exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 24 of 24 RSS Feed

Files Date: 2016-02-17

Cisco ASA VPN Portal Cross Site Scripting
Posted Feb 17, 2016
Authored by Juan Sacco

The Cisco ASA VPN Portal password recovery page suffers from a cross site scripting vulnerability.

tags | exploit, xss
systems | cisco
SHA-256 | eb2aac6086f4bb061f2a2742410500a3e2ba73666fb36027d37e43f8e424ecfc
Ubuntu Security Notice USN-2901-1
Posted Feb 17, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2901-1 - It was discovered that xdelta3 incorrectly handled certain files. If a user or automated system were tricked into processing a specially-crafted file, a remote attacker could use this issue to cause xdelta3 to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2014-9765
SHA-256 | e00c2248b4bed3be1d356b36510c913e8a3573fd9c0cdc8d71c64adfb13c121a
Ubuntu Security Notice USN-2902-1
Posted Feb 17, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2902-1 - Yves Younan discovered that graphite2 incorrectly handled certain malformed fonts. If a user or automated system were tricked into opening a specially- crafted font file, a remote attacker could use this issue to cause graphite2 to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2016-1521, CVE-2016-1522, CVE-2016-1523, CVE-2016-1526
SHA-256 | 4ecb16d84a83cc63b11ddbf287df3bdab9b45a54ffb4113420c9511004c21441
Gentoo Linux Security Advisory 201602-02
Posted Feb 17, 2016
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201602-2 - Multiple vulnerabilities have been found in the GNU C library, the worst allowing for remote execution of arbitrary code. Versions less than 2.21-r2 are affected.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2013-7423, CVE-2014-0475, CVE-2014-5119, CVE-2014-6040, CVE-2014-7817, CVE-2014-8121, CVE-2014-9402, CVE-2015-1472, CVE-2015-1781, CVE-2015-7547, CVE-2015-8776, CVE-2015-8778, CVE-2015-8779
SHA-256 | 7fb31d7914b4d8d365ed0e55052ae4ab9788d37ba1146e4a9261c90a46a215e4
Ubuntu Security Notice USN-2903-1
Posted Feb 17, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2903-1 - Hanno Boeck discovered that NSS incorrectly handled certain division functions, possibly leading to cryptographic weaknesses. This update also refreshes the NSS package to version 3.21 which includes the latest CA certificate bundle, and removes the SPI CA.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2015-1938, CVE-2016-1938
SHA-256 | f6a190f2df63a4842e2f9cbe069394f800fdf9cecad2c50da789ce6f9e53ff99
pyClamd 0.3.17
Posted Feb 17, 2016
Authored by Alexandre Norman | Site xael.org

pyClamd is a python interface to Clamd (Clamav daemon). By using pyClamd, you can add virus detection capabilities to your python software in an efficient and easy way. Instead of pyClamav which uses libclamav, pyClamd may be used by a closed source product.

Changes: Various updates.
tags | tool, virus, python
systems | unix
SHA-256 | 9921a582c45baa34dabb357c548c5ed331b9a39334881b3a784b593680b07ba0
Adobe Flash TextField Constructor Type Confusion
Posted Feb 17, 2016
Authored by Google Security Research, natashenka

There is a type confusion vulnerability in the TextField constructor in AS3. When a TextField is constructed, a generic backing object is created and reused when subsequent TextField objects are created. However, if an object with the same ID has already been created in the SWF, it can be of the wrong type. The constructor contains a check for this situation, though, and throws an exception and sets a flag to shut down the player if this occurs. The backing object is then set to be of type TextField to avoid any modifications that have been made on it by the constructor from causing problems if it is used as an object of its original type elsewhere in the player. However, if the exception thrown by the constructor is caught, the exception handler can create another TextField object, and since the type of the generic backing object has been changed, an object of the wrong type is now backing the TextField, which makes it possible to set the pointers in the object to integer values selected by the attacker. The PoC swf for this issue needs to be created by hand.

tags | exploit
systems | linux
advisories | CVE-2016-0985
SHA-256 | 89244b28a4549217c3946663d62b8133ad186a92cdb4285eeff70e6a18cdb172
Adobe Flash Sound.loadPCMFromByteArray Dangling Pointer
Posted Feb 17, 2016
Authored by Google Security Research, natashenka

There is a dangling pointer that can be read, but not written to in loadPCMFromByteArray. A proof of concept is included.

