exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 19 of 19 RSS Feed

Files Date: 2016-02-24

Slackware Security Advisory - glibc Updates
Posted Feb 24, 2016
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New glibc packages are available for Slackware 14.1 and -current to fix security issues.

tags | advisory
systems | linux, slackware
advisories | CVE-2015-7547
SHA-256 | 8d4c291abde8bba7e5f00f2280fc0bcd15d6a57a664e9d206fc17566399f7d6f
Slackware Security Advisory - bind Updates
Posted Feb 24, 2016
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New bind packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix security issues.

tags | advisory
systems | linux, slackware
advisories | CVE-2015-8704, CVE-2015-8705
SHA-256 | 42e86b23c5c42c1c2293aece44ea736ce80e7fbbf55df298c230be1f1a6bc079
Red Hat Security Advisory 2016-0296-01
Posted Feb 24, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0296-01 - The rh-ror41 collection provides Ruby on Rails version 4.1. Ruby on Rails is a model-view-controller framework for web application development. The following issue was corrected in rubygem-actionpack and rubygem-actionview: A directory traversal flaw was found in the way the Action View component searched for templates for rendering. If an application passed untrusted input to the 'render' method, a remote, unauthenticated attacker could use this to render unexpected files and, possibly, execute arbitrary code.

tags | advisory, remote, web, arbitrary, ruby
systems | linux, redhat
advisories | CVE-2015-7576, CVE-2015-7577, CVE-2015-7581, CVE-2016-0751, CVE-2016-0752, CVE-2016-0753
SHA-256 | 33f627a2cd93446b36a77bf2e2d80c8c0986036c808f4d516649262a418ec657
Debian Security Advisory 3489-1
Posted Feb 24, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3489-1 - lighttpd, a small webserver, is vulnerable to the POODLE attack via the use of SSLv3. This protocol is now disabled by default.

tags | advisory, protocol
systems | linux, debian
advisories | CVE-2014-3566
SHA-256 | fc88a1fa23601fb407ecf1db601bf7b18c39dabde737a91f30afd206181614f7
Debian Security Advisory 3488-1
Posted Feb 24, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3488-1 - Aris Adamantiadis discovered that libssh, a tiny C SSH library, incorrectly generated a short ephemeral secret for the diffie-hellman-group1 and diffie-hellman-group14 key exchange methods. The resulting secret is 128 bits long, instead of the recommended sizes of 1024 and 2048 bits respectively. This flaw could allow an eavesdropper with enough resources to decrypt or intercept SSH sessions.

tags | advisory
systems | linux, debian
advisories | CVE-2016-0739
SHA-256 | 1988252901382621351e20121b78565f55bdb2d2c34f27c3e8ac0bfba280bda2
IPSet List 3.3
Posted Feb 24, 2016
Authored by AllKind | Site sourceforge.net

ipset_list is a wrapper script for listing sets of the netfilter ipset program. It allows you to match and display sets, headers, and elements in various ways. Optionally, the output can be colorized.

Changes: Various updates.
tags | tool, firewall
systems | linux, unix
SHA-256 | 7c0e0f1c240b0bab409ddff62f1d58e7a2af3946c198a88da78e4bc8f129cb76
IPTables Bash Completion 1.6
Posted Feb 24, 2016
Authored by AllKind | Site sourceforge.net

iptables-bash_completion provides programmable completion for the iptables and ip6tables programs from netfilter.org. Following the logic of iptables, options are shown only if they are valid at the current context. Additionally to the completion on options, matches and targets, it supports dynamic retrieval of data from the system i.e: chain-, set-names, interfaces, hostnames, etc. Environment variables allow to fine grade completion options. IP and MAC addresses can be fed by file.

Changes: Various updates and improvements.
tags | tool, firewall
systems | linux, unix
SHA-256 | 3df050988c168ba8b69ab222f119edeb9969baa43ebb6bd589acaf09d121b9d2
IPSet Bash Completion 2.9.1
Posted Feb 24, 2016
Authored by AllKind | Site sourceforge.net

ipset-bash-completion is programmable completion code for the bash shell, to support the ipset program (netfilter.org). It allows you to interactively retrieve and complete options, commands, set names, types, and members.

