all things security
Showing 1 - 15 of 15 RSS Feed

Files Date: 2015-12-01

Zenphoto 1.4.10 Local File Inclusion
Posted Dec 1, 2015
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Zenphoto version 1.4.10 suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
MD5 | b8be5470509b79119ace6aab1a84a6b4
Zenphoto 1.4.10 Cross Site Scripting
Posted Dec 1, 2015
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Zenphoto version 1.4.10 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 1d847639558d1c697f28deb8c17a2295
BSides SF 2016 Call For Papers
Posted Dec 1, 2015
Site bsidessf.com

BSides SF is soliciting papers and presentations for the 2016 annual BSidesSF conference. It will be held at the DNA Lounge, 375 11th Street, San Francisco, CA, USA on February 28th through the 29th, 2016.

tags | paper, conference
MD5 | ad7222327beef93a76cf12983cfad449
Ubuntu Security Notice USN-2823-1
Posted Dec 1, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2823-1 - It was discovered that the SCTP protocol implementation in the Linux kernel performed an incorrect sequence of protocol-initialization steps. A local attacker could use this to cause a denial of service (system crash). Dmitry Vyukov discovered that the Linux kernel's keyring handler attempted to garbage collect incompletely instantiated keys. A local unprivileged attacker could use this to cause a denial of service (system crash). Various other issues were also addressed.

tags | advisory, denial of service, kernel, local, protocol
systems | linux, ubuntu
advisories | CVE-2015-5283, CVE-2015-7872
MD5 | efc2842fd3b0d8b8a08423636ce8db54
Debian Security Advisory 3408-1
Posted Dec 1, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3408-1 - It was discovered that GnuTLS, a library implementing the TLS and SSL protocols, incorrectly validates the first byte of padding in CBC modes. A remote attacker can possibly take advantage of this flaw to perform a padding oracle attack.

tags | advisory, remote, protocol
systems | linux, debian
advisories | CVE-2015-8313
MD5 | 5d672ac626b19604b080d69147b4a3fb
Red Hat Security Advisory 2015-2534-01
Posted Dec 1, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-2534-01 - Apache Commons Collections is a library built upon Java JDK classes by providing new interfaces, implementations and utilities. It was found that the Apache commons-collections library permitted code execution when deserializing objects involving a specially constructed chain of classes. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using the commons-collections library.

tags | advisory, java, remote, arbitrary, code execution
systems | linux, redhat
advisories | CVE-2015-7501
MD5 | 6c7232aa3c17248b3f27bc0ff94ba6fd
Red Hat Security Advisory 2015-2535-01
Posted Dec 1, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-2535-01 - Red Hat JBoss Enterprise Application Platform 5 is a platform for Java applications based on JBoss Application Server 6. It was found that the Apache commons-collections library permitted code execution when deserializing objects involving a specially constructed chain of classes. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using the commons-collections library.

tags | advisory, java, remote, arbitrary, code execution
systems | linux, redhat
advisories | CVE-2015-7501
MD5 | e9f632f6b4bda684d5fbfadef8986b8f
RHEL 7.0 / 7.1 abrt / sosreport Local Root
Posted Dec 1, 2015
Authored by rebel

Local root exploit for Redhat Enterprise Linux versions 7.0 and 7.1 that leverages abrt/sosreport.

tags | exploit, local, root
systems | linux, redhat
advisories | CVE-2015-5287
MD5 | 330251c1a1a1d6bfa86f03f66619d5e3
CentOS 7.1 / Fedora 22 abrt Local Root
Posted Dec 1, 2015
Authored by rebel

CentOS version 7.1 and Fedora version 22 abrt local root exploit. It leverages abrt-hook-ccpp insecure open() usage and abrt-action-install-debuginfo insecure temp directory usage.

tags | exploit, local, root
systems | linux, fedora, centos
advisories | CVE-2015-5273, CVE-2015-5287
MD5 | 79c9b7449cca70e39882750ad21aaba8
Kodi 15 Arbitrary File Access
Posted Dec 1, 2015
Authored by Machiel Pronk

