Exploit the possiblities
Showing 1 - 15 of 15 RSS Feed

Files Date: 2015-07-01

OpenSSH 6.9p1
Posted Jul 1, 2015
Authored by Damien Miller | Site openssh.com

This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.

Changes: This is primarily a bugfix release.
tags | tool, encryption
systems | linux, unix, openbsd
MD5 | 0b161c44fc31fbc6b76a6f8ae639f16f
Apple Security Advisory 2015-06-30-4
Posted Jul 1, 2015
Authored by Apple | Site apple.com

Apple Security Advisory 2015-06-30-4 - Safari 8.0.7, Safari 7.1.7, and Safari 6.2.7 are now available and address account takeover, WebSQL database access, and various other issues.

tags | advisory
systems | apple
advisories | CVE-2015-3658, CVE-2015-3659, CVE-2015-3660, CVE-2015-3727
MD5 | 9db213c100e5c64ab904e9d440a11924
Apple Security Advisory 2015-06-30-3
Posted Jul 1, 2015
Authored by Apple | Site apple.com

Apple Security Advisory 2015-06-30-3 - Mac EFI Security Update 2015-001 is now available and addresses EFI flash memory modification and memory corruption issues.

tags | advisory
systems | apple
advisories | CVE-2015-3692, CVE-2015-3693
MD5 | d609193b6a09c97e9eff6fea5c68a7c3
Apple Security Advisory 2015-06-30-2
Posted Jul 1, 2015
Authored by Apple | Site apple.com

Apple Security Advisory 2015-06-30-2 - OS X Yosemite 10.10.4 and Security Update 2015-005 are now available and address privilege escalation, arbitrary code execution, access bypass, and various other vulnerabilities.

tags | advisory, arbitrary, vulnerability, code execution
systems | apple, osx
advisories | CVE-2013-1741, CVE-2014-8127, CVE-2014-8128, CVE-2014-8129, CVE-2014-8130, CVE-2014-8139, CVE-2014-8140, CVE-2014-8141, CVE-2015-0209, CVE-2015-0235, CVE-2015-0273, CVE-2015-0286, CVE-2015-0287, CVE-2015-0288, CVE-2015-0289, CVE-2015-0293, CVE-2015-1157, CVE-2015-1798, CVE-2015-1799, CVE-2015-3661, CVE-2015-3662, CVE-2015-3663, CVE-2015-3666, CVE-2015-3667, CVE-2015-3668, CVE-2015-3671, CVE-2015-3672, CVE-2015-3673
MD5 | 32e0fef51b76ce3c73ed6338172843e8
Apple Security Advisory 2015-06-30-1
Posted Jul 1, 2015
Authored by Apple | Site apple.com

Apple Security Advisory 2015-06-30-1 - iOS 8.4 is now available and addresses denial of service, an incorrect issued certificate, arbitrary code execution, and various other flaws.

tags | advisory, denial of service, arbitrary, code execution
systems | apple, ios
advisories | CVE-2013-1741, CVE-2014-8127, CVE-2014-8128, CVE-2014-8129, CVE-2014-8130, CVE-2015-1152, CVE-2015-1153, CVE-2015-1155, CVE-2015-1156, CVE-2015-1157, CVE-2015-3658, CVE-2015-3659, CVE-2015-3684, CVE-2015-3685, CVE-2015-3686, CVE-2015-3687, CVE-2015-3688, CVE-2015-3689, CVE-2015-3690, CVE-2015-3694, CVE-2015-3703, CVE-2015-3710, CVE-2015-3717, CVE-2015-3719, CVE-2015-3721, CVE-2015-3722, CVE-2015-3723, CVE-2015-3724
MD5 | e3bc27630387809074b73be82859746f
Faraday 1.0.11
Posted Jul 1, 2015
Authored by Francisco Amato

Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use the available tools in the community to take advantage of them in a multiuser way.

