Exploit the possiblities
Showing 1 - 16 of 16 RSS Feed

Files Date: 2015-03-18

TOR Virtual Network Tunneling Tool 0.2.5.11
Posted Mar 18, 2015
Authored by Roger Dingledine | Site tor.eff.org

Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).

Changes: It backports several bugfixes from the 0.2.6 branch, including a couple of medium-level security fixes for relays and exit nodes. It also updates the list of directory authorities.
tags | tool, remote, local, peer2peer
systems | unix
MD5 | 9ca64f76996cb8a750e50c792e2c4c52
SSLsplit 0.4.11
Posted Mar 18, 2015
Site roe.ch

SSLsplit is a tool for man-in-the-middle attacks against SSL/TLS encrypted network connections. Connections are transparently intercepted through a network address translation engine and redirected to SSLsplit. SSLsplit terminates SSL/TLS and initiates a new SSL/TLS connection to the original destination address, while logging all data transmitted. SSLsplit is intended to be useful for network forensics and penetration testing.

Changes: Fix loading of certificate chains with OpenSSL 1.0.2 (issue #79). Fix build on Mac OS X 10.10.2 by improving XNU header selection.
tags | tool, encryption
MD5 | f29ac4ad7d3fdaf3d161b33c37fb4ddc
Adobe Flash Player PCRE Regex Logic Error
Posted Mar 18, 2015
Authored by sinn3r, Mark Brand | Site metasploit.com

This Metasploit module exploits a vulnerability found in Adobe Flash Player. A compilation logic error in the PCRE engine, specifically in the handling of the \c escape sequence when followed by a multi-byte UTF8 character, allows arbitrary execution of PCRE bytecode.

tags | exploit, arbitrary
advisories | CVE-2015-0318
MD5 | b5032ff486bb039b112177d0b7f0fce0
iPass Mobile Client Service Privilege Escalation
Posted Mar 18, 2015
Authored by h0ng10 | Site metasploit.com

The named pipe, \IPEFSYSPCPIPE, can be accessed by normal users to interact with the iPass service. The service provides a LaunchAppSysMode command which allows to execute arbitrary commands as SYSTEM.

tags | exploit, arbitrary
MD5 | fe1a824ff14683cf09491a2478f9e50f
pyClamd 0.3.14
Posted Mar 18, 2015
Authored by Alexandre Norman | Site xael.org

pyClamd is a python interface to Clamd (Clamav daemon). By using pyClamd, you can add virus detection capabilities to your python software in an efficient and easy way. Instead of pyClamav which uses libclamav, pyClamd may be used by a closed source product.

Changes: This version is compatible with python 3 (tested with 3.2.3) and python 2 (tested 2.7.3). The API for this new version is now object oriented. Useful classes are ClamdNetworkSocket and ClamdUnixSocket.
tags | tool, virus, python
systems | unix
MD5 | bd32197f1eb2467857a1ee148911b763
Ubuntu Security Notice USN-2534-1
Posted Mar 18, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2534-1 - It was discovered that Libav incorrectly handled certain malformed media files. If a user were tricked into opening a crafted media file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2014-8542, CVE-2014-8543, CVE-2014-8544, CVE-2014-8547, CVE-2014-8548, CVE-2014-9604
MD5 | 3ce8eb652211641447a17f08b0b1a8bd
Debian Security Advisory 3192-1
Posted Mar 18, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3192-1 - Hiroya Ito of GMO Pepabo, Inc. reported that checkpw, a password authentication program, has a flaw in processing account names which contain double dashes. A remote attacker can use this flaw to cause a denial of service (infinite loop).

tags | advisory, remote, denial of service
systems | linux, debian
advisories | CVE-2015-0885
MD5 | 11db85f6788d459849afc767248a2ad9
HP Security Bulletin HPSBST03298 1
Posted Mar 18, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBST03298 1 - Potential security vulnerabilities have been identified with HP XP Service Processor Software for Windows. These vulnerabilities could be exploited resulting in a variety of outcomes. Revision 1 of this advisory.

tags | advisory, vulnerability
systems | windows
MD5 | c9cfd7f3d71982a3b8d4845dcba63146
Gentoo Linux Security Advisory 201503-09
Posted Mar 18, 2015
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201503-9 - Multiple vulnerabilities have been found in Adobe Flash Player, the worst of which allows remote attackers to execute arbitrary code. Versions less than 11.2.202.451 are affected.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2015-0332, CVE-2015-0333, CVE-2015-0334, CVE-2015-0335, CVE-2015-0336, CVE-2015-0337, CVE-2015-0338, CVE-2015-0339, CVE-2015-0340, CVE-2015-0341, CVE-2015-0342
MD5 | 3a27ce89fdd073b03ca1227d23948868
Red Hat Security Advisory 2015-0697-01
Posted Mar 18, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-0697-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update fixes multiple vulnerabilities in Adobe Flash Player. These vulnerabilities are detailed in the Adobe Security Bulletin APSB15-05 listed in the References section. Multiple flaws were found in the way flash-plugin displayed certain SWF content. An attacker could use these flaws to create a specially crafted SWF file that would cause flash-plugin to crash or, potentially, execute arbitrary code when the victim loaded a page containing the malicious SWF content.

