what you don't know can hurt you
Showing 1 - 17 of 17 RSS Feed

Files Date: 2015-01-15

GetGo Download Manager HTTP Response Buffer Overflow
Posted Jan 15, 2015
Authored by Julien Ahrens, Gabor Seljan | Site metasploit.com

This Metasploit module exploits a stack-based buffer overflow vulnerability in GetGo Download Manager version 4.9.0.1982 and earlier, caused by an overly long HTTP response header. By persuading the victim to download a file from a malicious server, a remote attacker could execute arbitrary code on the system or cause the application to crash. This Metasploit module has been tested successfully on Windows XP SP3.

tags | exploit, remote, web, overflow, arbitrary
systems | windows, xp
advisories | CVE-2014-2206
MD5 | 5ec2694f22215c1438a6fe4d47c79bf2
Microsoft Windows NtApphelpCacheControl Improper Authorization Check
Posted Jan 15, 2015
Authored by sinn3r, James Forshaw | Site metasploit.com

On Windows, the system call NtApphelpCacheControl (the code is actually in ahcache.sys) allows application compatibility data to be cached for quick reuse when new processes are created. A normal user can query the cache but cannot add new cached entries as the operation is restricted to administrators. This is checked in the function AhcVerifyAdminContext. This function has a vulnerability where it doesn't correctly check the impersonation token of the caller to determine if the user is an administrator. It reads the caller's impersonation token using PsReferenceImpersonationToken and then does a comparison between the user SID in the token to LocalSystem's SID. It doesn't check the impersonation level of the token so it's possible to get an identify token on your thread from a local system process and bypass this check. This Metasploit module currently only affects Windows 8 and Windows 8.1, and requires access to C:\Windows\System\ComputerDefaults.exe (although this can be improved).

tags | exploit, local
systems | windows
advisories | CVE-2015-0002
MD5 | 0a24503dad5a5aa40600b53cdb125f0c
oclHashcat For NVidia 1.32
Posted Jan 15, 2015
Authored by Kartan | Site hashcat.net

oclHashcat is an advanced GPU hash cracking utility that includes the World's fastest md5crypt, phpass, mscash2 and WPA / WPA2 cracker. It also has the first and only GPGPU-based rule engine, focuses on highly iterated modern hashes, single dictionary-based attacks, and more. NVidia version.

Changes: Various updates.
tags | tool, cracker
MD5 | 86a211be26579370813048aaf3698ee6
oclHashcat+ Advanced GPU Hash Cracking Utility 1.32
Posted Jan 15, 2015
Authored by Kartan | Site hashcat.net

oclHashcat is an advanced GPU hash cracking utility that includes the World's fastest md5crypt, phpass, mscash2 and WPA / WPA2 cracker. It also has the first and only GPGPU-based rule engine, focuses on highly iterated modern hashes, single dictionary-based attacks, and more. NVidia version.

Changes: Various updates.
tags | tool, cracker
MD5 | 4f13488acc8ed17ea518a9dec8ea8761
OpenSSL Toolkit 1.0.1l
Posted Jan 15, 2015
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.

Changes: Build fixes for the Windows and OpenVMS platforms.
tags | tool, encryption, protocol, library
systems | unix
MD5 | cdb22925fc9bc97ccbf1e007661f2aa6
Suricata IDPE 2.0.6
Posted Jan 15, 2015
Site openinfosecfoundation.org

Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and Barnyard2 tools.

