Exploit the possiblities
Showing 1 - 16 of 16 RSS Feed

Files Date: 2015-07-27

Red Hat Security Advisory 2015-1510-01
Posted Jul 27, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1510-01 - Clutter is a library for creating fast, visually rich, graphical user interfaces. Clutter is used for rendering the GNOME desktop environment. A flaw was found in the way clutter processed certain mouse and touch gestures. An attacker could use this flaw to bypass the screen lock. All clutter users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. After installing the update, all applications using clutter must be restarted for the update to take effect.

tags | advisory
systems | linux, redhat
advisories | CVE-2015-3213
MD5 | 6424d8f5fe7a800f1cbc951d55c18ab0
Ubuntu Security Notice USN-2686-1
Posted Jul 27, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2686-1 - It was discovered that the Apache HTTP Server incorrectly parsed chunk headers. A remote attacker could possibly use this issue to perform HTTP request smuggling attacks. It was discovered that the Apache HTTP Server incorrectly handled the ap_some_auth_required API. A remote attacker could possibly use this issue to bypass intended access restrictions. This issue only affected Ubuntu 14.04 LTS and Ubuntu 15.04. Various other issues were also addressed.

tags | advisory, remote, web
systems | linux, ubuntu
advisories | CVE-2015-3183, CVE-2015-3185
MD5 | d6676e1d3bf1c2e5fec468bf6baa181f
Foxit Reader 7.1.5 Arbitrary Code Execution
Posted Jul 27, 2015
Authored by Sascha Schirra

Foxit Reader versions 7.0.8 through 7.1.5 suffer from a PNG conversion parsing tEXt chunk arbitrary code execution vulnerability.

tags | exploit, arbitrary, code execution
MD5 | e27342632f7f7adcf2367374a89bede3
Hawkeye-G 3.0.1.4912 Cross Site Scripting / Information Leakage
Posted Jul 27, 2015
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Hawkeye-G version 3.0.1.4912 suffers from cross site scripting and information leakage vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 9419e9698c736f0bdfde871ba24463d5
Seditio CMS 1.7.1 Password Disclosure
Posted Jul 27, 2015
Authored by Arash Khazaei

Seditio CMS version 1.7.1 suffers from an administrator password disclosure vulnerability.

tags | exploit, info disclosure
MD5 | 532a2fcd08ed4d0d3fb8a6c5db132888
OpenSSL Alternative Chains Certificate Forgery MITM Proxy
Posted Jul 27, 2015
Authored by Ramon de C Valle, Adam Langley, David Benjamin | Site metasploit.com

This Metasploit module exploits a logic error in OpenSSL by impersonating the server and sending a specially-crafted chain of certificates, resulting in certain checks on untrusted certificates to be bypassed on the client, allowing it to use a valid leaf certificate as a CA certificate to sign a fake certificate. The SSL/TLS session is then proxied to the server allowing the session to continue normally and application data transmitted between the peers to be saved. The valid leaf certificate must not contain the keyUsage extension or it must have at least the keyCertSign bit set (see X509_check_issued function in crypto/x509v3/v3_purp.c); otherwise; X509_verify_cert fails with X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY. This Metasploit module requires an active man-in-the-middle attack.

tags | exploit, crypto
advisories | CVE-2015-1793
MD5 | 244abcb9001d9746e6846f9785dab572
Red Hat Security Advisory 2015-1508-01
Posted Jul 27, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1508-01 - KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm-rhev package provides the user-space component for running virtual machines using KVM. A heap buffer overflow flaw was found in the way QEMU's IDE subsystem handled I/O buffer access while processing certain ATAPI commands. A privileged guest user in a guest with the CDROM drive enabled could potentially use this flaw to execute arbitrary code on the host with the privileges of the host's QEMU process corresponding to the guest.

tags | advisory, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2015-3214, CVE-2015-5154
MD5 | f7f084960283f82b135a35820de51491
Red Hat Security Advisory 2015-1507-01
Posted Jul 27, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1507-01 - KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm package provides the user-space component for running virtual machines using KVM. A heap buffer overflow flaw was found in the way QEMU's IDE subsystem handled I/O buffer access while processing certain ATAPI commands. A privileged guest user in a guest with the CDROM drive enabled could potentially use this flaw to execute arbitrary code on the host with the privileges of the host's QEMU process corresponding to the guest.

tags | advisory, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2015-3214, CVE-2015-5154
MD5 | 597e7c067f92b2ac03227f827766b99e
Debian Security Advisory 3318-1
Posted Jul 27, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3318-1 - Multiple integer overflows have been discovered in Expat, an XML parsing C library, which may result in denial of service or the execution of arbitrary code if a malformed XML file is processed.

