what you don't know can hurt you
Showing 1 - 13 of 13 RSS Feed

Files Date: 2015-01-09

Ntpdc 4.2.6p3 Buffer Overflow
Posted Jan 9, 2015
Authored by drone

Ntpdc version 4.2.6p3 suffers from a local buffer overflow vulnerability.

tags | exploit, overflow, local
MD5 | 88d7b0cb49729812c8fda28923df10c3
CMS e107 1.0.4 Cross Site Scripting
Posted Jan 9, 2015
Authored by Steffen Roesemann

CMS e107 version 1.0.4 suffers from a reflective cross site scripting vulnerability.

tags | exploit, xss
MD5 | bdd0408c659bf90c3d6d0585c965f370
Mandriva Linux Security Advisory 2015-019
Posted Jan 9, 2015
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2015-019 - A carefully crafted DTLS message can cause a segmentation fault in OpenSSL due to a NULL pointer dereference. This could lead to a Denial Of Service attack. A memory leak can occur in the dtls1_buffer_record function under certain conditions. In particular this could occur if an attacker sent repeated DTLS records with the same sequence number but for the next epoch. The memory leak could be exploited by an attacker in a Denial of Service attack through memory exhaustion. Various other issues have also been addressed. The updated packages have been upgraded to the 1.0.0p version where these security flaws has been fixed.

tags | advisory, denial of service, memory leak
systems | linux, mandriva
advisories | CVE-2014-3569, CVE-2014-3570, CVE-2014-3571, CVE-2014-3572, CVE-2014-8275, CVE-2015-0204, CVE-2015-0205, CVE-2015-0206
MD5 | baa98f1a4c3d5673d2d5752ba28cc8cc
Debian Security Advisory 3122-1
Posted Jan 9, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3122-1 - Andrey Labunets of Facebook discovered that cURL, an URL transfer library, fails to properly handle URLs with embedded end-of-line characters. An attacker able to make an application using libcurl to access a specially crafted URL via an HTTP proxy could use this flaw to do additional requests in a way that was not intended, or insert additional request headers into the request.

tags | advisory, web
systems | linux, debian
advisories | CVE-2014-8150
MD5 | ffd60a2fabb44c61aadee610e9396de4
LFI Image Helper 0.8
Posted Jan 9, 2015
Authored by Doddy Hackman

This is a simple script to infect images with PHP Backdoors for local file inclusion attacks.

tags | tool, local, php, rootkit, file inclusion
systems | unix
MD5 | 3998e803e8bda13df22527ffd0db6359
WordPress Shopping Cart 3.0.4 Unrestricted File Upload
Posted Jan 9, 2015
Authored by Kacper Szurek

WordPress Shopping Cart plugin version 3.0.4 suffers from a remote unrestricted file upload vulnerability.

tags | exploit, remote, file upload
advisories | CVE-2014-9308
MD5 | 42168e95da37c1e309a640588be09363
WordPress Slideoptinprox Cross Site Scripting
Posted Jan 9, 2015
Authored by 4L1R3Z4

WordPress Slideoptinprox plugin suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 7c62ab17df38472750b1d2ae750c4579
OpenSSL Toolkit 1.0.1k
Posted Jan 9, 2015
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.

Changes: Eight security issues have been addressed.
tags | tool, protocol, library
systems | unix
advisories | CVE-2014-3569, CVE-2014-3570, CVE-2014-3571, CVE-2014-3572, CVE-2014-8275, CVE-2015-0204, CVE-2015-0205, CVE-2015-0206
MD5 | d4f002bd22a56881340105028842ae1f
OpenSSL Security Advisory - 8 Issues Addressed
Posted Jan 9, 2015
Site openssl.org

OpenSSL suffers from a DTLS segmentation fault in dtls1_get_record, a DTLS memory leak in dtls1_buffer_record, an issue where no-ssl3 configuration sets method to NULL, ECDHE silently downgrades to ECDH [Client], RSA silently downgrades to EXPORT_RSA [Client], DH client certificates accepted without verification [Server], certificate fingerprints can be modified, and bignum squaring may produce incorrect results.

tags | advisory, memory leak
advisories | CVE-2014-3569, CVE-2014-3570, CVE-2014-3571, CVE-2014-3572, CVE-2014-8275, CVE-2015-0204, CVE-2015-0205, CVE-2015-0206
MD5 | 86c7e70bfa18cd63a42bf1e8a4310217
RECON 2015 Call For Papers
Posted Jan 9, 2015
Authored by REC0N 2015 | Site recon.cx

REcon is a computer security conference with a focus on reverse engineering and advanced exploitation techniques. It is held annually in Montreal, Canada. For 2015 it will be held June 19th through the 21st and the Call For Papers has been announced.

tags | paper, conference
MD5 | 3ec3ebc0d81c7d469a20ad8cb618ab1d
CMS BEdita 3.4.0 Cross Site Scripting
Posted Jan 9, 2015
Authored by Steffen Roesemann

CMS BEdita version 3.4.0 suffers from multiple persistent cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 0aa70af4eabfc712290b2706d65c9be3
Good For Enterprise Android HTML Injection
Posted Jan 9, 2015
Authored by Claudio Andre

Good for Enterprise Android suffers from a html injection vulnerability. A remote attacker is able to send a crafted email with a payload that redirects the user to a target url as soon as he opens the email.

tags | exploit, remote
advisories | CVE-2014-4925
MD5 | 1a104f45705e293dc00ad3c769748594
PIN-Based P2P Server
Posted Jan 9, 2015
Authored by Juan J. Fernandez Lopez | Site sourceforge.net

This tool provides a client and a server that performs peer-to-peer file transfer using a shared, trusted PIN. The server is capable of handling simultaneous connections and transfers according to limitation set as command line argument when executing the server daemon. Written for Unix/Linux systems. It should be noted that this is still in Beta.

tags | tool
systems | linux, unix
MD5 | 977f3958dee99ee05f37f0a1baad6159
Page 1 of 1
Back1Next

File Archive:

August 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    3 Files
  • 2
    Aug 2nd
    2 Files
  • 3
    Aug 3rd
    32 Files
  • 4
    Aug 4th
    22 Files
  • 5
    Aug 5th
    15 Files
  • 6
    Aug 6th
    19 Files
  • 7
    Aug 7th
    6 Files
  • 8
    Aug 8th
    1 Files
  • 9
    Aug 9th
    2 Files
  • 10
    Aug 10th
    27 Files
  • 11
    Aug 11th
    11 Files
  • 12
    Aug 12th
    11 Files
  • 13
    Aug 13th
    17 Files
  • 14
    Aug 14th
    7 Files
  • 15
    Aug 15th
    0 Files
  • 16
    Aug 16th
    0 Files
  • 17
    Aug 17th
    0 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close