exploit the possibilities
Showing 1 - 17 of 17 RSS Feed

Files Date: 2015-04-24

Debian Security Advisory 3234-1
Posted Apr 24, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3234-1 - Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in the execution of arbitrary code, breakouts of the Java sandbox, information disclosure or denial of service.

tags | advisory, java, denial of service, arbitrary, vulnerability, info disclosure
systems | linux, debian
advisories | CVE-2015-0460, CVE-2015-0469, CVE-2015-0470, CVE-2015-0477, CVE-2015-0478, CVE-2015-0480, CVE-2015-0488
MD5 | 68c1fa2431178714586f71a6313fd93f
HP Security Bulletin HPSBHF03272 1
Posted Apr 24, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBHF03272 1 - A potential security vulnerability has been identified with certain HP Servers with NVidia GPU Computing Driver running Windows Server 2008. This vulnerability could be exploited resulting in elevation of privilege. Revision 1 of this advisory.

tags | advisory
systems | windows
advisories | CVE-2015-1170
MD5 | 6c672b010e9a0c4ba05565387fb2189e
HP Security Bulletin HPSBPI03315 1
Posted Apr 24, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBPI03315 1 - A potential security vulnerability has been identified with HP Capture and Route Software. The vulnerability could be exploited remotely resulting in information disclosure. Revision 1 of this advisory.

tags | advisory, info disclosure
advisories | CVE-2015-2115
MD5 | 2e9ddf95dd0148177a9a371fdef86402
Debian Security Advisory 3233-1
Posted Apr 24, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3233-1 - The Google security team and the smart hardware research group of Alibaba security team discovered a flaw in how wpa_supplicant used SSID information when creating or updating P2P peer entries. A remote attacker can use this flaw to cause wpa_supplicant to crash, expose memory contents, and potentially execute arbitrary code.

tags | advisory, remote, arbitrary
systems | linux, debian
advisories | CVE-2015-1863
MD5 | 9b9a4e2795bb89577ad2d6a9dffe15aa
Fwknop Port Knocking Utility 2.6.6
Posted Apr 24, 2015
Authored by Michael Rash | Site cipherdyne.org

fwknop implements an authorization scheme that requires only a single encrypted packet to communicate various pieces of information, including desired access through a Netfilter policy and/or specific commands to execute on the target system. The main application of this program is to protect services such as SSH with an additional layer of security in order to make the exploitation of vulnerabilities much more difficult. The authorization server works by passively monitoring authorization packets via libpcap.

Changes: fwknopd can now function as a generic SPA gateway. Various bug fixes.
tags | tool, scanner, vulnerability
systems | unix
MD5 | 5f147499d7cb7df280f0ed1356f242f6
WordPress WPshop eCommerce 1.3.9.5 Shell Upload
Posted Apr 24, 2015
Authored by g0blin | Site metasploit.com

This Metasploit module exploits an arbitrary file upload in the WordPress WPshop eCommerce plugin versions 1.3.3.3 to 1.3.9.5. It allows you to upload arbitrary PHP code and get remote code execution. This Metasploit module has been tested successfully on WordPress WPshop eCommerce 1.3.9.5 with WordPress 4.1.3 on Ubuntu 14.04 Server.

tags | exploit, remote, arbitrary, php, code execution, file upload
systems | linux, ubuntu
MD5 | 47f05fc1fec0514454d17074ff974ce7
Packet Fence 5.0.1
Posted Apr 24, 2015
Site packetfence.org

PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.

