accept no compromises
Showing 1 - 19 of 19 RSS Feed

Files Date: 2016-02-24

Slackware Security Advisory - glibc Updates
Posted Feb 24, 2016
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New glibc packages are available for Slackware 14.1 and -current to fix security issues.

tags | advisory
systems | linux, slackware
advisories | CVE-2015-7547
MD5 | 010bd93b969adaed5c346420fa4203b7
Slackware Security Advisory - bind Updates
Posted Feb 24, 2016
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New bind packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix security issues.

tags | advisory
systems | linux, slackware
advisories | CVE-2015-8704, CVE-2015-8705
MD5 | afeea642bf01db52a67f56d67f702741
Red Hat Security Advisory 2016-0296-01
Posted Feb 24, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0296-01 - The rh-ror41 collection provides Ruby on Rails version 4.1. Ruby on Rails is a model-view-controller framework for web application development. The following issue was corrected in rubygem-actionpack and rubygem-actionview: A directory traversal flaw was found in the way the Action View component searched for templates for rendering. If an application passed untrusted input to the 'render' method, a remote, unauthenticated attacker could use this to render unexpected files and, possibly, execute arbitrary code.

tags | advisory, remote, web, arbitrary, ruby
systems | linux, redhat
advisories | CVE-2015-7576, CVE-2015-7577, CVE-2015-7581, CVE-2016-0751, CVE-2016-0752, CVE-2016-0753
MD5 | d4f1069c40dbe095d50cd42102acc0d2
Debian Security Advisory 3489-1
Posted Feb 24, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3489-1 - lighttpd, a small webserver, is vulnerable to the POODLE attack via the use of SSLv3. This protocol is now disabled by default.

tags | advisory, protocol
systems | linux, debian
advisories | CVE-2014-3566
MD5 | ce211e65fb09a084edf2c176770cd02e
Debian Security Advisory 3488-1
Posted Feb 24, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3488-1 - Aris Adamantiadis discovered that libssh, a tiny C SSH library, incorrectly generated a short ephemeral secret for the diffie-hellman-group1 and diffie-hellman-group14 key exchange methods. The resulting secret is 128 bits long, instead of the recommended sizes of 1024 and 2048 bits respectively. This flaw could allow an eavesdropper with enough resources to decrypt or intercept SSH sessions.

tags | advisory
systems | linux, debian
advisories | CVE-2016-0739
MD5 | a237ea88f298ac9e8c4cb35e2519e94b
IPSet List 3.3
Posted Feb 24, 2016
Authored by AllKind | Site sourceforge.net

ipset_list is a wrapper script for listing sets of the netfilter ipset program. It allows you to match and display sets, headers, and elements in various ways. Optionally, the output can be colorized.

Changes: Various updates.
tags | tool, firewall
systems | linux, unix
MD5 | 05b3f928262a7318b28ed6d8bfa10cd3
IPTables Bash Completion 1.6
Posted Feb 24, 2016
Authored by AllKind | Site sourceforge.net

iptables-bash_completion provides programmable completion for the iptables and ip6tables programs from netfilter.org. Following the logic of iptables, options are shown only if they are valid at the current context. Additionally to the completion on options, matches and targets, it supports dynamic retrieval of data from the system i.e: chain-, set-names, interfaces, hostnames, etc. Environment variables allow to fine grade completion options. IP and MAC addresses can be fed by file.

Changes: Various updates and improvements.
tags | tool, firewall
systems | linux, unix
MD5 | 537872139853de4fb33abf9b12a77da8
IPSet Bash Completion 2.9.1
Posted Feb 24, 2016
Authored by AllKind | Site sourceforge.net

ipset-bash-completion is programmable completion code for the bash shell, to support the ipset program (netfilter.org). It allows you to interactively retrieve and complete options, commands, set names, types, and members.

