all things security
Showing 1 - 25 of 39 RSS Feed

Files Date: 2015-08-18

oclHashcat For NVidia 1.37
Posted Aug 18, 2015
Authored by Kartan | Site hashcat.net

oclHashcat is an advanced GPU hash cracking utility that includes the World's fastest md5crypt, phpass, mscash2 and WPA / WPA2 cracker. It also has the first and only GPGPU-based rule engine, focuses on highly iterated modern hashes, single dictionary-based attacks, and more. NVidia version.

Changes: Added new hash mode -m 11700 = GOST R 34.11-2012 (Streebog) 256-bit. Many other additions.
tags | tool, cracker
MD5 | 08f5b5858daa15b4e593b40c70fb04d5
oclHashcat for AMD 1.37
Posted Aug 18, 2015
Authored by Kartan | Site hashcat.net

oclHashcat is an advanced GPU hash cracking utility that includes the World's fastest md5crypt, phpass, mscash2 and WPA / WPA2 cracker. It also has the first and only GPGPU-based rule engine, focuses on highly iterated modern hashes, single dictionary-based attacks, and more. AMD version.

Changes: Added support for all AMD Catalyst versions 14.9 and above. Added new hash mode -m 11700 = GOST R 34.11-2012 (Streebog) 256-bit. Many other additions.
tags | tool, cracker
MD5 | 2e9ecb021a4e0f7eb444242b78170c9c
Mac OS X "tpwn" Privilege Escalation
Posted Aug 18, 2015
Authored by wvu, qwertyoruiop | Site metasploit.com

This Metasploit module exploits a null pointer dereference in XNU to escalate privileges to root. Tested on 10.10.4 and 10.10.5.

tags | exploit, root
MD5 | 6e8c73f8110ba4d80f3c15a6a4ea2f78
Microsoft Out-Of-Band Bulletin Addition For August, 2015
Posted Aug 18, 2015
Site microsoft.com

The bulletin summary for August 2015 has been updated to include an additional out-of-band bulletin, MS15-093, which is being released on August 18, 2015.

tags | advisory
MD5 | 519408577a72a3aca56eac7a7834775c
ModX Revolution 2.3.5-pl Cross Site Scripting
Posted Aug 18, 2015
Authored by Tim Coen | Site curesec.com

ModX Revolution version 2.3.5-pl suffers from a reflective cross site scripting vulnerability.

tags | exploit, xss
MD5 | 103adf691c0338376031e0caad3e849d
Bolt 2.2.4 Shell Upload
Posted Aug 18, 2015
Authored by Tim Coen | Site curesec.com

Bolt version 2.2.4 suffers from a code execution vulnerability via shell upload.

tags | exploit, shell, code execution
MD5 | 657e2cef9fc93cf0f25de87abed1e3e3
Phorum 5.2.19 Cross Site Scripting / Open Redirect
Posted Aug 18, 2015
Authored by Tim Coen | Site curesec.com

Phorum version 5.2.19 suffers from open redirection and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 798fc8252ab3771e5e355fc0af6d9af3
FreeBSD Security Advisory - expat Integer Overflows
Posted Aug 18, 2015
Site security.freebsd.org

FreeBSD Security Advisory - Multiple integer overflows have been discovered in the XML_GetBuffer() function in the expat library.

tags | advisory, overflow
systems | freebsd
advisories | CVE-2015-1283
MD5 | 39f153ba79b5a361579f0662dcc7d316
Trend Micro Deep Discovery 3.7.1096 Cross Site Scripting
Posted Aug 18, 2015
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Trend Micro Deep Discovery version 3.7.1096 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2015-2872
MD5 | 9077f8d28f2f9d9c207057cdb8890891
Viproy VoIP Penetration / Exploitation Kit 2.99.1
Posted Aug 18, 2015
Authored by Fatih Ozavci | Site viproy.com

Viproy Voip Penetration and Exploitation Kit is developed to improve quality of SIP penetration testing. It provides authentication and trust analysis features that assists in creating simple tests.

