exploit the possibilities
Showing 1 - 24 of 24 RSS Feed

Files Date: 2015-07-08

FreeBSD Security Advisory - BIND Denial Of Service
Posted Jul 8, 2015
Site security.freebsd.org

FreeBSD Security Advisory - BIND 9 is an implementation of the Domain Name System (DNS) protocol. The named daemon is an Internet Domain Name Server. The libdns library is a library of DNS protocol support functions. Due to a software defect, specially constructed zone data could cause named to crash with an assertion failure and rejecting the malformed query when DNSSEC validation is enabled. An attacker who can cause specific queries to be sent to a nameserver could cause named to crash, resulting in a denial of service.

tags | advisory, denial of service, protocol
systems | freebsd
advisories | CVE-2015-4620
MD5 | 300c3c2b2e911068922e33304424c3ae
WordPress Easy2Map-Photos 1.09 SQL Injection
Posted Jul 8, 2015
Authored by Larry W. Cashdollar

WordPress Easy2Map-Photos plugin version 1.09 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2015-4615, CVE-2015-4617
MD5 | 5d08397b7da5643c8c31d6be3113601a
Red Hat Security Advisory 2015-1214-01
Posted Jul 8, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1214-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update fixes multiple vulnerabilities in Adobe Flash Player. These vulnerabilities are detailed in the Adobe Security Bulletin APSB15-16 listed in the References section. Multiple flaws were found in the way flash-plugin displayed certain SWF content. An attacker could use these flaws to create a specially crafted SWF file that would cause flash-plugin to crash or, potentially, execute arbitrary code when the victim loaded a page containing the malicious SWF content.

tags | advisory, web, arbitrary, vulnerability
systems | linux, redhat
advisories | CVE-2014-0578, CVE-2015-3114, CVE-2015-3115, CVE-2015-3116, CVE-2015-3117, CVE-2015-3118, CVE-2015-3119, CVE-2015-3120, CVE-2015-3121, CVE-2015-3122, CVE-2015-3123, CVE-2015-3124, CVE-2015-3125, CVE-2015-3126, CVE-2015-3127, CVE-2015-3128, CVE-2015-3129, CVE-2015-3130, CVE-2015-3131, CVE-2015-3132, CVE-2015-3133, CVE-2015-3134, CVE-2015-3135, CVE-2015-3136, CVE-2015-3137, CVE-2015-4428, CVE-2015-4429, CVE-2015-4430
MD5 | c3e63f858c6b5a057fc254b3da655388
HP Security Bulletin HPSBUX03363 1
Posted Jul 8, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBUX03363 1 - A potential security vulnerability has been identified with OpenSSL which may impact HP-UX Apache Web Server with SSL/TLS enabled. This is the TLS vulnerability using US export-grade 512-bit keys in Diffie-Hellman key exchange known as "Logjam" which could be exploited remotely resulting in disclosure of information. Note: The default configuration of HP-UX Apache Web Server is not vulnerable. Revision 1 of this advisory.

tags | advisory, web
systems | hpux
advisories | CVE-2015-4000
MD5 | a94bc193f1f8aa5d7894b4728caedf2f
AirLink101 SkyIPCam1620W OS Command Injection
Posted Jul 8, 2015
Authored by Core Security Technologies, Nahuel Riva | Site coresecurity.com

Core Security Technologies Advisory - The AirLink101 SkyIPCam1620W Wireless N MPEG4 3GPP network camera is vulnerable to an OS command injection vulnerability in the snwrite.cgi binary.

tags | exploit, cgi
advisories | CVE-2015-2280
MD5 | 7124f8f0393514cbd2c400fe16bf5ced
Merethis Centreon 2.5.4 SQL Injection / Remote Command Execution
Posted Jul 8, 2015
Authored by DAU Huy Ngoc

