what you don't know can hurt you
Showing 1 - 15 of 15 RSS Feed

Files Date: 2015-11-13

360-FAAR Firewall Analysis Audit And Repair 0.5.0
Posted Nov 13, 2015
Authored by Dan Martin | Site sourceforge.net

360-FAAR Firewall Analysis Audit and Repair is an offline command line perl policy manipulation tool to filter, compare to logs, merge, translate and output firewall commands for new policies, in checkpoint dbedit or screenos commands.

Changes: This release back ports the config parsers from the Enterprise Edition SuperFAAR. These parsers are greatly improved from the last release. This release only back ports the config parsers for the existing config parsers.
tags | tool, perl
systems | unix
MD5 | 875684aab52f4e61b50e845b3ac2449d
Idera Up.Time Monitoring Station 7.0 post2file.php Arbitrary File Upload Version 1
Posted Nov 13, 2015
Authored by Denis Andzakovic | Site metasploit.com

This Metasploit module exploits an arbitrary file upload vulnerability found within the Up.Time monitoring server 7.2 and below. A malicious entity can upload a PHP file into the webroot without authentication, leading to arbitrary code execution. Although the vendor fixed Up.Time to prevent this vulnerability, it was not properly mitigated. To exploit against a newer version of Up.Time (such as 7.4), please use exploits/multi/http/uptime_file_upload_2.

tags | exploit, web, arbitrary, php, code execution, file upload
MD5 | 75859afe6a385a626bad1a03d9f8e831
Idera Up.Time Monitoring Station 7.4 post2file.php Arbitrary File Upload Version 2
Posted Nov 13, 2015
Authored by Denis Andzakovic | Site metasploit.com

This Metasploit module exploits a vulnerability found in Uptime version 7.4.0 and 7.5.0. The vulnerability began as a classic arbitrary file upload vulnerability in post2file.php, which can be exploited by exploits/multi/http/uptime_file_upload_1.rb, but it was mitigated by the vendor. Although the mitigation in place will prevent uptime_file_upload_1.rb from working, it can still be bypassed and gain privilege escalation, and allows the attacker to upload file again, and execute arbitrary commands.

tags | exploit, web, arbitrary, php, file upload
MD5 | 1cf7b5d392550c238a65f2b9ff6d5031
vBulletin 5.1.2 Unserialize Code Execution
Posted Nov 13, 2015
Authored by Netanel Rubin, cutz, Julien (jvoisin) Voisin | Site metasploit.com

This Metasploit module exploits a PHP object injection vulnerability in vBulletin 5.1.2 to 5.1.9

tags | exploit, php
advisories | CVE-2015-7808
MD5 | 5f61a73548cbcc043c7dc16675b4a160
Debian Security Advisory 3395-2
Posted Nov 13, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3395-2 - Marc Deslauriers reported that the update for krb5 issued as DSA-3395-1 did not contain the patch to address CVE-2015-2697 for the packages built for the oldstable distribution (wheezy). Updated packages are now available to address this issue.

tags | advisory
systems | linux, debian
advisories | CVE-2015-2697
MD5 | 52c66395d58cb963ce5bb7ea20c863c8
Tails 1.6 Information Disclosure
Posted Nov 13, 2015
Authored by cenobyte

Tails versions 1.6 and below suffers from an information leak vulnerability via a symlink attack.

tags | exploit, info disclosure
MD5 | bc48a42fdeccaf9fad9deef2cdc28947
b374k 3.2.3 2.8 CSRF / Command Injection
Posted Nov 13, 2015
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

b374k web shell versions 2.8 and 3.2.3 suffer from a cross site request forgery vulnerability that allows for remote command injection.

tags | exploit, remote, web, shell, csrf
MD5 | 45af3a0e6bd52404ef917cabff71feca
Microsoft Security Bulletin Revision Increment For November, 2015
Posted Nov 13, 2015
Site microsoft.com

This bulletin summary lists MS15-115 which has undergone a major revision increment.

tags | advisory
MD5 | bb28cf1d102f40d17e26f91586657e08
OpenBSD net-snmp Information Disclosure
Posted Nov 13, 2015
Authored by Pierre Kim

OpenBSD net-snmp suffers from a credential and information disclosure vulnerability.

tags | exploit, info disclosure
systems | openbsd
advisories | CVE-2015-8100
MD5 | 58ae670019233a11582c38947b6d86cc
TUDU 0.82 Buffer Overflow
Posted Nov 13, 2015
Authored by Juan Sacco

TUDU versions 0.82 and below suffer from a buffer overflow vulnerability.

tags | exploit, overflow
MD5 | c0b64db786469ac0d510f48d4869a57d
TACK 1.07 Buffer Overflow
Posted Nov 13, 2015
Authored by Juan Sacco

TACK versions 1.07 and below suffer from a buffer overflow vulnerability.

tags | exploit, overflow
MD5 | c57abedcc57c50a81588e23af7e2542b
WordPress i1.wp.com Functionality Abuse
Posted Nov 13, 2015
Authored by Andrea Menin

The WordPress i1.wp.com site can be abused to make arbitrary HTTP requests to other sites.

tags | exploit, web, arbitrary
MD5 | af5aba2a5edeff60d337d409d6a43424
ESET Emulation Command Execution
Posted Nov 13, 2015
Authored by Tavis Ormandy, Google Security Research

A vulnerability exists managing a shadow stack in ESET Antivirus. It allows complete remote root/SYSTEM command execution on all ESET platforms and products.

tags | exploit, remote, root
systems | linux
MD5 | efb25afbf1d01ddcb1a105462940aef8
Sam Spade 1.14 SEH Overflow
Posted Nov 13, 2015
Authored by Nipun Jaswal

Sam Spade version 1.14 S-Lang command field SEH overflow exploit.

tags | exploit, overflow
MD5 | c111bcf54d93a9b85e07f354a8327365
POLLSolved 1.5.2 SQL Injection / Authentication Bypass
Posted Nov 13, 2015
Authored by Persian Hack Team

POLLSolved version 1.5.2 suffers from a remote SQL injection vulnerability that allows for authentication bypass. Support for this script is deprecated.

tags | exploit, remote, sql injection
MD5 | 606299f00ff953ca7f583e97101ebcba
Page 1 of 1
Back1Next

File Archive:

October 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    15 Files
  • 2
    Oct 2nd
    16 Files
  • 3
    Oct 3rd
    15 Files
  • 4
    Oct 4th
    15 Files
  • 5
    Oct 5th
    11 Files
  • 6
    Oct 6th
    6 Files
  • 7
    Oct 7th
    2 Files
  • 8
    Oct 8th
    1 Files
  • 9
    Oct 9th
    13 Files
  • 10
    Oct 10th
    16 Files
  • 11
    Oct 11th
    15 Files
  • 12
    Oct 12th
    23 Files
  • 13
    Oct 13th
    13 Files
  • 14
    Oct 14th
    12 Files
  • 15
    Oct 15th
    2 Files
  • 16
    Oct 16th
    16 Files
  • 17
    Oct 17th
    16 Files
  • 18
    Oct 18th
    15 Files
  • 19
    Oct 19th
    10 Files
  • 20
    Oct 20th
    7 Files
  • 21
    Oct 21st
    4 Files
  • 22
    Oct 22nd
    2 Files
  • 23
    Oct 23rd
    16 Files
  • 24
    Oct 24th
    4 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close