Changes: Various updates.
tags | tool, remote
systems | unix
MD5 | 7a4f1db95bbbf690d2567091f9a4ab6d
WordPress InBoundio Marketing 2.0 Shell Upload
Posted Apr 24, 2015
Authored by KedAns-Dz | Site metasploit.com

This Metasploit module exploits an arbitrary file upload in the WordPress InBoundio Marketing plugin version 2.0. It allows you to upload arbitrary php files and get remote code execution. This Metasploit module has been tested successfully on WordPress InBoundio Marketing 2.0.3 with Wordpress 4.1.3 on Ubuntu 14.04 Server.

tags | exploit, remote, arbitrary, php, code execution, file upload
systems | linux, ubuntu
MD5 | d69c87a1fb675a1d9ec3875b115421ab
WooThemes WooFramework 4.5.1 Cross Site Scripting
Posted Apr 24, 2015
Authored by Evex

WooThemes WooFramework version 4.5.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | b2bad2261d306b38b046a2531e6315da
OpenFire XMPP 3.9.3 Certificate Handling
Posted Apr 24, 2015
Authored by Simon Waters, Kim Alvefur

OpenFire XMPP versions 3.9.3 and below incorrectly accepts self-signed certificates potentially allowing for spoofing attacks.

tags | advisory, spoof
advisories | CVE-2014-3451, CVE-2015-2080
MD5 | a241929e240ab08790753986b4b0db93
Xoops CMS 2.5.7.1 Cross Site Scripting
Posted Apr 24, 2015
Authored by Vadodil Joel Varghese

Xoops CMS version 2.5.7.1 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | 5b7f03ec2fc2a894d1758966ad039d18
Ubuntu Security Notice USN-2571-1
Posted Apr 24, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2571-1 - Robert Kaiser discovered a use-after-free during plugin initialization in some circumstances. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash or execute arbitrary code with the privileges of the user invoking Firefox.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2015-2706
MD5 | 0a15e2f6751338b15f517c60821aa553
FlatPress 1.0 Cross Site Scripting
Posted Apr 24, 2015
Authored by Provensec

FlatPress version 1.0 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | fef1d2a0175ee7fa843b35b96f099a5b
WordPress QAEngine Theme 1.4 Privilege Escalation
Posted Apr 24, 2015
Authored by Evex

WordPress QAEngine Theme version 1.4 suffers from a privilege escalation vulnerability.

tags | exploit
MD5 | 93d13195455ab0fcdd2576239466043f
WordPress Premium SEO Pack 1.8.0 Shell Upload / File Disclosure
Posted Apr 24, 2015
Authored by Evex

WordPress Premium SEO Pack plugin version 1.8.0 suffers from file disclosure and remote shell upload vulnerabilities.

tags | exploit, remote, shell, vulnerability
MD5 | c8ce96547a22fe4e4b5b365fef94ba28
4k Satellite Security Research - DVB-S2X Standard Evaluation Notes
Posted Apr 24, 2015
Authored by Nicholas Lemonias

During a security evaluation of the Digital Video Broadcasting for Satellite-S2X (Extended) for UHD/4K compatible ecosystems; conducted internally by the Advanced Information Security Group, instances of insecure function use were observed, which could lead to exploitation of these systems.

tags | paper
MD5 | 062abf2df5f08043368cc2dc4c715450
Encaps PHP/Flash Gallery 2.3.22s Database DoS
Posted Apr 24, 2015
Authored by ZoRLu

Encaps PHP/Flash Gallery version 2.3.22s allows for the database to be filled up due to poor design.

tags | exploit, denial of service, php
MD5 | 6f1801730992efa9f0fd0c85f5fa34c1
Page 1 of 1
Back1Next

File Archive:

March 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    19 Files
  • 2
    Mar 2nd
    15 Files
  • 3
    Mar 3rd
    30 Files
  • 4
    Mar 4th
    13 Files
  • 5
    Mar 5th
    9 Files
  • 6
    Mar 6th
    0 Files
  • 7
    Mar 7th
    0 Files
  • 8
    Mar 8th
    0 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    0 Files
  • 12
    Mar 12th
    0 Files
  • 13
    Mar 13th
    0 Files
  • 14
    Mar 14th
    0 Files
  • 15
    Mar 15th
    0 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    0 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close