Twenty Year Anniversary
Showing 1 - 17 of 17 RSS Feed

Files Date: 2015-11-03

Redis Remote Command Execution
Posted Nov 3, 2015
Authored by Antirez | Site antirez.com

Redis has eloquently explained how it can be used for remote command execution if not securely configured to mitigate arbitrary access.

tags | exploit, remote, arbitrary, code execution
MD5 | 4bd5ec0bc1f3b82fc84f8b049b8e3eb3
HP Security Bulletin HPSBGN03426 1
Posted Nov 3, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN03426 1 - A potential security vulnerability has been identified with HP Mobility Software (MSM). This is the GNU C Library (glibc) vulnerability known as "GHOST" which could be exploited remotely resulting in execution of arbitrary code. Revision 1 of this advisory.

tags | advisory, arbitrary
advisories | CVE-2015-0235
MD5 | 5b7c45b8fa1fadaba27a006d85f33ee4
Debian Security Advisory 3355-2
Posted Nov 3, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3355-2 - The previous update for libvdpau, DSA-3355-1, introduced a regression in the stable distribution (jessie) causing a segmentation fault when the DRI_PRIME environment variable is set.

tags | advisory
systems | linux, debian
MD5 | d2f2fa76e6e2b9e6f889c7b2c4c409d0
HP Security Bulletin HPSBMU03518 1
Posted Nov 3, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU03518 1 - A potential security vulnerability has been identified with HP Vertica. The vulnerability could be exploited remotely resulting in code execution. Revision 1 of this advisory.

tags | advisory, code execution
advisories | CVE-2015-6867
MD5 | b046e95b4f2978f8a470238c2735e397
Debian Security Advisory 3390-1
Posted Nov 3, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3390-1 - It was discovered that the code to validate level 2 page table entries is bypassed when certain conditions are satisfied. A malicious PV guest administrator can take advantage of this flaw to gain privileges via a crafted superpage mapping.

tags | advisory
systems | linux, debian
advisories | CVE-2015-7835
MD5 | 834d48f97eb8aa1273069c0dae191155
Gentoo Linux Security Advisory 201511-01
Posted Nov 3, 2015
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201511-1 - An attacker who already had access to the environment could so append values to parameters passed through programs. Versions less than 50c are affected.

tags | advisory
systems | linux, gentoo
MD5 | 81c757d666c53c3443d18255bf7e8dc1
Alcatel-Lucent Home Device Manager Spoofing
Posted Nov 3, 2015
Authored by Dr. Ulrich Fiedler | Site swisscom.ch

A vulnerability has been discovered in the TR069 protocol that can potentially affect all Automatic Configuration Servers (ACS). The issue has been fixed in the Home Device Manager (HDM) product from Alcatel-Lucent with an anti-spoofing filter. HDM allows service providers to remotely manage CPEs, such as residential gateways, IP set-top boxes, and VoIP terminal adapters that comprise a home networking environment. The vulnerability allows an attacker to perform impersonation attacks by spoofing CPE using tr-069 (cwmp) Protocol. An attacker could gain unauthorized access to third-party SIP Credentials for the spoofed device and perform illegal activities (phone fraud). The vulnerability has been tested and confirmed. Versions prior to 4.1.10 may be affected.

tags | advisory, spoof, protocol
advisories | CVE-2015-6498
MD5 | 0d4969094c3655283cb43d570bec43e6
Chyrp CMS 2.5.2 Cross Site Scripting
Posted Nov 3, 2015
Authored by Tim Coen | Site curesec.com

Chyrp CMS version 2.5.2 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 201dd30a17ed478a0d1b06e952dbfc0d
SQL Buddy 1.3.3 Cross Site Scripting
Posted Nov 3, 2015
Authored by Tim Coen | Site curesec.com

SQL Buddy version 1.3.3 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | df32394bb1f1bbff92d532144d06d971
SQL Buddy 1.3.3 Cross Site Request Forgery
Posted Nov 3, 2015
Authored by Tim Coen | Site curesec.com

SQL Buddy version 1.3.3 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | dbc684b7f1e0b0135981401fbe986758
DAVOSET 1.2.6
Posted Nov 3, 2015
Authored by MustLive

DAVOSET is a tool for committing distributed denial of service attacks using execution on other sites.

Changes: Added support of comments in the lists. Various other updates.
tags | tool, denial of service
MD5 | 9a7f2fba63505cc794c1bd9a696fb8cd
Linksys X2000 Command Execution
Posted Nov 3, 2015
Authored by Lorenzo Pistone

The Linksys X2000 suffers from a remote, unauthenticated command execution vulnerability that scores root privileges.

tags | exploit, remote, root
MD5 | 5db17d5fe524fd0f34d24ad23fef1f90
Samsung Galaxy S6 Android.media.process Face Recognition Memory Corruption
Posted Nov 3, 2015
Authored by Google Security Research, natashenka

Samsung Galaxy S6 Android.media.process face recognition memory corruption proof of concept exploit.

tags | exploit, proof of concept
systems | linux
advisories | CVE-2015-7897
MD5 | f6f4ce12e0194b75eb288e879eeca714
Samsung LibQjpeg Image Decoding Memory Corruption
Posted Nov 3, 2015
Authored by Google Security Research, natashenka

Samsung LibQjpeg suffers from a memory corruption vulnerability in the DCMProvider service when decoding an image.

tags | exploit
systems | linux
advisories | CVE-2015-7894
MD5 | 44d2610f1692d4238ae96f2b332b415f
Samsung Galaxy S6 LibQjpeg DoIntegralUpsample Crash
Posted Nov 3, 2015
Authored by Google Security Research, natashenka

Samsung Galaxy S6 LibQjpeg memory corruption proof of concept exploit.

tags | exploit, proof of concept
systems | linux
advisories | CVE-2015-7896
MD5 | e864ae62b2e6a520546674e7aa350a53
TeleGraph.co.uk Cross Site Scripting
Posted Nov 3, 2015
Authored by Jing Wang

TeleGraph.co.uk suffered from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 81e19ab474d163f223e7fb8016489f41
Daily Mail Unvalidated Redirect / Cross Site Scripting
Posted Nov 3, 2015
Authored by Jing Wang

Various Daily Mail sites suffered from unvalidated redirect and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | bd8af27dea033a9e4e53fe5370ce1b5a
Page 1 of 1
Back1Next

Want To Donate?


Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

File Archive:

May 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    15 Files
  • 2
    May 2nd
    17 Files
  • 3
    May 3rd
    30 Files
  • 4
    May 4th
    29 Files
  • 5
    May 5th
    2 Files
  • 6
    May 6th
    3 Files
  • 7
    May 7th
    13 Files
  • 8
    May 8th
    27 Files
  • 9
    May 9th
    17 Files
  • 10
    May 10th
    15 Files
  • 11
    May 11th
    8 Files
  • 12
    May 12th
    2 Files
  • 13
    May 13th
    8 Files
  • 14
    May 14th
    7 Files
  • 15
    May 15th
    43 Files
  • 16
    May 16th
    19 Files
  • 17
    May 17th
    16 Files
  • 18
    May 18th
    15 Files
  • 19
    May 19th
    3 Files
  • 20
    May 20th
    7 Files
  • 21
    May 21st
    15 Files
  • 22
    May 22nd
    40 Files
  • 23
    May 23rd
    64 Files
  • 24
    May 24th
    55 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close