exploit the possibilities
Showing 1 - 13 of 13 RSS Feed

Files Date: 2015-01-09

Ntpdc 4.2.6p3 Buffer Overflow
Posted Jan 9, 2015
Authored by drone

Ntpdc version 4.2.6p3 suffers from a local buffer overflow vulnerability.

tags | exploit, overflow, local
SHA-256 | dfc688a1df19cf25ae360e18efb2e689ec9e974da1249560b0f5d4ea4dcd3424
CMS e107 1.0.4 Cross Site Scripting
Posted Jan 9, 2015
Authored by Steffen Roesemann

CMS e107 version 1.0.4 suffers from a reflective cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 8b5ac684d1274a2687312ff65c5c98c284e60e17e88e72a11b9cceb43c21bb6f
Mandriva Linux Security Advisory 2015-019
Posted Jan 9, 2015
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2015-019 - A carefully crafted DTLS message can cause a segmentation fault in OpenSSL due to a NULL pointer dereference. This could lead to a Denial Of Service attack. A memory leak can occur in the dtls1_buffer_record function under certain conditions. In particular this could occur if an attacker sent repeated DTLS records with the same sequence number but for the next epoch. The memory leak could be exploited by an attacker in a Denial of Service attack through memory exhaustion. Various other issues have also been addressed. The updated packages have been upgraded to the 1.0.0p version where these security flaws has been fixed.

tags | advisory, denial of service, memory leak
systems | linux, mandriva
advisories | CVE-2014-3569, CVE-2014-3570, CVE-2014-3571, CVE-2014-3572, CVE-2014-8275, CVE-2015-0204, CVE-2015-0205, CVE-2015-0206
SHA-256 | 75b27d24d895136eb2a1d5967312d2d37fb9a705931ed4025e1ac7b1b9cb0d74
Debian Security Advisory 3122-1
Posted Jan 9, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3122-1 - Andrey Labunets of Facebook discovered that cURL, an URL transfer library, fails to properly handle URLs with embedded end-of-line characters. An attacker able to make an application using libcurl to access a specially crafted URL via an HTTP proxy could use this flaw to do additional requests in a way that was not intended, or insert additional request headers into the request.

tags | advisory, web
systems | linux, debian
advisories | CVE-2014-8150
SHA-256 | d3f498d62423287cf98e1050abb334473512f390b27d92a81ab8531894c1bc53
LFI Image Helper 0.8
Posted Jan 9, 2015
Authored by Doddy Hackman

This is a simple script to infect images with PHP Backdoors for local file inclusion attacks.

tags | tool, local, php, rootkit, file inclusion
systems | unix
SHA-256 | 2417fa7ba59a45f47d8610a1495111a59f039bd586605208288ef92ac36d8906
WordPress Shopping Cart 3.0.4 Unrestricted File Upload
Posted Jan 9, 2015
Authored by Kacper Szurek

WordPress Shopping Cart plugin version 3.0.4 suffers from a remote unrestricted file upload vulnerability.

tags | exploit, remote, file upload
advisories | CVE-2014-9308
SHA-256 | 03ffee15380538723ae5cfad12dd43da2119095c9012a3d59aa6577b8e1a8c0e
WordPress Slideoptinprox Cross Site Scripting
Posted Jan 9, 2015
Authored by 4L1R3Z4

WordPress Slideoptinprox plugin suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 8661c3a0a9f773bcc83a463d9878926cc6c87d2db8c147482e5dcdf578784960
OpenSSL Toolkit 1.0.1k
Posted Jan 9, 2015
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.

Changes: Eight security issues have been addressed.
tags | tool, protocol, library
systems | unix
advisories | CVE-2014-3569, CVE-2014-3570, CVE-2014-3571, CVE-2014-3572, CVE-2014-8275, CVE-2015-0204, CVE-2015-0205, CVE-2015-0206
SHA-256 | 8f9faeaebad088e772f4ef5e38252d472be4d878c6b3a2718c10a4fcebe7a41c
OpenSSL Security Advisory - 8 Issues Addressed
Posted Jan 9, 2015
Site openssl.org

OpenSSL suffers from a DTLS segmentation fault in dtls1_get_record, a DTLS memory leak in dtls1_buffer_record, an issue where no-ssl3 configuration sets method to NULL, ECDHE silently downgrades to ECDH [Client], RSA silently downgrades to EXPORT_RSA [Client], DH client certificates accepted without verification [Server], certificate fingerprints can be modified, and bignum squaring may produce incorrect results.

tags | advisory, memory leak
advisories | CVE-2014-3569, CVE-2014-3570, CVE-2014-3571, CVE-2014-3572, CVE-2014-8275, CVE-2015-0204, CVE-2015-0205, CVE-2015-0206
SHA-256 | 0b38b2a82a6d39e5f9dee1fb8b137b2fe322c9449cc09a3a8095a48b5a23c2f2
RECON 2015 Call For Papers
Posted Jan 9, 2015
Authored by REC0N 2015 | Site recon.cx

REcon is a computer security conference with a focus on reverse engineering and advanced exploitation techniques. It is held annually in Montreal, Canada. For 2015 it will be held June 19th through the 21st and the Call For Papers has been announced.

tags | paper, conference
SHA-256 | 09695547b783f1e6eaf7825f0dbd02ce95b7c52091bf5f147761f36e0eebbc5d
CMS BEdita 3.4.0 Cross Site Scripting
Posted Jan 9, 2015
Authored by Steffen Roesemann

CMS BEdita version 3.4.0 suffers from multiple persistent cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 48387c5f4e6c8514f072f876d2cf51e3ce255b1f1c0465a1c343d35b76c92307
Good For Enterprise Android HTML Injection
Posted Jan 9, 2015
Authored by Claudio Andre

Good for Enterprise Android suffers from a html injection vulnerability. A remote attacker is able to send a crafted email with a payload that redirects the user to a target url as soon as he opens the email.

tags | exploit, remote
advisories | CVE-2014-4925
SHA-256 | 3cedb9d08e08030894233fae2c3c67c075f1d6bba394e2a490ea5814d8b65ad9
PIN-Based P2P Server
Posted Jan 9, 2015
Authored by Juan J. Fernandez Lopez | Site sourceforge.net

This tool provides a client and a server that performs peer-to-peer file transfer using a shared, trusted PIN. The server is capable of handling simultaneous connections and transfers according to limitation set as command line argument when executing the server daemon. Written for Unix/Linux systems. It should be noted that this is still in Beta.

tags | tool
systems | linux, unix
SHA-256 | 9fca6a0d2ec91f23cc166ee35a0222c2c4fb7a74259bdc7b8540ac6fd0917897
Page 1 of 1
Back1Next

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    26 Files
  • 18
    May 18th
    4 Files
  • 19
    May 19th
    17 Files
  • 20
    May 20th
    2 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    6 Files
  • 24
    May 24th
    19 Files
  • 25
    May 25th
    5 Files
  • 26
    May 26th
    12 Files
  • 27
    May 27th
    12 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close