accept no compromises
Showing 1 - 25 of 29 RSS Feed

Files Date: 2015-11-02

Packet Storm New Exploits For October, 2015
Posted Nov 2, 2015
Authored by Todd J. | Site packetstormsecurity.com

This archive contains 166 exploits that were added to Packet Storm in October, 2015.

tags | exploit
systems | linux
MD5 | f7a8c465c3c47d8975ca49d967f015cb
Xplico Network Forensic Analysis Tool 1.1.1
Posted Nov 2, 2015
Authored by Gianluca Costa, Andrea de Franceschi | Site xplico.org

Xplico is an open source Network Forensic Analysis Tool (NFAT) that allows for data extraction from traffic captures. It supports extraction of mail from POP, IMAP, and SMTP, can extract VoIP streams, etc. This is the version that has a GUI allowing you to view photos, texts and videos contained in MMS messages.

Changes: Added MGCP dissector. IMAP bug fixed.
tags | tool, imap, forensics
systems | linux
MD5 | ce666a8bee310b268392ae99f51d67e5
actiTIME 2015.2 Privilege Escalation / Open Redirect
Posted Nov 2, 2015
Authored by LiquidWorm | Site zeroscience.mk

actiTIME 2015.2 suffers from multiple security vulnerabilities including open redirection, HTTP response splitting, and unquoted service path elevation of privilege.

tags | exploit, web, vulnerability
MD5 | d6bac3864720f887621d60d6e9c3418e
Spetnik TCPing Utility 2.1.0 Buffer Overflow
Posted Nov 2, 2015
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

If TCPing is called with an specially crafted CL argument it will cause an exception and overwrite the pointers to next SEH record and SEH handler with our buffer and malicious shellcode. Spetnik TCPing version 2.1.0 is affected.

tags | exploit, tcp, shellcode
MD5 | d105f0923bdad52b007c0d96d579cdf4
Gentoo Linux Security Advisory 201510-08
Posted Nov 2, 2015
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201510-8 - Multiple vulnerabilities have been found in cups-filters, the worst of which could lead to arbitrary code execution. Versions less than 1.0.71 are affected.

tags | advisory, arbitrary, vulnerability, code execution
systems | linux, gentoo
advisories | CVE-2015-3258, CVE-2015-3279
MD5 | 56d93cf967f9955e743003da05bac6da
Gentoo Linux Security Advisory 201510-07
Posted Nov 2, 2015
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201510-7 - Multiple vulnerabilities have been found in CUPS, the worst of which could lead to arbitrary code execution. Versions less than 2.0.3 are affected.

tags | advisory, arbitrary, vulnerability, code execution
systems | linux, gentoo
advisories | CVE-2015-1158, CVE-2015-1159
MD5 | a1f3c72e2b0964286fa3aa4219c4f808
Gentoo Linux Security Advisory 201510-06
Posted Nov 2, 2015
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201510-6 - Multiple vulnerabilities have been found in Django, the worst of which may allow a remote attacker to cause Denial of Service. Versions less than 1.8.3 are affected.

tags | advisory, remote, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2015-5143, CVE-2015-5144, CVE-2015-5145
MD5 | a4341a97716ee882ef92af010a727473
Gentoo Linux Security Advisory 201510-05
Posted Nov 2, 2015
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201510-5 - Multiple vulnerabilities have been found in MediaWiki, the worst of which may allow remote attackers to cause a Denial of Service. Versions less than 1.25.2 are affected.

tags | advisory, remote, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2015-2931, CVE-2015-2932, CVE-2015-2933, CVE-2015-2934, CVE-2015-2935, CVE-2015-2936, CVE-2015-2937, CVE-2015-2938, CVE-2015-2939, CVE-2015-2940, CVE-2015-2941, CVE-2015-2942, CVE-2015-6728, CVE-2015-6729, CVE-2015-6730, CVE-2015-6731, CVE-2015-6732, CVE-2015-6733, CVE-2015-6734, CVE-2015-6735, CVE-2015-6736, CVE-2015-6737
MD5 | b68adca516c3f867a2626b70d265e3bb
Gentoo Linux Security Advisory 201510-04
Posted Nov 2, 2015
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201510-4 - Multiple vulnerabilities have been found in tcpdump, the worst of which can allow remote attackers to cause Denial of Service condition or executive arbitrary code. Versions less than 4.7.4 are affected.

