exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 24 of 24 RSS Feed

Files Date: 2015-07-08

FreeBSD Security Advisory - BIND Denial Of Service
Posted Jul 8, 2015
Site security.freebsd.org

FreeBSD Security Advisory - BIND 9 is an implementation of the Domain Name System (DNS) protocol. The named daemon is an Internet Domain Name Server. The libdns library is a library of DNS protocol support functions. Due to a software defect, specially constructed zone data could cause named to crash with an assertion failure and rejecting the malformed query when DNSSEC validation is enabled. An attacker who can cause specific queries to be sent to a nameserver could cause named to crash, resulting in a denial of service.

tags | advisory, denial of service, protocol
systems | freebsd
advisories | CVE-2015-4620
SHA-256 | 08e7620d8f3528815ea6adf5b08b755493b804636e13bbbcda7678f4beace8a4
WordPress Easy2Map-Photos 1.09 SQL Injection
Posted Jul 8, 2015
Authored by Larry W. Cashdollar

WordPress Easy2Map-Photos plugin version 1.09 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2015-4615, CVE-2015-4617
SHA-256 | f831b58a9322f3da8be91a2dbd3fe3b76dc8346a8e57bc9360855eaf977f8687
Red Hat Security Advisory 2015-1214-01
Posted Jul 8, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1214-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update fixes multiple vulnerabilities in Adobe Flash Player. These vulnerabilities are detailed in the Adobe Security Bulletin APSB15-16 listed in the References section. Multiple flaws were found in the way flash-plugin displayed certain SWF content. An attacker could use these flaws to create a specially crafted SWF file that would cause flash-plugin to crash or, potentially, execute arbitrary code when the victim loaded a page containing the malicious SWF content.

tags | advisory, web, arbitrary, vulnerability
systems | linux, redhat
advisories | CVE-2014-0578, CVE-2015-3114, CVE-2015-3115, CVE-2015-3116, CVE-2015-3117, CVE-2015-3118, CVE-2015-3119, CVE-2015-3120, CVE-2015-3121, CVE-2015-3122, CVE-2015-3123, CVE-2015-3124, CVE-2015-3125, CVE-2015-3126, CVE-2015-3127, CVE-2015-3128, CVE-2015-3129, CVE-2015-3130, CVE-2015-3131, CVE-2015-3132, CVE-2015-3133, CVE-2015-3134, CVE-2015-3135, CVE-2015-3136, CVE-2015-3137, CVE-2015-4428, CVE-2015-4429, CVE-2015-4430
SHA-256 | 207cb44b46900e919ee484a2f608e57a00fc19f6d2231bcd8e833090f4bb6dd0
HP Security Bulletin HPSBUX03363 1
Posted Jul 8, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBUX03363 1 - A potential security vulnerability has been identified with OpenSSL which may impact HP-UX Apache Web Server with SSL/TLS enabled. This is the TLS vulnerability using US export-grade 512-bit keys in Diffie-Hellman key exchange known as "Logjam" which could be exploited remotely resulting in disclosure of information. Note: The default configuration of HP-UX Apache Web Server is not vulnerable. Revision 1 of this advisory.

tags | advisory, web
systems | hpux
advisories | CVE-2015-4000
SHA-256 | e4c4b720234445a15f22a9dc46a016ed7191f53adc8b3ba80ae5349b95bbc3ce
AirLink101 SkyIPCam1620W OS Command Injection
Posted Jul 8, 2015
Authored by Core Security Technologies, Nahuel Riva | Site coresecurity.com

Core Security Technologies Advisory - The AirLink101 SkyIPCam1620W Wireless N MPEG4 3GPP network camera is vulnerable to an OS command injection vulnerability in the snwrite.cgi binary.

tags | exploit, cgi
advisories | CVE-2015-2280
SHA-256 | 21c2101703c779b440b5b09b966619ab442997dafefe43dda29ce74298fae4b6
Merethis Centreon 2.5.4 SQL Injection / Remote Command Execution
Posted Jul 8, 2015
Authored by DAU Huy Ngoc

Merethis Centreon versions 2.5.4 and below suffer from remote SQL injection and command execution vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
advisories | CVE-2015-1560, CVE-2015-1561
SHA-256 | 33a4b6850bc8efa423b2d9f3dee79ec98c4aad0c75b497867a6a543467abc2bd
Symantec EP 12.1.4013 Denial Of Service
Posted Jul 8, 2015
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Symantec EP version 12.1.4013 suffers from a denial of service vulnerability.

