what you don't know can hurt you
Showing 1 - 19 of 19 RSS Feed

Files Date: 2015-10-02

FTGate 2009 SR3 Cross Site Scripting
Posted Oct 2, 2015
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

FTGate 2009 SR3 May 13 2010 Build 6.4.000 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 61406f5d7dfc72915045414559d870e3
FTGate 7 Cross Site Request Forgery
Posted Oct 2, 2015
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

FTGate version 7 suffers from multiple cross site request forgery vulnerabilities.

tags | exploit, vulnerability, csrf
MD5 | f2f12f59b0a461caf943373f60ace7f7
Kaseya VSA uploader.aspx Arbitrary File Upload
Posted Oct 2, 2015
Authored by Pedro Ribeiro | Site metasploit.com

This Metasploit module exploits an arbitrary file upload vulnerability found in Kaseya VSA versions between 7 and 9.1. A malicious unauthenticated user can upload an ASP file to an arbitrary directory leading to arbitrary code execution with IUSR privileges. This Metasploit module has been tested with Kaseya v7.0.0.17, v8.0.0.10 and v9.0.0.3.

tags | exploit, arbitrary, code execution, asp, file upload
advisories | CVE-2015-6922
MD5 | 1ed310adae7ef7d86de486f92950fe9d
Zemra Botnet CnC Web Panel Remote Code Execution
Posted Oct 2, 2015
Authored by Angel Injection, Jay Turla, Darren Martyn | Site metasploit.com

This Metasploit module exploits the CnC web panel of Zemra Botnet which contains a backdoor inside its leaked source code. Zemra is a crimeware bot that can be used to conduct DDoS attacks and is detected by Symantec as Backdoor.Zemra.

tags | exploit, web
MD5 | 2c059af704cb84792d8481c724a0935f
Simple Backdoor Shell Remote Code Execution
Posted Oct 2, 2015
Authored by Jay Turla | Site metasploit.com

This Metasploit module exploits unauthenticated simple web backdoor shells by leveraging the common backdoor shell's CMD parameter to execute commands. The SecLists project of Daniel Miessler and Jason Haddix has a lot of samples for these kind of backdoor shells which is categorized under Payloads.

tags | exploit, web, shell
MD5 | 8e8c3251abad650a5886af13f520367e
Ubuntu Security Notice USN-2760-1
Posted Oct 2, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2760-1 - It was discovered that an integer overflow error existed in the SCSI generic (sg) driver in the Linux kernel. A local attacker with write permission to a SCSI generic device could use this to cause a denial of service (system crash) or potentially escalate their privileges. Lureau discovered that the vhost driver did not properly release the userspace provided log file descriptor. A privileged attacker could use this to cause a denial of service (resource exhaustion). Various other issues were also addressed.

tags | advisory, denial of service, overflow, kernel, local
systems | linux, ubuntu
advisories | CVE-2015-5707, CVE-2015-6252, CVE-2015-6526
MD5 | cd905a2a5a055417605192f3141e5873
Ubuntu Security Notice USN-2759-1
Posted Oct 2, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2759-1 - It was discovered that an integer overflow error existed in the SCSI generic (sg) driver in the Linux kernel. A local attacker with write permission to a SCSI generic device could use this to cause a denial of service (system crash) or potentially escalate their privileges. Lureau discovered that the vhost driver did not properly release the userspace provided log file descriptor. A privileged attacker could use this to cause a denial of service (resource exhaustion). Various other issues were also addressed.

tags | advisory, denial of service, overflow, kernel, local
systems | linux, ubuntu
advisories | CVE-2015-5707, CVE-2015-6252, CVE-2015-6526
MD5 | 9248d4f58953791deec1c59a9dab1077
Red Hat Security Advisory 2015-1855-01
Posted Oct 2, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1855-01 - Red Hat Ceph Storage is a massively scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system with a Ceph management platform, deployment tools, and support services. The mod_proxy_fcgi package provides a proxy module for the Apache 2.2 HTTP server. A buffer overflow flaw was found in mod_proxy_fcgi's handle_headers() function. A malicious FastCGI server that httpd is configured to connect to could send a carefully crafted response that would cause an httpd child process handling the request to crash.

