exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 17 of 17 RSS Feed

Files Date: 2015-06-25

GeniXCMS 0.0.3 SQL Injection
Posted Jun 25, 2015
Authored by cfreer

GeniXCMS version 0.0.3 suffers from multiple remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
advisories | CVE-2015-3933
SHA-256 | 56b42b89c53ae00854dd56e9d88622dc91c0daaec73811639535c290e2c3f090
Red Hat Security Advisory 2015-1189-01
Posted Jun 25, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1189-01 - KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. A flaw was found in the way QEMU's AMD PCnet Ethernet emulation handled multi-TMD packets with a length above 4096 bytes. A privileged guest user in a guest with an AMD PCNet ethernet card enabled could potentially use this flaw to execute arbitrary code on the host with the privileges of the hosting QEMU process.

tags | advisory, arbitrary
systems | linux, redhat
advisories | CVE-2015-3209
SHA-256 | 39d964d6cb4b4dda9a64b2021f7fbd2ea4a581275c0694de8d847d2d82bfa972
Red Hat Security Advisory 2015-1190-01
Posted Jun 25, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1190-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. It was found that the Linux kernel's implementation of vectored pipe read and write functionality did not take into account the I/O vectors that were already processed when retrying after a failed atomic access operation, potentially resulting in memory corruption due to an I/O vector array overrun. A local, unprivileged user could use this flaw to crash the system or, potentially, escalate their privileges on the system.

tags | advisory, overflow, kernel, local
systems | linux, redhat
advisories | CVE-2015-1805
SHA-256 | 614e331de01ad1a7352b1d4be6b38996c86ac2ef7653cb8f9b14bbfe9b0c580b
Ubuntu Security Notice USN-2653-1
Posted Jun 25, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2653-1 - It was discovered that multiple Python protocol libraries incorrectly limited certain data when connecting to servers. A malicious ftp, http, imap, nntp, pop or smtp server could use this issue to cause a denial of service. It was discovered that the Python xmlrpc library did not limit unpacking gzip-compressed HTTP bodies. A malicious server could use this issue to cause a denial of service. Various other issues were also addressed.

tags | advisory, web, denial of service, imap, protocol, python
systems | linux, ubuntu
advisories | CVE-2013-1752, CVE-2013-1753, CVE-2014-4616, CVE-2014-4650, CVE-2014-7185
SHA-256 | c92a23a6c2ffef9c5e260503201c22b883bc893d34393a43e5e16c00a1a6be64
Ubuntu Security Notice USN-2654-1
Posted Jun 25, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2654-1 - It was discovered that the Tomcat XML parser incorrectly handled XML External Entities (XXE). A remote attacker could possibly use this issue to read arbitrary files. This issue only affected Ubuntu 14.04 LTS. It was discovered that Tomcat incorrectly handled data with malformed chunked transfer coding. A remote attacker could possibly use this issue to conduct HTTP request smuggling attacks, or cause Tomcat to consume resources, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS. Various other issues were also addressed.

tags | advisory, remote, web, denial of service, arbitrary, xxe
systems | linux, ubuntu
advisories | CVE-2014-0119, CVE-2014-0227, CVE-2014-0230, CVE-2014-7810
SHA-256 | a174f8e325d9828914e2df7525e1cae37224c8bc3844309db620b32444e9b830
Ubuntu Security Notice USN-2655-1
Posted Jun 25, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2655-1 - It was discovered that Tomcat incorrectly handled data with malformed chunked transfer coding. A remote attacker could possibly use this issue to conduct HTTP request smuggling attacks, or cause Tomcat to consume resources, resulting in a denial of service. It was discovered that Tomcat incorrectly handled HTTP responses occurring before the entire request body was finished being read. A remote attacker could possibly use this issue to cause memory consumption, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, remote, web, denial of service
systems | linux, ubuntu
advisories | CVE-2014-0227, CVE-2014-0230, CVE-2014-7810
SHA-256 | b61abbda1322386d4a63d2565e2c7fe0a6030b7c311aa23adfc1d91d678321b9
Red Hat Security Advisory 2015-1187-01
Posted Jun 25, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1187-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. A flaw was found in the way the PHP module for the Apache httpd web server handled pipelined requests. A remote attacker could use this flaw to trigger the execution of a PHP script in a deinitialized interpreter, causing it to crash or, possibly, execute arbitrary code. A flaw was found in the way PHP parsed multipart HTTP POST requests. A specially crafted request could cause PHP to use an excessive amount of CPU time.