Changes: Various updates.
tags | tool
systems | unix
MD5 | e0191021c0364a6ae196f7f5037bbac6
EMC Documentum Content Server Code Execution
Posted Aug 18, 2015
Authored by Andrey B. Panfilov

EMC Documentum Content Server suffers from an arbitrary code execution vulnerability.

tags | exploit, arbitrary, code execution
advisories | CVE-2015-4532
MD5 | 59cc7b7a6b4898a9f1276c6f109ec9a9
EMC Documentum Content Server Privilege Escalation
Posted Aug 18, 2015
Authored by Andrey B. Panfilov

EMC Documentum Content Server suffers from a privilege escalation vulnerability.

tags | exploit
advisories | CVE-2011-4144, CVE-2014-4622, CVE-2015-4531
MD5 | 5c0122dc8495467fa151ccc21f62caaa
Ubuntu Security Notice USN-2715-1
Posted Aug 18, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2715-1 - Marcelo Ricardo Leitner discovered a race condition in the Linux kernel's SCTP address configuration lists when using Address Configuration Change (ASCONF) options on a socket. An unprivileged local user could exploit this flaw to cause a denial of service (system crash).

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2015-3212
MD5 | a65783951cc4ceefb315a8943f753611
Ubuntu Security Notice USN-2714-1
Posted Aug 18, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2714-1 - Marcelo Ricardo Leitner discovered a race condition in the Linux kernel's SCTP address configuration lists when using Address Configuration Change (ASCONF) options on a socket. An unprivileged local user could exploit this flaw to cause a denial of service (system crash). A flaw was discovered in how the Linux kernel handles invalid UDP checksums. A remote attacker could exploit this flaw to cause a denial of service using a flood of UDP packets with invalid checksums. Various other issues were also addressed.

tags | advisory, remote, denial of service, kernel, local, udp
systems | linux, ubuntu
advisories | CVE-2015-3212, CVE-2015-5364, CVE-2015-5366
MD5 | 75418acec77035caee87956763d48a3b
Ubuntu Security Notice USN-2713-1
Posted Aug 18, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2713-1 - Marcelo Ricardo Leitner discovered a race condition in the Linux kernel's SCTP address configuration lists when using Address Configuration Change (ASCONF) options on a socket. An unprivileged local user could exploit this flaw to cause a denial of service (system crash). A flaw was discovered in how the Linux kernel handles invalid UDP checksums. A remote attacker could exploit this flaw to cause a denial of service using a flood of UDP packets with invalid checksums. Various other issues were also addressed.

tags | advisory, remote, denial of service, kernel, local, udp
systems | linux, ubuntu
advisories | CVE-2015-3212, CVE-2015-5364, CVE-2015-5366
MD5 | 4cc8ebcead3fa9cc656e78c2e5c18fa9
Debian Security Advisory 3336-1
Posted Aug 18, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3336-1 - Several vulnerabilities have been discovered in nss, the Mozilla Network Security Service library.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2015-2721, CVE-2015-2730
MD5 | 5241ef6147d66d1d82bcf24640a2aad9
Red Hat Security Advisory 2015-1636-01
Posted Aug 18, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1636-01 - The net-snmp packages provide various libraries and tools for the Simple Network Management Protocol, including an SNMP library, an extensible agent, tools for requesting or setting information from SNMP agents, tools for generating and handling SNMP traps, a version of the netstat command which uses SNMP, and a Tk/Perl Management Information Base browser. It was discovered that the snmp_pdu_parse() function could leave incompletely parsed varBind variables in the list of variables. A remote, unauthenticated attacker could use this flaw to crash snmpd or, potentially, execute arbitrary code on the system with the privileges of the user running snmpd.

tags | advisory, remote, arbitrary, perl, protocol
systems | linux, redhat
advisories | CVE-2015-5621
MD5 | cfeacfd0577d0cd2222fbdd62be496f2
Red Hat Security Advisory 2015-1643-01
Posted Aug 18, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1643-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. It was found that the Linux kernel's ping socket implementation did not properly handle socket unhashing during spurious disconnects, which could lead to a use-after-free flaw. On x86-64 architecture systems, a local user able to create ping sockets could use this flaw to crash the system. On non-x86-64 architecture systems, a local user able to create ping sockets could use this flaw to escalate their privileges on the system.