tags | advisory, denial of service, overflow, arbitrary
systems | linux, debian
advisories | CVE-2015-1283
MD5 | 32987b7d6d42d0a3b4d3757a5239446d
Debian Security Advisory 3317-1
Posted Jul 27, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3317-1 - Several vulnerabilities have been discovered in LXC, the Linux Containers userspace tools.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2015-1331, CVE-2015-1334
MD5 | d5516efb9c790d5cde8d8da87b013536
Debian Security Advisory 3316-1
Posted Jul 27, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3316-1 - Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in the execution of arbitrary code, breakouts of the Java sandbox, information disclosure, denial of service or insecure cryptography.

tags | advisory, java, denial of service, arbitrary, vulnerability, info disclosure
systems | linux, debian
advisories | CVE-2014-8873, CVE-2015-0460, CVE-2015-0469, CVE-2015-0470, CVE-2015-0477, CVE-2015-0478, CVE-2015-0480, CVE-2015-0488, CVE-2015-2590, CVE-2015-2601, CVE-2015-2613, CVE-2015-2621, CVE-2015-2625, CVE-2015-2628, CVE-2015-2632, CVE-2015-2808, CVE-2015-4000, CVE-2015-4731, CVE-2015-4732, CVE-2015-4733, CVE-2015-4748, CVE-2015-4749, CVE-2015-4760
MD5 | ae28b23356aaf98f529c66ae55cd41f3
Red Hat Security Advisory 2015-1499-01
Posted Jul 27, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1499-01 - Chromium is an open-source web browser, powered by WebKit. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Chromium to crash or, potentially, execute arbitrary code with the privileges of the user running Chromium. All Chromium users should upgrade to these updated packages, which contain Chromium version 44.0.2403.89, which corrects these issues. After installing the update, Chromium must be restarted for the changes to take effect.

tags | advisory, web, arbitrary
systems | linux, redhat
advisories | CVE-2015-1270, CVE-2015-1271, CVE-2015-1272, CVE-2015-1273, CVE-2015-1274, CVE-2015-1276, CVE-2015-1277, CVE-2015-1278, CVE-2015-1279, CVE-2015-1281, CVE-2015-1282, CVE-2015-1283, CVE-2015-1284, CVE-2015-1285, CVE-2015-1286, CVE-2015-1287, CVE-2015-1288, CVE-2015-1289, CVE-2015-5605
MD5 | 887d421817021a4eef6d7052c725ec34
Seditio CMS 1.7.1 Open Redirect
Posted Jul 27, 2015
Authored by Arash Khazaei

Seditio CMS version 1.7.1 suffers from an open redirect vulnerability.

tags | exploit
MD5 | 2df1693e5dd69a9f98e7f81421a53681
PHP File Manager Backdoor / XSS / CSRF / Shell Upload
Posted Jul 27, 2015
Authored by Sijmen Ruwhof

PHP File Manager suffers from cross site request forgery, cross site scripting, backdoor, file check, remote shell upload, and various other vulnerabilities.

tags | advisory, remote, shell, php, vulnerability, xss, csrf
MD5 | 0276e5d512686882f5e160ce72b8802d
XenForo 1.4.9 Cross Site Scripting
Posted Jul 27, 2015
Authored by WRZ

XenForo versions 1.4.9 and below suffer from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 41be8835d09bc7f5120637f911b831d9
Linux Reverse TCP Shell In Python
Posted Jul 27, 2015
Authored by B3mB4m

Python code that provides a reverse TCP shell.

tags | tool, shell, tcp, rootkit, python
systems | unix
MD5 | 96256b495ac49497f683ab5a9aedc42f
Page 1 of 1
Back1Next

File Archive:

November 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    22 Files
  • 2
    Nov 2nd
    28 Files
  • 3
    Nov 3rd
    10 Files
  • 4
    Nov 4th
    1 Files
  • 5
    Nov 5th
    5 Files
  • 6
    Nov 6th
    15 Files
  • 7
    Nov 7th
    15 Files
  • 8
    Nov 8th
    13 Files
  • 9
    Nov 9th
    9 Files
  • 10
    Nov 10th
    9 Files
  • 11
    Nov 11th
    3 Files
  • 12
    Nov 12th
    2 Files
  • 13
    Nov 13th
    15 Files
  • 14
    Nov 14th
    17 Files
  • 15
    Nov 15th
    19 Files
  • 16
    Nov 16th
    15 Files
  • 17
    Nov 17th
    19 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close