Changes: Various bug fixes and additions.
tags | tool, shell, firewall, bash
systems | linux, unix
MD5 | 4782344f2c16a8770d59a7bdf1f0e781
WordPress CSV Import 1.0 Cross Site Scripting
Posted Feb 24, 2016
Authored by Rahul Pratap Singh

WordPress CSV Import plugin version 1.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 1d80babd912ba6c8b93408958739d95f
OpenAM 9 / 10 Cross Site Scripting
Posted Feb 24, 2016
Authored by Stephan Sekula

OpenAM versions 9 through 9.5.5 and 10.0.0 through 10.0.2 suffer from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 2c96adef7fee318232922ee072584e03
WordPress WP Advanced Importer 2.1.1 Cross Site Scripting
Posted Feb 24, 2016
Authored by Rahul Pratap Singh

WordPress WP Advanced Importer plugin version 2.1.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 220d535ae443e0cba547ef10842f3d74
WordPress Extra User Details 0.4.2 Privilege Escalation
Posted Feb 24, 2016
Authored by panVagenas

WordPress Extra User Details plugin version 0.4.2 suffers from a privilege escalation vulnerability.

tags | exploit
MD5 | fbaea9a3905e58ac3dbb3d68b7e8bb65
Adobe Experience Manager 6.1.0 Cross Site Scripting
Posted Feb 24, 2016
Authored by Damian Pfammatter

Adobe Experience Manager version 6.1.0 suffers from a cross site scripting vulnerability.

tags | advisory, xss
advisories | CVE-2015-0955
MD5 | 48218dfc38bed9401589b16f60e9d736
XSSer Penetration Testing Tool 1.7b
Posted Feb 24, 2016
Authored by psy | Site xsser.03c8.net

XSSer is an open source penetration testing tool that automates the process of detecting and exploiting XSS injections against different applications. It contains several options to try to bypass certain filters, and various special techniques of code injection.

Changes: Removed deprecated features. Updated Automatic XSS vectors list. Added XST. Many other updates and fixes.
tags | tool, scanner
systems | unix
MD5 | ad6c62a16b72c1ef8d9538c9da4dd5f7
WordPress WP Ultimate Exporter 1.0 Cross Site Scripting
Posted Feb 24, 2016
Authored by Rahul Pratap Singh

WordPress WP Ultimate Exporter plugin version 1.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 6dbe68ceab43a497554a88f5c5f39372
WordPress Import Woocommerce 1.0.1 Cross Site Scripting
Posted Feb 24, 2016
Authored by Rahul Pratap Singh

WordPress Import Woocommerce plugin version 1.0.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 3e7aa52c5401a8df2a0d1068670384e0
RozBlog Weblog Service Cross Site Request Forgery / Cross Site Scripting
Posted Feb 24, 2016
Authored by Ehsan Hosseini

RozBlog Weblog Service suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
MD5 | ccd7779facadcf053af1b773e5acc8a9
OpenAM Open Redirect
Posted Feb 24, 2016
Authored by Stephan Sekula

Compass Security discovered a web application security flaw in the OpenAM application which allows an attacker to launch phishing attacks against users by redirecting them to a malicious website. An attacker is able to create a link that, when visited, will redirect the user to a website of the attacker's choosing once the victim attempts to login. This allows, for instance, phishing of user credentials. Since it is the victim who needs to visit the malicious link, this attack is possible for unauthenticated attackers who do not have access to the affected websites. Versions 9.5.5, 10.0.2, 10.1.0-Xpress, 11.0.0 through 11.0.3, and 12.0.0 through 12.0.2 are vulnerable.

tags | exploit, web
MD5 | 11a3182c263491124e3e0a99ecee5777
WordPress Calculated Fields Form 1.0.x Session Hijacking
Posted Feb 24, 2016
Authored by Joaquin Ramirez Martinez

WordPress Calculated Fields Form plugin versions 1.0.x and below suffer from Http_only bypass and session hijacking vulnerabilities.

tags | exploit, vulnerability
MD5 | bd3aff22ee6ea239445f0e548eabc528
Page 1 of 1
Back1Next

File Archive:

October 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    15 Files
  • 2
    Oct 2nd
    16 Files
  • 3
    Oct 3rd
    15 Files
  • 4
    Oct 4th
    15 Files
  • 5
    Oct 5th
    11 Files
  • 6
    Oct 6th
    6 Files
  • 7
    Oct 7th
    2 Files
  • 8
    Oct 8th
    1 Files
  • 9
    Oct 9th
    13 Files
  • 10
    Oct 10th
    16 Files
  • 11
    Oct 11th
    15 Files
  • 12
    Oct 12th
    23 Files
  • 13
    Oct 13th
    13 Files
  • 14
    Oct 14th
    12 Files
  • 15
    Oct 15th
    2 Files
  • 16
    Oct 16th
    16 Files
  • 17
    Oct 17th
    2 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close