Twenty Year Anniversary
Showing 1 - 12 of 12 RSS Feed

Files Date: 2015-10-09

Debian Security Advisory 3371-1
Posted Oct 9, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3371-1 - Frediano Ziglio of Red Hat discovered several vulnerabilities in spice, a SPICE protocol client and server library. A malicious guest can exploit these flaws to cause a denial of service (QEMU process crash), execute arbitrary code on the host with the privileges of the hosting QEMU process or read and write arbitrary memory locations on the host.

tags | advisory, denial of service, arbitrary, vulnerability, protocol
systems | linux, redhat, debian
advisories | CVE-2015-5260, CVE-2015-5261
MD5 | 0a8640ae0c4fe4e4f0bb05c6a37f92b4
Joomla! CMS 3.4.3 Cross Site Scripting
Posted Oct 9, 2015
Authored by cfreer, 0keeteam

Joomla! CMS versions 3.4.0 through 3.4.3 suffer from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2015-6939
MD5 | b2ef16730211f85d0e379267b5653f3a
Veeam Backup And Replication 6 / 7 / 8 Privilege Escalation
Posted Oct 9, 2015
Authored by Francesco Ongaro, Antonio Parata, Pasquale Florillo

Veeam Backup and Replications versions 6 through 8 suffer from log disclosure and broken password security vulnerabilities.

tags | exploit, vulnerability
advisories | CVE-2015-5742
MD5 | 616bb3bf679680cb90e254acd7e025b1
Red Hat Security Advisory 2015-1862-01
Posted Oct 9, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1862-01 - Red Hat Enterprise Linux OpenStack Platform director provides the facilities for deploying and monitoring a private or public infrastructure-as-a-service cloud based on Red Hat Enterprise Linux OpenStack Platform. A flaw was discovered in the pipeline ordering of OpenStack Object Storage's staticweb middleware in the swiftproxy configuration generated from the openstack-tripleo-heat-templates package. The staticweb middleware was incorrectly configured before the Identity Service, and under some conditions an attacker could use this flaw to gain unauthenticated access to private data.

tags | advisory
systems | linux, redhat
advisories | CVE-2015-5271
MD5 | 86895c690af6dbbd27cabc5524b5fc25
Red Hat Security Advisory 2015-1876-01
Posted Oct 9, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1876-01 - Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as possible and adhering to the DRY principle. It was found that Django incorrectly handled the session store. A session could be created by anonymously accessing the django.contrib.auth.views.logout view if it was not decorated correctly with django.contrib.auth.decorators.login_required. A remote attacker could use this flaw to fill up the session store or cause other users' session records to be evicted by requesting a large number of new sessions.

tags | advisory, remote, web, python
systems | linux, redhat
advisories | CVE-2015-5963
MD5 | 70e34538ca7c87410fe05cbd109b48c1
Buffalo LinkStation 1.34 / 1.69 / 1.70 Authentication Bypass
Posted Oct 9, 2015
Site redteam-pentesting.de

An authentication bypass vulnerability in the web interface of a Buffalo LinkStation Duo Network Attached Storage (NAS) device allows unauthenticated attackers to gain administrative privileges. This puts the confidentiality and integrity of the stored data as well as the integrity of the device configuration at high risk.

tags | exploit, web, bypass
MD5 | 46a00a823c1b663b73de732875a392ed
Kaspersky Internet Security Network Attack Blocker Design Flaw
Posted Oct 9, 2015
Authored by Tavis Ormandy, Google Security Research

A component of Kaspersky Internet Security that's enabled by default is called the "Network Attack Blocker", described as "protects the computer against dangerous network activity". This researcher examined the implementation, and determined that it's actually a simple stateless packet filter with a pattern-matching signature system.

tags | exploit
systems | linux
MD5 | 61cbb3a24d0be3b1e08e6388c43b3941
W150D Wireless N 150 Cross Site Request Forgery
Posted Oct 9, 2015
Authored by Lawrence Amer | Site vulnerability-lab.com

The W150D Wireless N 150 ADSL2 modem router suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | 4d9a9c66d75d677fdb679efd4cba35ce
VeryPDF Image2PDF Converter SEH Buffer Overflow
Posted Oct 9, 2015
Authored by Robbie Corley

VeryPDF Image2PDF Converter SEH buffer oevrflow exploit that spawns messagebox shellcode.

tags | exploit, overflow, shellcode
MD5 | c62782358d219fe211f4a307e53904c0
FreeYouTubeToMP3 Converter 4.0.1 Buffer Overflow
Posted Oct 9, 2015
Authored by ZwX | Site vulnerability-lab.com

FreeYouTubeToMP3 Converter version 4.0.1 suffers from a buffer overflow vulnerability.

tags | exploit, overflow
MD5 | 85440c9f5aec827c7bf4e5d7ba53a886
WebComIndia CMS 2015Q4 Authentication Bypass
Posted Oct 9, 2015
Authored by Aaditya Purani | Site vulnerability-lab.com

WebComIndia CMS 2015Q4 suffers from an authentication bypass vulnerability via remote SQL injection.

tags | exploit, remote, sql injection, bypass
MD5 | 96ebafca1552311e5351d94e86e70cfe
PayPal Open Redirect
Posted Oct 9, 2015
Authored by Rui Silva | Site vulnerability-lab.com

PayPal suffered from an open redirect vulnerability.

tags | exploit
MD5 | 627854a0b7da3e777f944d5d389a9efa
Page 1 of 1
Back1Next

File Archive:

September 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    1 Files
  • 2
    Sep 2nd
    3 Files
  • 3
    Sep 3rd
    15 Files
  • 4
    Sep 4th
    15 Files
  • 5
    Sep 5th
    18 Files
  • 6
    Sep 6th
    18 Files
  • 7
    Sep 7th
    15 Files
  • 8
    Sep 8th
    2 Files
  • 9
    Sep 9th
    2 Files
  • 10
    Sep 10th
    16 Files
  • 11
    Sep 11th
    17 Files
  • 12
    Sep 12th
    15 Files
  • 13
    Sep 13th
    29 Files
  • 14
    Sep 14th
    21 Files
  • 15
    Sep 15th
    3 Files
  • 16
    Sep 16th
    1 Files
  • 17
    Sep 17th
    15 Files
  • 18
    Sep 18th
    16 Files
  • 19
    Sep 19th
    29 Files
  • 20
    Sep 20th
    18 Files
  • 21
    Sep 21st
    5 Files
  • 22
    Sep 22nd
    2 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close