tags | advisory, remote, web, arbitrary, php
systems | linux, redhat
advisories | CVE-2015-2783, CVE-2015-3307, CVE-2015-3329, CVE-2015-3330, CVE-2015-3411, CVE-2015-3412, CVE-2015-4021, CVE-2015-4022, CVE-2015-4024, CVE-2015-4025, CVE-2015-4026, CVE-2015-4598, CVE-2015-4602, CVE-2015-4603, CVE-2015-4604, CVE-2015-4605
SHA-256 | b34c749711ea3b7e7d1f8a9142f1a2421a5974fbdf7e052124d26207fc456487
Red Hat Security Advisory 2015-1188-01
Posted Jun 25, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1188-01 - Chromium is an open-source web browser, powered by WebKit. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Chromium to crash or, potentially, execute arbitrary code with the privileges of the user running Chromium. All Chromium users should upgrade to these updated packages, which contain Chromium version 43.0.2357.130, which corrects these issues. After installing the update, Chromium must be restarted for the changes to take effect.

tags | advisory, web, arbitrary
systems | linux, redhat
advisories | CVE-2015-1266, CVE-2015-1267, CVE-2015-1268, CVE-2015-1269
SHA-256 | 8f05ec4a84f19c3c27147f3c264e74d2c2d5cf43d2f907a1d8b59d6321f7e3b4
Red Hat Security Advisory 2015-1186-01
Posted Jun 25, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1186-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. A flaw was found in the way the PHP module for the Apache httpd web server handled pipelined requests. A remote attacker could use this flaw to trigger the execution of a PHP script in a deinitialized interpreter, causing it to crash or, possibly, execute arbitrary code. A flaw was found in the way PHP parsed multipart HTTP POST requests. A specially crafted request could cause PHP to use an excessive amount of CPU time.

tags | advisory, remote, web, arbitrary, php
systems | linux, redhat
advisories | CVE-2015-2783, CVE-2015-3307, CVE-2015-3329, CVE-2015-3330, CVE-2015-3411, CVE-2015-3412, CVE-2015-4021, CVE-2015-4022, CVE-2015-4024, CVE-2015-4025, CVE-2015-4026, CVE-2015-4598, CVE-2015-4602, CVE-2015-4603, CVE-2015-4604, CVE-2015-4605
SHA-256 | 0b7187415bdc0d78cd103b4bbf0cb103aecd6b3554e4079ac4b6be16514b3447
Red Hat Security Advisory 2015-1185-01
Posted Jun 25, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1185-01 - Network Security Services is a set of libraries designed to support cross-platform development of security-enabled client and server applications. A flaw was found in the way the TLS protocol composes the Diffie-Hellman key exchange. A man-in-the-middle attacker could use this flaw to force the use of weak 512 bit export-grade keys during the key exchange, allowing them do decrypt all traffic. Note: This update forces the TLS/SSL client implementation in NSS to reject DH key sizes below 768 bits, which prevents sessions to be downgraded to export-grade keys. Future updates may raise this limit to 1024 bits.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2015-4000
SHA-256 | d3b8c8863bc4c06cd8091e672ddb9d95b2f56a995bbc755e9e1dcdbb20c55d3b
AESshell 0.7
Posted Jun 25, 2015
Authored by Marco Lux

