Exploit the possiblities
Showing 1 - 15 of 15 RSS Feed

Files Date: 2015-11-06

MiniBB 3.1.1 Cross Site Scripting
Posted Nov 6, 2015
Authored by Tim Coen | Site curesec.com

MiniBB version 3.1.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | de19cf72d87e6f3c9e46618994f78be3
MyWebSQL 3.6 Cross Site Request Forgery
Posted Nov 6, 2015
Authored by Tim Coen | Site curesec.com

MyWebSQL version 3.6 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | 08d415b15dc2c8ec82c5a779f8a5bab3
OpenCart 2.0.3.1 Cross Site Request Forgery
Posted Nov 6, 2015
Authored by Tim Coen | Site curesec.com

OpenCart version 2.0.3.1 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | d2e74fcd01c210a90c9cb5ad714d3601
China Chopper Caidao PHP Backdoor Code Execution
Posted Nov 6, 2015
Authored by Nixawk | Site metasploit.com

This Metasploit module takes advantage of the China Chopper Webshell that is commonly used by Chinese hackers.

tags | exploit
MD5 | 49f6c90355a862b124b78c5bdd3942d6
Java Secure Socket Extension (JSSE) SKIP-TLS
Posted Nov 6, 2015
Authored by Ramon de C Valle

Java Secure Socket Extension (JSSE) SKIP-TLS exploit that has been tested on JDK 8u25 and 7u72. This is a stand-alone ruby exploit and does not require Metasploit.

tags | exploit, java
advisories | CVE-2014-6593
MD5 | 67a97ff13fef641743175656e610fabf
OpenSSL Alternative Chains Certificate Forgery
Posted Nov 6, 2015
Authored by Ramon de C Valle

OpenSSL alternative chains certificate forgery exploit that has been tested on OpenSSL 1.0.2c, 1.0.2b, 1.0.1o, 1.0.1n, and Fedora 22 (1.0.1k-fips). This is a stand-alone ruby exploit and does not require Metasploit.

tags | exploit, ruby
systems | linux, fedora
advisories | CVE-2015-1793
MD5 | cbe7f7b97e5ea083dd73abc376c891d6
Ubuntu Security Notice USN-2797-1
Posted Nov 6, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2797-1 - It was discovered that the Linux kernel did not check if a new IPv6 MTU set by a user space application was valid. A remote attacker could forge a route advertisement with an invalid MTU that a user space daemon like NetworkManager would honor and apply to the kernel, causing a denial of service. It was discovered that in certain situations, a directory could be renamed outside of a bind mounted location. An attacker could use this to escape bind mount containment and gain access to sensitive information. Various other issues were also addressed.