tags | advisory, web, overflow
systems | linux, redhat
advisories | CVE-2014-3583
MD5 | 937e65e44e812ebc687c9d8a45fb63f8
Red Hat Security Advisory 2015-1858-01
Posted Oct 2, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1858-01 - Red Hat Ceph Storage is a massively scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system with a Ceph management platform, deployment tools, and support services. The mod_proxy_fcgi package provides a proxy module for the Apache 2.2 HTTP server. A buffer overflow flaw was found in mod_proxy_fcgi's handle_headers() function. A malicious FastCGI server that httpd is configured to connect to could send a carefully crafted response that would cause an httpd child process handling the request to crash.

tags | advisory, web, overflow
systems | linux, redhat
advisories | CVE-2014-3583
MD5 | 1a6216882dd23e4cc44072ba65eea241
HP Security Bulletin HPSBPV03516 1
Posted Oct 2, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBPV03516 1 - A potential security vulnerability has been identified with the HP VAN SDN Controller running SSLv3. This is the SSLv3 vulnerability known as "Padding Oracle on Downgraded Legacy Encryption" also known as "Poodle", which could be exploited remotely resulting in disclosure of privileged information. Revision 1 of this advisory.

tags | advisory
advisories | CVE-2014-8730
MD5 | c4a0045c9514d4375b5193534575027e
FTGate 2009 SR3 Denial Of Service
Posted Oct 2, 2015
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

FTGate 2009 SR3 May 13 2010 Build 6.4.000 suffers from multiple denial of service vulnerabilities.

tags | exploit, denial of service, vulnerability
MD5 | 0450e971cf6487d64691a28ec761f879
Bosch Security Systems Dinion NBN-498 XML Injection
Posted Oct 2, 2015
Authored by neom22

The Bosch Security Systems Dinion NBN-498 web interface suffers from an XML injection vulnerability.

tags | exploit, web, xxe
advisories | CVE-2015-6970
MD5 | 2be8d4c957d6d70f5bb7f5dc2e816358
PIXORD Vehicle 3G Wi-Fi Router Command Injection / Information Disclosure
Posted Oct 2, 2015
Authored by Karn Ganeshen

PIXORD Vehicle 3G Wi-Fi Router suffers from OS command injection, information disclosure, and various other vulnerabilities.

tags | exploit, info disclosure
MD5 | f75891dcf39bc597bbb65661d87a78af
FTGate 2009 SR3 Cross Site Request Forgery
Posted Oct 2, 2015
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

FTGate 2009 SR3 May 13 2010 Build 6.4.00 suffers from multiple cross site request forgery vulnerabilities.

tags | exploit, vulnerability, csrf
MD5 | 9154bcf2c0c0b98bfa52c2c28f8e81e5
Tempracer Windows Race Condition Tool
Posted Oct 2, 2015
Authored by Alexander Georgiev

This tool helps exploit race conditions on Windows filesystems.

systems | windows
MD5 | ffd56d633201e4f5f4bac8db6bfa20a3
WinRAR Settings Import Command Execution
Posted Oct 2, 2015
Authored by R-73eN

WinRAR settings import command execution proof of concept exploit.

tags | exploit, proof of concept
MD5 | f453221b6cc219b9fa544217fe9dba67
vCenter Java JMX/RMI Remote Code Execution
Posted Oct 2, 2015
Authored by David Stubley | Site 7elements.co.uk

VMware vCenter Server provides a centralized platform for managing your VMware vSphere environments so you can automate and deliver a virtual infrastructure. VMware vCenter was found to bind an unauthenticated JMX/RMI service to the network stack. An attacker with access can abuse the configuration to achieve remote code execution, providing SYSTEM level access to the server.

tags | advisory, remote, code execution
advisories | CVE-2015-2342
MD5 | cb35dc351ad86a496afa00b7c569b973
Pygments FontManager._get_nix_font_path Shell Injection
Posted Oct 2, 2015
Authored by Javantea

Pygments FontManager._get_nix_font_path version 1.2.2-2.0.2 suffers from a shell injection vulnerability.

tags | advisory, shell
MD5 | dc4d323204e5628ee7b285698adfb690
Telegram Denial Of Service / Bypass Limit
Posted Oct 2, 2015
Authored by Eduardo Alves

Telegram suffers from various vulnerabilities such as denial of service and time limit bypass.

tags | exploit, denial of service, vulnerability, bypass
MD5 | 8c932425e406fa04b0000b188b36b6d2
Page 1 of 1
Back1Next

File Archive:

December 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    18 Files
  • 2
    Dec 2nd
    11 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close