all things security
Showing 1 - 25 of 523 RSS Feed

Files Date: 2015-12-01 to 2015-12-31

Wireshark Analyzer 2.0.1
Posted Dec 30, 2015
Authored by Gerald Combs | Site wireshark.org

Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers.

Changes: Multiple bug fixes and updates.
tags | tool, sniffer, protocol
systems | windows, unix
MD5 | c1610ab2238965363b811e5188750fb1
WordPress Simple Ads Manager 2.9.4.116 SQL Injection
Posted Dec 30, 2015
Authored by Kacper Szurek

WordPress Simple Ads Manager plugin version 2.9.4.116 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 2a5355428fa2f26280f1c837fff29c79
Netduma R1 1.03.4 / 1.03.5 Cross Site Request Forgery
Posted Dec 30, 2015
Authored by Josh Chaney

Netduma R1 router versions 1.03.4 and 1.03.5 suffer from a cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | 8fb01a1cf235fadf64984de9d1d1e742
FTPShell Client 5.24 Buffer Overflow
Posted Dec 30, 2015
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

FTPShell Client version 5.24 suffers from a buffer overflow vulnerability.

tags | exploit, overflow
MD5 | 7fa0c63f321f6aba20f56ecf1865dd82
DeleGate 9.9.13 Local Root
Posted Dec 30, 2015
Authored by Larry W. Cashdollar

Installation of DeleGate version 9.9.13 sets some binaries setuid root and at least one of these binaries can be used to escalate the privileges of a local user. The binary dgcpnod creates a node allowing a local unprivileged user to create files anywhere on disk. By creating a file in /etc/cron.hourly a local user can execute commands as root.

tags | exploit, local, root
advisories | CVE-2015-7556
MD5 | 10da8841db2e338fc2f3452c22c24dae
Gentoo Linux Security Advisory 201512-10
Posted Dec 30, 2015
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201512-10 - Multiple vulnerabilities have been found in Mozilla Firefox and Thunderbird, the worst of which may allow user-assisted execution of arbitrary code. Versions less than 38.5.0 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2015-0798, CVE-2015-0799, CVE-2015-0801, CVE-2015-0802, CVE-2015-0803, CVE-2015-0804, CVE-2015-0805, CVE-2015-0806, CVE-2015-0807, CVE-2015-0808, CVE-2015-0810, CVE-2015-0811, CVE-2015-0812, CVE-2015-0813, CVE-2015-0814, CVE-2015-0815, CVE-2015-0816, CVE-2015-2706, CVE-2015-2721, CVE-2015-2722, CVE-2015-2724, CVE-2015-2725, CVE-2015-2726, CVE-2015-2727, CVE-2015-2728, CVE-2015-2729, CVE-2015-2730, CVE-2015-2731
MD5 | 5a2f23b04bc19cb5b4340595d101640e
Gentoo Linux Security Advisory 201512-09
Posted Dec 30, 2015
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201512-9 - Multiple vulnerabilities have been found in encfs, the worst of which can allow remote attackers to execute arbitrary code or cause a Denial of Service condition. Versions less than 1.7.5 are affected.

tags | advisory, remote, denial of service, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2014-3462
MD5 | 50540635f49365e6d66bee186c095d50
Gentoo Linux Security Advisory 201512-08
Posted Dec 30, 2015
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201512-8 - Multiple vulnerabilities have been found in ClamAV, possibly resulting in Denial of Service. Versions less than 0.98.7 are affected.

tags | advisory, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2014-9328, CVE-2015-1461, CVE-2015-1462, CVE-2015-1463, CVE-2015-2170, CVE-2015-2221, CVE-2015-2222, CVE-2015-2668
MD5 | cc05abba23f7e13c157907311cba5eb9
Gentoo Linux Security Advisory 201512-07
Posted Dec 30, 2015
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201512-7 - A buffer overflow in GStreamer could allow remote attackers to execute arbitrary code or cause Denial of Service. Versions less than 1.4.5 are affected.

