Exploit the possiblities
Showing 1 - 19 of 19 RSS Feed

Files Date: 2016-03-28

BMC Server Automation (BSA) RSCD Agent Unauthorized Password Reset
Posted Mar 28, 2016
Site bmc.com

A security vulnerability has been identified in BMC Server Automation (BSA) RSCD Agent on the Linux/Unix platforms. The vulnerability allows unauthorized remote password resets on a target server by using the Remote Procedure Call (RPC) API of the RSCD Agent. Windows agents are not affected. The flaw has been confirmed to exist in the following versions of BSA on Unix and Linux platforms: 8.2.x, 8.3.x, 8.5.x, 8.6.x and 8.7.x.

tags | advisory, remote
systems | linux, windows, unix
advisories | CVE-2016-1543
MD5 | d9397f186e1697e8dab27e5badc16632
BMC Server Automation (BSA) RSCD Agent User Enumeration
Posted Mar 28, 2016
Site bmc.com

A security vulnerability has been identified in BMC Server Automation (BSA) RSCD Agent on the Linux/Unix platforms. The vulnerability allows unauthorized remote user enumeration on a target server by using the Remote Procedure Call (RPC) API of the RSCD Agent. Windows agents are not affected. The flaw has been confirmed to exist in the following versions of BSA on Unix and Linux platforms: 8.2.x, 8.3.x, 8.5.x, 8.6.x and 8.7.x.

tags | advisory, remote
systems | linux, windows, unix
advisories | CVE-2016-1542
MD5 | ab18836e547e6d040c655878a9c27475
Cogent Datahub 7.3.9 Privilege Escalation
Posted Mar 28, 2016
Authored by mr_me

Cogent Datahub versions 7.3.9 and below suffer from a gamma script elevation of privilege vulnerability.

tags | exploit
advisories | CVE-2016-2288
MD5 | 12d7d9e98e2756f9c4d34f9b392ac23c
TallSoft SNMP TFTP Server 1.0.0 Denial Of Service
Posted Mar 28, 2016
Authored by Charley Celice

TallSoft SNMP TFTP server version 1.0.0 suffers from a denial of service vulnerability.

tags | exploit, denial of service
MD5 | 784b95040fb1e861487d88370b7046ec
SSLsplit 0.5.0
Posted Mar 28, 2016
Site roe.ch

SSLsplit is a tool for man-in-the-middle attacks against SSL/TLS encrypted network connections. Connections are transparently intercepted through a network address translation engine and redirected to SSLsplit. SSLsplit terminates SSL/TLS and initiates a new SSL/TLS connection to the original destination address, while logging all data transmitted. SSLsplit is intended to be useful for network forensics and penetration testing.

Changes: Added separate src/dst host and port format specifiers. Added signal SIGUSR1 to re-open long-living -l/-L log files. Removed all references to SHA-1 and small key RSA root CA keys from documentation, examples and unit testing. Various other updates and additions.
tags | tool, encryption
MD5 | 1d193765b287cce7af0500548e0de893
Debian Security Advisory 3532-1
Posted Mar 28, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3532-1 - Kostya Kortchinsky discovered a stack-based buffer overflow vulnerability in the VPNv4 NLRI parser in bgpd in quagga, a BGP/OSPF/RIP routing daemon. A remote attacker can exploit this flaw to cause a denial of service (daemon crash), or potentially, execution of arbitrary code, if bgpd is configured with BGP peers enabled for VPNv4.

tags | advisory, remote, denial of service, overflow, arbitrary
systems | linux, debian
advisories | CVE-2016-2342
MD5 | 0fe27d2e21d7bdb9a0d6191969679e0b
Trend Micro Deep Discovery Inspector 3.7 / 3.8 CSRF
Posted Mar 28, 2016
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Trend Micro Deep Discovery versions 3.7 and 3.8 suffer from multiple cross site request forgery vectors. If an authenticated user visits a malicious webpage attackers will have ability to modify many settings of the Deep Discovery application to that of the attackers choosing.

tags | exploit, csrf
MD5 | e23ee45e653c4c95887729642781b660
IP-Array IPTables Firewall Script 1.2.2
Posted Mar 28, 2016
Authored by AllKind | Site ip-array.sourceforge.net

A Linux IPv4 firewall and traffic shaper for single hosts to small and mid-sized networks. It allows flexible rule creation, while also shipping with presets for common needs. Rules are written in simple XML, allowing various ways to group and nest the iptables arguments. An interactive mode is available in order to build configuration files in a wizard based manner. Extensive documentation is also included.

