what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 8 of 8 RSS Feed

Files Date: 2015-08-23

Firefox PDF.js Privileged Javascript Injection
Posted Aug 23, 2015
Authored by temp66, joev, Marius Mlynski | Site metasploit.com

This Metasploit module gains remote code execution on Firefox 35-36 by abusing a privilege escalation bug in resource:// URIs. PDF.js is used to exploit the bug. This exploit requires the user to click anywhere on the page to trigger the vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2015-0816
SHA-256 | c7380b4bd424349eceddb0191b851de4ff91a0a5afb8b3430ceffce5b834c992
Faraday 1.0.13
Posted Aug 23, 2015
Authored by Francisco Amato

Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use the available tools in the community to take advantage of them in a multiuser way.

Changes: Exported CSV contains filters and columns from Status Report in WEB UI. Added quick vuln edit and delete in WEB UI. Expanded Unit Tests for WEB UI. Various other updates and additions.
tags | tool, rootkit
systems | unix
SHA-256 | 5d449b6f6c55b74d06b56b7435bc79236d2b0002e905211fd0c11d6d20b34d8c
Microsoft Security Bulletin Revision Increment For August, 2015
Posted Aug 23, 2015
Site microsoft.com

This bulletin summary lists one bulletin that has undergone a major revision increment for August, 2015.

tags | advisory
SHA-256 | dfd23be0dbefb8bb95dc5db6d5e39fb6fdd92d9ec2d58405d0f63d5abafff45f
Logstash 1.5.3 Man-In-The-Middle
Posted Aug 23, 2015
Authored by Markus Frosch

Logstash 1.5.3 and prior versions are vulnerable to a SSL/TLS security issue which allows an attacker to successfully implement a man in the middle attack. This vulnerability is not present in the initial installation of Logstash. This insecurity is exposed when users configure Lumberjack output to connect two Logstash instances. In such deployments, a Logstash instance is used to collect logs from a webserver and securely transmit them to a central Logstash instance to perform additional filtering and storing.

tags | advisory
advisories | CVE-2015-5619
SHA-256 | 8d94729ca78c886be74f1b17d603715f06729caa799a8b733cda4e486099eb9a
Apple Security Advisory 2015-08-20-1
Posted Aug 23, 2015
Authored by Apple | Site apple.com

Apple Security Advisory 2015-08-20-1 - QuickTime 7.7.8 is now available and addresses arbitrary code execution and memory corruption issues.

tags | advisory, arbitrary, code execution
systems | apple
advisories | CVE-2015-3788, CVE-2015-3789, CVE-2015-3790, CVE-2015-3791, CVE-2015-3792, CVE-2015-5751, CVE-2015-5779, CVE-2015-5785, CVE-2015-5786
SHA-256 | 31a4deb805a319fca7f77360e22ab19856e37387604603add15c19efbeaf3e5c
WordPress Googmonify 0.8.1 Cross Site Request Forgery / Cross Site Scripting
Posted Aug 23, 2015
Authored by Ehsan Hosseini

WordPress Googmonify plugin version 0.8.1 suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
SHA-256 | 06c403fcedb1a7fd5d3e040288ea006db2072b20c5136ce9aea6ead2c5f43109
VLC 2.2.1 Arbitrary Pointer Dereference
Posted Aug 23, 2015
Authored by Andrea Barisani, Open Source CERT, Loren Maggiore

VLC versions 2.2.1 and below suffer from an arbitrary pointer dereference vulnerability.

tags | advisory, arbitrary
advisories | CVE-2015-5949
SHA-256 | 5729beee45859fa6c90c4ec59513f7ad8f788728b656de7ca5a61d5fed77f09c
UBNT Script Insertion
Posted Aug 23, 2015
Authored by Hadji Samir, Vulnerability Laboratory | Site vulnerability-lab.com

Ubiquiti Networks Community online service web application allows for malicious script code to be inserted in the filename.

tags | exploit, web
SHA-256 | 002d12b4f423b45de91babce8e586c124de4cd418c0f8a59c5ba722de1cf4597
Page 1 of 1
Back1Next

File Archive:

July 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    27 Files
  • 2
    Jul 2nd
    10 Files
  • 3
    Jul 3rd
    35 Files
  • 4
    Jul 4th
    27 Files
  • 5
    Jul 5th
    18 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    28 Files
  • 9
    Jul 9th
    44 Files
  • 10
    Jul 10th
    24 Files
  • 11
    Jul 11th
    25 Files
  • 12
    Jul 12th
    11 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    28 Files
  • 16
    Jul 16th
    6 Files
  • 17
    Jul 17th
    34 Files
  • 18
    Jul 18th
    0 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close