what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 19 of 19 RSS Feed

Files Date: 2015-08-25

OpenSSH 7.1p1
Posted Aug 25, 2015
Authored by Damien Miller | Site openssh.com

This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.

Changes: This is a bugfix release. OpenSSH 7.0 contained a logic error in PermitRootLogin= prohibit-password/without-password that could, depending on compile-time configuration, permit password authentication to root while preventing other forms of authentication. This problem was reported by Mantas Mikulenas.
tags | tool, encryption
systems | linux, unix, openbsd
SHA-256 | fc0a6d2d1d063d5c66dffd952493d0cda256cad204f681de0f84ef85b2ad8428
Microsoft Office 2007 RTF XML SmartTags Use-After-Free
Posted Aug 25, 2015
Authored by Google Security Research, hawkes

Microsoft Office 2007 suffers from a RTF XML SmartTags use-after-free vulnerability.

tags | advisory
systems | linux
advisories | CVE-2015-1651
SHA-256 | 9112fd06f8a9594124ac555685a4c390b42d8b36cbf029a9deca63894f80b49e
Microsoft Office 2007 OneTableDocumentStream Invalid Object
Posted Aug 25, 2015
Authored by Google Security Research, hawkes

Microsoft Office 2007 suffers from a OneTableDocumentStream invalid object vulnerability.

tags | exploit
systems | linux
advisories | CVE-2015-0065
SHA-256 | 71aae25eeff40a890630b5def4b9a4c33395e8cd48b05b1af664a30be591e023
Microsoft Office 2007 Malformed Document Stack-Based Buffer Overflow
Posted Aug 25, 2015
Authored by Google Security Research, hawkes

Microsoft Office 2007 suffers from a stack-based buffer overflow vulnerability when handling a malformed document.

tags | exploit, overflow
systems | linux
advisories | CVE-2015-0064
SHA-256 | fc3f3a43acba1f2993d16df8be2f8af7217caf24ea88bc37b3ab71571b41e296
Page2Flip 2.5 Missing Access Control
Posted Aug 25, 2015
Authored by Dr. Erlijn van Genuchten | Site syss.de

Page2Flip version 2.5 is missing an access control and due to this allows for information disclosure.

tags | exploit, info disclosure
SHA-256 | 4d58d05abd8782f6ea8e55b951adbc39826bfb054bc42cad328a0157a2cf0cf3
Page2Flip 2.5 Session Management
Posted Aug 25, 2015
Authored by Dr. Erlijn van Genuchten | Site syss.de

Page2Flip version 2.5 suffers from a session management issue that allows deleted users to still login.

tags | exploit
SHA-256 | 3dd3826320edfc3d9787b04d941d218aa5fcb2d184361a4c7704cfea80c20ef4
Page2Flip 2.5 Privilege Escalation
Posted Aug 25, 2015
Authored by Dr. Erlijn van Genuchten | Site syss.de

Page2Flip version 2.5 suffers from an authorization bypass vulnerability.

tags | exploit, bypass
SHA-256 | 81eff9c8072a47333a722737d210492a75a50e881af03b9fbb7745d495b77d5c
Page2Flip 2.5 Insecure Direct Object Reference
Posted Aug 25, 2015
Authored by Dr. Erlijn van Genuchten | Site syss.de

Page2Flip version 2.5 suffers from an insecure direct object reference vulnerability.

tags | exploit
SHA-256 | 88377ffbd2ae0e8c6494acd84244a8d80fc28f3b4cb5e706a672ceaab14433b9
Page2Flip 2.5 Cross Site Scripting
Posted Aug 25, 2015
Authored by Dr. Erlijn van Genuchten | Site syss.de

Page2Flip version 2.5 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | a80dbfc906c92033fe34653626d3672fe4672f10582601c6398132ae3406a17b
Page2Flip 2.5 Cross Site Scripting
Posted Aug 25, 2015
Authored by Dr. Erlijn van Genuchten | Site syss.de

Page2Flip version 2.5 suffers from a cross site scripting vulnerability in the create user functionality.

tags | exploit, xss
SHA-256 | 8c4a6a8c8fb7c3e5d54cac7cab64b3e9ec1fd020d73d675cbf2229ba4b628693
AsteriskNOW / Lync 2013 Configuration
Posted Aug 25, 2015
Authored by Keith Beucler

This guide is to help others integrate their Microsoft 2013 Lync systems with AsteriskNOW for use with non-Lync compatible SIP providers.