tags | advisory, x86, kernel, local
systems | linux, redhat
advisories | CVE-2015-3636
MD5 | 23c9f23dc174bfe738f09262037924bd
Red Hat Security Advisory 2015-1641-03
Posted Aug 18, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1641-03 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector, JBoss HTTP Connector, Hibernate, and the Tomcat Native library. A flaw was found in the way the mod_cluster manager processed certain MCMP messages. An attacker with access to the network from which MCMP messages are allowed to be sent could use this flaw to execute arbitrary JavaScript code in the mod_cluster manager web interface.

tags | advisory, web, arbitrary, javascript
systems | linux, redhat
advisories | CVE-2014-8111, CVE-2015-0298
MD5 | eb7a1ba4b42f5b67b69f92ff3c411c94
Red Hat Security Advisory 2015-1642-03
Posted Aug 18, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1642-03 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector, JBoss HTTP Connector, Hibernate, and the Tomcat Native library. A flaw was found in the way the mod_cluster manager processed certain MCMP messages. An attacker with access to the network from which MCMP messages are allowed to be sent could use this flaw to execute arbitrary JavaScript code in the mod_cluster manager web interface.

tags | advisory, web, arbitrary, javascript
systems | linux, redhat
advisories | CVE-2014-8111, CVE-2015-0298
MD5 | da85a1644b7478149ff3f032b1dd66d8
Red Hat Security Advisory 2015-1640-01
Posted Aug 18, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1640-01 - Pluggable Authentication Modules provide a system whereby administrators can set up authentication policies without having to recompile programs to handle authentication. It was discovered that the _unix_run_helper_binary() function of PAM's unix_pam module could write to a blocking pipe, possibly causing the function to become unresponsive. An attacker able to supply large passwords to the unix_pam module could use this flaw to enumerate valid user accounts, or cause a denial of service on the system.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2015-3238
MD5 | 84a5b750ab324a6cd7d8a5863d952743
Debian Security Advisory 3338-1
Posted Aug 18, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3338-1 - Lin Hua Cheng discovered that a session could be created when anonymously accessing the django.contrib.auth.views.logout view. This could allow remote attackers to saturate the session store or cause other users' session records to be evicted.

tags | advisory, remote
systems | linux, debian
advisories | CVE-2015-5963, CVE-2015-5964
MD5 | 9feac8b7ee0d61354e6a6a2bab362294
Ubuntu Security Notice USN-2720-1
Posted Aug 18, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2720-1 - Lin Hua Cheng discovered that Django incorrectly handled the session store. A remote attacker could use this issue to cause the session store to fill up, resulting in a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2015-5963, CVE-2015-5964
MD5 | 97bd6035bbba0bcfe1441ba2aba526a9
Debian Security Advisory 3337-1
Posted Aug 18, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3337-1 - Gustavo Grieco discovered a heap overflow in the processing of BMP images which may result in the execution of arbitrary code if a malformed image is opened.

tags | advisory, overflow, arbitrary
systems | linux, debian
advisories | CVE-2015-4491
MD5 | 4c158e02cd23c9a46190ad1823ea2e54
Ubuntu Security Notice USN-2710-2
Posted Aug 18, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2710-2 - USN-2710-1 fixed vulnerabilities in OpenSSH. The upstream fix for CVE-2015-5600 caused a regression resulting in random authentication failures in non-default configurations. This update fixes the problem.

tags | advisory, vulnerability
systems | linux, ubuntu
advisories | CVE-2015-5352, CVE-2015-5600
MD5 | cecf91fdb57ae5dfb1dedd05ca1ef7a2
Page 1 of 2
Back12Next

File Archive:

October 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    15 Files
  • 2
    Oct 2nd
    16 Files
  • 3
    Oct 3rd
    15 Files
  • 4
    Oct 4th
    15 Files
  • 5
    Oct 5th
    11 Files
  • 6
    Oct 6th
    6 Files
  • 7
    Oct 7th
    2 Files
  • 8
    Oct 8th
    1 Files
  • 9
    Oct 9th
    13 Files
  • 10
    Oct 10th
    16 Files
  • 11
    Oct 11th
    15 Files
  • 12
    Oct 12th
    23 Files
  • 13
    Oct 13th
    13 Files
  • 14
    Oct 14th
    12 Files
  • 15
    Oct 15th
    2 Files
  • 16
    Oct 16th
    5 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close