exploit the possibilities
Showing 1 - 16 of 16 RSS Feed

Files Date: 2015-06-12

FreeBSD Security Advisory - OpenSSL
Posted Jun 12, 2015
Site security.freebsd.org

FreeBSD Security Advisory - A vulnerability in the TLS protocol would allow a man-in-the-middle attacker to downgrade vulnerable TLS connections using ephemeral Diffie-Hellman key exchange to 512-bit export-grade cryptography. This vulnerability is also known as Logjam. When processing an ECParameters structure OpenSSL enters an infinite loop if the curve specified is over a specially malformed binary polynomial field. When verifying a signedData message the CMS code can enter an infinite loop if presented with an unknown hash function OID. Various other issues have also been addressed.

tags | advisory, protocol
systems | freebsd
advisories | CVE-2015-1788, CVE-2015-1789, CVE-2015-1790, CVE-2015-1791, CVE-2015-1792, CVE-2015-4000
SHA-256 | 0f31d8be8e851db5b69fa3df18252499edec9d5d973028af8019e2d1dedd741b
ZENWorks Mobile Management 3.1.0 Cross Site Scripting
Posted Jun 12, 2015
Authored by Ludwig Stage

ZENWorks Mobile Management version 3.1.0 suffers from cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 4bbde26ce7965cf1887a851e3e9618d8219aa196922007ddf099b40bc39424d9
ZCMS 1.1 Cross Site Scripting / SQL Injection
Posted Jun 12, 2015
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

ZCMS version 1.1 suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
advisories | CVE-2015-7346, CVE-2015-7347
SHA-256 | 48b7985536c829c68f8c273b6cbb3c70ba81616e23a0a6717f970b9388c773f3
Slackware Security Advisory - openssl Updates
Posted Jun 12, 2015
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New openssl packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix security issues.

tags | advisory
systems | linux, slackware
advisories | CVE-2015-1788, CVE-2015-1789, CVE-2015-1790, CVE-2015-1791, CVE-2015-1792
SHA-256 | 2962493df3bab04e6da05c5a3ab7712dc75bd67fbb5d58875167e328474e2492
Slackware Security Advisory - php Updates
Posted Jun 12, 2015
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New php packages are available for Slackware 14.0, 14.1, and -current to fix security issues.

tags | advisory, php
systems | linux, slackware
advisories | CVE-2006-7243, CVE-2015-2325, CVE-2015-2326, CVE-2015-4021, CVE-2015-4022, CVE-2015-4024, CVE-2015-4025, CVE-2015-4026
SHA-256 | d46bff1ad8715f8db73bf3d6deb2ea0641bf605d7e81b4b90da0ea972c16a264
OpenSSL Toolkit 1.0.2b
Posted Jun 12, 2015
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.

Changes: Infinite loop on malformed ECParameters structure addressed. PKCS7 crash addressed. Various other issues addressed.
tags | tool, encryption, protocol
systems | unix
advisories | CVE-2015-1788, CVE-2015-1789, CVE-2015-1790, CVE-2015-1791, CVE-2015-1792
SHA-256 | d5d488cc9f0a07974195a7427094ea3cab9800a4e90178b989aa621fbc238e3f
TOR Virtual Network Tunneling Tool 0.2.6.9
Posted Jun 12, 2015
Authored by Roger Dingledine | Site tor.eff.org

Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).

Changes: Tor 0.2.6.9 fixes a regression in the circuit isolation code, increases the requirements for receiving an HSDir flag, and addresses some other small bugs in the systemd and sandbox code. Clients using circuit isolation should upgrade; all directory authorities should upgrade.
tags | tool, remote, local, peer2peer
systems | unix
SHA-256 | 4a6c29ad89a98d7832c599d9480d6d8e55355fb3b8f4b506c5df557f15942f9c
Concrete5 5.7.4 SQL Injection
Posted Jun 12, 2015
Authored by EgiX

Concrete5 versions 5.7.4 and below suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 09135e38d13882eebea77629d624025c3928967909de59178c537978dfc7e7ac
Concrete5 5.7.3.1 Cross Site Scripting
Posted Jun 12, 2015
Authored by EgiX

Concrete5 versions 5.7.3.1 and below suffer from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 5a6ef1506e51dfe8f5c743d4ac107de78835ad514c929a0dbd4c1e19c02acdda
Nakid CMS CSRF / XSS / Local File Inclusion
Posted Jun 12, 2015
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Nakid CMS suffers from cross site request forgery, cross site scripting, and local file inclusion vulnerabilities.

tags | exploit, local, vulnerability, xss, file inclusion, csrf
SHA-256 | 213644d6e877f9fa9f9a49e5bc61b7ee71f973106f713dd2bf637428e4c5a084
Concrete5 5.7.3.1 sendmail Remote Code Execution
Posted Jun 12, 2015
Authored by EgiX

Concrete5 versions 5.7.3.1 and below suffers from a sendmail-related remote code execution vulnerability.

tags | exploit, remote, code execution
SHA-256 | 2738129737c2ca9db8afcb24d75b7688377742b1d8ad9da2b2e8397c4bd6faed
HP WebInspect 10.4 XML External Entity
Posted Jun 12, 2015
Authored by Jakub Palaczynski

HP WebInspect versions 7.x, 8.x, 9.x, and 10.0 through 10.4 suffer from an XML external entity vulnerability.

tags | exploit, xxe
advisories | CVE-2015-2125
SHA-256 | 44df7fcf639b2f66354665111858dd4bced1a796a547d6fed87ff5cd8eccb16d
D-Link DSP-W110 Command Execution / SQL Injection / File Upload
Posted Jun 12, 2015
Authored by Peter Adkins

D-Link DSP-W110 suffers from command execution, remote file upload, and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection, file upload
SHA-256 | 987c2150fb283efdb56ad6e1fe865f4be1e2dd33aa09a56da9ad840d2f12fcee
OSSEC 2.8.1 Local Root Escalation
Posted Jun 12, 2015
Authored by Andrew Widdersheim

OSSEC versions 2.7 through 2.8.1 suffer from a local root escalation vulnerability.

tags | exploit, local, root
advisories | CVE-2015-3222
SHA-256 | da7900816ec1317c697a05427f893356afcf036cd0b4650baf2f3a1691906bca
WordPress Paypal Currency Converter Basic For Woocommerce 1.3 File Read
Posted Jun 12, 2015
Authored by Kuroi SH

WordPress Paypal Currency Converter Basic For Woocommerce plugin version 1.3 suffers from a remote file read vulnerability.

tags | exploit, remote
SHA-256 | e04dd5ea02115e46a5cc0fb22ba122f16b77c65143a6298895abb799aa17cfc8
WordPress History Collection 1.1.1 Arbitrary File Download
Posted Jun 12, 2015
Authored by Kuroi SH

WordPress History Collection versions 1.1.1 and below suffers from an arbitrary file download vulnerability.

tags | exploit, arbitrary
SHA-256 | 292b146038de272d4fe5d399d89090da275db148602fb4c38a8f1875b905c077
Page 1 of 1
Back1Next

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    26 Files
  • 18
    May 18th
    4 Files
  • 19
    May 19th
    17 Files
  • 20
    May 20th
    2 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    6 Files
  • 24
    May 24th
    19 Files
  • 25
    May 25th
    5 Files
  • 26
    May 26th
    12 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close