exploit the possibilities
Showing 1 - 15 of 15 RSS Feed

Files Date: 2015-04-23

Ubuntu usb-creator 0.2.x Local Privilege Escalation
Posted Apr 23, 2015
Authored by Tavis Ormandy

Ubuntu usb-creator version 0.2.x suffers from a local privilege escalation vulnerability.

tags | exploit, local
systems | linux, ubuntu
MD5 | 4295a2995456f4ce11eecc1c5a890569
Red Hat Security Advisory 2015-0884-01
Posted Apr 23, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-0884-01 - The novnc package provides a VNC client that uses HTML5 and includes encryption support. It was discovered that noVNC did not properly set the 'secure' flag when issuing cookies. An attacker could use this flaw to intercept cookies via a man-in-the-middle attack. All novnc users are advised to upgrade to this updated package, which corrects this issue.

tags | advisory
systems | linux, redhat
advisories | CVE-2013-7436
MD5 | ce5750425d04479f69b590fd043275a4
MIMEDefang Email Scanner 2.78
Posted Apr 23, 2015
Authored by Dianne Skoll | Site mimedefang.org

MIMEDefang is a flexible MIME email scanner designed to protect Windows clients from viruses. Includes the ability to do many other kinds of mail processing, such as replacing parts of messages with URLs. It can alter or delete various parts of a MIME message according to a very flexible configuration file. It can also bounce messages with unacceptable attachments. MIMEDefang works with the Sendmail 8.11 and newer "Milter" API, which makes it more flexible and efficient than procmail-based approaches.

Changes: Fixed bug in logic that coalesces multiparts to single-parts if possible; the bug broke DKIM signing. Fix is courtesy of Peter Nagel.
tags | tool
systems | windows, unix
MD5 | 556999ff8adfed53de9eceac3d84d8a7
Honeywell XLWEB SCADA Path Traversal
Posted Apr 23, 2015
Authored by Martin Jartelius

Honeywell XLWEB SCADA controller suffers from a remote path traversal vulnerability that allows for remote code execution.

tags | exploit, remote, code execution, file inclusion
MD5 | cc4f403d75d18621f95227319cf72b5c
Ubuntu Security Notice USN-2577-1
Posted Apr 23, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2577-1 - It was discovered that wpa_supplicant incorrectly handled SSID information when creating or updating P2P peer entries. A remote attacker could use this issue to cause wpa_supplicant to crash, resulting in a denial of service, expose memory contents, or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2015-1863
MD5 | efc51f0ed24d245b4dbe05b819725262
Ubuntu Security Notice USN-2576-1
Posted Apr 23, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2576-1 - Tavis Ormandy discovered that usb-creator was missing an authentication check. A local attacker could use this issue to gain elevated privileges.

tags | advisory, local
systems | linux, ubuntu
MD5 | 3a2bf994180558ec5910836083588420
Ubuntu Security Notice USN-2576-2
Posted Apr 23, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2576-2 - USN-2576-1 fixed a vulnerability in usb-creator. This update provides the corresponding fix for Ubuntu 15.04. Tavis Ormandy discovered that usb-creator was missing an authentication check. A local attacker could use this issue to gain elevated privileges.

tags | advisory, local
systems | linux, ubuntu
MD5 | 4ac84f174bc9cb111c55345298468a2c
Avsarsoft Matbaa Script Cross Site Scripting / Shell Upload
Posted Apr 23, 2015
Authored by ZoRLu

Avsarsoft Matbaa Script suffers from cross site scripting and remote shell upload vulnerabilities.

tags | exploit, remote, shell, vulnerability, xss
MD5 | 641cb4461ba3a542753817a64515a3d6
Pligg CMS 2.0.2 Cross Site Scripting
Posted Apr 23, 2015
Authored by Vadodil Joel Varghese

Pligg CMS version 2.0.2 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | c796ebebfef285dd972ddf899c409f5c
ZYXEL P-660HN-T1H_IPv6 Denial Of Service
Posted Apr 23, 2015
Authored by Koorosh Ghorbani

ZYXEL P-660HN-T1H_IPv6 remote configuration editor / web service denial of service exploit.

tags | exploit, remote, web, denial of service
MD5 | fd962886d10439322739e572f2529b6d
Free MP3 CD Ripper 2.6 / 2.8 Buffer Overflow
Posted Apr 23, 2015
Authored by TUNISIAN CYBER, ThreatActor

Free MP3 CD Ripper versions 2.6 and 2.8 .wav SEH-based buffer overflow exploit.

tags | exploit, overflow
MD5 | 8786f712ef079a94f7bacf2c95008271
Android wpa_supplicant Heap Overflow
Posted Apr 23, 2015
Authored by Alibaba Security Team

wpa_supplicant version 2.x on Android suffers from a heap overflow that can lead to memory information leaks and remote code execution.

tags | advisory, remote, overflow, code execution
advisories | CVE-2015-1863
MD5 | fe484a0f8d5449970fcd139be849f978
Dnsmasq 2.72 Unchecked Return Value
Posted Apr 23, 2015
Authored by Nick Sampanis

Dnsmasq version 2.72 does not properly check the return value of the setup_reply() function called during a tcp connection (by the tcp_request() function). This return value is then used as a size argument in a function which writes data on the client's connection. This may lead, upon successful exploitation, to reading the heap memory of dnsmasq.

tags | advisory, tcp
MD5 | 0a3232582312137a8329742ac4b5d54d
Socrata Online Service Script Insertion
Posted Apr 23, 2015
Authored by Benjamin Kunz Mejri | Site vulnerability-lab.com

Socrata Online Service suffers from a script insertion vulnerability.

tags | exploit
MD5 | b34c5a540371c1acf1a1624848fe156b
Magento eCommerce SQL Injection / RFI / LFI / Command Execution
Posted Apr 23, 2015
Authored by Shahar Tal

Magento eCommerce suffers from authentication bypass, local file inclusion, remote file inclusion, and remote SQL injection vulnerabilities.

tags | advisory, remote, local, vulnerability, sql injection, file inclusion
MD5 | f078a374727a25c07f673febd10ab98d
Page 1 of 1
Back1Next

File Archive:

June 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    10 Files
  • 2
    Jun 2nd
    16 Files
  • 3
    Jun 3rd
    15 Files
  • 4
    Jun 4th
    25 Files
  • 5
    Jun 5th
    8 Files
  • 6
    Jun 6th
    0 Files
  • 7
    Jun 7th
    0 Files
  • 8
    Jun 8th
    0 Files
  • 9
    Jun 9th
    0 Files
  • 10
    Jun 10th
    0 Files
  • 11
    Jun 11th
    0 Files
  • 12
    Jun 12th
    0 Files
  • 13
    Jun 13th
    0 Files
  • 14
    Jun 14th
    0 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    0 Files
  • 18
    Jun 18th
    0 Files
  • 19
    Jun 19th
    0 Files
  • 20
    Jun 20th
    0 Files
  • 21
    Jun 21st
    0 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close