version 6.3.8.0 suffers from a path traversal vulnerability.

tags | exploit, file inclusion
advisories | CVE-2014-5258
MD5 | b12b120f23cd306f4088537f63c4bf8e
DAWIN - Distributed Audit and Wireless Intrustion Notification
Posted Sep 17, 2014
Authored by Mark Osborne | Site loud-fat-bloke.co.uk

DA-WIN, a wireless IDS, provides an organization a continuous wireless scanning capability that is light touch and simple. It utilizes compact and discreet sensors that can easily be deployed reducing the total cost of protection and simplifying the effort required for absolute, categoric regulatory compliance. This archive includes a dd image to be used on a Raspberry Pi and a user manual.

tags | tool, wireless
systems | linux
MD5 | 0511fe8004506146c94cef634534f905
Apple Security Advisory 2014-09-17-2
Posted Sep 17, 2014
Authored by Apple | Site apple.com

Apple Security Advisory 2014-09-17-2 - Apple TV 7 is now available and addresses wifi credential interception, information disclosure, code execution, and various other vulnerabilities.

tags | advisory, vulnerability, code execution, info disclosure
systems | apple
advisories | CVE-2011-2391, CVE-2013-6663, CVE-2014-1384, CVE-2014-1385, CVE-2014-1387, CVE-2014-1388, CVE-2014-1389, CVE-2014-4357, CVE-2014-4364, CVE-2014-4369, CVE-2014-4371, CVE-2014-4372, CVE-2014-4373, CVE-2014-4375, CVE-2014-4377, CVE-2014-4378, CVE-2014-4379, CVE-2014-4380, CVE-2014-4381, CVE-2014-4383, CVE-2014-4388, CVE-2014-4389, CVE-2014-4404, CVE-2014-4405, CVE-2014-4407, CVE-2014-4408, CVE-2014-4410, CVE-2014-4411
MD5 | 0993b6307f7ede7b0fe1d393f80ca225
Apple Security Advisory 2014-09-17-1
Posted Sep 17, 2014
Authored by Apple | Site apple.com

Apple Security Advisory 2014-09-17-1 - iOS 8 is now available and addresses wifi credential interception, identifier disclosure, path traversal, and various other vulnerabilities.

tags | advisory, vulnerability
systems | apple
advisories | CVE-2011-2391, CVE-2013-5227, CVE-2013-6663, CVE-2013-6835, CVE-2014-1348, CVE-2014-1360, CVE-2014-1384, CVE-2014-1385, CVE-2014-1387, CVE-2014-1388, CVE-2014-1389, CVE-2014-4352, CVE-2014-4353, CVE-2014-4354, CVE-2014-4356, CVE-2014-4357, CVE-2014-4361, CVE-2014-4362, CVE-2014-4363, CVE-2014-4364, CVE-2014-4366, CVE-2014-4367, CVE-2014-4368, CVE-2014-4369, CVE-2014-4371, CVE-2014-4372, CVE-2014-4373, CVE-2014-4374
MD5 | 155906b43100fa7d132d2f3d9768bda2
Red Hat Security Advisory 2014-1256-01
Posted Sep 17, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-1256-01 - An update for the openssl component for Red Hat JBoss Web Server 2.1.0 that fixes multiple security issues is now available from the Red Hat Customer Portal.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2014-3505, CVE-2014-3506, CVE-2014-3508, CVE-2014-3510
MD5 | 80ab4909ac015f459dad4bc8597377bc
ClassApps SelectSurvey.net 4.124.004 SQL Injection
Posted Sep 17, 2014
Authored by BillV

ClassApps SelectSurvey.net version 4.124.004 suffers from multiple remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
advisories | CVE-2014-6030
MD5 | d7023e0da35113b2992633670ea94c69
Livefyre LiveComments 3.0 Cross Site Scripting
Posted Sep 17, 2014
Authored by Brij Kishore Mishra

Livefyre LiveComments version 3.0 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | d79e8f899309348c1aba017cb0e3496c
WordPress WP-Ban 1.62 Bypass
Posted Sep 17, 2014
Authored by Tom Adams

WordPress WP-Ban plugin version 1.62 suffers from a bypass vulnerability when a properly minted X-Forwarded-For header is used.

tags | exploit, bypass
advisories | CVE-2014-6230
MD5 | 6ffbc090afb2ab5144e238532753b1b8
WordPress Login Widget With Shortcode 3.1.1 CSRF / XSS
Posted Sep 17, 2014
Authored by Tom Adams

WordPress Login Widget With Shortcode plugin version 3.1.1 suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
MD5 | 064709c69db2b45f9da21abd526d54b9
OsClass 3.4.1 Cross Site Scripting
Posted Sep 17, 2014
Authored by Omar Kurt

OsClass version 3.4.1 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 12423c36d9018ba4d8211591c1b6875f
OsClass 3.4.1 Local File Inclusion
Posted Sep 17, 2014
Authored by Omar Kurt

OsClass version 3.4.1 suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
MD5 | 7faeb4e3fe466936268f6e034424628b
FreeBSD Security Advisory - TCP Denial Of Service
Posted Sep 17, 2014
Site security.freebsd.org

