exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 13 of 13 RSS Feed

Files Date: 2015-04-06

Debian Security Advisory 3216-1
Posted Apr 6, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3216-1 - Several vulnerabilities have been discovered in Tor, a connection-based low-latency anonymous communication system.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2015-2928, CVE-2015-2929
SHA-256 | 81c084de4cd2de6083573bce140eb406f89e273d97f00f390c9dd56fdc86863e
HP Security Bulletin HPSBMU03296 1
Posted Apr 6, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU03296 1 - Potential security vulnerabilities have been identified with HP BladeSystem c-Class Onboard Administrator. These vulnerabilities include the SSLv3 vulnerability known as "Padding Oracle on Downgraded Legacy Encryption" or "POODLE", which could be exploited remotely to allow a Denial of Service (DoS). Revision 1 of this advisory.

tags | advisory, denial of service, vulnerability
advisories | CVE-2014-3513, CVE-2014-3567
SHA-256 | 9513e9f5e721a57f1d75304573ad18b07d6f46d52f0ee772d57b7eadb0a6b5d3
Debian Security Advisory 3215-1
Posted Apr 6, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3215-1 - Multiple vulnerabilities were discovered in libgd2, a graphics library.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2014-2497, CVE-2014-9709
SHA-256 | f5407791a7d254b53e025eae1a764e715e59de2b3403d0297501a6900adb290c
Debian Security Advisory 3214-1
Posted Apr 6, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3214-1 - A path traversal vulnerability was discovered in Mailman, the mailing list manager. Installations using a transport script (such as postfix-to-mailman.py) to interface with their MTA instead of static aliases were vulnerable to a path traversal attack. To successfully exploit this, an attacker needs write access on the local file system.

tags | advisory, local
systems | linux, debian
advisories | CVE-2015-2775
SHA-256 | abf188d9a2c976b95165071e0f07ae6e49e0b202ed2c520547e5a230417b5ae5
Debian Security Advisory 3213-1
Posted Apr 6, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3213-1 - Multiple vulnerabilities have been discovered in arj, an open source version of the arj archiver.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2015-0556, CVE-2015-0557, CVE-2015-2782
SHA-256 | 7f8e93a398d961e10e08110b0546218adeb91474cde082dad6db5e68581db236
Solarwinds Firewall Security Manager 6.6.5 Client Session Handling
Posted Apr 6, 2015
Authored by rgod, mr_me, sinn3r | Site metasploit.com

This Metasploit module exploits multiple vulnerabilities found in Solarwinds Firewall Security Manager 6.6.5. The first vulnerability is an authentication bypass via the Change Advisor interface due to a user-controlled session.putValue API in userlogin.jsp, allowing the attacker to set the 'username' attribute before authentication. The second problem is that the settings-new.jsp file will only check the 'username' attribute before authorizing the 'uploadFile' action, which can be exploited and allows the attacker to upload a fake xls host list file to the server, and results in arbitrary code execution under the context of SYSTEM. Depending on the installation, by default the Change Advisor web server is listening on port 48080 for an express install. Otherwise, this service may appear on port 8080. Solarwinds has released a fix for this vulnerability as FSM-v6.6.5-HotFix1.zip. You may download it from the module's References section.

tags | exploit, web, arbitrary, vulnerability, code execution
advisories | CVE-2015-2284, OSVDB-81634
SHA-256 | 2317dc92c6f139454e3f1f332df164d1f95a0522a4c134a535971f37a15fb0d2
Red Hat Security Advisory 2015-0778-01
Posted Apr 6, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-0778-01 - Chromium is an open-source web browser, powered by WebKit. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Chromium to crash or, potentially, execute arbitrary code with the privileges of the user running Chromium. All Chromium users should upgrade to these updated packages, which contain Chromium version 41.0.2272.118, which corrects these issues. After installing the update, Chromium must be restarted for the changes to take effect.

tags | advisory, web, arbitrary
systems | linux, redhat
advisories | CVE-2015-1233, CVE-2015-1234
SHA-256 | 10d36eec9969e9b5e3d698537439e144a6d70437b17d37086674397cd04d085e
HotExBilling Manager 73 Cross Site Scripting
Posted Apr 6, 2015
Authored by Bhadresh Patel

HotExBilling Manager version 73 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2015-2781
SHA-256 | f89a76503b13c1babdd6ef06c3833e86ce72585726e830aa66ce9afa10898690
WordPress Work The Flow 2.5.2 Shell Upload
Posted Apr 6, 2015
Authored by Claudio Viviani

WordPress Work The Flow plugin version 2.5.2 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
SHA-256 | b23e731d1911c049312f934170230326589cb951911a5055e04af2200b606f71
Oracle.com Cross Site Scripting
Posted Apr 6, 2015
Authored by Yann CAM

Oracle.com suffered from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 6c4b6e99ca086b5b03c0f64ae43d2959fece8ee22e1ed5f22a41e02102ac10d6
Pitbull / w3tw0rk Perl IRC Bot Remote Code Execution
Posted Apr 6, 2015
Authored by Jay Turla

Proof of concept exploit for the Pitbull and w3tw0rk IRC bots that takes over the owner of a bot which then allows for remote code execution.

tags | exploit, remote, code execution, proof of concept
SHA-256 | 25d37202a1a216b2b3b0ea44f8cc962fb754a7bbee64d6160acc06a8185d216a
Digital Whisper Electronic Magazine #60
Posted Apr 6, 2015
Authored by cp77fk4r, digitalwhisper

Digital Whisper Electronic Magazine issue 60. Written in Hebrew.

tags | magazine
SHA-256 | c5a27d1c458250c59014799c3f3542537279ddfeb28d4dad6e909e0fc9818dc6
PyScripter DLL Hijacking
Posted Apr 6, 2015
Authored by TUNISIAN CYBER

PyScripter suffers from a dll hijacking vulnerability.

tags | exploit
systems | windows
SHA-256 | 55afe0741013c5aa1c6904d79f64dbf252cb5d23bd2c7456e8b0ae301d4f2c89
Page 1 of 1
Back1Next

File Archive:

July 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    52 Files
  • 2
    Jul 2nd
    0 Files
  • 3
    Jul 3rd
    0 Files
  • 4
    Jul 4th
    0 Files
  • 5
    Jul 5th
    0 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    0 Files
  • 9
    Jul 9th
    0 Files
  • 10
    Jul 10th
    0 Files
  • 11
    Jul 11th
    0 Files
  • 12
    Jul 12th
    0 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    0 Files
  • 16
    Jul 16th
    0 Files
  • 17
    Jul 17th
    0 Files
  • 18
    Jul 18th
    0 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close