exploit the possibilities
Showing 1 - 25 of 28 RSS Feed

Files Date: 2015-08-04

Zed Attack Proxy 2.4.1 Windows Installer
Posted Aug 4, 2015
Authored by Psiinon | Site owasp.org

The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing. ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually. Windows installer.

Changes: Various updates.
tags | tool, web, vulnerability
systems | windows
SHA-256 | 43286cd91e4a985e95a4ae861f3d3faa9bc1282a0d90ff781f602a6e76a74ea1
Zed Attack Proxy 2.4.1 Linux Release
Posted Aug 4, 2015
Authored by Psiinon | Site owasp.org

The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing. ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually. Linux release.

Changes: Various updates.
tags | tool, web, vulnerability
systems | linux, unix
SHA-256 | 8077371c939f6dc3991f2c812a81f3af6131e54673955814d21f32dce6efd573
PCMan FTP Server 2.0.7 PUT Buffer Overflow
Posted Aug 4, 2015
Authored by Jay Turla

PCMan FTP Server version 2.0.7 PUT command buffer overflow exploit that spawns a bindshell on tcp/9988.

tags | exploit, overflow, tcp
SHA-256 | 079e0b6e1b52360946c41880b50c6c8953ec9da37460c0897e1787cb1c5cd5bc
Red Hat Security Advisory 2015-1544-01
Posted Aug 4, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1544-01 - IBM J2SE version 5.0 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2015-1931, CVE-2015-2590, CVE-2015-2601, CVE-2015-2621, CVE-2015-2632, CVE-2015-2637, CVE-2015-2638, CVE-2015-2664, CVE-2015-4000, CVE-2015-4731, CVE-2015-4732, CVE-2015-4733, CVE-2015-4748, CVE-2015-4749, CVE-2015-4760
SHA-256 | 211ab6dc8672735a2153424635a62c7215098412c1ba9ba843117f40ee4c8412
Red Hat Security Advisory 2015-1545-01
Posted Aug 4, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1545-01 - OpenShift Enterprise by Red Hat is the company's cloud computing Platform-as-a-Service solution designed for on-premise or private cloud deployments. Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. A flaw was found in the way SSL 3.0 handled padding bytes when decrypting messages encrypted using block ciphers in cipher block chaining mode. This flaw allows a man-in-the-middle attacker to decrypt a selected byte of a cipher text in as few as 256 tries if they are able to force a victim application to repeatedly send the same data over newly created SSL 3.0 connections.

tags | advisory, javascript
systems | linux, redhat
advisories | CVE-2014-3566
SHA-256 | 9dfd085a0a5cc694a5377b43367bb112a7b57b35c1014353ee1b6296ef398897
Red Hat Security Advisory 2015-1543-01
Posted Aug 4, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1543-01 - Red Hat JBoss Portal is the open source implementation of the Java EE suite of services and Portal services running atop Red Hat JBoss Enterprise Application Platform. It was found that PortletBridge PortletRequestDispatcher did not respect security constraints set by the servlet if a portlet request asked for rendering of a non-JSF resource such as JSP or HTML. A remote attacker could use this flaw to potentially bypass certain security constraints and gain access to restricted resources.

tags | advisory, java, remote
systems | linux, redhat
advisories | CVE-2015-5176
SHA-256 | f4d03fb55875abab70559c6e82184d191ab21036e813540a6a384bd018545fda
Ubuntu Security Notice USN-2677-1
Posted Aug 4, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2677-1 - An uninitialized value issue was discovered in ICU. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service. A use-after-free was discovered in the GPU process implementation in Chromium. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking the program. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2015-1270, CVE-2015-1272, CVE-2015-1276, CVE-2015-1277, CVE-2015-1280, CVE-2015-1281, CVE-2015-1283, CVE-2015-1284, CVE-2015-1285, CVE-2015-1287, CVE-2015-1289, CVE-2015-1329, CVE-2015-5605
SHA-256 | 8e4ae28d2f7b897db93cb99063601153c04fb5f447d47955e0fdef06773a6ae2
Debian Security Advisory 3328-2
Posted Aug 4, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3328-2 - The security update for wordpress in DSA 3328 contained a regression. The patch for issue CVE-2015-5622 was faulty. A new package version has been released that backs this patch out pending resolution of the problem.