tags | exploit, denial of service
SHA-256 | 5725eda93322e756bf654e95292c69626ca4c1d94ab417128edb4557a29d0629
Cradlepoint MBR 1200 / 1400 Local File Inclusion
Posted Jul 8, 2015
Authored by Doc_Hak

Cradlepoint MBR versions 1200 and 1400 suffer from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
SHA-256 | b1d9d5801ca03f7b83536f88c09b44de43c119419982dcf2ca82b0b42b355988
Slackware Security Advisory - bind Updates
Posted Jul 8, 2015
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New bind packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix a security issue.

tags | advisory
systems | linux, slackware
advisories | CVE-2015-4620
SHA-256 | 373653c23b56b8f35ca33a553f1f82a4369df198a6d32f733510f02e0fe94d83
Slackware Security Advisory - ntp Updates
Posted Jul 8, 2015
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New ntp packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix a security issue.

tags | advisory
systems | linux, slackware
advisories | CVE-2015-5146
SHA-256 | 8be318cf7e666577a1ff833caa5aac935eaf79b39b14b44b547477ce0c794e16
Slackware Security Advisory - cups Updates
Posted Jul 8, 2015
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New cups packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix a security issue.

tags | advisory
systems | linux, slackware
advisories | CVE-2015-1158
SHA-256 | d136e41716bc59a189b9695d4bc3a85698f56505b959ad57f15bd88c102a590b
Slackware Security Advisory - mozilla-firefox Updates
Posted Jul 8, 2015
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New mozilla-firefox packages are available for Slackware 14.1 and -current to fix security issues.

tags | advisory
systems | linux, slackware
SHA-256 | b9a1267fb722492334e46d681fcb1cbbc4edd5e2d5bc70cf1950771e23c9e0f4
Ubuntu Security Notice USN-2670-1
Posted Jul 8, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2670-1 - It was discovered that libwmf incorrectly handled certain malformed images. If a user or automated system were tricked into opening a crafted image file, an attacker could cause a denial of service or execute arbitrary code with privileges of the user invoking the program.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2015-0848, CVE-2015-4588, CVE-2015-4695, CVE-2015-4696
SHA-256 | 722cc781a79f3e73a27746816111dcc59f03278666c0494ac1b9bdf762d8eaf8
GWC CMS 1.0 SQL Injection
Posted Jul 8, 2015
Authored by nopesled

GWX CMS version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | ab170d9faf15a5aca1ea6bcd67d7687b8f76d131b4a7ca84ccb061dc8baa6277
Adobe Flash Player ByteArray Use After Free
Posted Jul 8, 2015
Authored by sinn3r, juan vazquez, temp66 | Site metasploit.com

This Metasploit module exploits a use after free on Adobe Flash Player. The vulnerability, discovered by Hacking Team and made public on its July 2015 data leak, was described as a Use After Free while handling ByteArray objects. This Metasploit module has been tested successfully on: Windows 7 SP1 (32-bit), IE11 and Adobe Flash 18.0.0.194, Windows 7 SP1 (32-bit), Firefox 38.0.5 and Adobe Flash 18.0.0.194, Windows 8.1 (32-bit), Firefox and Adobe Flash 18.0.0.194, Windows 8.1 (32-bit), IE11 and Flash 17.0.0.169, and Linux Mint "Rebecca" (32 bits), Firefox 33.0 and Adobe Flash 11.2.202.468.

tags | exploit
systems | linux, windows
advisories | CVE-2015-5119
SHA-256 | 41ca06ad850b25d5a2ca76c0d342a370ac7d388de97dc2ba2d73946fcb6a325b
MiniUPNPd 1.0 Remote Denial Of Service
Posted Jul 8, 2015
Authored by Todor Donev

MiniUPNPd version 1.0 remote denial of service exploit.

tags | exploit, remote, denial of service
advisories | CVE-2013-0229, CVE-2013-0230
SHA-256 | ec5af0b0817b8cabdfaec4fbe7d5121d205649e7588521b0ad1d8d6592bbe575
Hackito Ergo Sum 2015 Call For Papers
Posted Jul 8, 2015
Authored by HES CFP | Site 2015.hackitoergosum.org

The Hackito Ergo Sum 2015 Call For Papers has been announced. It will be held from October 29th through the 30th, 2015, in Paris, France.