AESshell is a backconnect shell for Windows and Unix written in python and uses AES in CBC mode in conjunction with HMAC-SHA256 for secure transport. Written in python but also includes a Windows binary.

tags | tool, shell, rootkit, python
systems | windows, unix
SHA-256 | b8a137308d0d953152da794073389bc6abb15be5bc89f85eb493f1ec3b0b236e
Linux/x86 Reboot Shellcode
Posted Jun 25, 2015
Authored by B3mB4m

28 bytes small Linux/x86 reboot shellcode.

tags | x86, shellcode
systems | linux
SHA-256 | 7df146a137978005f952bff928c8f3817468d009d0206d617cd250f9e02afa00
Joomla Simple Image Upload 1.0 Shell Upload
Posted Jun 25, 2015
Authored by CrashBandicot

Joomla Simple Image Upload component version 1.0 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
SHA-256 | 931265d47b183868e79e4e49403102abb2912cafb70d9118ab7b037c561ef649
Find DNS Scanner
Posted Jun 25, 2015
Authored by dash | Site hack4.org

find_dns is a tool that scans networks looking for DNS servers.

tags | tool, scanner
systems | unix
SHA-256 | 4da66d417bfefc4925a3eeb9dd2262ff8c71c6e574b06dbc73d0ff5e977c9405
Red Hat Security Advisory 2015-1184-01
Posted Jun 25, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1184-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. A flaw was found in the way flash-plugin displayed certain SWF content. An attacker could use this flaw to create a specially crafted SWF file that would cause flash-plugin to crash or, potentially, execute arbitrary code when the victim loaded a page containing the malicious SWF content. All users of Adobe Flash Player should install this updated package, which upgrades Flash Player to version 11.2.202.468.

tags | advisory, web, arbitrary
systems | linux, redhat
advisories | CVE-2015-3113
SHA-256 | a5c0b99a7d8734c41f64ace706e34ed4275968ddfaa24d8c4aae2728ea6e2b8d
Debian Security Advisory 3295-1
Posted Jun 25, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3295-1 - Several vulnerabilities (cross-site scripting and SQL injection) have been discovered in Cacti, a web interface for graphing of monitoring systems.

tags | advisory, web, vulnerability, xss, sql injection
systems | linux, debian
advisories | CVE-2015-2665, CVE-2015-4342, CVE-2015-4454
SHA-256 | d2270ddee10b79388cb859232c9460813be0e3e20d67218545961d4dc00d0b4f
Debian Security Advisory 3294-1
Posted Jun 25, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3294-1 - Multiple vulnerabilities were discovered in the dissectors for WCCP and GSM DTAP, which could result in denial of service.

tags | advisory, denial of service, vulnerability
systems | linux, debian
advisories | CVE-2015-4651, CVE-2015-4652
SHA-256 | 857b5e548eed5c842fd18f766ea7fe50474a166ba44c28ee47bb09e8b7140ce7
Page 1 of 1
Back1Next

File Archive:

June 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    19 Files
  • 2
    Jun 2nd
    16 Files
  • 3
    Jun 3rd
    28 Files
  • 4
    Jun 4th
    0 Files
  • 5
    Jun 5th
    0 Files
  • 6
    Jun 6th
    19 Files
  • 7
    Jun 7th
    23 Files
  • 8
    Jun 8th
    11 Files
  • 9
    Jun 9th
    10 Files
  • 10
    Jun 10th
    4 Files
  • 11
    Jun 11th
    0 Files
  • 12
    Jun 12th
    0 Files
  • 13
    Jun 13th
    0 Files
  • 14
    Jun 14th
    0 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    0 Files
  • 18
    Jun 18th
    0 Files
  • 19
    Jun 19th
    27 Files
  • 20
    Jun 20th
    65 Files
  • 21
    Jun 21st
    10 Files
  • 22
    Jun 22nd
    8 Files
  • 23
    Jun 23rd
    6 Files
  • 24
    Jun 24th
    6 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close