what you don't know can hurt you
Showing 1 - 20 of 20 RSS Feed

Files Date: 2016-03-01

ATutor 2.2.1 SQL Injection / Remote Code Execution
Posted Mar 1, 2016
Authored by mr_me | Site metasploit.com

This Metasploit module exploits a SQL Injection vulnerability and an authentication weakness vulnerability in ATutor. This essentially means an attacker can bypass authentication and reach the administrators interface where they can upload malicious code. You are required to login to the target to reach the SQL Injection, however this can be done as a student account and remote registration is enabled by default.

tags | exploit, remote, sql injection
advisories | CVE-2016-2555
MD5 | 8f6d088c813792254d8bdcbdbe09e2d0
Microsoft PowerPoint Viewer 12.0.6600.1000 DLL Hijacking
Posted Mar 1, 2016
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Microsoft PowerPoint Viewer version 12.0.6600.1000 suffers from a DLL hijacking vulnerability.

tags | exploit
systems | windows
MD5 | 2a755f926620d3e0ed78fe4c04d77b9a
Crouzet em4 soft 1.1.04 / M3 soft 3.1.2.0 Insecure File Permissions
Posted Mar 1, 2016
Authored by LiquidWorm | Site zeroscience.mk

em4 soft and M3 soft both suffer from a privilege escalation vulnerability. Executables can be changed by an authenticated user due to improper permissions.

tags | exploit
MD5 | 6866917176102986450ac2d49c1a8f79
Crouzet em4 soft 1.1.04 Integer Division By Zero
Posted Mar 1, 2016
Authored by LiquidWorm | Site zeroscience.mk

em4 soft suffers from a division by zero attack when handling Crouzet Logic Software Document '.pm4' files, resulting in denial of service vulnerability and possibly loss of data.

tags | exploit, denial of service
systems | linux
MD5 | 1650f696fb22cb2c6cd85ad11e311e82
Sophos UTM 525 Full Guard Cross Site Scripting
Posted Mar 1, 2016
Authored by Dr. Adrian Vollmer

Inserting an HTML 'script' tag into the URL of a web site protected by Sophos UTM 525 yields an error page which contains the 'script' tag unfiltered. Executing malicious JavaScript code in the victim's browser is therefore straightforward.

tags | exploit, web, javascript
MD5 | 38d07a3666a3520683a372ffcc9aacc9
OpenSSL Toolkit 1.0.2g
Posted Mar 1, 2016
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.

Changes: Disabled weak ciphers in SSLv3 and up in default builds of OpenSSL. Disabled SSLv2 default build, default negotiation and weak ciphers. Fixed a double-free in DSA code. Various other security issues addressed.
tags | tool, encryption, protocol
systems | unix
advisories | CVE-2016-0702, CVE-2016-0705, CVE-2016-0797, CVE-2016-0798, CVE-2016-0799
MD5 | f3c710c045cdee5fd114feb69feba7aa
WordPress GravityForms 1.9.15.11 Cross Site Scripting
Posted Mar 1, 2016
Authored by Henri Salo

WordPress GravityForms plugin version 1.9.15.11 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | c142342ca683fa55e9fd70b3bcd9dbd0
perfact::mpa Persistent Cross Site Scripting
Posted Mar 1, 2016
Authored by Matthias Deeg, Sven Freund

The SySS GmbH found out that different functions of the web application perfact::mpa are prone to persistent cross-site scripting attacks due to insufficient user input validation.

tags | exploit, web, xss
MD5 | 395d8c6ac2a94747a5fd66073b16b801
perfact::mpa Insecure Direct Object Reference
Posted Mar 1, 2016
Authored by Matthias Deeg, Sven Freund

The SySS GmbH found out that different resources of the web application perfact::mpa can be directly accessed by the correct URL due to improper user authorization checks. That is, unauthorized users can access different functions of the perfact::mpa web application.

tags | exploit, web
MD5 | 4aa1d62edf7f18c1ddd9cfae562d5f2a
perfact::mpa Open Redirect
Posted Mar 1, 2016
Authored by Matthias Deeg, Sven Freund

The SySS GmbH found out that the web application perfact:mpa accepts user-controlled input via the URL parameter "redir" that can be used to redirect victims to an arbitrary site which simplifies so-called phishing attacks.

tags | exploit, web, arbitrary
MD5 | a36409ba1638534f55441d4e6d66c48d
perfact::mpa Insecure Direct Object Reference
Posted Mar 1, 2016
Authored by Matthias Deeg, Sven Freund

The SySS GmbH found out that any logged in user is able to download valid VPN configuration files of arbitrary existing remote sessions. All an intruder needs to know is the URL with the dynamic parameter "brsessid". Due to the modification of this incremental increasing integer value, it is possible to enumerate and download a valid VPN configuration file for every existing remote session.

tags | exploit, remote, arbitrary
MD5 | bd6687c30d8cf65256ea36411f6d8bfd
perfact::mpa Cross Site Request Forgery
Posted Mar 1, 2016
Authored by Matthias Deeg, Sven Freund

The tested web application perfact::mpa offers no protection against cross-site request forgery (CSRF) attacks. This kind of attack forces end users respectively their web browsers to perform unwanted actions in a web application context in which they are currently authenticated.

tags | exploit, web, csrf
MD5 | daf2d017144129e99597de33fb726147
perfact::mpa Insecure Direct Object Reference
Posted Mar 1, 2016
Authored by Matthias Deeg, Sven Freund