Changes: Various bug fixes and additions.
tags | tool, shell, firewall, bash
systems | linux, unix
SHA-256 | 25e06c5ddc6704c3182ef15077db6f3a133006ec2c1276f41403032fd715407f
WordPress CSV Import 1.0 Cross Site Scripting
Posted Feb 24, 2016
Authored by Rahul Pratap Singh

WordPress CSV Import plugin version 1.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 863e1032d1640aebfa24c19da831a78051d93f4903b0e68a3c869f3afc793193
OpenAM 9 / 10 Cross Site Scripting
Posted Feb 24, 2016
Authored by Stephan Sekula

OpenAM versions 9 through 9.5.5 and 10.0.0 through 10.0.2 suffer from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 733a8d04f8cafa6811d950b5abe8bdd81bee1de0eb014f68a90053b49909b05d
WordPress WP Advanced Importer 2.1.1 Cross Site Scripting
Posted Feb 24, 2016
Authored by Rahul Pratap Singh

WordPress WP Advanced Importer plugin version 2.1.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 1b8f7c393fd5bfcc67c14b8eb5c2d1f72de2983a7826ed9a0b7c4695eac37754
WordPress Extra User Details 0.4.2 Privilege Escalation
Posted Feb 24, 2016
Authored by Panagiotis Vagenas

WordPress Extra User Details plugin version 0.4.2 suffers from a privilege escalation vulnerability.

tags | exploit
SHA-256 | f1d6b143ddf59b28109375dabf804a5de16504ba3016c474fc3de3e0ca85578d
Adobe Experience Manager 6.1.0 Cross Site Scripting
Posted Feb 24, 2016
Authored by Damian Pfammatter

Adobe Experience Manager version 6.1.0 suffers from a cross site scripting vulnerability.

tags | advisory, xss
advisories | CVE-2015-0955
SHA-256 | a54484ffafb491780a175c9a4691a07ca789395aac5a086de2cb09dd76ae94c9
XSSer Penetration Testing Tool 1.7b
Posted Feb 24, 2016
Authored by psy | Site xsser.03c8.net

XSSer is an open source penetration testing tool that automates the process of detecting and exploiting XSS injections against different applications. It contains several options to try to bypass certain filters, and various special techniques of code injection.

Changes: Removed deprecated features. Updated Automatic XSS vectors list. Added XST. Many other updates and fixes.
tags | tool, scanner
systems | unix
SHA-256 | e76427aab3dc3833b04e100ded60a2eb29b0f01256f63bdd522d21a5e322a603
WordPress WP Ultimate Exporter 1.0 Cross Site Scripting
Posted Feb 24, 2016
Authored by Rahul Pratap Singh

WordPress WP Ultimate Exporter plugin version 1.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 16c004fd9727443274406df89a6cdaa87f63fc7c1c2bf00b8e278750c2510f74
WordPress Import Woocommerce 1.0.1 Cross Site Scripting
Posted Feb 24, 2016
Authored by Rahul Pratap Singh

WordPress Import Woocommerce plugin version 1.0.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | e1ebdab043cb433b08db920123aaf672c2c38a141cbaf95f44e861dc3301583f
RozBlog Weblog Service Cross Site Request Forgery / Cross Site Scripting
Posted Feb 24, 2016
Authored by Ehsan Hosseini

RozBlog Weblog Service suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
SHA-256 | cd128fdb0719f9f0a5fc9b56517fee549a3bbce6ab7f755891643664f2240a7c
OpenAM Open Redirect
Posted Feb 24, 2016
Authored by Stephan Sekula

Compass Security discovered a web application security flaw in the OpenAM application which allows an attacker to launch phishing attacks against users by redirecting them to a malicious website. An attacker is able to create a link that, when visited, will redirect the user to a website of the attacker's choosing once the victim attempts to login. This allows, for instance, phishing of user credentials. Since it is the victim who needs to visit the malicious link, this attack is possible for unauthenticated attackers who do not have access to the affected websites. Versions 9.5.5, 10.0.2, 10.1.0-Xpress, 11.0.0 through 11.0.3, and 12.0.0 through 12.0.2 are vulnerable.

tags | exploit, web
SHA-256 | 88f9d412f3d250d135b3a6b3b9f26c0dcfeb53a8228338a90e7281309a6da7e9
WordPress Calculated Fields Form 1.0.x Session Hijacking
Posted Feb 24, 2016
Authored by Joaquin Ramirez Martinez

WordPress Calculated Fields Form plugin versions 1.0.x and below suffer from Http_only bypass and session hijacking vulnerabilities.

tags | exploit, vulnerability
SHA-256 | 22fd62241b10270dd006f36d68ce4d0d900367987d8d02ce551d856593396acc
Page 1 of 1
Back1Next

File Archive:

June 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    0 Files
  • 2
    Jun 2nd
    0 Files
  • 3
    Jun 3rd
    18 Files
  • 4
    Jun 4th
    21 Files
  • 5
    Jun 5th
    0 Files
  • 6
    Jun 6th
    57 Files
  • 7
    Jun 7th
    6 Files
  • 8
    Jun 8th
    0 Files
  • 9
    Jun 9th
    0 Files
  • 10
    Jun 10th
    12 Files
  • 11
    Jun 11th
    27 Files
  • 12
    Jun 12th
    38 Files
  • 13
    Jun 13th
    16 Files
  • 14
    Jun 14th
    14 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    16 Files
  • 18
    Jun 18th
    26 Files
  • 19
    Jun 19th
    15 Files
  • 20
    Jun 20th
    16 Files
  • 21
    Jun 21st
    0 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close