Changes: Evasion issues fixed. Various bug fixes and improvements.
tags | tool, intrusion detection
systems | unix
MD5 | 14bfb3adc184d4da321c93ed9abae500
FreeBSD Security Advisory - OpenSSL Updates
Posted Jan 15, 2015
Site security.freebsd.org

FreeBSD Security Advisory - A carefully crafted DTLS message can cause a segmentation fault in OpenSSL due to a NULL pointer dereference. A memory leak can occur in the dtls1_buffer_record function under certain conditions. When OpenSSL is built with the no-ssl3 option and a SSL v3 ClientHello is received the ssl method would be set to NULL which could later result in a NULL pointer dereference. An OpenSSL client will accept a handshake using an ephemeral ECDH ciphersuite using an ECDSA certificate if the server key exchange message is omitted. An OpenSSL client will accept the use of an RSA temporary key in a non-export RSA key exchange ciphersuite. An OpenSSL server will accept a DH certificate for client authentication without the certificate verify message. OpenSSL accepts several non-DER-variations of certificate signature algorithm and signature encodings. OpenSSL also does not enforce a match between the signature algorithm between the signed and unsigned portions of the certificate. Bignum squaring (BN_sqr) may produce incorrect results on some platforms, including x86_64.

tags | advisory, memory leak
systems | freebsd
advisories | CVE-2014-3569, CVE-2014-3570, CVE-2014-3571, CVE-2014-3572, CVE-2014-8275, CVE-2015-0204, CVE-2015-0205, CVE-2015-0206
MD5 | 60266d8dbe7a7e17380b713e17c563c6
Ubuntu Security Notice USN-2475-1
Posted Jan 15, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2475-1 - Clemens Fries discovered that GTK+ allowed bypassing certain screen locks by using the menu key. An attacker with physical access could possibly use this flaw to gain access to a locked session.

tags | advisory
systems | linux, ubuntu
MD5 | cc0481f1406a5996d881b4088c0e8ce6
Ubuntu Security Notice USN-2474-1
Posted Jan 15, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2474-1 - Andrey Labunets discovered that curl incorrectly handled certain URLs when using a proxy server. If a user or automated system were tricked into using a specially crafted URL, an attacker could possibly use this issue to inject arbitrary HTTP requests.

tags | advisory, web, arbitrary
systems | linux, ubuntu
advisories | CVE-2014-8150
MD5 | 3ba907ca654cd4680b058422b9af6f43
Ubuntu Security Notice USN-2473-1
Posted Jan 15, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2473-1 - It was discovered that the distcheck rule in dist-check.mk in GNU coreutils allows local users to gain privileges via a symlink attack on a directory tree under /tmp. This issue only affected Ubuntu 10.04 LTS. Bertrand Jacquin and Fiedler Roman discovered date and touch incorrectly handled user-supplied input. An attacker could possibly use this to cause a denial of service or potentially execute code. Various other issues were also addressed.

tags | advisory, denial of service, local
systems | linux, ubuntu
advisories | CVE-2009-4135, CVE-2014-9471
MD5 | 9c27ea7b585f1b7cda216046ee5240fa
Ubuntu Security Notice USN-2458-2
Posted Jan 15, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2458-2 - USN-2458-1 fixed vulnerabilities in Firefox. This update provides the corresponding version of Ubufox. Christian Holler, Patrick McManus, Christoph Diehl, Gary Kwong, Jesse Ruderman, Byron Campen, Terrence Cole, and Nils Ohlmeier discovered multiple memory safety issues in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Firefox. Various other issues were also addressed.