tags | advisory, remote, denial of service, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2015-0261, CVE-2015-2153, CVE-2015-2154, CVE-2015-2155
MD5 | 8339ca0e7e0bab3945e75259a312f764
Gentoo Linux Security Advisory 201510-03
Posted Nov 2, 2015
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201510-3 - Multiple vulnerabilities have been found in Wireshark, allowing attackers to cause Denial of Service condition. Versions less than 1.12.7 are affected.

tags | advisory, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2015-2187, CVE-2015-2188, CVE-2015-2189, CVE-2015-2190, CVE-2015-2191, CVE-2015-2192, CVE-2015-3182, CVE-2015-3808, CVE-2015-3809, CVE-2015-3810, CVE-2015-3811, CVE-2015-3812, CVE-2015-3813, CVE-2015-3814, CVE-2015-3815, CVE-2015-3906, CVE-2015-4651, CVE-2015-4652
MD5 | cec32f523a1b9f7b0753458e424b0853
Gentoo Linux Security Advisory 201510-02
Posted Nov 2, 2015
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201510-2 - A heap-based buffer overflow in QEMU could result in execution of arbitrary code. Versions less than 2.3.0-r4 are affected.

tags | advisory, overflow, arbitrary
systems | linux, gentoo
advisories | CVE-2015-3209, CVE-2015-3214, CVE-2015-5154, CVE-2015-5158
MD5 | 4da92efc0eb99430cf833a4562bc7557
Debian Security Advisory 3389-1
Posted Nov 2, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3389-1 - Security support for elasticsearch in jessie is hereby discontinued. The project no longer releases information on fixed security issues which allow backporting them to released versions of Debian and actively discourages from doing so.

tags | advisory
systems | linux, debian
MD5 | 76f04aaa0a00b2c33343083e22894cda
Debian Security Advisory 3381-2
Posted Nov 2, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3381-2 - Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in the execution of arbitrary code, breakouts of the Java sandbox, information disclosure, or denial of service.

tags | advisory, java, denial of service, arbitrary, vulnerability, info disclosure
systems | linux, debian
advisories | CVE-2015-4734, CVE-2015-4803, CVE-2015-4805, CVE-2015-4806, CVE-2015-4835, CVE-2015-4840, CVE-2015-4842, CVE-2015-4843, CVE-2015-4844, CVE-2015-4860, CVE-2015-4871, CVE-2015-4872, CVE-2015-4881, CVE-2015-4882, CVE-2015-4883, CVE-2015-4893, CVE-2015-4903, CVE-2015-4911
MD5 | 18dee3c41c3850666ca7518d8ccce392
Debian Security Advisory 3388-1
Posted Nov 2, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3388-1 - Several vulnerabilities were discovered in the Network Time Protocol daemon and utility programs.

tags | advisory, vulnerability, protocol
systems | linux, debian
advisories | CVE-2014-9750, CVE-2014-9751, CVE-2015-3405, CVE-2015-5146, CVE-2015-5194, CVE-2015-5195, CVE-2015-5219, CVE-2015-5300, CVE-2015-7691, CVE-2015-7692, CVE-2015-7701, CVE-2015-7702, CVE-2015-7703, CVE-2015-7704, CVE-2015-7850, CVE-2015-7852, CVE-2015-7855, CVE-2015-7871
MD5 | d8bbdd9253d9a0b5ea833e6dfa0c4a14
Debian Security Advisory 3387-1
Posted Nov 2, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3387-1 - John Stumpo discovered that OpenAFS, a distributed file system, does not fully initialize certain network packets before transmitting them. This can lead to a disclosure of the plaintext of previously processed packets.

tags | advisory
systems | linux, debian
advisories | CVE-2015-7762, CVE-2015-7763
MD5 | dfcf873b8dc495d46db6330a68385553
Debian Security Advisory 3386-1
Posted Nov 2, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3386-1 - Two vulnerabilities have been found in unzip, a de-archiver for .zip files.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2015-7696, CVE-2015-7697
MD5 | e7ed264ebecf780a44bfda6394dc426a
Debian Security Advisory 3385-1
Posted Nov 2, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3385-1 - Several issues have been discovered in the MariaDB database server. The vulnerabilities are addressed by upgrading MariaDB to the new upstream version 10.0.22.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2015-4792, CVE-2015-4802, CVE-2015-4815, CVE-2015-4816, CVE-2015-4819, CVE-2015-4826, CVE-2015-4830, CVE-2015-4836, CVE-2015-4858, CVE-2015-4861, CVE-2015-4870, CVE-2015-4879, CVE-2015-4895, CVE-2015-4913
MD5 | 48e92c645c054db9f592bada050ccacb
Python 2.7 check_multiply_size() Integer Overflow
Posted Nov 2, 2015
Authored by John Leitch

