what you don't know can hurt you
Showing 1 - 8 of 8 RSS Feed

Files Date: 2016-03-19

Debian Security Advisory 3520-1
Posted Mar 19, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3520-1 - Multiple security issues have been found in Icedove, Debian's version of integer overflows, buffer overflows and other implementation errors may lead to the execution of arbitrary code or denial of service.

tags | advisory, denial of service, overflow, arbitrary
systems | linux, debian
advisories | CVE-2016-1950, CVE-2016-1954, CVE-2016-1957, CVE-2016-1960, CVE-2016-1961, CVE-2016-1962, CVE-2016-1964, CVE-2016-1966, CVE-2016-1974, CVE-2016-1977, CVE-2016-2790, CVE-2016-2791, CVE-2016-2792, CVE-2016-2793, CVE-2016-2794, CVE-2016-2795, CVE-2016-2796, CVE-2016-2797, CVE-2016-2798, CVE-2016-2799, CVE-2016-2800, CVE-2016-2801, CVE-2016-2802
MD5 | a276782c9d687560743f084d8ec443d7
Fortinet FortiOS Open Redirect / Cross Site Scripting
Posted Mar 19, 2016
Authored by Javier Nieto

Fortinet FortiOS suffers from cross site scripting and open redirect vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 2ac305d34995b9870ff20a43b6a10bd2
Nmap Port Scanner 7.10
Posted Mar 19, 2016
Authored by Fyodor | Site insecure.org

Nmap is a utility for port scanning large networks, although it works fine for single hosts. Sometimes you need speed, other times you may need stealth. In some cases, bypassing firewalls may be required. Not to mention the fact that you may want to scan different protocols (UDP, TCP, ICMP, etc.). Nmap supports Vanilla TCP connect() scanning, TCP SYN (half open) scanning, TCP FIN, Xmas, or NULL (stealth) scanning, TCP ftp proxy (bounce attack) scanning, SYN/FIN scanning using IP fragments (bypasses some packet filters), TCP ACK and Window scanning, UDP raw ICMP port unreachable scanning, ICMP scanning (ping-sweep), TCP Ping scanning, Direct (non portmapper) RPC scanning, Remote OS Identification by TCP/IP Fingerprinting, and Reverse-ident scanning. Nmap also supports a number of performance and reliability features such as dynamic delay time calculations, packet timeout and retransmission, parallel port scanning, detection of down hosts via parallel pings.

Changes: Integrated 12 IPv6 OS fingerprint submissions. Integrated all service/version fingerprinted submitted. Various other updates and fixes.
tags | tool, remote, udp, tcp, protocol, nmap
systems | linux, unix
MD5 | 0051acbd6e689f051c49ed86fb60873d
Lynis Auditing Tool 2.2.0
Posted Mar 19, 2016
Authored by Michael Boelen | Site cisofy.com

Lynis is an auditing tool for Unix (specialists). It scans the system and available software to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated auditing, software patch management, vulnerability and malware scanning of Unix based systems.

Changes: This is a major upgrade, and the result of many months of work. This version includes new features and tests, and many small enhancements.
tags | tool, scanner
systems | unix
MD5 | b6d4002235a4869d265b863bfe4cd23b
WebsiteBaker CMS 2.8.3-SP5 SQL Injection
Posted Mar 19, 2016
Authored by High-Tech Bridge SA | Site htbridge.com

WebsiteBaker CMS version 2.8.3-SP5 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 69330a6fe7667f02104599b1144bfadc
Dating Pro Genie 2015.7 Cross Site Request Forgery
Posted Mar 19, 2016
Authored by High-Tech Bridge SA | Site htbridge.com

High-Tech Bridge Security Research Lab discovered multiple cross site request forgery (CSRF) vulnerabilities in a popular dating social network Dating Pro. A remote unauthenticated attacker can perform CSRF attacks to change administrator's credentials and execute arbitrary system commands. Successful exploitation of the vulnerability may allow attacker to gain complete control over the vulnerable website, all its users and databases. suffers from a cross site request forgery vulnerability.

tags | exploit, remote, arbitrary, vulnerability, csrf
MD5 | 6225a52c8bb3be14cee831fc15751f60
iTop 2.2.1 Cross Site Request Forgery
Posted Mar 19, 2016
Authored by High-Tech Bridge SA | Site htbridge.com

High-Tech Bridge Security Research Lab discovered a remote code execution vulnerability in iTop that is exploitable via cross site request forgery flaw that is also present in the application. The vulnerability exists due to absence of validation of HTTP request origin in "/env-production/itop-config/config.php" script, as well as lack of user-input sanitization received via "new_config" HTTP POST parameter.

tags | exploit, remote, web, php, code execution, csrf
MD5 | 6c1e08a78adbc88647d34f2bddd3520a
Avira PE Section Header Parsing Heap Underflow
Posted Mar 19, 2016
Authored by Tavis Ormandy, Google Security Research

Avira suffers from a heap underflow vulnerability when parsing PE section headers.

tags | exploit
systems | linux
MD5 | fcd5e607e8499a343b1957dc2234307d
Page 1 of 1

File Archive:

September 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    20 Files
  • 2
    Sep 2nd
    15 Files
  • 3
    Sep 3rd
    15 Files
  • 4
    Sep 4th
    4 Files
  • 5
    Sep 5th
    1 Files
  • 6
    Sep 6th
    1 Files
  • 7
    Sep 7th
    15 Files
  • 8
    Sep 8th
    27 Files
  • 9
    Sep 9th
    7 Files
  • 10
    Sep 10th
    16 Files
  • 11
    Sep 11th
    9 Files
  • 12
    Sep 12th
    0 Files
  • 13
    Sep 13th
    0 Files
  • 14
    Sep 14th
    25 Files
  • 15
    Sep 15th
    15 Files
  • 16
    Sep 16th
    15 Files
  • 17
    Sep 17th
    15 Files
  • 18
    Sep 18th
    12 Files
  • 19
    Sep 19th
    0 Files
  • 20
    Sep 20th
    0 Files
  • 21
    Sep 21st
    0 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2020 Packet Storm. All rights reserved.

Security Services
Hosting By