Exploit the possiblities
Showing 1 - 12 of 12 RSS Feed

Files Date: 2015-10-09

Debian Security Advisory 3371-1
Posted Oct 9, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3371-1 - Frediano Ziglio of Red Hat discovered several vulnerabilities in spice, a SPICE protocol client and server library. A malicious guest can exploit these flaws to cause a denial of service (QEMU process crash), execute arbitrary code on the host with the privileges of the hosting QEMU process or read and write arbitrary memory locations on the host.

tags | advisory, denial of service, arbitrary, vulnerability, protocol
systems | linux, redhat, debian
advisories | CVE-2015-5260, CVE-2015-5261
MD5 | 0a8640ae0c4fe4e4f0bb05c6a37f92b4
Joomla! CMS 3.4.3 Cross Site Scripting
Posted Oct 9, 2015
Authored by cfreer, 0keeteam

Joomla! CMS versions 3.4.0 through 3.4.3 suffer from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2015-6939
MD5 | b2ef16730211f85d0e379267b5653f3a
Veeam Backup And Replication 6 / 7 / 8 Privilege Escalation
Posted Oct 9, 2015
Authored by Francesco Ongaro, Antonio Parata, Pasquale Florillo

Veeam Backup and Replications versions 6 through 8 suffer from log disclosure and broken password security vulnerabilities.

tags | exploit, vulnerability
advisories | CVE-2015-5742
MD5 | 616bb3bf679680cb90e254acd7e025b1
Red Hat Security Advisory 2015-1862-01
Posted Oct 9, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1862-01 - Red Hat Enterprise Linux OpenStack Platform director provides the facilities for deploying and monitoring a private or public infrastructure-as-a-service cloud based on Red Hat Enterprise Linux OpenStack Platform. A flaw was discovered in the pipeline ordering of OpenStack Object Storage's staticweb middleware in the swiftproxy configuration generated from the openstack-tripleo-heat-templates package. The staticweb middleware was incorrectly configured before the Identity Service, and under some conditions an attacker could use this flaw to gain unauthenticated access to private data.

tags | advisory
systems | linux, redhat
advisories | CVE-2015-5271
MD5 | 86895c690af6dbbd27cabc5524b5fc25
Red Hat Security Advisory 2015-1876-01
Posted Oct 9, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1876-01 - Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as possible and adhering to the DRY principle. It was found that Django incorrectly handled the session store. A session could be created by anonymously accessing the django.contrib.auth.views.logout view if it was not decorated correctly with django.contrib.auth.decorators.login_required. A remote attacker could use this flaw to fill up the session store or cause other users' session records to be evicted by requesting a large number of new sessions.

tags | advisory, remote, web, python
systems | linux, redhat
advisories | CVE-2015-5963
MD5 | 70e34538ca7c87410fe05cbd109b48c1
Buffalo LinkStation 1.34 / 1.69 / 1.70 Authentication Bypass
Posted Oct 9, 2015
Site redteam-pentesting.de

An authentication bypass vulnerability in the web interface of a Buffalo LinkStation Duo Network Attached Storage (NAS) device allows unauthenticated attackers to gain administrative privileges. This puts the confidentiality and integrity of the stored data as well as the integrity of the device configuration at high risk.

tags | exploit, web, bypass
MD5 | 46a00a823c1b663b73de732875a392ed
Kaspersky Internet Security Network Attack Blocker Design Flaw
Posted Oct 9, 2015
Authored by Tavis Ormandy, Google Security Research

A component of Kaspersky Internet Security that's enabled by default is called the "Network Attack Blocker", described as "protects the computer against dangerous network activity". This researcher examined the implementation, and determined that it's actually a simple stateless packet filter with a pattern-matching signature system.

tags | exploit
systems | linux
MD5 | 61cbb3a24d0be3b1e08e6388c43b3941
W150D Wireless N 150 Cross Site Request Forgery
Posted Oct 9, 2015
Authored by Lawrence Amer | Site vulnerability-lab.com

The W150D Wireless N 150 ADSL2 modem router suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | 4d9a9c66d75d677fdb679efd4cba35ce
VeryPDF Image2PDF Converter SEH Buffer Overflow
Posted Oct 9, 2015
Authored by Robbie Corley

VeryPDF Image2PDF Converter SEH buffer oevrflow exploit that spawns messagebox shellcode.

tags | exploit, overflow, shellcode
MD5 | c62782358d219fe211f4a307e53904c0
FreeYouTubeToMP3 Converter 4.0.1 Buffer Overflow
Posted Oct 9, 2015
Authored by ZwX | Site vulnerability-lab.com

FreeYouTubeToMP3 Converter version 4.0.1 suffers from a buffer overflow vulnerability.

tags | exploit, overflow
MD5 | 85440c9f5aec827c7bf4e5d7ba53a886
WebComIndia CMS 2015Q4 Authentication Bypass
Posted Oct 9, 2015
Authored by Aaditya Purani | Site vulnerability-lab.com

WebComIndia CMS 2015Q4 suffers from an authentication bypass vulnerability via remote SQL injection.

tags | exploit, remote, sql injection, bypass
MD5 | 96ebafca1552311e5351d94e86e70cfe
PayPal Open Redirect
Posted Oct 9, 2015
Authored by Rui Silva | Site vulnerability-lab.com

PayPal suffered from an open redirect vulnerability.

tags | exploit
MD5 | 627854a0b7da3e777f944d5d389a9efa
Page 1 of 1
Back1Next

File Archive:

December 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    15 Files
  • 2
    Dec 2nd
    2 Files
  • 3
    Dec 3rd
    1 Files
  • 4
    Dec 4th
    15 Files
  • 5
    Dec 5th
    15 Files
  • 6
    Dec 6th
    18 Files
  • 7
    Dec 7th
    17 Files
  • 8
    Dec 8th
    15 Files
  • 9
    Dec 9th
    13 Files
  • 10
    Dec 10th
    4 Files
  • 11
    Dec 11th
    41 Files
  • 12
    Dec 12th
    44 Files
  • 13
    Dec 13th
    25 Files
  • 14
    Dec 14th
    15 Files
  • 15
    Dec 15th
    28 Files
  • 16
    Dec 16th
    3 Files
  • 17
    Dec 17th
    13 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close