seeing is believing
Showing 1 - 17 of 17 RSS Feed

Files Date: 2015-11-03

Redis Remote Command Execution
Posted Nov 3, 2015
Authored by Antirez | Site antirez.com

Redis has eloquently explained how it can be used for remote command execution if not securely configured to mitigate arbitrary access.

tags | exploit, remote, arbitrary, code execution
MD5 | 4bd5ec0bc1f3b82fc84f8b049b8e3eb3
HP Security Bulletin HPSBGN03426 1
Posted Nov 3, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN03426 1 - A potential security vulnerability has been identified with HP Mobility Software (MSM). This is the GNU C Library (glibc) vulnerability known as "GHOST" which could be exploited remotely resulting in execution of arbitrary code. Revision 1 of this advisory.

tags | advisory, arbitrary
advisories | CVE-2015-0235
MD5 | 5b7c45b8fa1fadaba27a006d85f33ee4
Debian Security Advisory 3355-2
Posted Nov 3, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3355-2 - The previous update for libvdpau, DSA-3355-1, introduced a regression in the stable distribution (jessie) causing a segmentation fault when the DRI_PRIME environment variable is set.

tags | advisory
systems | linux, debian
MD5 | d2f2fa76e6e2b9e6f889c7b2c4c409d0
HP Security Bulletin HPSBMU03518 1
Posted Nov 3, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU03518 1 - A potential security vulnerability has been identified with HP Vertica. The vulnerability could be exploited remotely resulting in code execution. Revision 1 of this advisory.

tags | advisory, code execution
advisories | CVE-2015-6867
MD5 | b046e95b4f2978f8a470238c2735e397
Debian Security Advisory 3390-1
Posted Nov 3, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3390-1 - It was discovered that the code to validate level 2 page table entries is bypassed when certain conditions are satisfied. A malicious PV guest administrator can take advantage of this flaw to gain privileges via a crafted superpage mapping.

tags | advisory
systems | linux, debian
advisories | CVE-2015-7835
MD5 | 834d48f97eb8aa1273069c0dae191155
Gentoo Linux Security Advisory 201511-01
Posted Nov 3, 2015
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201511-1 - An attacker who already had access to the environment could so append values to parameters passed through programs. Versions less than 50c are affected.

tags | advisory
systems | linux, gentoo
MD5 | 81c757d666c53c3443d18255bf7e8dc1
Alcatel-Lucent Home Device Manager Spoofing
Posted Nov 3, 2015
Authored by Dr. Ulrich Fiedler | Site swisscom.ch

A vulnerability has been discovered in the TR069 protocol that can potentially affect all Automatic Configuration Servers (ACS). The issue has been fixed in the Home Device Manager (HDM) product from Alcatel-Lucent with an anti-spoofing filter. HDM allows service providers to remotely manage CPEs, such as residential gateways, IP set-top boxes, and VoIP terminal adapters that comprise a home networking environment. The vulnerability allows an attacker to perform impersonation attacks by spoofing CPE using tr-069 (cwmp) Protocol. An attacker could gain unauthorized access to third-party SIP Credentials for the spoofed device and perform illegal activities (phone fraud). The vulnerability has been tested and confirmed. Versions prior to 4.1.10 may be affected.

tags | advisory, spoof, protocol
advisories | CVE-2015-6498
MD5 | 0d4969094c3655283cb43d570bec43e6
Chyrp CMS 2.5.2 Cross Site Scripting
Posted Nov 3, 2015
Authored by Tim Coen | Site curesec.com

Chyrp CMS version 2.5.2 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 201dd30a17ed478a0d1b06e952dbfc0d
SQL Buddy 1.3.3 Cross Site Scripting
Posted Nov 3, 2015
Authored by Tim Coen | Site curesec.com

SQL Buddy version 1.3.3 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | df32394bb1f1bbff92d532144d06d971
SQL Buddy 1.3.3 Cross Site Request Forgery
Posted Nov 3, 2015
Authored by Tim Coen | Site curesec.com

SQL Buddy version 1.3.3 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | dbc684b7f1e0b0135981401fbe986758
DAVOSET 1.2.6
Posted Nov 3, 2015
Authored by MustLive

DAVOSET is a tool for committing distributed denial of service attacks using execution on other sites.

Changes: Added support of comments in the lists. Various other updates.
tags | tool, denial of service
MD5 | 9a7f2fba63505cc794c1bd9a696fb8cd
Linksys X2000 Command Execution
Posted Nov 3, 2015
Authored by Lorenzo Pistone

The Linksys X2000 suffers from a remote, unauthenticated command execution vulnerability that scores root privileges.

tags | exploit, remote, root
MD5 | 5db17d5fe524fd0f34d24ad23fef1f90
Samsung Galaxy S6 Android.media.process Face Recognition Memory Corruption
Posted Nov 3, 2015
Authored by Google Security Research, natashenka

Samsung Galaxy S6 Android.media.process face recognition memory corruption proof of concept exploit.

tags | exploit, proof of concept
systems | linux
advisories | CVE-2015-7897
MD5 | f6f4ce12e0194b75eb288e879eeca714
Samsung LibQjpeg Image Decoding Memory Corruption
Posted Nov 3, 2015
Authored by Google Security Research, natashenka

Samsung LibQjpeg suffers from a memory corruption vulnerability in the DCMProvider service when decoding an image.

tags | exploit
systems | linux
advisories | CVE-2015-7894
MD5 | 44d2610f1692d4238ae96f2b332b415f
Samsung Galaxy S6 LibQjpeg DoIntegralUpsample Crash
Posted Nov 3, 2015
Authored by Google Security Research, natashenka

Samsung Galaxy S6 LibQjpeg memory corruption proof of concept exploit.

tags | exploit, proof of concept
systems | linux
advisories | CVE-2015-7896
MD5 | e864ae62b2e6a520546674e7aa350a53
TeleGraph.co.uk Cross Site Scripting
Posted Nov 3, 2015
Authored by Jing Wang

TeleGraph.co.uk suffered from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 81e19ab474d163f223e7fb8016489f41
Daily Mail Unvalidated Redirect / Cross Site Scripting
Posted Nov 3, 2015
Authored by Jing Wang

Various Daily Mail sites suffered from unvalidated redirect and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | bd8af27dea033a9e4e53fe5370ce1b5a
Page 1 of 1
Back1Next

File Archive:

August 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    20 Files
  • 2
    Aug 2nd
    30 Files
  • 3
    Aug 3rd
    20 Files
  • 4
    Aug 4th
    17 Files
  • 5
    Aug 5th
    4 Files
  • 6
    Aug 6th
    2 Files
  • 7
    Aug 7th
    15 Files
  • 8
    Aug 8th
    18 Files
  • 9
    Aug 9th
    10 Files
  • 10
    Aug 10th
    24 Files
  • 11
    Aug 11th
    10 Files
  • 12
    Aug 12th
    3 Files
  • 13
    Aug 13th
    3 Files
  • 14
    Aug 14th
    10 Files
  • 15
    Aug 15th
    16 Files
  • 16
    Aug 16th
    18 Files
  • 17
    Aug 17th
    15 Files
  • 18
    Aug 18th
    4 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close