exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 8 of 8 RSS Feed

Files Date: 2015-08-23

Firefox PDF.js Privileged Javascript Injection
Posted Aug 23, 2015
Authored by temp66, joev, Marius Mlynski | Site metasploit.com

This Metasploit module gains remote code execution on Firefox 35-36 by abusing a privilege escalation bug in resource:// URIs. PDF.js is used to exploit the bug. This exploit requires the user to click anywhere on the page to trigger the vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2015-0816
SHA-256 | c7380b4bd424349eceddb0191b851de4ff91a0a5afb8b3430ceffce5b834c992
Faraday 1.0.13
Posted Aug 23, 2015
Authored by Francisco Amato

Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use the available tools in the community to take advantage of them in a multiuser way.

Changes: Exported CSV contains filters and columns from Status Report in WEB UI. Added quick vuln edit and delete in WEB UI. Expanded Unit Tests for WEB UI. Various other updates and additions.
tags | tool, rootkit
systems | unix
SHA-256 | 5d449b6f6c55b74d06b56b7435bc79236d2b0002e905211fd0c11d6d20b34d8c
Microsoft Security Bulletin Revision Increment For August, 2015
Posted Aug 23, 2015
Site microsoft.com

This bulletin summary lists one bulletin that has undergone a major revision increment for August, 2015.

tags | advisory
SHA-256 | dfd23be0dbefb8bb95dc5db6d5e39fb6fdd92d9ec2d58405d0f63d5abafff45f
Logstash 1.5.3 Man-In-The-Middle
Posted Aug 23, 2015
Authored by Markus Frosch

Logstash 1.5.3 and prior versions are vulnerable to a SSL/TLS security issue which allows an attacker to successfully implement a man in the middle attack. This vulnerability is not present in the initial installation of Logstash. This insecurity is exposed when users configure Lumberjack output to connect two Logstash instances. In such deployments, a Logstash instance is used to collect logs from a webserver and securely transmit them to a central Logstash instance to perform additional filtering and storing.

tags | advisory
advisories | CVE-2015-5619
SHA-256 | 8d94729ca78c886be74f1b17d603715f06729caa799a8b733cda4e486099eb9a
Apple Security Advisory 2015-08-20-1
Posted Aug 23, 2015
Authored by Apple | Site apple.com

Apple Security Advisory 2015-08-20-1 - QuickTime 7.7.8 is now available and addresses arbitrary code execution and memory corruption issues.

tags | advisory, arbitrary, code execution
systems | apple
advisories | CVE-2015-3788, CVE-2015-3789, CVE-2015-3790, CVE-2015-3791, CVE-2015-3792, CVE-2015-5751, CVE-2015-5779, CVE-2015-5785, CVE-2015-5786
SHA-256 | 31a4deb805a319fca7f77360e22ab19856e37387604603add15c19efbeaf3e5c
WordPress Googmonify 0.8.1 Cross Site Request Forgery / Cross Site Scripting
Posted Aug 23, 2015
Authored by Ehsan Hosseini

WordPress Googmonify plugin version 0.8.1 suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
SHA-256 | 06c403fcedb1a7fd5d3e040288ea006db2072b20c5136ce9aea6ead2c5f43109
VLC 2.2.1 Arbitrary Pointer Dereference
Posted Aug 23, 2015
Authored by Andrea Barisani, Open Source CERT, Loren Maggiore

VLC versions 2.2.1 and below suffer from an arbitrary pointer dereference vulnerability.

tags | advisory, arbitrary
advisories | CVE-2015-5949
SHA-256 | 5729beee45859fa6c90c4ec59513f7ad8f788728b656de7ca5a61d5fed77f09c
UBNT Script Insertion
Posted Aug 23, 2015
Authored by Hadji Samir, Vulnerability Laboratory | Site vulnerability-lab.com

Ubiquiti Networks Community online service web application allows for malicious script code to be inserted in the filename.

tags | exploit, web
SHA-256 | 002d12b4f423b45de91babce8e586c124de4cd418c0f8a59c5ba722de1cf4597
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close