SySS GmbH found out that unauthorized users are able to download arbitrary files of other users that have been uploaded via the file upload functionality. As the file names of uploaded files are incremental integer values, it is possible to enumerate and download all uploaded files without any authorization.

tags | exploit, arbitrary, file upload
MD5 | 144e141f58e04e5f34a3cd1065a4e29a
perfact::mpa Reflected Cross Site Scripting
Posted Mar 1, 2016
Authored by Matthias Deeg, Sven Freund

SySS GmbH found out that the request new user and translation functionalities of the web application perfact::mpa are prone to reflected cross-site scripting attacks.

tags | exploit, web, xss
MD5 | 90e4d95861b1c3c40a936470c24a1c83
Packet Storm New Exploits For February, 2016
Posted Mar 1, 2016
Authored by Todd J. | Site packetstormsecurity.com

This archive contains all of the 240 exploits added to Packet Storm in February, 2016.

tags | exploit
systems | linux
MD5 | 5fef3c5194aedcf445608b2b5a901a9b
Red Hat Security Advisory 2016-0328-01
Posted Mar 1, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0328-01 - OpenStack Object Storage provides object storage in virtual containers, which allows users to store and retrieve files. The service's distributed architecture supports horizontal scaling; redundancy as failure-proofing is provided through software-based data replication. Because Object Storage supports asynchronous eventual consistency replication, it is well suited to multiple data-center deployment. A memory-leak issue was found in OpenStack Object Storage, in the proxy-to-server connection. An OpenStack-authenticated attacker could remotely trigger this flaw to cause denial of service through excess memory consumption.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2016-0737, CVE-2016-0738
MD5 | de4df2c1f22fdc784d94a97617f6b1c2
Red Hat Security Advisory 2016-0329-01
Posted Mar 1, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0329-01 - OpenStack Object Storage provides object storage in virtual containers, which allows users to store and retrieve files. The service's distributed architecture supports horizontal scaling; redundancy as failure-proofing is provided through software-based data replication. Because Object Storage supports asynchronous eventual consistency replication, it is well suited to multiple data-center deployment. A memory-leak issue was found in OpenStack Object Storage, in the proxy-to-server connection. An OpenStack-authenticated attacker could remotely trigger this flaw to cause denial of service through excess memory consumption.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2016-0737, CVE-2016-0738
MD5 | b3dafc615ab4c5582bb3f273d0def2b3
HPE Security Bulletin HPSBUX03552 SSRT102983 1
Posted Mar 1, 2016
Authored by Hewlett Packard Enterprise | Site hpe.com

HPE Security Bulletin HPSBUX03552 SSRT102983 1 - A potential security vulnerability has been identified in the HP-UX BIND service running named. This vulnerability could be exploited remotely to create a Denial of Service (DoS). Revision 1 of this advisory.

tags | advisory, denial of service
systems | hpux
advisories | CVE-2015-8000, CVE-2015-8704
MD5 | 990491c29ed5a00d78eeb6acee8d1a2c
Red Hat Security Advisory 2016-0321-01
Posted Mar 1, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0321-01 - Red Hat JBoss Fuse, based on Apache ServiceMix, provides a small-footprint, flexible, open source enterprise service bus and integration platform. This patch is an update to Red Hat JBoss Fuse 6.2.1. It includes several bug fixes, which are documented in the readme.txt file included with the patch files. The following security issue is addressed in this release: It was found that Apache CXF permitted wrapping attacks in its support for SAML SSO. A malicious user could construct a SAML response that would bypass the login screen and possibly gain access to restricted information or resources.

tags | advisory
systems | linux, redhat
advisories | CVE-2015-5253
MD5 | 121c9dd4e4c75f34c4aa521ef0f48710
Mandos Encrypted File System Unattended Reboot Utility 1.7.3
Posted Mar 1, 2016
Authored by Teddy | Site fukt.bsnet.se

The Mandos system allows computers to have encrypted root file systems and at the same time be capable of remote or unattended reboots. The computers run a small client program in the initial RAM disk environment which will communicate with a server over a network. All network communication is encrypted using TLS. The clients are identified by the server using an OpenPGP key that is unique to each client. The server sends the clients an encrypted password. The encrypted password is decrypted by the clients using the same OpenPGP key, and the password is then used to unlock the root file system.

Changes: Multiple bug fixes.
tags | tool, remote, root
systems | linux, unix
MD5 | 1df72bed5a0a71c080b546e663cdb9f8
Page 1 of 1
Back1Next

File Archive:

March 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    15 Files
  • 2
    Mar 2nd
    5 Files
  • 3
    Mar 3rd
    3 Files
  • 4
    Mar 4th
    25 Files
  • 5
    Mar 5th
    20 Files
  • 6
    Mar 6th
    16 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    12 Files
  • 9
    Mar 9th
    3 Files
  • 10
    Mar 10th
    4 Files
  • 11
    Mar 11th
    23 Files
  • 12
    Mar 12th
    12 Files
  • 13
    Mar 13th
    12 Files
  • 14
    Mar 14th
    19 Files
  • 15
    Mar 15th
    12 Files
  • 16
    Mar 16th
    3 Files
  • 17
    Mar 17th
    1 Files
  • 18
    Mar 18th
    15 Files
  • 19
    Mar 19th
    22 Files
  • 20
    Mar 20th
    14 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    15 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close