tags | advisory
systems | linux, debian
advisories | CVE-2015-3429, CVE-2015-5622, CVE-2015-5623
SHA-256 | c4d9e31b5f37c8c10f2ab9b01ed62e57c7dd49f93e9bb24d6b05d75b64af8b51
Debian Security Advisory 3328-1
Posted Aug 4, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3328-1 - Several vulnerabilities have been found in Wordpress, the popular blogging engine.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2015-3429, CVE-2015-5622, CVE-2015-5623
SHA-256 | 0fe2f36ccb4402230be9fa8cb3b4150d88175339d405b8222f84ef0ee4fb8c0c
Debian Security Advisory 3327-1
Posted Aug 4, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3327-1 - Alex Rousskov of The Measurement Factory discovered that Squid3, a fully featured web proxy cache, does not correctly handle CONNECT method peer responses when configured with cache_peer and operating on explicit proxy traffic. This could allow remote clients to gain unrestricted access through a gateway proxy to its backend proxy.

tags | advisory, remote, web
systems | linux, debian
advisories | CVE-2015-5400
SHA-256 | 9bc21bbd9d798266d317a3b5bf65d2c238cc28361e9f33791f2ee9a0c0a76d4a
CODE BLUE 2015 Call For Papers
Posted Aug 4, 2015
Site codeblue.jp

CODE BLUE has announced its Call For Papers. It is an international conference held at Shinjuku, Tokyo, Japan that will be held from October 28th through the 29th, 2015.

tags | paper, conference
SHA-256 | 01ad6df98b82f18459162893dfb06ddd09f0646fe003b123837626d66f100d96
HP ArcSight Logger Invalid Search Results
Posted Aug 4, 2015
Authored by Roberto at Logsat

There are several flaws in the HP ArcSight Logger search capabilities that cause it to provide invalid search results for any query that uses boolean expressions. This means that any query to search through data in the logs ArcSight collected is potentially incorrect if the query contains more than one search term.

tags | advisory
SHA-256 | f3192b0bb9062010087a388c5a6cde7b87e5a1d735b14ce20bbab5e331135343
Shellcode Helper
Posted Aug 4, 2015
Authored by B3mB4m

Shellcode Helper is a python script designed to act as an x86 little endian stack converter.

tags | tool, x86, shellcode, python
SHA-256 | 2169ef9e90390289a012969247ecff8e6fb7a30ae571da774b8a381696435b8c
OS X Keychain EXC_BAD_ACCESS Denial Of Service
Posted Aug 4, 2015
Authored by Juan Sacco

Mac OS X 10.10.4 (Yosemite) suffers from a keychain-related denial of service vulnerability.

tags | exploit, denial of service
systems | apple, osx
SHA-256 | 5e5264989ee711ea2cf1f4508b6d73169a2f88b72a97de4b2be4e77d5bfb3214
I2P 0.9.21
Posted Aug 4, 2015
Authored by welterde | Site i2p2.de

I2P is an anonymizing network, offering a simple layer that identity-sensitive applications can use to securely communicate. All data is wrapped with several layers of encryption, and the network is both distributed and dynamic, with no trusted parties. This is the source code release version.

Changes: Various updates and bug fixes.
tags | tool
systems | unix
SHA-256 | d6f8148b2a51afa236e1284152db140b9288c1e1365652c1f14c68ac0cedf1e3
OATH Toolkit 2.6.1
Posted Aug 4, 2015
Site nongnu.org

OATH Toolkit attempts to collect several tools that are useful when deploying technologies related to OATH, such as HOTP one-time passwords. It is a fork of the earlier HOTP Toolkit.

Changes: Various updates.
tags | tool
systems | unix
SHA-256 | 9c57831907bc26eadcdf90ba1827d0bd962dd1f737362e817a1dd6d6ec036f79
Heroes Of Might And Magic III .h3m Map File Buffer Overflow
Posted Aug 4, 2015
Authored by Pierre Lindblad, John AAkerblom | Site metasploit.com

This Metasploit module embeds an exploit into an uncompressed map file (.h3m) for Heroes of Might and Magic III. Once the map is started in-game, a buffer overflow occurring when loading object sprite names leads to shellcode execution.

tags | exploit, overflow, shellcode, code execution
SHA-256 | 5f3f3372c7b7ed5f4f8756063b78d1e2135c986738b9fc08143adf4c5746a07f
Botan C++ Crypto Algorithms Library 1.10.10
Posted Aug 4, 2015
Site botan.randombit.net

Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS #10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to most systems and compilers, and includes a substantial tutorial and API reference.