tags | advisory, web, arbitrary, vulnerability
systems | linux, redhat
advisories | CVE-2015-0332, CVE-2015-0333, CVE-2015-0334, CVE-2015-0335, CVE-2015-0336, CVE-2015-0337, CVE-2015-0338, CVE-2015-0339, CVE-2015-0340, CVE-2015-0341, CVE-2015-0342
MD5 | e6097c70ca5aa25f6a3ec0870eccd9ff
Debian Security Advisory 3194-1
Posted Mar 18, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3194-1 - Ilja van Sprundel, Alan Coopersmith and William Robinet discovered multiple issues in libxfont's code to process BDF fonts, which might result in privilege escalation.

tags | advisory
systems | linux, debian
advisories | CVE-2015-1802, CVE-2015-1803, CVE-2015-1804
MD5 | b51c0a683de5688b3516bb983928696e
Red Hat Security Advisory 2015-0695-01
Posted Mar 18, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-0695-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A flaw was found in the way the Linux kernel's SCTP implementation validated INIT chunks when performing Address Configuration Change. A remote attacker could use this flaw to crash the system by sending a specially crafted SCTP packet to trigger a NULL pointer dereference on the system. It was found that the Linux kernel's Infiniband subsystem did not properly sanitize input parameters while registering memory regions from user space via the verbs API. A local user with access to a /dev/infiniband/uverbsX device could use this flaw to crash the system or, potentially, escalate their privileges on the system.

tags | advisory, remote, kernel, local
systems | linux, redhat
advisories | CVE-2013-2596, CVE-2014-5471, CVE-2014-5472, CVE-2014-7841, CVE-2014-8159
MD5 | d15369b6649a33c94b47812a68fff26a
Red Hat Security Advisory 2015-0694-01
Posted Mar 18, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-0694-01 - The kernel-rt packages contain the Linux kernel, the core of any Linux operating system. A flaw was found in the way the Linux kernel's XFS file system handled replacing of remote attributes under certain conditions. A local user with access to XFS file system mount could potentially use this flaw to escalate their privileges on the system. A flaw was found in the way the Linux kernel's splice() system call validated its parameters. On certain file systems, a local, unprivileged user could use this flaw to write past the maximum file size, and thus crash the system.

tags | advisory, remote, kernel, local
systems | linux, redhat
advisories | CVE-2014-7822, CVE-2014-8086, CVE-2014-8172, CVE-2014-8173, CVE-2015-0274
MD5 | 0c5f424e7c0bc3cb15fbd707b2f05cc0
Debian Security Advisory 3193-1
Posted Mar 18, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3193-1 - Several vulnerabilities have been discovered in tcpdump, a command-line network traffic analyzer. These vulnerabilities might result in denial of service (application crash) or, potentially, execution of arbitrary code.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, debian
advisories | CVE-2015-0261, CVE-2015-2153, CVE-2015-2154, CVE-2015-2155
MD5 | 2d8f1307419f21351f9cc6fd0267976b
HP Security Bulletin HPSBHF03293
Posted Mar 18, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBHF03293 1 - Potential security vulnerabilities have been identified with HP Virtual Connect 8Gb 24-Port FC Module running OpenSSL and Bash including heartbleed, padding oracle, and shellshock issues. Revision 1 of this advisory.

tags | advisory, vulnerability, bash
advisories | CVE-2009-3555, CVE-2014-0160, CVE-2014-0195, CVE-2014-3505, CVE-2014-3506, CVE-2014-3507, CVE-2014-3508, CVE-2014-3509, CVE-2014-3510, CVE-2014-3511, CVE-2014-3512, CVE-2014-3566, CVE-2014-5139
MD5 | 2dc875ac3e85c020efbbad0374960f27
Gentoo Linux Security Advisory 201503-08
Posted Mar 18, 2015
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201503-8 - Vulnerabilities in file could allow a context-dependent attack to create a Denial of Service condition. Versions less than 5.22 are affected.

tags | advisory, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2014-2270, CVE-2014-9620, CVE-2014-9621
MD5 | f3b83cec7a1ff6ae23a7a9664504dd3f
Page 1 of 1
Back1Next

File Archive:

December 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    15 Files
  • 2
    Dec 2nd
    2 Files
  • 3
    Dec 3rd
    1 Files
  • 4
    Dec 4th
    15 Files
  • 5
    Dec 5th
    15 Files
  • 6
    Dec 6th
    18 Files
  • 7
    Dec 7th
    17 Files
  • 8
    Dec 8th
    15 Files
  • 9
    Dec 9th
    13 Files
  • 10
    Dec 10th
    4 Files
  • 11
    Dec 11th
    41 Files
  • 12
    Dec 12th
    42 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close