FreeBSD Security Advisory - The Transmission Control Protocol (TCP) of the TCP/IP protocol suite provides a connection-oriented, reliable, sequence-preserving data stream service. New TCP connections are initiated using special SYN flag in a datagram. Sequencing of data is controlled by 32-bit sequence numbers, that start with a random value and are increased using modulo 2**32 arithmetic. TCP endpoints maintain a window of expected, and thus allowed, sequence numbers for a connection. When a segment with the SYN flag for an already existing connection arrives, the TCP stack tears down the connection, bypassing a check that the sequence number in the segment is in the expected window. An attacker who has the ability to spoof IP traffic can tear down a TCP connection by sending only 2 packets, if they know both TCP port numbers. In case one of the two port numbers is unknown, a successful attack requires less than 2**17 packets spoofed, which can be generated within less than a second on a decent connection to the Internet.

tags | advisory, spoof, tcp, protocol
systems | freebsd
advisories | CVE-2014-0230
MD5 | d0d69a580db330d7ee9f522fb50ad2b5
Ubuntu Security Notice USN-2319-3
Posted Sep 17, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2319-3 - USN-2319-1 fixed vulnerabilities in OpenJDK 7. This update provides stability fixes for the arm64 and ppc64el architectures. Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure, data integrity and availability. An attacker could exploit these to cause a denial of service or expose sensitive data over the network. Various other issues were also addressed.

tags | advisory, denial of service, vulnerability, info disclosure
systems | linux, ubuntu
advisories | CVE-2014-4223, CVE-2014-4262, CVE-2014-4263, CVE-2014-4264
MD5 | 51e1023d9034fb572c72f220afbc408a
Ubuntu Security Notice USN-2349-1
Posted Sep 17, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2349-1 - It was discovered that Libav incorrectly handled certain malformed media files. If a user were tricked into opening a crafted media file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
MD5 | 80a0fdee83eb78a4f73254802b04a45b
Red Hat Security Advisory 2014-1255-01
Posted Sep 17, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-1255-01 - Kerberos is an authentication system which allows clients and services to authenticate to each other with the help of a trusted third party, a Kerberos Key Distribution Center. A buffer overflow was found in the KADM5 administration server when it was used with an LDAP back end for the KDC database. A remote, authenticated attacker could potentially use this flaw to execute arbitrary code on the system running kadmind. All krb5 users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. After installing the updated packages, the krb5kdc and kadmind daemons will be restarted automatically.

tags | advisory, remote, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2014-4345
MD5 | 6d93c4f0f09d5a5f1415a109337dd5c7
Debian Security Advisory 3026-1
Posted Sep 17, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3026-1 - Alban Crequy and Simon McVittie discovered several vulnerabilities in the D-Bus message daemon.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2014-3635, CVE-2014-3636, CVE-2014-3637, CVE-2014-3638, CVE-2014-3639
MD5 | 0932b8f36903303fbe5f877fcb1b2d74
Debian Security Advisory 3025-1
Posted Sep 17, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3025-1 - It was discovered that APT, the high level package manager, does not properly invalidate unauthenticated data (CVE-2014-0488), performs incorrect verification of 304 replies (CVE-2014-0487), does not perform the checksum check when the Acquire::GzipIndexes option is used (CVE-2014-0489) and does not properly perform validation for binary packages downloaded by the apt-get download command (CVE-2014-0490).

tags | advisory
systems | linux, debian
advisories | CVE-2014-0487, CVE-2014-0488, CVE-2014-0489, CVE-2014-0490
MD5 | b7677f0cbbd7eade767d383f5700e00e
seafile-server 3.1.5 Denial Of Service
Posted Sep 17, 2014
Authored by retset

seafile-server version 3.1.5 suffers from a denial of service vulnerability.

tags | exploit, denial of service
MD5 | 9d78a9e91a600b009eb21ff57fa5a15d
MIUI Torch Enable
Posted Sep 17, 2014
Site nipc.org.cn

MIUI versions 4.1.17 and 5.30 have a flaw where NFC can be used to enable the torch.

tags | advisory
MD5 | bdbc3ec524ee2d27be2ff11affa37e01
Android Bluetooth Enable
Posted Sep 17, 2014
Site nipc.org.cn

A logic flaw in some versions of Android can allow for bluetooth to be automatically enabled via NFC.

tags | advisory
MD5 | af5b9689dfffa8b38cd4359a37afc747
MIUI Wifi Connection Message Wireless Enable
Posted Sep 17, 2014
Site nipc.org.cn

MIUI versions 4.1.17 and 5.30 have a flaw where NFC can be used to enable wifi.

tags | advisory
MD5 | fdfdc95c49ddd399960fea1fdde5d180
Project Kakilles 0.3
Posted Sep 17, 2014
Authored by Doddy Hackman

Kakilles is a perl script that spawns an HTTP proxy and lets you modify user-agent, content, and cookie headers.

tags | tool, web, perl
MD5 | 1cc1fded4992b35bce2153081612884b
Page 1 of 1
Back1Next

File Archive:

December 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    15 Files
  • 2
    Dec 2nd
    2 Files
  • 3
    Dec 3rd
    1 Files
  • 4
    Dec 4th
    15 Files
  • 5
    Dec 5th
    15 Files
  • 6
    Dec 6th
    18 Files
  • 7
    Dec 7th
    17 Files
  • 8
    Dec 8th
    15 Files
  • 9
    Dec 9th
    13 Files
  • 10
    Dec 10th
    4 Files
  • 11
    Dec 11th
    41 Files
  • 12
    Dec 12th
    44 Files
  • 13
    Dec 13th
    25 Files
  • 14
    Dec 14th
    15 Files
  • 15
    Dec 15th
    28 Files
  • 16
    Dec 16th
    3 Files
  • 17
    Dec 17th
    13 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close