all things security
Showing 1 - 19 of 19 RSS Feed

Files Date: 2015-08-25

OpenSSH 7.1p1
Posted Aug 25, 2015
Authored by Damien Miller | Site openssh.com

This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.

Changes: This is a bugfix release. OpenSSH 7.0 contained a logic error in PermitRootLogin= prohibit-password/without-password that could, depending on compile-time configuration, permit password authentication to root while preventing other forms of authentication. This problem was reported by Mantas Mikulenas.
tags | tool, encryption
systems | linux, unix, openbsd
MD5 | 8709736bc8a8c253bc4eeb4829888ca5
Microsoft Office 2007 RTF XML SmartTags Use-After-Free
Posted Aug 25, 2015
Authored by Google Security Research, hawkes

Microsoft Office 2007 suffers from a RTF XML SmartTags use-after-free vulnerability.

tags | advisory
systems | linux
advisories | CVE-2015-1651
MD5 | cff115aa1b1fa2e2fe86d91cac8c0fef
Microsoft Office 2007 OneTableDocumentStream Invalid Object
Posted Aug 25, 2015
Authored by Google Security Research, hawkes

Microsoft Office 2007 suffers from a OneTableDocumentStream invalid object vulnerability.

tags | exploit
systems | linux
advisories | CVE-2015-0065
MD5 | 7d8654a8cadad963976da4666f02c813
Microsoft Office 2007 Malformed Document Stack-Based Buffer Overflow
Posted Aug 25, 2015
Authored by Google Security Research, hawkes

Microsoft Office 2007 suffers from a stack-based buffer overflow vulnerability when handling a malformed document.

tags | exploit, overflow
systems | linux
advisories | CVE-2015-0064
MD5 | 5941a755c3ef62f340fb450cd1a9d1a4
Page2Flip 2.5 Missing Access Control
Posted Aug 25, 2015
Authored by Dr. Erlijn van Genuchten

Page2Flip version 2.5 is missing an access control and due to this allows for information disclosure.

tags | exploit, info disclosure
MD5 | 73d81b9eed2e4fed67e71914e66a6d7a
Page2Flip 2.5 Session Management
Posted Aug 25, 2015
Authored by Dr. Erlijn van Genuchten

Page2Flip version 2.5 suffers from a session management issue that allows deleted users to still login.

tags | exploit
MD5 | 9a008a94861295f79a1d335f9b61e54d
Page2Flip 2.5 Privilege Escalation
Posted Aug 25, 2015
Authored by Dr. Erlijn van Genuchten

Page2Flip version 2.5 suffers from an authorization bypass vulnerability.

tags | exploit, bypass
MD5 | 9e168ac0a38b45e7c6c2b8c61754076d
Page2Flip 2.5 Insecure Direct Object Reference
Posted Aug 25, 2015
Authored by Dr. Erlijn van Genuchten

Page2Flip version 2.5 suffers from an insecure direct object reference vulnerability.

tags | exploit
MD5 | c5f19c15b2b66d9ef8d97bd292e1b012
Page2Flip 2.5 Cross Site Scripting
Posted Aug 25, 2015
Authored by Dr. Erlijn van Genuchten

Page2Flip version 2.5 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | ba0f1b3ede112223b2f015ee5c66b02f
Page2Flip 2.5 Cross Site Scripting
Posted Aug 25, 2015
Authored by Dr. Erlijn van Genuchten

Page2Flip version 2.5 suffers from a cross site scripting vulnerability in the create user functionality.

tags | exploit, xss
MD5 | 921dc70c7937cf496da6e2abeb13d0ce
AsteriskNOW / Lync 2013 Configuration
Posted Aug 25, 2015
Authored by Keith Beucler

This guide is to help others integrate their Microsoft 2013 Lync systems with AsteriskNOW for use with non-Lync compatible SIP providers.

tags | paper
MD5 | 2f38e249fae42e573b1904943fa13de5
Page2Flip 2.5 Denial Of Service
Posted Aug 25, 2015
Authored by Dr. Erlijn van Genuchten

