Twenty Year Anniversary
Showing 1 - 19 of 19 RSS Feed

Files Date: 2016-02-24

Slackware Security Advisory - glibc Updates
Posted Feb 24, 2016
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New glibc packages are available for Slackware 14.1 and -current to fix security issues.

tags | advisory
systems | linux, slackware
advisories | CVE-2015-7547
MD5 | 010bd93b969adaed5c346420fa4203b7
Slackware Security Advisory - bind Updates
Posted Feb 24, 2016
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New bind packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix security issues.

tags | advisory
systems | linux, slackware
advisories | CVE-2015-8704, CVE-2015-8705
MD5 | afeea642bf01db52a67f56d67f702741
Red Hat Security Advisory 2016-0296-01
Posted Feb 24, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0296-01 - The rh-ror41 collection provides Ruby on Rails version 4.1. Ruby on Rails is a model-view-controller framework for web application development. The following issue was corrected in rubygem-actionpack and rubygem-actionview: A directory traversal flaw was found in the way the Action View component searched for templates for rendering. If an application passed untrusted input to the 'render' method, a remote, unauthenticated attacker could use this to render unexpected files and, possibly, execute arbitrary code.

tags | advisory, remote, web, arbitrary, ruby
systems | linux, redhat
advisories | CVE-2015-7576, CVE-2015-7577, CVE-2015-7581, CVE-2016-0751, CVE-2016-0752, CVE-2016-0753
MD5 | d4f1069c40dbe095d50cd42102acc0d2
Debian Security Advisory 3489-1
Posted Feb 24, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3489-1 - lighttpd, a small webserver, is vulnerable to the POODLE attack via the use of SSLv3. This protocol is now disabled by default.

tags | advisory, protocol
systems | linux, debian
advisories | CVE-2014-3566
MD5 | ce211e65fb09a084edf2c176770cd02e
Debian Security Advisory 3488-1
Posted Feb 24, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3488-1 - Aris Adamantiadis discovered that libssh, a tiny C SSH library, incorrectly generated a short ephemeral secret for the diffie-hellman-group1 and diffie-hellman-group14 key exchange methods. The resulting secret is 128 bits long, instead of the recommended sizes of 1024 and 2048 bits respectively. This flaw could allow an eavesdropper with enough resources to decrypt or intercept SSH sessions.

tags | advisory
systems | linux, debian
advisories | CVE-2016-0739
MD5 | a237ea88f298ac9e8c4cb35e2519e94b
IPSet List 3.3
Posted Feb 24, 2016
Authored by AllKind | Site sourceforge.net

ipset_list is a wrapper script for listing sets of the netfilter ipset program. It allows you to match and display sets, headers, and elements in various ways. Optionally, the output can be colorized.

Changes: Various updates.
tags | tool, firewall
systems | linux, unix
MD5 | 05b3f928262a7318b28ed6d8bfa10cd3
IPTables Bash Completion 1.6
Posted Feb 24, 2016
Authored by AllKind | Site sourceforge.net

iptables-bash_completion provides programmable completion for the iptables and ip6tables programs from netfilter.org. Following the logic of iptables, options are shown only if they are valid at the current context. Additionally to the completion on options, matches and targets, it supports dynamic retrieval of data from the system i.e: chain-, set-names, interfaces, hostnames, etc. Environment variables allow to fine grade completion options. IP and MAC addresses can be fed by file.

Changes: Various updates and improvements.
tags | tool, firewall
systems | linux, unix
MD5 | 537872139853de4fb33abf9b12a77da8
IPSet Bash Completion 2.9.1
Posted Feb 24, 2016
Authored by AllKind | Site sourceforge.net

ipset-bash-completion is programmable completion code for the bash shell, to support the ipset program (netfilter.org). It allows you to interactively retrieve and complete options, commands, set names, types, and members.