tags | exploit, proof of concept
systems | linux
advisories | CVE-2016-0984
SHA-256 | 6a837aeb0f69779cabe3ac91d53929ecab287b6e562f832a1364d2e7e1364980
Adobe Flash LoadVars.decode Use-After-Free
Posted Feb 17, 2016
Authored by Google Security Research, natashenka

There is a use-after-free in LoadVars.decode. If a watch is set on the object that the parameters are being decoded into, and the watch deletes the object, then other methods are called on the deleted object after it is freed.

tags | exploit
systems | linux
advisories | CVE-2016-0974
SHA-256 | fbe2ae5d15b3901564ae333ef65dc05ba1b8f150b143e8b0a87296c853c3503a
Adobe Flash ATF Processing Heap Overflow
Posted Feb 17, 2016
Authored by Google Security Research, mjurczyk

The included file causes a crash due to a heap overflow, probably due to an issue in ATF processing by the URLStream class.

tags | exploit, overflow
systems | linux
advisories | CVE-2016-0971
SHA-256 | 31320a678e0ba948912307dabf47b9cca5c8ea878f23514c24959ad680fe11f2
Adobe Flash H264 File Causes Stack Corruption
Posted Feb 17, 2016
Authored by Google Security Research, mjurczyk

The included flv file causes stack corruption when loaded into Flash. To use the PoC, load LoadMP42.swf?file=lownull.flv from a remote server.

tags | exploit, remote
systems | linux
advisories | CVE-2016-0967
SHA-256 | 74d667d649a7d045b24409e6c7c68eeea9f6f1cc6f03497a67ed1756ff630172
Adobe Flash H264 Parsing Out-Of-Bounds Read
Posted Feb 17, 2016
Authored by Google Security Research, mjurczyk

There is an out-of-bounds read in H264 parsing and a fuzzed file is included in this archive. To load, load LoadMP4.swf with the URL parameter file=compute_poc.flv from a remote server.

tags | exploit, remote
systems | linux
SHA-256 | ebb2b5d7f663e475ad09af61f41ced8caef58fbe37e4cc1bbb1bb3395e2f41a2
Adobe Flash Image Read Out-Of-Bounds
Posted Feb 17, 2016
Authored by Google Security Research, mjurczyk

The attached file can cause an out-of-bounds read of an image. While the bits of the image are null, the width, height and other values can make it a valid pointer.

tags | exploit
systems | linux
advisories | CVE-2016-0965
SHA-256 | 67899d0a839f78a9413c2d4c6f499ce8a1bfb82ab4a0b04f26b17264175b257f
Adobe Flash BitmapData.drawWithQuality Heap Overflow
Posted Feb 17, 2016
Authored by Google Security Research, natashenka

The included fuzzing test case causes a crash due to a heap overflow in BitmapData.drawWithQuality.

tags | exploit, overflow
systems | linux
advisories | CVE-2016-0964
SHA-256 | 71eac9af938822ce100e076b77f44a4fc957277d6ed3fc9956efc03536dabb10
Red Hat Security Advisory 2016-0241-01
Posted Feb 17, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0241-01 - Chromium is an open-source web browser, powered by WebKit. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Chromium to crash, execute arbitrary code, or disclose sensitive information when visited by the victim. All Chromium users should upgrade to these updated packages, which contain Chromium version 48.0.2564.109, which corrects these issues. After installing the update, Chromium must be restarted for the changes to take effect.

tags | advisory, web, arbitrary
systems | linux, redhat
advisories | CVE-2016-1622, CVE-2016-1623, CVE-2016-1624, CVE-2016-1625, CVE-2016-1626, CVE-2016-1627
SHA-256 | e4b076f47623f3e1c351897422dd84ff8c54ecb8e8176489592e03e9a39a1761
Dimofinf CMS 3.0.0 Cross Site Scripting
Posted Feb 17, 2016
Authored by T3NZOG4N, Mojtaba MobhaM

Dimofinf CMS version 3.0.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | fc6aabdced0f311a87ad9b9c16b893261d7bec5cd7961194bc05629135c8c74d
glibc getaddrinfo Stack-Based Buffer Overflow
Posted Feb 17, 2016
Authored by Fermin J. Serna, Kevin Stadmeyer | Site googleonlinesecurity.blogspot.com

glibc reserves 2048 bytes in the stack through alloca() for the DNS answer at _nss_dns_gethostbyname4_r() for hosting responses to a DNS query. Later on, at send_dg() and send_vc(), if the response is larger than 2048 bytes, a new buffer is allocated from the heap and all the information (buffer pointer, new buffer size and response size) is updated. Under certain conditions a mismatch between the stack buffer and the new heap allocation will happen. The final effect is that the stack buffer will be used to store the DNS response, even though the response is larger than the stack buffer and a heap buffer was allocated. This behavior leads to the stack buffer overflow. Included in this archive is a copy of the Google Security blog post and proof of concept code that demonstrates the vulnerability.