Page2Flip version 2.5 suffers from a denial of service vulnerability.

tags | exploit, denial of service
MD5 | 88fe6158f8837fd9a540442b63209888
Dell SonicWall NetExtender 7.5.215 Privilege Escalation
Posted Aug 25, 2015
Authored by Andrew Smith of Sword and Shield

Dell SonicWall NetExtender version 7.5.215 suffers from a privilege escalation vulnerability.

tags | advisory
advisories | CVE-2015-4173
MD5 | 70d060eeb32267ce0d6185b2e84d24f3
Google Analyticator 6.4.9.4 Cross Site Scripting
Posted Aug 25, 2015
Authored by Omar Kurt

WordPress Google Analyticator plugin version 6.4.9.4 suffers from cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2015-6238
MD5 | 1d8c588a6e1d8f6af23690862b9df827
Netop Remote Control 11.52 / 12.11 Credential Issue
Posted Aug 25, 2015
Authored by Matthias Deeg

Netop Remote Control versions 11.52 and 12.11 suffer from hard-coded cryptographic key and insufficiently protected credential issues.

tags | exploit, remote
MD5 | aa1ca566a06d1f40f537574c86a22601
Pligg CMS 2.0.2 Cross Site Request Forgery
Posted Aug 25, 2015
Authored by Arash Khazaei

Pligg CMS version 2.0.2 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
advisories | CVE-2015-6655
MD5 | 7622c9552227adca42ef19796f95c8ec
ResourceSpace CMS 7.3.7009 SQL Injection
Posted Aug 25, 2015
Authored by William F. Reyor III

ResourceSpace CMS versions 7.3.7009 and below suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 3df22b9d0a8120ab074a9cb164ff22e9
UNIT4TETA TETA WEB 22.62.3.4 Session Fixation
Posted Aug 25, 2015
Authored by Lukasz Miedzinski

UNIT4TETA TETA WEB version 22.62.3.4 suffers from a session fixation vulnerability.

tags | advisory, web
advisories | CVE-2015-1174
MD5 | 538586c2662cd3f61564e0dcf66eb2c8
Red Hat Security Advisory 2015-1681-01
Posted Aug 25, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1681-01 - OpenStack Object Storage provides object storage in virtual containers, which allows users to store and retrieve files. The service's distributed architecture supports horizontal scaling; redundancy as failure-proofing is provided through software-based data replication. Because Object Storage supports asynchronous eventual consistency replication, it is well suited to multiple data-center deployment. A flaw was found in openstack-swift where an authenticated user may delete the most recent version of a versioned object regardless of ownership. To exploit this flaw an attacker most know the name of the object and have listing access to the x-versions-location container.

tags | advisory
systems | linux, redhat
advisories | CVE-2015-1856
MD5 | 5d84a41da78f8299edfb226337667e1e
Page 1 of 1
Back1Next

File Archive:

October 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    15 Files
  • 2
    Oct 2nd
    16 Files
  • 3
    Oct 3rd
    15 Files
  • 4
    Oct 4th
    15 Files
  • 5
    Oct 5th
    11 Files
  • 6
    Oct 6th
    6 Files
  • 7
    Oct 7th
    2 Files
  • 8
    Oct 8th
    1 Files
  • 9
    Oct 9th
    13 Files
  • 10
    Oct 10th
    16 Files
  • 11
    Oct 11th
    15 Files
  • 12
    Oct 12th
    23 Files
  • 13
    Oct 13th
    13 Files
  • 14
    Oct 14th
    12 Files
  • 15
    Oct 15th
    2 Files
  • 16
    Oct 16th
    16 Files
  • 17
    Oct 17th
    16 Files
  • 18
    Oct 18th
    15 Files
  • 19
    Oct 19th
    10 Files
  • 20
    Oct 20th
    7 Files
  • 21
    Oct 21st
    4 Files
  • 22
    Oct 22nd
    2 Files
  • 23
    Oct 23rd
    16 Files
  • 24
    Oct 24th
    4 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close