Changes: Various bug fixes and additions.
tags | tool, shell, firewall, bash
systems | linux, unix
MD5 | 4782344f2c16a8770d59a7bdf1f0e781
WordPress CSV Import 1.0 Cross Site Scripting
Posted Feb 24, 2016
Authored by Rahul Pratap Singh

WordPress CSV Import plugin version 1.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 1d80babd912ba6c8b93408958739d95f
OpenAM 9 / 10 Cross Site Scripting
Posted Feb 24, 2016
Authored by Stephan Sekula

OpenAM versions 9 through 9.5.5 and 10.0.0 through 10.0.2 suffer from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 2c96adef7fee318232922ee072584e03
WordPress WP Advanced Importer 2.1.1 Cross Site Scripting
Posted Feb 24, 2016
Authored by Rahul Pratap Singh

WordPress WP Advanced Importer plugin version 2.1.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 220d535ae443e0cba547ef10842f3d74
WordPress Extra User Details 0.4.2 Privilege Escalation
Posted Feb 24, 2016
Authored by panVagenas

WordPress Extra User Details plugin version 0.4.2 suffers from a privilege escalation vulnerability.

tags | exploit
MD5 | fbaea9a3905e58ac3dbb3d68b7e8bb65
Adobe Experience Manager 6.1.0 Cross Site Scripting
Posted Feb 24, 2016
Authored by Damian Pfammatter

Adobe Experience Manager version 6.1.0 suffers from a cross site scripting vulnerability.

tags | advisory, xss
advisories | CVE-2015-0955
MD5 | 48218dfc38bed9401589b16f60e9d736
XSSer Penetration Testing Tool 1.7b
Posted Feb 24, 2016
Authored by psy | Site xsser.03c8.net

XSSer is an open source penetration testing tool that automates the process of detecting and exploiting XSS injections against different applications. It contains several options to try to bypass certain filters, and various special techniques of code injection.

Changes: Removed deprecated features. Updated Automatic XSS vectors list. Added XST. Many other updates and fixes.
tags | tool, scanner
systems | unix
MD5 | ad6c62a16b72c1ef8d9538c9da4dd5f7
WordPress WP Ultimate Exporter 1.0 Cross Site Scripting
Posted Feb 24, 2016
Authored by Rahul Pratap Singh

WordPress WP Ultimate Exporter plugin version 1.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 6dbe68ceab43a497554a88f5c5f39372
WordPress Import Woocommerce 1.0.1 Cross Site Scripting
Posted Feb 24, 2016
Authored by Rahul Pratap Singh

WordPress Import Woocommerce plugin version 1.0.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 3e7aa52c5401a8df2a0d1068670384e0
RozBlog Weblog Service Cross Site Request Forgery / Cross Site Scripting
Posted Feb 24, 2016
Authored by Ehsan Hosseini

RozBlog Weblog Service suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
MD5 | ccd7779facadcf053af1b773e5acc8a9
OpenAM Open Redirect
Posted Feb 24, 2016
Authored by Stephan Sekula

Compass Security discovered a web application security flaw in the OpenAM application which allows an attacker to launch phishing attacks against users by redirecting them to a malicious website. An attacker is able to create a link that, when visited, will redirect the user to a website of the attacker's choosing once the victim attempts to login. This allows, for instance, phishing of user credentials. Since it is the victim who needs to visit the malicious link, this attack is possible for unauthenticated attackers who do not have access to the affected websites. Versions 9.5.5, 10.0.2, 10.1.0-Xpress, 11.0.0 through 11.0.3, and 12.0.0 through 12.0.2 are vulnerable.

tags | exploit, web
MD5 | 11a3182c263491124e3e0a99ecee5777
WordPress Calculated Fields Form 1.0.x Session Hijacking
Posted Feb 24, 2016
Authored by Joaquin Ramirez Martinez

WordPress Calculated Fields Form plugin versions 1.0.x and below suffer from Http_only bypass and session hijacking vulnerabilities.

tags | exploit, vulnerability
MD5 | bd3aff22ee6ea239445f0e548eabc528
Page 1 of 1
Back1Next

Want To Donate?


Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

File Archive:

May 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    15 Files
  • 2
    May 2nd
    17 Files
  • 3
    May 3rd
    30 Files
  • 4
    May 4th
    29 Files
  • 5
    May 5th
    2 Files
  • 6
    May 6th
    3 Files
  • 7
    May 7th
    13 Files
  • 8
    May 8th
    27 Files
  • 9
    May 9th
    17 Files
  • 10
    May 10th
    15 Files
  • 11
    May 11th
    8 Files
  • 12
    May 12th
    2 Files
  • 13
    May 13th
    8 Files
  • 14
    May 14th
    7 Files
  • 15
    May 15th
    43 Files
  • 16
    May 16th
    19 Files
  • 17
    May 17th
    16 Files
  • 18
    May 18th
    15 Files
  • 19
    May 19th
    3 Files
  • 20
    May 20th
    7 Files
  • 21
    May 21st
    15 Files
  • 22
    May 22nd
    40 Files
  • 23
    May 23rd
    61 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close