Changes: This is a bugfix only release. One critical, a few major, and some minor bugs have been fixed.
tags | tool
systems | linux, unix
MD5 | 850849317e02b9135600bc85f7643c34
IPSet List 3.5.1
Posted Mar 28, 2016
Authored by AllKind | Site sourceforge.net

ipset_list is a wrapper script written in bash for listing sets of the netfilter ipset program. It allows you to match and display sets, headers, and elements in various ways. The output can optionally be colorized. An interactive mode allows to select the query options in a wizard based manner.

Changes: Added option -Gp. Added an install and an uninstall script. Various other fixes.
tags | tool, firewall, bash
systems | linux, unix
MD5 | e8283242b04a9af1b1987d6d20dfcdc0
WordPress Photocart Link 1.6 Local File Inclusion
Posted Mar 28, 2016
Authored by CrashBandicot

WordPress Photocart Link plugin version 1.6 suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
MD5 | be8d1b41add5be1cffaeace520019d67
WordPress IMDb Profile Widget 1.0.8 Local File Inclusion
Posted Mar 28, 2016
Authored by CrashBandicot

WordPress IMDb Profile Widget plugin version 1.0.8 suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
MD5 | b154bb224c6175636a8844068685eee7
WordPress Visual Form Builder 2.8.6 Cross Site Scripting
Posted Mar 28, 2016
Authored by Sachin Wagh

WordPress Visual Form Builder plugin version 2.8.6 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 855b7b6b6a6390165f50cf3fcc37156c
WordPress Music Store 1.0.41 Cross Site Scripting
Posted Mar 28, 2016
Authored by Sachin Wagh

WordPress Music Store plugin version 1.0.41 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 4e6008d9023a01f4fc2ac0246aae6dfe
WordPress CloudFlare 1.3.20 Cross Site Scripting
Posted Mar 28, 2016
Authored by Sachin Wagh

WordPress CloudFlare plugin version 1.3.20 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | ca3a9bea4a8697b62443e0950141b7a3
WordPress Claptastic Clap! Button 1.3 Cross Site Scripting
Posted Mar 28, 2016
Authored by Sachin Wagh

WordPress Claptastic Clap! Button plugin version 1.3 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 20bb1a46cdf08437e85882de5f5635c9
Adobe Flash PCRE Regex Complication Logic Issue
Posted Mar 28, 2016
Authored by Google Security Research, markbrand

There's a logic error in the PCRE engine version used in Adobe Flash that allows the execution of arbitrary PCRE bytecode, with potential for memory corruption and remote code execution.

tags | exploit, remote, arbitrary, code execution
systems | linux
advisories | CVE-2015-0318
MD5 | 43c83074e81ccb772958541a0b26c2f2
C2Box 4.0.0(r19171) Validation Bypass
Posted Mar 28, 2016
Authored by Harish Ramadoss

C2Box versions 4.0.0(r19171) and below suffer from a validation bypass vulnerability.

tags | exploit, bypass
advisories | CVE-2015-4626
MD5 | a3cb690524c1f8e1e55a23ae7d879104
Linux x86 / x64 execve(/bin/bash) Shellcode
Posted Mar 28, 2016
Authored by Ajith KP

33 bytes small Linux x86 / x64 execve(/bin/bash) shellcode.

tags | x86, shellcode, bash
systems | linux
MD5 | 4fad56246b397db1d2afc362fd9c0885
D-Link DVG-5402SP CSRF / Brute Force
Posted Mar 28, 2016
Authored by MustLive

D-Link DVG-5402SP with firmware RU_1.01 suffers from brute force and cross site request forgery vulnerabilities.

tags | exploit, vulnerability, csrf
MD5 | 3c58ccc118a38b04e663e51c7f01270c
Page 1 of 1
Back1Next

File Archive:

December 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    15 Files
  • 2
    Dec 2nd
    2 Files
  • 3
    Dec 3rd
    1 Files
  • 4
    Dec 4th
    15 Files
  • 5
    Dec 5th
    15 Files
  • 6
    Dec 6th
    18 Files
  • 7
    Dec 7th
    17 Files
  • 8
    Dec 8th
    15 Files
  • 9
    Dec 9th
    13 Files
  • 10
    Dec 10th
    4 Files
  • 11
    Dec 11th
    41 Files
  • 12
    Dec 12th
    44 Files
  • 13
    Dec 13th
    25 Files
  • 14
    Dec 14th
    15 Files
  • 15
    Dec 15th
    28 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close