tags | advisory, remote, denial of service, overflow, arbitrary
systems | linux, gentoo
advisories | CVE-2015-0797
MD5 | ce07f97161ef32025fcacc96db1063ff
Gentoo Linux Security Advisory 201512-06
Posted Dec 30, 2015
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201512-6 - A buffer overflow vulnerability in MPFR could allow remote attackers to execute arbitrary code or cause Denial of Service. Versions less than 3.1.3_p4 are affected.

tags | advisory, remote, denial of service, overflow, arbitrary
systems | linux, gentoo
advisories | CVE-2014-9474
MD5 | 0b1157aa1b85f05b7774a5da54542858
KODExplorer Web File Manager Cross Site Scripting
Posted Dec 30, 2015
Authored by Ben khlifa Fahmi

KODExplorer web file manager suffers from a cross site scripting vulnerability.

tags | exploit, web, xss
MD5 | e600dcb5c3e3294541ea2ef3a1528299
InterPhoto 2.3.0 Persians Database Disclosure
Posted Dec 30, 2015
Authored by indoushka

InterPhoto version 2.3.0 Persians suffers from a database disclosure vulnerability.

tags | exploit, info disclosure
MD5 | fad698b1761d534b9380702979f74dec
Red Hat Security Advisory 2015-2697-01
Posted Dec 29, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-2697-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update fixes multiple vulnerabilities in Adobe Flash Player. These vulnerabilities could allow an attacker to create a specially crafted SWF file that would cause flash-plugin to crash, execute arbitrary code, or disclose sensitive information when the victim loaded a page containing the malicious SWF content.

tags | advisory, web, arbitrary, vulnerability
systems | linux, redhat
advisories | CVE-2015-8459, CVE-2015-8460, CVE-2015-8634, CVE-2015-8635, CVE-2015-8636, CVE-2015-8638, CVE-2015-8639, CVE-2015-8640, CVE-2015-8641, CVE-2015-8642, CVE-2015-8643, CVE-2015-8644, CVE-2015-8645, CVE-2015-8646, CVE-2015-8647, CVE-2015-8648, CVE-2015-8649, CVE-2015-8650, CVE-2015-8651
MD5 | 9ba4bdd9a7c2d5c79c6acecb99ec23bd
AVG WebTune Hijacking
Posted Dec 29, 2015
Authored by Tavis Ormandy, Google Security Research

AVG's Web Tune extension maliciously works to bypass the Chrome malware checks and leaves broken JavaScript APIs available. The attached exploit steals cookies from avg.com.

tags | exploit, web, javascript
systems | linux
MD5 | ca7a098048ebef53ec3e3b8d23340b38
Beezfud Remote Code Execution
Posted Dec 29, 2015
Authored by Ehsan Hosseini

Beezfud suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
MD5 | 588abb919be7dc0f1af8076c51709c09
NASA Cross Site Scripting
Posted Dec 29, 2015
Authored by 4TT4CK3R

ghrc.nsstc.nasa.gov suffered from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 1e291fca632697be8550bc5562f63c5f
WebKitGTK+ 2.x Use-After-Free / DoS / Code Execution
Posted Dec 28, 2015
Authored by WebKitGTK+ Team

Various 2.x releases of WebKitGTK+ suffer from over 130 vulnerabilities. These range from use-after-free to arbitrary code execution issues.