tags | exploit, overflow, proof of concept
systems | linux
advisories | CVE-2015-7547
SHA-256 | ad59124177a3d305a9e05a03fed4435fe9079fdcafd54b23cbd52bc979ba7a5f
Ubuntu Security Notice USN-2900-1
Posted Feb 17, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2900-1 - It was discovered that the GNU C Library incorrectly handled receiving responses while performing DNS resolution. A remote attacker could use this issue to cause the GNU C Library to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2015-7547
SHA-256 | 7800d1aab731dec1f2a66ce239ebdf2a26e863aea8e01e1b0c7b35c610ced26c
Debian Security Advisory 3481-1
Posted Feb 17, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3481-1 - Several vulnerabilities have been fixed in the GNU C Library, glibc.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2015-7547, CVE-2015-8776, CVE-2015-8778, CVE-2015-8779
SHA-256 | 09303e0b9794ff8d9ff9ecaa8493c33cded5b569964be1e2f01553cc70ce74c4
Xplico Network Forensic Analysis Tool 1.1.2
Posted Feb 17, 2016
Authored by Gianluca Costa, Andrea de Franceschi | Site xplico.org

Xplico is an open source Network Forensic Analysis Tool (NFAT) that allows for data extraction from traffic captures. It supports extraction of mail from POP, IMAP, and SMTP, can extract VoIP streams, etc. This is the version that has a GUI allowing you to view photos, texts and videos contained in MMS messages.

Changes: IPv4 defragmentation and CapAnalysis dissectors and dispatcher were changed.
tags | tool, imap, forensics
systems | linux
SHA-256 | 08cc8bbae705e5ea3643d876e93b0dd14dd593595de0ae6ecf6a1089a056af25
Inductive Automation Ignition 7.8.1 Remote Leakage Of Shared Buffers
Posted Feb 17, 2016
Authored by LiquidWorm | Site zeroscience.mk

Remote unauthenticated attackers are able to read arbitrary data from other HTTP sessions because Ignition uses a vulnerable Jetty server. When the Jetty web server receives a HTTP request, the below code is used to parse through the HTTP headers and their associated values. Inductive Automation versions 7.8.1 (b2016012216) and 7.8.0 (b2015101414) are affected.

tags | exploit, remote, web, arbitrary
advisories | CVE-2015-2080
SHA-256 | 8d7c9861342f78e40e1dcce0f22e9aba5b9782813cddc88a6b9899181e6ae25e
IPTables Bash Completion 1.5
Posted Feb 17, 2016
Authored by AllKind | Site sourceforge.net

iptables-bash_completion provides programmable completion for the iptables and ip6tables programs from netfilter.org. Following the logic of iptables, options are shown only if they are valid at the current context. Additionally to the completion on options, matches and targets, it supports dynamic retrieval of data from the system i.e: chain-, set-names, interfaces, hostnames, etc. Environment variables allow to fine grade completion options. IP and MAC addresses can be fed by file.

Changes: Various updates and improvements.
tags | tool, firewall
systems | linux, unix
SHA-256 | 4d83efd879d80138550cbc7329d2b20a57b75210a7d1040b252910cacb17fb18
Microsoft Security Bulletin Revision Increment For February, 2016
Posted Feb 17, 2016
Site microsoft.com

This bulletin summary lists two bulletins that have undergone a major revision increment for February, 2016.

tags | advisory
SHA-256 | 89eb2daa8e73bb575d22a9e776da4ada0d66651dd364474ae688e1d3e67b3359
IPSet Bash Completion 2.8
Posted Feb 17, 2016
Authored by AllKind | Site sourceforge.net

ipset-bash-completion is programmable completion code for the bash shell, to support the ipset program (netfilter.org). It allows you to interactively retrieve and complete options, commands, set names, types, and members.

Changes: Various bug fixes and additions.
tags | tool, shell, firewall, bash
systems | linux, unix
SHA-256 | b5bc4a79fc52f0333822e3b932c76b81c22257fb3dae82b4f98935d220c186ce
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close