Changes: Added hosts CRUD. Added services CRUD. Fix ubuntu 15.04 installation bug. Small bug in burp plugin "Import new vulnerabilities" checkbox issue. Added an interactive visualization to calculate the value of a Workspace. Fixed several bugs in WEB UI. Added a URL filter functionality to the status report, allowing searches by fields.
tags | tool, rootkit
systems | unix
MD5 | 2bb7d2ca4953d95cdf0e2c2b5810371a
Climatix BACnet/IP Communication Module Cross Site Scripting
Posted Jul 1, 2015
Authored by Juan Francisco

Climatix BACnet/IP communication module versions prior to 10.34 suffer from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 9a92fe166396c753f6efff0bd794f245
X-Cart 4.5.0 Cross Site Scripting
Posted Jul 1, 2015
Authored by nopesled

X-Cart version 4.5.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | bc2c07ece7b5ed329acbd62adb3d462f
TimeDoctor Pro 1.4.72.3 Insecure Transport
Posted Jul 1, 2015
Authored by Fernando Munoz

TimeDoctor autoupdate feature downloads and executes files over plain HTTP and doesn't perform any check with the files. An attacker with MITM capabilities (i.e., when user connects to a public wifi) could override the Timedoctor subdomain and then execute custom binaries on the machine where the application is running.

tags | advisory, web
advisories | CVE-2015-4674
MD5 | 2f966aa4a76713ddb5c8a41b2d430967
ManageEngine Password Manager Pro 8.1 SQL Injection
Posted Jul 1, 2015
Authored by Blazej Adamczyk

ManageEngine Password Manager Pro version 8.1 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 580940303b07ba047c82034dbb87ae8b
Red Hat Security Advisory 2015-1199-01
Posted Jul 1, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1199-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. It was found that the Linux kernel's implementation of vectored pipe read and write functionality did not take into account the I/O vectors that were already processed when retrying after a failed atomic access operation, potentially resulting in memory corruption due to an I/O vector array overrun. A local, unprivileged user could use this flaw to crash the system or, potentially, escalate their privileges on the system.

tags | advisory, overflow, kernel, local
systems | linux, redhat
advisories | CVE-2015-1805, CVE-2015-3331
MD5 | 491f98a8a0d5442cd077185b1ea0443c
Ubuntu Security Notice USN-2652-1
Posted Jul 1, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2652-1 - It was discovered that Chromium did not properly consider the scheme when determining whether a URL is associated with a WebUI SiteInstance. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to bypass security restrictions. It was discovered that Blink did not properly restrict the creation context during creation of a DOM wrapper. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to bypass same-origin restrictions. Various other issues were also addressed.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2015-1266, CVE-2015-1267, CVE-2015-1268, CVE-2015-1269
MD5 | dd5917cfc5d0e08b4e66a8ec66ea6700
Red Hat Security Advisory 2015-1197-01
Posted Jul 1, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1197-01 - OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength, general purpose cryptography library. An out-of-bounds read flaw was found in the X509_cmp_time() function of OpenSSL. A specially crafted X.509 certificate or a Certificate Revocation List could possibly cause a TLS/SSL server or client using OpenSSL to crash. A NULL pointer dereference was found in the way OpenSSL handled certain PKCS#7 inputs. A specially crafted PKCS#7 input with missing EncryptedContent data could cause an application using OpenSSL to crash.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2015-1789, CVE-2015-1790, CVE-2015-4000
MD5 | 2a0d9519e307542df2717309fd8e28e1
Packet Storm New Exploits For June, 2015
Posted Jul 1, 2015
Authored by Todd J. | Site packetstormsecurity.com

This archive contains 183 exploits that were added to Packet Storm in June, 2015.

tags | exploit
systems | linux
MD5 | 9ef69c2a8c7127770b77f8a06adb0841
DAVOSET 1.2.5
Posted Jul 1, 2015
Authored by MustLive

DAVOSET is a tool for committing distributed denial of service attacks using execution on other sites.

Changes: Added support of cache bypass at web sites. New services added into full list of zombies.
tags | tool, denial of service
MD5 | 798d7e85b402470babe795aeadc5eb34
Page 1 of 1
Back1Next

File Archive:

November 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    22 Files
  • 2
    Nov 2nd
    28 Files
  • 3
    Nov 3rd
    10 Files
  • 4
    Nov 4th
    1 Files
  • 5
    Nov 5th
    5 Files
  • 6
    Nov 6th
    15 Files
  • 7
    Nov 7th
    15 Files
  • 8
    Nov 8th
    13 Files
  • 9
    Nov 9th
    9 Files
  • 10
    Nov 10th
    9 Files
  • 11
    Nov 11th
    3 Files
  • 12
    Nov 12th
    2 Files
  • 13
    Nov 13th
    15 Files
  • 14
    Nov 14th
    17 Files
  • 15
    Nov 15th
    19 Files
  • 16
    Nov 16th
    15 Files
  • 17
    Nov 17th
    19 Files
  • 18
    Nov 18th
    4 Files
  • 19
    Nov 19th
    2 Files
  • 20
    Nov 20th
    9 Files
  • 21
    Nov 21st
    14 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close