Merethis Centreon versions 2.5.4 and below suffer from remote SQL injection and command execution vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
advisories | CVE-2015-1560, CVE-2015-1561
MD5 | e4e2f65eb1402f1a8ef34352b7faf89a
Symantec EP 12.1.4013 Denial Of Service
Posted Jul 8, 2015
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Symantec EP version 12.1.4013 suffers from a denial of service vulnerability.

tags | exploit, denial of service
MD5 | 14d62213b2c44bccfd9317ef4d558632
Cradlepoint MBR 1200 / 1400 Local File Inclusion
Posted Jul 8, 2015
Authored by Doc_Hak

Cradlepoint MBR versions 1200 and 1400 suffer from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
MD5 | 9f1a2545d119f565a1e1f82a7e4ad6ab
Slackware Security Advisory - bind Updates
Posted Jul 8, 2015
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New bind packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix a security issue.

tags | advisory
systems | linux, slackware
advisories | CVE-2015-4620
MD5 | 287f07feb156cb68b4b71f336f801e44
Slackware Security Advisory - ntp Updates
Posted Jul 8, 2015
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New ntp packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix a security issue.

tags | advisory
systems | linux, slackware
advisories | CVE-2015-5146
MD5 | eca40b3dad0ed054d8aba27b234872b9
Slackware Security Advisory - cups Updates
Posted Jul 8, 2015
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New cups packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix a security issue.

tags | advisory
systems | linux, slackware
advisories | CVE-2015-1158
MD5 | 02ac1860d4c2bf2154ec528c18306d7d
Slackware Security Advisory - mozilla-firefox Updates
Posted Jul 8, 2015
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New mozilla-firefox packages are available for Slackware 14.1 and -current to fix security issues.

tags | advisory
systems | linux, slackware
MD5 | 75b0b6b851084a08dec9dab68b9432b0
Ubuntu Security Notice USN-2670-1
Posted Jul 8, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2670-1 - It was discovered that libwmf incorrectly handled certain malformed images. If a user or automated system were tricked into opening a crafted image file, an attacker could cause a denial of service or execute arbitrary code with privileges of the user invoking the program.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2015-0848, CVE-2015-4588, CVE-2015-4695, CVE-2015-4696
MD5 | 99f1bceea6718c9abd9d5c6165d7771e
GWC CMS 1.0 SQL Injection
Posted Jul 8, 2015
Authored by nopesled

GWX CMS version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | b986bb5ab107e1d0339c6207809c043c
Adobe Flash Player ByteArray Use After Free
Posted Jul 8, 2015
Authored by sinn3r, juan vazquez, temp66 | Site metasploit.com

This Metasploit module exploits a use after free on Adobe Flash Player. The vulnerability, discovered by Hacking Team and made public on its July 2015 data leak, was described as a Use After Free while handling ByteArray objects. This Metasploit module has been tested successfully on: Windows 7 SP1 (32-bit), IE11 and Adobe Flash 18.0.0.194, Windows 7 SP1 (32-bit), Firefox 38.0.5 and Adobe Flash 18.0.0.194, Windows 8.1 (32-bit), Firefox and Adobe Flash 18.0.0.194, Windows 8.1 (32-bit), IE11 and Flash 17.0.0.169, and Linux Mint "Rebecca" (32 bits), Firefox 33.0 and Adobe Flash 11.2.202.468.

tags | exploit
systems | linux, windows, 7
advisories | CVE-2015-5119
MD5 | dc11e64b010a4d6231a64eb427ed64f5
MiniUPNPd 1.0 Remote Denial Of Service
Posted Jul 8, 2015
Authored by Todor Donev

MiniUPNPd version 1.0 remote denial of service exploit.

tags | exploit, remote, denial of service
advisories | CVE-2013-0229, CVE-2013-0230
MD5 | f57536cf5d9bbb65ab85ffb746c31e2a
Hackito Ergo Sum 2015 Call For Papers
Posted Jul 8, 2015
Authored by HES CFP | Site 2015.hackitoergosum.org