Several functions within the imageop module are vulnerable to exploitable buffer overflows due to unsafe arithmetic in check_multiply_size(). The problem exists because the check to confirm that size == product / y / x does not take remainders into account.

tags | advisory, overflow
MD5 | c0d5beed5205da28e1e53b71191859e6
Python 2.7 Hotshot pack_string Heap Buffer Overflow
Posted Nov 2, 2015
Authored by John Leitch

Python version 2.7 hotshot module suffers from a heap buffer overflow due to a memcpy in the pack_string function at line 633.

tags | exploit, overflow, python
MD5 | f1c3a22ae9e1578337b2d49d8f157aff
Python 3.6 audioop.lin2adpcm Buffer Over-Read
Posted Nov 2, 2015
Authored by John Leitch

Python versions 2.7 and 3.4 through 3.6 audioop.lin2adpcm function suffers from a buffer over-read caused by unchecked access to stepsizeTable at line 1436 of Modules\audioop.c.

tags | advisory, python
MD5 | 8fd04559881dffdf8c326ab397ef5309
Python 3.6 audioop.adpcm2lin Buffer Over-Read
Posted Nov 2, 2015
Authored by John Leitch

Python versions 2.7 and 3.4 through 3.6 audioop.adpcm2lin function suffers from a buffer over-read caused by unchecked access to stepsizeTable at line 1545 of Modules\audioop.c.

tags | advisory, python
MD5 | 8f7957712172174e8434592d61af6c90
Python 3.5 Bytearray Pop And Remove Buffer Over-Read
Posted Nov 2, 2015
Authored by John Leitch

Python versions 2.7 and 3.2 through 3.5 bytearray pop and remove methods suffer from buffer over-reads caused by memmove use under the assumption that PyByteArrayObject ob_size is less than ob_alloc, leading to a single byte over-read. This condition can be triggered by creating a bytearray from a range of length 0x10, then calling pop with a valid index.

tags | advisory, python
MD5 | d77ffcd44c3ef49ea3629c746de84811
Python 2.7 array.fromstring Use After Free
Posted Nov 2, 2015
Authored by John Leitch

Python 2.7 array.fromstring() method suffers from a use after free caused by unsafe realloc use. The issue is triggered when an array is concatenated to itself via fromstring() call.

tags | exploit, python
MD5 | 25015ebb8a6741931ddef2b587049c0b
Python 2.7 strop.replace() Integer Overflow
Posted Nov 2, 2015
Authored by John Leitch

Python version 2.7 strop.replace() method suffers from an integer overflow that can be exploited to write outside the bounds of the string buffer and potentially achieve code execution. The issue can be triggered by performing a large substitution that overflows the arithmetic used in mymemreplace() to calculate the size of the new string.

tags | exploit, overflow, code execution, python
MD5 | a3589a69b3bfc5feef80c86576cdb315
Milton Webdav 2.7.0.1 XXE Injection
Posted Nov 2, 2015
Authored by Mikhail Egorov

Milton Webdav version 2.7.0.1 suffers from an XXE injection vulnerability.

tags | exploit
advisories | CVE-2015-7326
MD5 | 7fd999695fd917692484e1f97ab1c0df
Page 1 of 2
Back12Next

File Archive:

October 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    15 Files
  • 2
    Oct 2nd
    16 Files
  • 3
    Oct 3rd
    15 Files
  • 4
    Oct 4th
    15 Files
  • 5
    Oct 5th
    11 Files
  • 6
    Oct 6th
    6 Files
  • 7
    Oct 7th
    2 Files
  • 8
    Oct 8th
    1 Files
  • 9
    Oct 9th
    13 Files
  • 10
    Oct 10th
    16 Files
  • 11
    Oct 11th
    15 Files
  • 12
    Oct 12th
    23 Files
  • 13
    Oct 13th
    13 Files
  • 14
    Oct 14th
    12 Files
  • 15
    Oct 15th
    2 Files
  • 16
    Oct 16th
    16 Files
  • 17
    Oct 17th
    16 Files
  • 18
    Oct 18th
    14 Files
  • 19
    Oct 19th
    8 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close