what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 16 of 16 RSS Feed

Files Date: 2015-03-04

Debian Security Advisory 3179-1
Posted Mar 4, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3179-1 - Multiple security issues have been found in Icedove, Debian's version of errors and implementation errors may lead to the execution of arbitrary code or information disclosure.

tags | advisory, arbitrary, info disclosure
systems | linux, debian
advisories | CVE-2015-0822, CVE-2015-0827, CVE-2015-0831, CVE-2015-0836
SHA-256 | cfb682b4cf985d57f50b3113248d1b066250081979f86277514df22174a600be
Generic DLL Injection From Shared Resource
Posted Mar 4, 2015
Authored by M. Hall | Site metasploit.com

This is a general-purpose module for exploiting conditions where a DLL can be loaded from an specified SMB share. This Metasploit module serves payloads as DLLs over an SMB service.

tags | exploit
SHA-256 | aa75d9a0bba7262b8da60d2a895a26ef088b4c19238a4ab8a840bc09863ca240
Mandriva Linux Security Advisory 2015-054
Posted Mar 4, 2015
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2015-054 - Jan-Piet Mens discovered that the BIND DNS server would crash when processing an invalid DNSSEC key rollover, either due to an error on the zone operator's part, or due to interference with network traffic by an attacker.

tags | advisory
systems | linux, mandriva
advisories | CVE-2015-1349
SHA-256 | a34207981a886a158577856e030851948b7a3f3e331735b3a69d0f3f55895e6f
Generic Web Application DLL Injection
Posted Mar 4, 2015
Authored by M. Hall | Site metasploit.com

This is a general-purpose module for exploiting conditions where a HTTP request triggers a DLL load from an specified SMB share. This Metasploit module serves payloads as DLLs over an SMB service and allows an arbitrary HTTP URL to be called that would trigger the load of the DLL.

tags | exploit, web, arbitrary
SHA-256 | a573762660008870b62d9b2185839f0e1170cdf2de7200693235f52be52f8d35
Webshop Hun 1.062S Directory Traversal
Posted Mar 4, 2015
Authored by Jing Wang

Webshop Hun version 1.062S suffers from a directory traversal vulnerability.

tags | exploit, file inclusion
SHA-256 | ea69ff28954bd9d952da1e6e8e89da2db7d153663d3c643010ca939e68dfe741
Ubuntu Security Notice USN-2516-3
Posted Mar 4, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2516-3 - USN-2516-1 fixed vulnerabilities in the Linux kernel, and the fix in USN-2516-2 was incomplete. There was an unrelated regression in the use of the virtual counter (CNTVCT) on arm64 architectures. This update fixes the problem. Various other issues were also addressed.

tags | advisory, kernel, vulnerability
systems | linux, ubuntu
advisories | CVE-2014-8133, CVE-2014-8160, CVE-2014-8559, CVE-2014-8989, CVE-2014-9419, CVE-2014-9420, CVE-2014-9428, CVE-2014-9529, CVE-2014-9584, CVE-2014-9585, CVE-2014-9683, CVE-2015-0239
SHA-256 | 1a88ef9adcc3ea7c2604f0479fa1730a550192db416be0a49b7d6ed0f176098a
Mandriva Linux Security Advisory 2015-055
Posted Mar 4, 2015
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2015-055 - The tt_sbit_decoder_load_image function in sfnt/ttsbit.c in FreeType before 2.5.4 does not properly check for an integer overflow, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted OpenType font. The tt_face_load_hdmx function in truetype/ttpload.c in FreeType before 2.5.4 does not establish a minimum record size, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted TrueType font. The tt_face_load_kern function in sfnt/ttkern.c in FreeType before 2.5.4 enforces an incorrect minimum table length, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted TrueType font. Various other issues have also been addressed.

tags | advisory, remote, denial of service, overflow
systems | linux, mandriva
advisories | CVE-2014-9656, CVE-2014-9657, CVE-2014-9658, CVE-2014-9660, CVE-2014-9661, CVE-2014-9663, CVE-2014-9664, CVE-2014-9666, CVE-2014-9667, CVE-2014-9669, CVE-2014-9670, CVE-2014-9671, CVE-2014-9672, CVE-2014-9673, CVE-2014-9674, CVE-2014-9675
SHA-256 | ea5afe2e065748087b3505058fe600ae5ebe2dc2de3a8f9bd97dc15a6efff7e7
Webshop Hun 1.062S Cross Site Scripting
Posted Mar 4, 2015
Authored by Jing Wang