The Hackito Ergo Sum 2015 Call For Papers has been announced. It will be held from October 29th through the 30th, 2015, in Paris, France.

tags | paper, conference
MD5 | 3a669726a8a946e982a86a72997ea709
WordPress MDC-Youtube-Downloader 2.1.0 File Disclosure
Posted Jul 8, 2015
Authored by Larry W. Cashdollar

WordPress MDC-Youtube-Downloader plugin version 2.1.0 suffers from an arbitrary file download vulnerability.

tags | exploit, arbitrary, info disclosure
MD5 | a7d47be404dae9f41102611bdc55f18c
WordPress WP-Ecommerce-Shop-Styling 2.5 File Download
Posted Jul 8, 2015
Authored by Larry W. Cashdollar

WordPress WP-Ecommerce-Shop-Styling plugin version 2.5 suffers from an arbitrary file download vulnerability.

tags | exploit, arbitrary, info disclosure
MD5 | 95d621f25a147386a7a9af3d45664616
HP Security Bulletin HPSBGN03352 2
Posted Jul 8, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN03352 2 - A potential security vulnerability has been identified with HP Asset Manager. The vulnerability could be exploited remotely to allow disclosure of information. Note: This is the RC4 vulnerability known as Bar Mitzvah, which could be exploited remotely to allow disclosure of information. Revision 2 of this advisory.

tags | advisory
advisories | CVE-2015-2802, CVE-2015-2808
MD5 | 1ef66becbdbfd07d309b577b7dfe4432
HP Security Bulletin HPSBGN03354 1
Posted Jul 8, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN03354 1 - A potential security vulnerability has been identified with HP Connect-IT. The vulnerability could be exploited remotely to allow disclosure of information. Note: This is the RC4 vulnerability known as Bar Mitzvah, which could be exploited remotely to allow disclosure of information. Revision 1 of this advisory.

tags | advisory
advisories | CVE-2015-2808
MD5 | 6c5a4e68c0e398001b314a73a80bcc14
Ubuntu Security Notice USN-2669-1
Posted Jul 8, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2669-1 - Breno Silveira Soares discovered that Bind incorrectly handled certain zone data when configured to perform DNSSEC validation. A remote attacker could use this issue with specially crafted zone data to cause Bind to crash, resulting in a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2015-4620
MD5 | 0a6e0773b07957e3ae5f78f9b3d90216
D-Link 2750u / 2730u Local File Disclosure
Posted Jul 8, 2015
Authored by Sathish Arthar

D-Link 2750u and 2730u suffer from a local file disclosure vulnerability.

tags | exploit, local, info disclosure
MD5 | 6c0f1291b0d937df656cfd3cb434865c
Grandstream GXV3275 SSH Key / Command Execution
Posted Jul 8, 2015
Authored by David Jorm

Grandstream GXV3275 ships with a default root SSH key which could be used a backdoor. It also suffers from an issue where restricted commands can be leveraged to break out into a full shell.

tags | exploit, shell, root
MD5 | 6dad684ae645e29ac75cadc8f69b03bb
Page 1 of 1
Back1Next

File Archive:

May 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    16 Files
  • 2
    May 2nd
    8 Files
  • 3
    May 3rd
    8 Files
  • 4
    May 4th
    2 Files
  • 5
    May 5th
    1 Files
  • 6
    May 6th
    15 Files
  • 7
    May 7th
    22 Files
  • 8
    May 8th
    16 Files
  • 9
    May 9th
    17 Files
  • 10
    May 10th
    16 Files
  • 11
    May 11th
    3 Files
  • 12
    May 12th
    4 Files
  • 13
    May 13th
    25 Files
  • 14
    May 14th
    24 Files
  • 15
    May 15th
    78 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    12 Files
  • 18
    May 18th
    2 Files
  • 19
    May 19th
    1 Files
  • 20
    May 20th
    2 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close