Exploit the possiblities
Showing 1 - 15 of 15 RSS Feed

Files Date: 2015-04-06

Debian Security Advisory 3216-1
Posted Apr 6, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3216-1 - Several vulnerabilities have been discovered in Tor, a connection-based low-latency anonymous communication system.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2015-2928, CVE-2015-2929
MD5 | 9dd4d8789edbfd1a32778c0cce6c0e77
HP Security Bulletin HPSBMU03296 1
Posted Apr 6, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU03296 1 - Potential security vulnerabilities have been identified with HP BladeSystem c-Class Onboard Administrator. These vulnerabilities include the SSLv3 vulnerability known as "Padding Oracle on Downgraded Legacy Encryption" or "POODLE", which could be exploited remotely to allow a Denial of Service (DoS). Revision 1 of this advisory.

tags | advisory, denial of service, vulnerability
advisories | CVE-2014-3513, CVE-2014-3567
MD5 | ba5d33221cd12b475b8a3da8f1e74fd2
Debian Security Advisory 3215-1
Posted Apr 6, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3215-1 - Multiple vulnerabilities were discovered in libgd2, a graphics library.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2014-2497, CVE-2014-9709
MD5 | ae147d811abe0587c84118964cf57e79
Debian Security Advisory 3214-1
Posted Apr 6, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3214-1 - A path traversal vulnerability was discovered in Mailman, the mailing list manager. Installations using a transport script (such as postfix-to-mailman.py) to interface with their MTA instead of static aliases were vulnerable to a path traversal attack. To successfully exploit this, an attacker needs write access on the local file system.

tags | advisory, local
systems | linux, debian
advisories | CVE-2015-2775
MD5 | 4843b692d2b46cf2617c326d479fc6de
Debian Security Advisory 3213-1
Posted Apr 6, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3213-1 - Multiple vulnerabilities have been discovered in arj, an open source version of the arj archiver.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2015-0556, CVE-2015-0557, CVE-2015-2782
MD5 | 2f5fc59d076daf3c7b0efa99eb4f3a83
IPv6 Toolkit 2.0
Posted Apr 6, 2015
Authored by Fernando Gont | Site si6networks.com

SI6 Networks' IPv6 toolkit is a security assessment and troubleshooting tool for the IPv6 protocols. It can send arbitrary IPv6-based packets.

Changes: Added a fully-IPv6-capable traceroute tool, named path6. Added a new tool which incorporates new functionality and also provides a shortcut to other existing tools. Added a new tool isolates IPv6 blackholes. Added a new tool that can send arbitrary UDP/IPv6 packets. Various bug fixes.
tags | tool, arbitrary, scanner, protocol
systems | unix
MD5 | 9274f87dd5f57da78c08998e283ad7ed
Solarwinds Firewall Security Manager 6.6.5 Client Session Handling
Posted Apr 6, 2015
Authored by rgod, mr_me, sinn3r | Site metasploit.com

This Metasploit module exploits multiple vulnerabilities found in Solarwinds Firewall Security Manager 6.6.5. The first vulnerability is an authentication bypass via the Change Advisor interface due to a user-controlled session.putValue API in userlogin.jsp, allowing the attacker to set the 'username' attribute before authentication. The second problem is that the settings-new.jsp file will only check the 'username' attribute before authorizing the 'uploadFile' action, which can be exploited and allows the attacker to upload a fake xls host list file to the server, and results in arbitrary code execution under the context of SYSTEM. Depending on the installation, by default the Change Advisor web server is listening on port 48080 for an express install. Otherwise, this service may appear on port 8080. Solarwinds has released a fix for this vulnerability as FSM-v6.6.5-HotFix1.zip. You may download it from the module's References section.

tags | exploit, web, arbitrary, vulnerability, code execution
advisories | CVE-2015-2284, OSVDB-81634
MD5 | 3c9531f839e4a854197540d7030b14ad
Red Hat Security Advisory 2015-0778-01
Posted Apr 6, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-0778-01 - Chromium is an open-source web browser, powered by WebKit. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Chromium to crash or, potentially, execute arbitrary code with the privileges of the user running Chromium. All Chromium users should upgrade to these updated packages, which contain Chromium version 41.0.2272.118, which corrects these issues. After installing the update, Chromium must be restarted for the changes to take effect.

tags | advisory, web, arbitrary
systems | linux, redhat
advisories | CVE-2015-1233, CVE-2015-1234
MD5 | 20abb26e23de70e904af36d63fd788c0
HotExBilling Manager 73 Cross Site Scripting
Posted Apr 6, 2015
Authored by Bhadresh Patel

HotExBilling Manager version 73 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2015-2781
MD5 | 7a66937f749fbe0eb67b2140450d509b
WordPress Work The Flow 2.5.2 Shell Upload
Posted Apr 6, 2015
Authored by Claudio Viviani

WordPress Work The Flow plugin version 2.5.2 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
MD5 | a53233d734f9fe05eae5802395b125b1
Oracle.com Cross Site Scripting
Posted Apr 6, 2015
Authored by Yann CAM

Oracle.com suffered from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | ada219bfca0dc7b6bc8b588f6d99582e
Pitbull / w3tw0rk Perl IRC Bot Remote Code Execution
Posted Apr 6, 2015
Authored by Jay Turla

Proof of concept exploit for the Pitbull and w3tw0rk IRC bots that takes over the owner of a bot which then allows for remote code execution.

tags | exploit, remote, code execution, proof of concept
MD5 | 63664fa95d7d516d4bc20773c093f40a
Digital Whisper Electronic Magazine #60
Posted Apr 6, 2015
Authored by cp77fk4r, digitalwhisper

Digital Whisper Electronic Magazine issue 60. Written in Hebrew.

tags | magazine
MD5 | 64fdc8ed26151d15a033b9e33dc7dd10
PyScripter DLL Hijacking
Posted Apr 6, 2015
Authored by TUNISIAN CYBER

PyScripter suffers from a dll hijacking vulnerability.

tags | exploit
systems | windows
MD5 | 16887a7fd428a174d49adf1cb6dfcfab
Kerberos krb5-1.13 Insecure Functions
Posted Apr 6, 2015
Authored by Nicholas Lemonias

Kerberos version krb5-1.13 makes use of some insecure functions.

tags | advisory
MD5 | 6e3090af9a33fee487f0f35aaa545267
Page 1 of 1
Back1Next

File Archive:

November 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    22 Files
  • 2
    Nov 2nd
    28 Files
  • 3
    Nov 3rd
    10 Files
  • 4
    Nov 4th
    1 Files
  • 5
    Nov 5th
    5 Files
  • 6
    Nov 6th
    15 Files
  • 7
    Nov 7th
    15 Files
  • 8
    Nov 8th
    13 Files
  • 9
    Nov 9th
    9 Files
  • 10
    Nov 10th
    9 Files
  • 11
    Nov 11th
    3 Files
  • 12
    Nov 12th
    2 Files
  • 13
    Nov 13th
    15 Files
  • 14
    Nov 14th
    17 Files
  • 15
    Nov 15th
    19 Files
  • 16
    Nov 16th
    15 Files
  • 17
    Nov 17th
    19 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close