Webshop Hun version 1.062S suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 23eb961c8225c2611a1d5a664074eca6ab6bed2a01f1f0aab836dd07678c592a
Webshop Hun 1.062S SQL Injection
Posted Mar 4, 2015
Authored by Jing Wang

Webshop Hun version 1.062S suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 67ccd6d878de7bbf1e846e7515278f550b36ed0aa1980d7ea0f3d7089c236574
WordPress Newsletter 2.6.x / 2.5.x Open Redirect
Posted Mar 4, 2015
Authored by Jing Wang

WordPress Newsletter plugin versions 2.6.x and 2.5.x suffer from an open redirect vulnerability.

tags | exploit
SHA-256 | f781b147aa12aea3e4a5f9c70a57f6e4527e09fb0021c626152f74ced66aa36d
WordPress Max Banner Ads 1.9 Cross Site Scripting
Posted Mar 4, 2015
Authored by Jing Wang

WordPress Max Banner Ads plugin versions 1.09 through 1.9 suffer from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | cd2d5cd17f8c06b083629266151d367c1a392344d3dfbd865c39eedb1cb95158
WordPress Ya'aburnee / Dignitas Privilege Escalation
Posted Mar 4, 2015
Authored by Evex

WordPress Ya'aburnee theme version 1.0.7 and Dignitas theme 1.1.9 suffer from a privilege escalation vulnerability.

tags | exploit
SHA-256 | 37ce88880aa5688e3b5d1d56ea6f15647fe379e279c550ce24f8011e752eea85
WordPress Contact Form DB 2.8.29 Cross Site Request Forgery
Posted Mar 4, 2015
Authored by Tom Adams

WordPress Contact Form DB plugin version 2.8.29 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
advisories | CVE-2015-1874
SHA-256 | 17c045c565a5964067be268befbffcced1479a51cc769949b62b5c8feece37c7
Pentesting Microsoft SQL Server
Posted Mar 4, 2015
Authored by Halil Dalabasmaz

Whitepaper discussing penetration and security testing against Microsoft SQL Server. Written in Turkish.

tags | paper, sql injection
SHA-256 | dc6404d93aa87f8467a2c37aca466c0c947bae3530334eb4dd8b112aa3850d18
Netcat CMS 5.5 Cross Site Scripting
Posted Mar 4, 2015
Authored by Provensec

Netcat CMS version 5.5 suffers from a stored cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 7db891e9d6e061e7b3ce302a37ebff05e74417fb865a9bca35e0cc06380d2d20
Source Boston 2015 Call For Papers
Posted Mar 4, 2015

Source Boston 2015 has announced its Call For Papers.

tags | paper, conference
SHA-256 | 4c02f4b3476a4b075a82b920ed9e372705c821790cbe5137aa134dcabb878dcf
Page 1 of 1
Back1Next

File Archive:

June 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    19 Files
  • 2
    Jun 2nd
    16 Files
  • 3
    Jun 3rd
    28 Files
  • 4
    Jun 4th
    0 Files
  • 5
    Jun 5th
    0 Files
  • 6
    Jun 6th
    19 Files
  • 7
    Jun 7th
    23 Files
  • 8
    Jun 8th
    11 Files
  • 9
    Jun 9th
    10 Files
  • 10
    Jun 10th
    4 Files
  • 11
    Jun 11th
    0 Files
  • 12
    Jun 12th
    0 Files
  • 13
    Jun 13th
    0 Files
  • 14
    Jun 14th
    0 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    0 Files
  • 18
    Jun 18th
    0 Files
  • 19
    Jun 19th
    27 Files
  • 20
    Jun 20th
    65 Files
  • 21
    Jun 21st
    10 Files
  • 22
    Jun 22nd
    8 Files
  • 23
    Jun 23rd
    6 Files
  • 24
    Jun 24th
    6 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close