exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 12 of 12 RSS Feed

Files Date: 2015-09-10

Faraday 1.0.14
Posted Sep 10, 2015
Authored by Francisco Amato | Site github.com

Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use the available tools in the community to take advantage of them in a multiuser way.

Changes: Removed old couchdb upgrade process. Refactored GUI Web. Various other updates and additions.
tags | tool, rootkit
systems | unix
SHA-256 | 839f26db7940b505813ce047ddd26ae71f41b83ecb0aa74057ebfdc424b8057e
DataTables 1.10.8 Cross Site Scripting
Posted Sep 10, 2015
Authored by Onur YILMAZ | Site netsparker.com

DataTables version 1.10.8 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2015-6584
SHA-256 | 6cd21f79315d30a1b359765391dfb3f782051055833ef64c67d853284309a86b
Bugzilla Unauthorized Account Creation
Posted Sep 10, 2015
Authored by Frederic Buclin, Byron Jones, Netanel Rubin | Site bugzilla.org

Bugzilla versions 2.0 to 4.2.14, 4.3.1 to 4.4.9, and 4.5.1 to 5.0 suffer from an unauthorized account creation vulnerability.

tags | advisory
advisories | CVE-2015-4499
SHA-256 | 9b1272725e4045835294ef9f644a6664c5657f9a14374d95b6685f5bdc61cc69
Raritan PowerIQ Default Accounts
Posted Sep 10, 2015
Authored by Brandon Perry

Raritan PowerIQ ships with three default backdoor credentials left in.

tags | exploit
SHA-256 | 2dcd98105d78a18b206ac52d081745dcf42c639e862b7b25a8d8a0c7ab5e2c5e
Android Stagefright Remote Code Execution
Posted Sep 10, 2015
Authored by jduck

Android Stagefright remote code execution exploit that leverages an integer overflow in the libstagefright MP4 'stsc' atom handling.

tags | exploit, remote, overflow, code execution
advisories | CVE-2015-1538
SHA-256 | f67b80af5b935bc038028c58afef32987821b769236699aed6fdf96d9c690c1d
SAP Mobile Platform 3 XXE Injection
Posted Sep 10, 2015
Authored by Vahagn Vardanyan

SAP NetWeaver AS Java version 7.4 suffers from multiple XXE vulnerabilities. An attacker can read an arbitrary file on a server by sending a correct XML request with a crafted DTD and reading the response from the service. An attacker can perform a DoS attack (for example, XML Entity Expansion). An SMB Relay attack is a type of Man-in-the-Middle attack where the attacker asks the victim to authenticate into a machine controlled by the attacker, then relays the credentials to the target. The attacker forwards the authentication information both ways and gets access.

tags | exploit, java, arbitrary, vulnerability, xxe
advisories | CVE-2015-5068
SHA-256 | 02e1d0a4e09aea20fa9d257a9bab83f794b1d6fbe455cfe78e609b89f08f57bd
HP Security Bulletin HPSBOV03505 1
Posted Sep 10, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBOV03505 1 - Potential security vulnerabilities have been identified with the TCP/IP Services for OpenVMS running NTP. These vulnerabilities could be exploited remotely to allow unauthenticated attackers to execute code with the privileges of ntpd or cause a Denial of Service (DoS). Revision 1 of this advisory.

tags | advisory, denial of service, tcp, vulnerability
advisories | CVE-2013-5211, CVE-2014-9293, CVE-2014-9294, CVE-2014-9295, CVE-2014-9296
SHA-256 | 6bb3a5080fcc5cd3fa3ca04240ae84814580d927317fa3a57b6645ecaeda982a
Synology Download Station 3.5-2956 / 3.5-2962 Cross Site Scripting
Posted Sep 10, 2015
Authored by Securify B.V., Han Sahin

Synology Download Station versions 3.5-2956 and 3.5-2962 suffer from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
systems | linux
SHA-256 | c2bfa3b4753d3bfb8fc02e1ef6ea305c761e7d81544de79d1fd8cda1c49d9791
Synology Video Station 1.5-0757 Command Injection / SQL Injection
Posted Sep 10, 2015
Authored by Securify B.V., Han Sahin

Synology Video Station version 1.5-0757 suffers from remote command injection and SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
SHA-256 | ac383a126c2810f16ff4b122239d9b71076731a6600a7af65e183e0544582edc
HP Security Bulletin HPSBGN03504 1
Posted Sep 10, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN03504 1 - Potential security vulnerabilities have been identified in HP UCMDB which would allow local disclosure of sensitive information. Revision 1 of this advisory.

tags | advisory, local, vulnerability
advisories | CVE-2015-5440
SHA-256 | d856fbc92cc35abc7930a4225181001200de1c1addd95bbef8898f5b7dad5f88
SAP NetWeaver AS LSCT1I13 ABAP Hardcoded Credentials
Posted Sep 10, 2015
Authored by Diana Grigorieva, Rustem Gazizov

An attacker can use hardcoded credentials to get unauthorized access and perform various actions in the NetWeaver AS ABAP. In addition, it is likely that the code will be implemented into the system as a backdoor.

tags | exploit
SHA-256 | 5a75b13440345faa89ce27ef064614c82121ab50b4b42ab3b21bb4420ecb4fcf
SAP NetWeaver AS FKCDBFTRACE ABAP Hardcoded Credentials
Posted Sep 10, 2015
Authored by Diana Grigorieva, Rustem Gazizov

SAP NetWeaver AS ABAP contains a hardcoded username that changes the system's behavior if the user is authenticated successfully. The user may obtain additional information that should not be displayed.

tags | exploit
SHA-256 | f09b401a94dc0abc65731e388b4e547146fdc661d853f92abd976848dbd808a1
Page 1 of 1
Back1Next

File Archive:

August 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    20 Files
  • 2
    Aug 2nd
    4 Files
  • 3
    Aug 3rd
    6 Files
  • 4
    Aug 4th
    55 Files
  • 5
    Aug 5th
    16 Files
  • 6
    Aug 6th
    0 Files
  • 7
    Aug 7th
    0 Files
  • 8
    Aug 8th
    13 Files
  • 9
    Aug 9th
    0 Files
  • 10
    Aug 10th
    0 Files
  • 11
    Aug 11th
    0 Files
  • 12
    Aug 12th
    0 Files
  • 13
    Aug 13th
    0 Files
  • 14
    Aug 14th
    0 Files
  • 15
    Aug 15th
    0 Files
  • 16
    Aug 16th
    0 Files
  • 17
    Aug 17th
    0 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close