tags | advisory, arbitrary, vulnerability, code execution
advisories | CVE-2013-6663, CVE-2014-1748, CVE-2014-3192, CVE-2014-4409, CVE-2014-4410, CVE-2014-4411, CVE-2014-4412, CVE-2014-4413, CVE-2014-4414, CVE-2014-4452, CVE-2014-4459, CVE-2014-4465, CVE-2014-4466, CVE-2014-4468, CVE-2014-4469, CVE-2014-4470, CVE-2014-4471, CVE-2014-4472, CVE-2014-4473, CVE-2014-4474, CVE-2014-4475, CVE-2014-4476, CVE-2014-4477, CVE-2014-4479, CVE-2015-1068, CVE-2015-1069, CVE-2015-1070, CVE-2015-1071
MD5 | ba603f11beba8793a166702048b873c2
libtiff 4.0.6 Heap Overflow
Posted Dec 28, 2015
Authored by riusksk

libtiff versions 4.0.6 and below suffer from a heap overflow vulnerability.

tags | advisory, overflow
advisories | CVE-2015-8668
MD5 | 902e48651c2cb404ea2a29567ba1672a
libtiff 4.0.6 Invalid Write
Posted Dec 27, 2015
Authored by Hans Jerry Illikainen

_TIFFVGetField() in libtiff version 4.0.6 may write field data for certain extension tags to invalid or possibly arbitrary memory locations.

tags | advisory, arbitrary
advisories | CVE-2015-7554
MD5 | 9df1198f8ca6ed0f042d0af9ca110922
PHP Melody CMS 2.3 SQL Injection
Posted Dec 27, 2015
Authored by V For Vendetta

PHP Melody CMS version 2.3 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, php, sql injection
MD5 | 41635ab28e55f306b25617d8c132563a
RW::Download 4.0.8 File Inclusion / SQL Injection
Posted Dec 26, 2015
Authored by indoushka

RW::Download version 4.0.8 suffers from remote and local file inclusion and remote SQL injection vulnerabilities.

tags | exploit, remote, local, vulnerability, code execution, sql injection, file inclusion
MD5 | 0d63f99edb367c299dbd6cbd12b99a68
AccessDiver 4.301 Build 5888 Buffer Overflow
Posted Dec 26, 2015
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

AccessDiver version 4.301 build 5888 suffers from a buffer overflow vulnerability.

tags | exploit, overflow
MD5 | 3137a57c2f210cb9927cad1183236fc7
EasyCafe Server 2.2.14 Remote File Read
Posted Dec 25, 2015
Authored by R-73eN

EasyCafe Server versions 2.2.14 and below suffer from a remote file read vulnerability.

tags | exploit, remote
MD5 | 77ef57731a114a2d5b65d61198c83f79
Bigware Shop 2.3.01 Cross Site Scripting / File Upload
Posted Dec 25, 2015
Authored by indoushka

Bigware Shop version 2.3.01 suffers from cross site scripting and remote file upload vulnerabilities.

tags | exploit, remote, vulnerability, xss, file upload
MD5 | 5c0b06d734609190e4658f891dc28b01
Backshell Web Shell Cross Site Request Forgery
Posted Dec 25, 2015
Authored by Ehsan Hosseini

Backshell Web Shell suffers from a cross site request forgery vulnerability.

tags | exploit, web, shell, csrf
MD5 | ce4ab13bef888885a4aacb0091168a49
Page 1 of 21
Back12345Next

File Archive:

October 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    15 Files
  • 2
    Oct 2nd
    16 Files
  • 3
    Oct 3rd
    15 Files
  • 4
    Oct 4th
    15 Files
  • 5
    Oct 5th
    11 Files
  • 6
    Oct 6th
    6 Files
  • 7
    Oct 7th
    2 Files
  • 8
    Oct 8th
    1 Files
  • 9
    Oct 9th
    13 Files
  • 10
    Oct 10th
    16 Files
  • 11
    Oct 11th
    15 Files
  • 12
    Oct 12th
    23 Files
  • 13
    Oct 13th
    13 Files
  • 14
    Oct 14th
    12 Files
  • 15
    Oct 15th
    2 Files
  • 16
    Oct 16th
    16 Files
  • 17
    Oct 17th
    16 Files
  • 18
    Oct 18th
    14 Files
  • 19
    Oct 19th
    8 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close