tags | advisory, web, denial of service, arbitrary, vulnerability, csrf
systems | linux, ubuntu
advisories | CVE-2014-8636, CVE-2014-8637, CVE-2014-8638, CVE-2014-8639, CVE-2014-8640, CVE-2014-8641, CVE-2014-8642
MD5 | da23b7fdac60955ee2c6885cc567f392
Ubuntu Security Notice USN-2458-1
Posted Jan 15, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2458-1 - Christian Holler, Patrick McManus, Christoph Diehl, Gary Kwong, Jesse Ruderman, Byron Campen, Terrence Cole, and Nils Ohlmeier discovered multiple memory safety issues in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Firefox. Bobby Holley discovered that some DOM objects with certain properties can bypass XrayWrappers in some circumstances. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to bypass security restrictions. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2014-8634, CVE-2014-8635, CVE-2014-8636, CVE-2014-8637, CVE-2014-8638, CVE-2014-8639, CVE-2014-8640, CVE-2014-8641, CVE-2014-8642
MD5 | 24da1645248ce3f8884cedb2c3125506
Ubuntu Security Notice USN-2472-1
Posted Jan 15, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2472-1 - Wolfgang Ettlinger discovered that unzip incorrectly handled certain malformed zip archives. If a user or automated system were tricked into processing a specially crafted zip archive, an attacker could possibly execute arbitrary code.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2014-8139, CVE-2014-8140, CVE-2014-8141
MD5 | da5c0e6b8241b299b823f5c162e89d1a
Ubuntu Security Notice USN-2471-1
Posted Jan 15, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2471-1 - Wolfgang Ettlinger discovered that GParted incorrectly filtered shell metacharacters when running external commands. A local attacker could use this issue with a crafted filesystem label to run arbitrary commands as the administrator.

tags | advisory, arbitrary, shell, local
systems | linux, ubuntu
advisories | CVE-2014-7208
MD5 | 605cd30a5186112820fe61a968e3003b
Red Hat Security Advisory 2015-0028-01
Posted Jan 15, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-0028-01 - Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller framework for web application development. Action Pack implements the controller and the view components. It was found that CloudForms Management Engine exposed SQL filters via the REST API without any input escaping. An authenticated user could use this flaw to perform SQL injection attacks against the CloudForms Management Engine database.

tags | advisory, web, sql injection, ruby
systems | linux, redhat
advisories | CVE-2014-3692, CVE-2014-7814
MD5 | c16ea56aba08c81d3b3e9e2346c5858e
Red Hat Security Advisory 2015-0052-01
Posted Jan 15, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-0052-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update fixes multiple vulnerabilities in Adobe Flash Player. These vulnerabilities are detailed in the Adobe Security Bulletin APSB15-01, listed in the References section. Multiple flaws were found in the way flash-plugin displayed certain SWF content. An attacker could use these flaws to create a specially crafted SWF file that would cause flash-plugin to crash or, potentially, execute arbitrary code when the victim loaded a page containing the malicious SWF content.

tags | advisory, web, arbitrary, vulnerability
systems | linux, redhat
advisories | CVE-2015-0301, CVE-2015-0302, CVE-2015-0303, CVE-2015-0304, CVE-2015-0305, CVE-2015-0306, CVE-2015-0307, CVE-2015-0308, CVE-2015-0309
MD5 | 0a24908fae734f557c3b6f05d1784aa0
Debian Security Advisory 3127-1
Posted Jan 15, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3127-1 - Multiple security issues have been found in Iceweasel, Debian's version and implementation errors may lead to the execution of arbitrary code, information leaks or denial of service.

tags | advisory, denial of service, arbitrary
systems | linux, debian
advisories | CVE-2014-8634, CVE-2014-8638, CVE-2014-8639, CVE-2014-8641
MD5 | f9b2867cc2902f990fd3aae096b55b71
Page 1 of 1
Back1Next

File Archive:

May 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    16 Files
  • 2
    May 2nd
    8 Files
  • 3
    May 3rd
    8 Files
  • 4
    May 4th
    2 Files
  • 5
    May 5th
    1 Files
  • 6
    May 6th
    15 Files
  • 7
    May 7th
    22 Files
  • 8
    May 8th
    16 Files
  • 9
    May 9th
    17 Files
  • 10
    May 10th
    16 Files
  • 11
    May 11th
    3 Files
  • 12
    May 12th
    4 Files
  • 13
    May 13th
    25 Files
  • 14
    May 14th
    24 Files
  • 15
    May 15th
    78 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    12 Files
  • 18
    May 18th
    2 Files
  • 19
    May 19th
    1 Files
  • 20
    May 20th
    2 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close