Kodi 15 reintroduced an arbitrary file access vulnerability.

tags | exploit, arbitrary
MD5 | c29a14dc3a8bd34334b189890adde2b5
Red Hat Security Advisory 2015-2525-01
Posted Dec 1, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-2525-01 - In accordance with the Red Hat Enterprise Linux Errata Support Policy, Extended Update Support for Red Hat Enterprise Linux 6.5 was retired on November 30, 2015, and support will no longer be provided. Accordingly, Red Hat will no longer provide updated packages, including Critical impact security patches or urgent priority bug fixes, for Red Hat Enterprise Linux 6.5 EUS after November 30, 2015.

tags | advisory
systems | linux, redhat
MD5 | 8561c54e7df640b5f799f770f395668e
Ubuntu Security Notice USN-2819-1
Posted Dec 1, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2819-1 - Christian Holler, David Major, Jesse Ruderman, Tyson Smith, Boris Zbarsky, Randell Jesup, Olli Pettay, Karl Tomlinson, Jeff Walden, and Gary Kwong discovered multiple memory safety issues in Thunderbird. If a user were tricked in to opening a specially crafted message, an attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Thunderbird. Tyson Smith and David Keeler discovered a use-after-poison and buffer overflow in NSS. An attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Thunderbird. Various other issues were also addressed.

tags | advisory, denial of service, overflow, arbitrary
systems | linux, ubuntu
advisories | CVE-2015-4513, CVE-2015-7181, CVE-2015-7182, CVE-2015-7183, CVE-2015-7188, CVE-2015-7189, CVE-2015-7193, CVE-2015-7194, CVE-2015-7197, CVE-2015-7198, CVE-2015-7199, CVE-2015-7200
MD5 | 4402a87b602d24abd09ba473a2b68efd
VoIP Wars: Destroying Jar Jar Lync
Posted Dec 1, 2015
Authored by Fatih Ozavci | Site viproy.com

This archive includes presentation slides for the talk VoIP Wars: Destroying Jar Jar Lync along with the Viproxy tool used to perform the attack.

tags | paper
systems | linux
MD5 | d01f150679adc98f0bc25ca5a7f93b27
Huawei Wimax CSRF / Information Disclosure / Manipulation
Posted Dec 1, 2015
Authored by Pierre Kim

Huawei Wimax routers suffer from cross site request forgery, information disclosure, and system manipulation vulnerabilities.

tags | exploit, vulnerability, info disclosure, csrf
MD5 | 113c1dd8907383654de5b6c53b288f29
Packet Storm New Exploits For November, 2015
Posted Dec 1, 2015
Authored by Todd J. | Site packetstormsecurity.com

This archive contains 190 exploits that were added to Packet Storm in November, 2015.

tags | exploit
systems | linux
MD5 | f0b0b3658156ee025472208a762f9e1d
Page 1 of 1
Back1Next

File Archive:

October 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    15 Files
  • 2
    Oct 2nd
    16 Files
  • 3
    Oct 3rd
    15 Files
  • 4
    Oct 4th
    15 Files
  • 5
    Oct 5th
    11 Files
  • 6
    Oct 6th
    6 Files
  • 7
    Oct 7th
    2 Files
  • 8
    Oct 8th
    1 Files
  • 9
    Oct 9th
    13 Files
  • 10
    Oct 10th
    16 Files
  • 11
    Oct 11th
    15 Files
  • 12
    Oct 12th
    23 Files
  • 13
    Oct 13th
    13 Files
  • 14
    Oct 14th
    12 Files
  • 15
    Oct 15th
    2 Files
  • 16
    Oct 16th
    16 Files
  • 17
    Oct 17th
    16 Files
  • 18
    Oct 18th
    14 Files
  • 19
    Oct 19th
    8 Files
  • 20
    Oct 20th
    7 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close