tags | paper, conference
SHA-256 | 14be6a316dfc95da8ee9d8c2ef8ea25c28f6c80376ebc514bdcdb617071c0eff
WordPress MDC-Youtube-Downloader 2.1.0 File Disclosure
Posted Jul 8, 2015
Authored by Larry W. Cashdollar

WordPress MDC-Youtube-Downloader plugin version 2.1.0 suffers from an arbitrary file download vulnerability.

tags | exploit, arbitrary, info disclosure
SHA-256 | bfc292bbcff8faef59696b27e2a04cc7323259c72462cadda4b0f660dd8970b7
WordPress WP-Ecommerce-Shop-Styling 2.5 File Download
Posted Jul 8, 2015
Authored by Larry W. Cashdollar

WordPress WP-Ecommerce-Shop-Styling plugin version 2.5 suffers from an arbitrary file download vulnerability.

tags | exploit, arbitrary, info disclosure
SHA-256 | 8d12b64e284210d6fda944d4c8941dbecc790d42a5f3878c142cf36d726ffb7c
HP Security Bulletin HPSBGN03352 2
Posted Jul 8, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN03352 2 - A potential security vulnerability has been identified with HP Asset Manager. The vulnerability could be exploited remotely to allow disclosure of information. Note: This is the RC4 vulnerability known as Bar Mitzvah, which could be exploited remotely to allow disclosure of information. Revision 2 of this advisory.

tags | advisory
advisories | CVE-2015-2802, CVE-2015-2808
SHA-256 | 0df6c20a3819de414e7467ea79ef8ba8e8dd36bb8784c867fe5ab9e0d1631f88
HP Security Bulletin HPSBGN03354 1
Posted Jul 8, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN03354 1 - A potential security vulnerability has been identified with HP Connect-IT. The vulnerability could be exploited remotely to allow disclosure of information. Note: This is the RC4 vulnerability known as Bar Mitzvah, which could be exploited remotely to allow disclosure of information. Revision 1 of this advisory.

tags | advisory
advisories | CVE-2015-2808
SHA-256 | 49532e1b47556c5f307d0892f6478e52485c040b0f8f880b3498f9c0c02e1a51
Ubuntu Security Notice USN-2669-1
Posted Jul 8, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2669-1 - Breno Silveira Soares discovered that Bind incorrectly handled certain zone data when configured to perform DNSSEC validation. A remote attacker could use this issue with specially crafted zone data to cause Bind to crash, resulting in a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2015-4620
SHA-256 | 6accc1bd522b0556fd46b05f41d272a2952268c1c6bcfae78b28a72de1138ce0
D-Link 2750u / 2730u Local File Disclosure
Posted Jul 8, 2015
Authored by Sathish Arthar

D-Link 2750u and 2730u suffer from a local file disclosure vulnerability.

tags | exploit, local, info disclosure
SHA-256 | dce89f0c1fcdd21dcb57fd65f8289fe2f9d590e10bf66f008644bb79821d496a
Grandstream GXV3275 SSH Key / Command Execution
Posted Jul 8, 2015
Authored by David Jorm

Grandstream GXV3275 ships with a default root SSH key which could be used a backdoor. It also suffers from an issue where restricted commands can be leveraged to break out into a full shell.

tags | exploit, shell, root
SHA-256 | 8777d199165022b18a0ee07cc81cbb54c5c05857809f7f6f11aeafbc4ec9b526
Page 1 of 1
Back1Next

File Archive:

February 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    11 Files
  • 2
    Feb 2nd
    9 Files
  • 3
    Feb 3rd
    5 Files
  • 4
    Feb 4th
    0 Files
  • 5
    Feb 5th
    0 Files
  • 6
    Feb 6th
    9 Files
  • 7
    Feb 7th
    32 Files
  • 8
    Feb 8th
    0 Files
  • 9
    Feb 9th
    0 Files
  • 10
    Feb 10th
    0 Files
  • 11
    Feb 11th
    0 Files
  • 12
    Feb 12th
    0 Files
  • 13
    Feb 13th
    0 Files
  • 14
    Feb 14th
    0 Files
  • 15
    Feb 15th
    0 Files
  • 16
    Feb 16th
    0 Files
  • 17
    Feb 17th
    0 Files
  • 18
    Feb 18th
    0 Files
  • 19
    Feb 19th
    0 Files
  • 20
    Feb 20th
    0 Files
  • 21
    Feb 21st
    0 Files
  • 22
    Feb 22nd
    0 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close