Changes: Various updates.
tags | library
systems | linux
SHA-256 | 6b67b14746410461fe4a8ce6a625e7eef789243454fe30eab7329d5984be4163
BlueDragon 6.2.1 / 7.0 / 7.1 Cross Site Scripting
Posted Aug 4, 2015
Authored by OrwellLabs

BlueDragon versions 6.2.1, 7.0, and 7.1 suffer from multiple cross site scripting vulnerabilities. These are in addition to priorly discovered similar issues in these versions.

tags | exploit, vulnerability, xss
SHA-256 | 34152718c0c5e04b81a0e17e0d27f408dc1c6ce005e485fce24870f32ad785fb
Packet Storm New Exploits For July, 2015
Posted Aug 4, 2015
Authored by Todd J. | Site packetstormsecurity.com

This archive contains 162 exploits that were added to Packet Storm in July, 2015.

tags | exploit
systems | linux
SHA-256 | 6d11671c05fe99091b2ef5fd1f3b7d873d28145c02d9b99c7658ff41e3502566
Distro Checker 1.0.0
Posted Aug 4, 2015
Authored by Francisco Amato | Site blog.infobytesec.com

Distro Checker is a tool written for doing cross distribution exploit testing.

tags | tool
systems | unix
SHA-256 | 8bc23f4e57fc2885ba6b8d8ec2eba603aec8e5155f4bf85739fce47220e6419f
Red Hat Security Advisory 2015-1539-01
Posted Aug 4, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1539-01 - Red Hat JBoss BPM Suite is a business rules and processes management system for the management, storage, creation, modification, and deployment of JBoss rules and BPMN2-compliant business processes. This release of Red Hat JBoss BPM Suite 6.1.2 serves as a replacement for Red Hat JBoss BPM Suite 6.1.0, and includes bug fixes and enhancements, which are documented in the README.txt file included with the patch files. The following security issues are also fixed with this release: It was found that Apache Camel's XML converter performed XML External Entity expansion. A remote attacker able to submit an SAXSource containing an XXE declaration could use this flaw to read files accessible to the user running the application server, and potentially perform other more advanced XXE attacks.

tags | advisory, remote, xxe
systems | linux, redhat
advisories | CVE-2015-0263, CVE-2015-0264, CVE-2015-1818
SHA-256 | 56627352a7df2d86dd0a52f57fc03ccdd0383b7f81d892b51ba9198d83ea8692
Red Hat Security Advisory 2015-1538-01
Posted Aug 4, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1538-01 - Red Hat JBoss BRMS is a business rules management system for the management, storage, creation, modification, and deployment of JBoss Rules. This release of Red Hat JBoss BRMS 6.1.2 serves as a replacement for Red Hat JBoss BRMS 6.1.0, and includes bug fixes and enhancements, which are documented in the README.txt file included with the patch files. The following security issues are also fixed with this release: It was found that Apache Camel's XML converter performed XML External Entity expansion. A remote attacker able to submit an SAXSource containing an XXE declaration could use this flaw to read files accessible to the user running the application server, and potentially perform other more advanced XXE attacks.

tags | advisory, remote, xxe
systems | linux, redhat
advisories | CVE-2015-0263, CVE-2015-0264
SHA-256 | cd8d3c1f817b1c9faba0d4e0599cebb2aa48f6de86fd4533c50a3f58ab9d4d37
Debian Security Advisory 3326-1
Posted Aug 4, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3326-1 - William Robinet and Stefan Cornelius discovered an integer overflow in Ghostscript, the GPL PostScript/PDF interpreter, which may result in denial of service or potentially execution of arbitrary code if a specially crafted file is opened.

tags | advisory, denial of service, overflow, arbitrary
systems | linux, debian
advisories | CVE-2015-3228
SHA-256 | 61f0975e460b5d4f229cb65cae6d1ef8588a7b34a4f12ec1927837bf0717ec23
Debian Security Advisory 3325-1
Posted Aug 4, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3325-1 - Several vulnerabilities have been found in the Apache HTTPD server.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2015-3183, CVE-2015-3185
SHA-256 | 7eb41d5e0dde8b13a8166433bf5d89842f644f90dca24040daea5c78a82cd56d
Page 1 of 2
Back12Next

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    26 Files
  • 18
    May 18th
    4 Files
  • 19
    May 19th
    17 Files
  • 20
    May 20th
    2 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close