tags | advisory, remote, denial of service, kernel
systems | linux, ubuntu
advisories | CVE-2015-0272, CVE-2015-2925, CVE-2015-5257, CVE-2015-5283
MD5 | d8ffa76b7a0992665a66043545f14c65
Ubuntu Security Notice USN-2798-1
Posted Nov 6, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2798-1 - It was discovered that in certain situations, a directory could be renamed outside of a bind mounted location. An attacker could use this to escape bind mount containment and gain access to sensitive information. Moein Ghasemzadeh discovered that the USB WhiteHEAT serial driver contained hardcoded attributes about the USB devices. An attacker could construct a fake WhiteHEAT USB device that, when inserted, causes a denial of service (system crash). Various other issues were also addressed.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2015-2925, CVE-2015-5257
MD5 | 66b73e36945c9f02c90caa56d32f4d59
Ubuntu Security Notice USN-2796-1
Posted Nov 6, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2796-1 - Dmitry Vyukov discovered that the Linux kernel did not properly initialize IPC object state in certain situations. A local attacker could use this to escalate their privileges, expose confidential information, or cause a denial of service (system crash). It was discovered that the Linux kernel did not check if a new IPv6 MTU set by a user space application was valid. A remote attacker could forge a route advertisement with an invalid MTU that a user space daemon like NetworkManager would honor and apply to the kernel, causing a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2015-0272, CVE-2015-2925, CVE-2015-5257, CVE-2015-7613
MD5 | 790e01b8581841d22b57d85dd507696c
Ubuntu Security Notice USN-2794-1
Posted Nov 6, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2794-1 - It was discovered that in certain situations, a directory could be renamed outside of a bind mounted location. An attacker could use this to escape bind mount containment and gain access to sensitive information. Moein Ghasemzadeh discovered that the USB WhiteHEAT serial driver contained hardcoded attributes about the USB devices. An attacker could construct a fake WhiteHEAT USB device that, when inserted, causes a denial of service (system crash). Various other issues were also addressed.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2015-2925, CVE-2015-5257
MD5 | 195456e9a2eae3da3b4c968648750058
Ubuntu Security Notice USN-2792-1
Posted Nov 6, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2792-1 - Dmitry Vyukov discovered that the Linux kernel did not properly initialize IPC object state in certain situations. A local attacker could use this to escalate their privileges, expose confidential information, or cause a denial of service (system crash). It was discovered that the Linux kernel did not check if a new IPv6 MTU set by a user space application was valid. A remote attacker could forge a route advertisement with an invalid MTU that a user space daemon like NetworkManager would honor and apply to the kernel, causing a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2015-0272, CVE-2015-2925, CVE-2015-5257, CVE-2015-7613
MD5 | cd3ae75341cb0a7e164dbc8f930b6ede
Ubuntu Security Notice USN-2795-1
Posted Nov 6, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2795-1 - It was discovered that in certain situations, a directory could be renamed outside of a bind mounted location. An attacker could use this to escape bind mount containment and gain access to sensitive information. Moein Ghasemzadeh discovered that the USB WhiteHEAT serial driver contained hardcoded attributes about the USB devices. An attacker could construct a fake WhiteHEAT USB device that, when inserted, causes a denial of service (system crash). Various other issues were also addressed.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2015-2925, CVE-2015-5257
MD5 | cfd6082fc92e09cf425ab15aa5080eef
Ubuntu Security Notice USN-2793-1
Posted Nov 6, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2793-1 - Federico Scrinzi discovered that LibreOffice incorrectly handled documents inserted into Writer or Calc via links. If a user were tricked into opening a specially crafted document, a remote attacker could possibly obtain the contents of arbitrary files. It was discovered that LibreOffice incorrectly handled PrinterSetup data stored in ODF files. If a user were tricked into opening a specially crafted ODF document, a remote attacker could cause LibreOffice to crash, and possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2015-4551, CVE-2015-5212, CVE-2015-5213, CVE-2015-5214
MD5 | ae139ed1a2b42f4ec58914aca2ac1ee1
Ubuntu Security Notice USN-2799-1
Posted Nov 6, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2799-1 - It was discovered that in certain situations, a directory could be renamed outside of a bind mounted location. An attacker could use this to escape bind mount containment and gain access to sensitive information. Moein Ghasemzadeh discovered that the USB WhiteHEAT serial driver contained hardcoded attributes about the USB devices. An attacker could construct a fake WhiteHEAT USB device that, when inserted, causes a denial of service (system crash). Various other issues were also addressed.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2015-2925, CVE-2015-5257
MD5 | 89eae61e9ea127caef98fc5df408e219
Cryptocat Script Insertion
Posted Nov 6, 2015
Authored by Mario Heiderich

Cryptocat versions prior to 2.0.22 are vulnerability to a script injection vulnerability.

tags | exploit
advisories | CVE-2013-4103, OSVDB-95007
MD5 | 886a15eb6b98c46b47fcd5997140c866
Page 1 of 1
Back1Next

File Archive:

December 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    15 Files
  • 2
    Dec 2nd
    2 Files
  • 3
    Dec 3rd
    1 Files
  • 4
    Dec 4th
    15 Files
  • 5
    Dec 5th
    15 Files
  • 6
    Dec 6th
    18 Files
  • 7
    Dec 7th
    17 Files
  • 8
    Dec 8th
    15 Files
  • 9
    Dec 9th
    13 Files
  • 10
    Dec 10th
    4 Files
  • 11
    Dec 11th
    41 Files
  • 12
    Dec 12th
    42 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close