Exploit the possiblities
Showing 1 - 12 of 12 RSS Feed

Files Date: 2015-09-10

Faraday 1.0.14
Posted Sep 10, 2015
Authored by Francisco Amato | Site github.com

Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use the available tools in the community to take advantage of them in a multiuser way.

Changes: Removed old couchdb upgrade process. Refactored GUI Web. Various other updates and additions.
tags | tool, rootkit
systems | unix
MD5 | 9f8a930030bbbfb62072154661caa1b3
DataTables 1.10.8 Cross Site Scripting
Posted Sep 10, 2015
Authored by Onur YILMAZ

DataTables version 1.10.8 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2015-6584
MD5 | 408d9c26f1f6774ab3cf3964b9a0977c
Bugzilla Unauthorized Account Creation
Posted Sep 10, 2015
Authored by Frederic Buclin, Byron Jones, Netanel Rubin | Site bugzilla.org

Bugzilla versions 2.0 to 4.2.14, 4.3.1 to 4.4.9, and 4.5.1 to 5.0 suffer from an unauthorized account creation vulnerability.

tags | advisory
advisories | CVE-2015-4499
MD5 | 53df4eefd8d46a7e139089eeb1c05da4
Raritan PowerIQ Default Accounts
Posted Sep 10, 2015
Authored by Brandon Perry

Raritan PowerIQ ships with three default backdoor credentials left in.

tags | exploit
MD5 | 01046bb950c07865832145771f1e513e
Android Stagefright Remote Code Execution
Posted Sep 10, 2015
Authored by jduck

Android Stagefright remote code execution exploit that leverages an integer overflow in the libstagefright MP4 'stsc' atom handling.

tags | exploit, remote, overflow, code execution
advisories | CVE-2015-1538
MD5 | 5b9784faf12b2c54976352d6be571091
SAP Mobile Platform 3 XXE Injection
Posted Sep 10, 2015
Authored by Vahagn Vardanyan

SAP NetWeaver AS Java version 7.4 suffers from multiple XXE vulnerabilities. An attacker can read an arbitrary file on a server by sending a correct XML request with a crafted DTD and reading the response from the service. An attacker can perform a DoS attack (for example, XML Entity Expansion). An SMB Relay attack is a type of Man-in-the-Middle attack where the attacker asks the victim to authenticate into a machine controlled by the attacker, then relays the credentials to the target. The attacker forwards the authentication information both ways and gets access.

tags | exploit, java, arbitrary, vulnerability
advisories | CVE-2015-5068
MD5 | 657faf02c150c84915a87df7ddc595dd
HP Security Bulletin HPSBOV03505 1
Posted Sep 10, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBOV03505 1 - Potential security vulnerabilities have been identified with the TCP/IP Services for OpenVMS running NTP. These vulnerabilities could be exploited remotely to allow unauthenticated attackers to execute code with the privileges of ntpd or cause a Denial of Service (DoS). Revision 1 of this advisory.

tags | advisory, denial of service, tcp, vulnerability
advisories | CVE-2013-5211, CVE-2014-9293, CVE-2014-9294, CVE-2014-9295, CVE-2014-9296
MD5 | 509857457f500e317efd338ea6b2b9b2
Synology Download Station 3.5-2956 / 3.5-2962 Cross Site Scripting
Posted Sep 10, 2015
Authored by Securify B.V., Han Sahin

Synology Download Station versions 3.5-2956 and 3.5-2962 suffer from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
systems | linux
MD5 | a796d2461c7e924ed0d96630e9e71583
Synology Video Station 1.5-0757 Command Injection / SQL Injection
Posted Sep 10, 2015
Authored by Securify B.V., Han Sahin

Synology Video Station version 1.5-0757 suffers from remote command injection and SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
MD5 | 2d70ccd0c21c161323f8483a0c458393
HP Security Bulletin HPSBGN03504 1
Posted Sep 10, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN03504 1 - Potential security vulnerabilities have been identified in HP UCMDB which would allow local disclosure of sensitive information. Revision 1 of this advisory.

tags | advisory, local, vulnerability
advisories | CVE-2015-5440
MD5 | 588219b676305dabfbebcdfd7af7b146
SAP NetWeaver AS LSCT1I13 ABAP Hardcoded Credentials
Posted Sep 10, 2015
Authored by Diana Grigorieva, Rustem Gazizov

An attacker can use hardcoded credentials to get unauthorized access and perform various actions in the NetWeaver AS ABAP. In addition, it is likely that the code will be implemented into the system as a backdoor.

tags | exploit
MD5 | 7a428a49e9f2f40459be8f702879d99b
SAP NetWeaver AS FKCDBFTRACE ABAP Hardcoded Credentials
Posted Sep 10, 2015
Authored by Diana Grigorieva, Rustem Gazizov

SAP NetWeaver AS ABAP contains a hardcoded username that changes the system's behavior if the user is authenticated successfully. The user may obtain additional information that should not be displayed.

tags | exploit
MD5 | 0d8e2bb51994ef4309298804d75a3eb9
Page 1 of 1
Back1Next

File Archive:

November 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    22 Files
  • 2
    Nov 2nd
    28 Files
  • 3
    Nov 3rd
    10 Files
  • 4
    Nov 4th
    1 Files
  • 5
    Nov 5th
    5 Files
  • 6
    Nov 6th
    15 Files
  • 7
    Nov 7th
    15 Files
  • 8
    Nov 8th
    13 Files
  • 9
    Nov 9th
    9 Files
  • 10
    Nov 10th
    9 Files
  • 11
    Nov 11th
    3 Files
  • 12
    Nov 12th
    2 Files
  • 13
    Nov 13th
    15 Files
  • 14
    Nov 14th
    17 Files
  • 15
    Nov 15th
    19 Files
  • 16
    Nov 16th
    15 Files
  • 17
    Nov 17th
    19 Files
  • 18
    Nov 18th
    4 Files
  • 19
    Nov 19th
    2 Files
  • 20
    Nov 20th
    9 Files
  • 21
    Nov 21st
    15 Files
  • 22
    Nov 22nd
    23 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close