tags | paper
SHA-256 | 368670bac076a99e8be719227b8a15dfab584d7e8ed20365c28899df35a6cdda
Page2Flip 2.5 Denial Of Service
Posted Aug 25, 2015
Authored by Dr. Erlijn van Genuchten | Site syss.de

Page2Flip version 2.5 suffers from a denial of service vulnerability.

tags | exploit, denial of service
SHA-256 | d605475e023fd099f6ae5991a6c9dc8b5175e3d6115f0f5e24bdef720b8b65c0
Dell SonicWall NetExtender 7.5.215 Privilege Escalation
Posted Aug 25, 2015
Authored by Andrew Smith of Sword and Shield

Dell SonicWall NetExtender version 7.5.215 suffers from a privilege escalation vulnerability.

tags | advisory
advisories | CVE-2015-4173
SHA-256 | f0b514cab106db17e65e6afa1d98fdd80dad6bd4d518110c106cfcff55f1bcd3
Google Analyticator 6.4.9.4 Cross Site Scripting
Posted Aug 25, 2015
Authored by Omar Kurt | Site netsparker.com

WordPress Google Analyticator plugin version 6.4.9.4 suffers from cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2015-6238
SHA-256 | 7f7523e430b3afce63313d41c2b6e4084ef335223ee61e6f6fdb35a34d45f768
Netop Remote Control 11.52 / 12.11 Credential Issue
Posted Aug 25, 2015
Authored by Matthias Deeg | Site syss.de

Netop Remote Control versions 11.52 and 12.11 suffer from hard-coded cryptographic key and insufficiently protected credential issues.

tags | exploit, remote
SHA-256 | bd92784b38a1c301a6674b12b72e327934aa4b895b78f8ea87bbefcaaebfb4a3
Pligg CMS 2.0.2 Cross Site Request Forgery
Posted Aug 25, 2015
Authored by Arash Khazaei

Pligg CMS version 2.0.2 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
advisories | CVE-2015-6655
SHA-256 | e8df6ea13dde593af7dce761b232c1d61d5a0fb061392ea66d9fa5a7ea0f440d
ResourceSpace CMS 7.3.7009 SQL Injection
Posted Aug 25, 2015
Authored by William F. Reyor III

ResourceSpace CMS versions 7.3.7009 and below suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | f8889e00ce3b0fba310c27b4671a53d11f1156966615698aad1a1d3558bbc703
UNIT4TETA TETA WEB 22.62.3.4 Session Fixation
Posted Aug 25, 2015
Authored by Lukasz Miedzinski

UNIT4TETA TETA WEB version 22.62.3.4 suffers from a session fixation vulnerability.

tags | advisory, web
advisories | CVE-2015-1174
SHA-256 | 7ea165d8dbfe2db8ab49a36cb0239ff0625d1fa350d20ed811a0272d3c0ea128
Red Hat Security Advisory 2015-1681-01
Posted Aug 25, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1681-01 - OpenStack Object Storage provides object storage in virtual containers, which allows users to store and retrieve files. The service's distributed architecture supports horizontal scaling; redundancy as failure-proofing is provided through software-based data replication. Because Object Storage supports asynchronous eventual consistency replication, it is well suited to multiple data-center deployment. A flaw was found in openstack-swift where an authenticated user may delete the most recent version of a versioned object regardless of ownership. To exploit this flaw an attacker most know the name of the object and have listing access to the x-versions-location container.

tags | advisory
systems | linux, redhat
advisories | CVE-2015-1856
SHA-256 | b4620e51dac253858c6c6dd8a14325faa2787471f9702c33b9acaf4a45839e74
Page 1 of 1
Back1Next

File Archive:

October 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    39 Files
  • 2
    Oct 2nd
    23 Files
  • 3
    Oct 3rd
    18 Files
  • 4
    Oct 4th
    20 Files
  • 5
    Oct 5th
    0 Files
  • 6
    Oct 6th
    0 Files
  • 7
    Oct 7th
    17 Files
  • 8
    Oct 8th
    66 Files
  • 9
    Oct 9th
    25 Files
  • 10
    Oct 10th
    20 Files
  • 11
    Oct 11th
    21 Files
  • 12
    Oct 12th
    0 Files
  • 13
    Oct 13th
    0 Files
  • 14
    Oct 14th
    14 Files
  • 15
    Oct 15th
    0 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close