exploit the possibilities
Showing 1 - 18 of 18 RSS Feed

Files Date: 2016-04-11

RSA BSAFE Lenstra's Attack
Posted Apr 11, 2016
Site emc.com

RSA BSAFE Micro Edition Suite, Crypto-C Micro Edition, Crypto-J, and SSL-J contain a fix to address Lenstra's attack. RSA BSAFE Micro Edition Suite (MES) 4.1.5, RSA BSAFE Crypto-C Micro Edition (CCME) 4.1.3, RSA BSAFE Crypto-J 6.2.1, and RSA BSAFE SSL-J 6.2.1 are affected.

tags | advisory, crypto
advisories | CVE-2016-0887
MD5 | 7ec29a2f462d5026880ce46986340850
Ubuntu Security Notice USN-2948-2
Posted Apr 11, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2948-2 - USN-2948-1 fixed vulnerabilities in the Ubuntu 14.10 Linux kernel backported to Ubuntu 14.04 LTS. An incorrect reference counting fix in the radeon driver introduced a regression that could cause a system crash. This update fixes the problem. Various other issues were also addressed.

tags | advisory, kernel, vulnerability
systems | linux, ubuntu
advisories | CVE-2015-7566, CVE-2015-7833, CVE-2015-8812, CVE-2016-0723, CVE-2016-2085, CVE-2016-2550, CVE-2016-2782, CVE-2016-2847
MD5 | 5c17b65739eeafa8100fd2d5b61e29cd
Debian Security Advisory 3547-1
Posted Apr 11, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3547-1 - Several vulnerabilities were discovered in Imagemagick, a program suite for image manipulation. This update fixes a large number of potential security problems such as null-pointer access and buffer-overflows that might lead to memory leaks or denial of service. Any of these security problems have a CVE number assigned.

tags | advisory, denial of service, overflow, vulnerability, memory leak
systems | linux, debian
MD5 | 116b770c9d251c6ae9bef91510446fc9
GNU Transport Layer Security Library 3.4.11
Posted Apr 11, 2016
Authored by Simon Josefsson, Nikos Mavrogiannopoulos | Site gnu.org

GnuTLS is a secure communications library implementing the SSL and TLS protocols and technologies around them. It provides a simple C language application programming interface (API) to access the secure communications protocols, as well as APIs to parse and write X.509, PKCS #12, OpenPGP, and other required structures. It is intended to be portable and efficient with a focus on security and interoperability. This is the previous stable release.

Changes: Various updates.
tags | protocol, library
MD5 | 4da148b5a0048aaac4961e2d9ba95798
Tinc Virtual Private Network Daemon 1.0.28
Posted Apr 11, 2016
Authored by Ivo Timmermans | Site tinc.nl.linux.org

tinc is a Virtual Private Network (VPN) daemon that uses tunneling and encryption to create a secure private network between multiple hosts on the Internet. This tunneling allows VPN sites to share information with each other over the Internet without exposing any information.

Changes: Fixed compilation on BSD platforms. Added systemd service files.
tags | tool, encryption
systems | unix
MD5 | 9ca14c9902fb4011b5df6a09ffd40ea9
Perl 5.22 VDir::MapPathA/W Out-Of-Bounds Reads / Buffer Over-Reads
Posted Apr 11, 2016
Authored by John Leitch

Perl version 5.22 suffers from two out-of-bounds reads and multiple small buffer over-read vulnerabilities in the VDir::MapPathA and VDir::MapPathW functions that could potentially be exploited to achieve arbitrary code execution.

tags | exploit, arbitrary, perl, vulnerability, code execution
advisories | CVE-2015-8608
MD5 | 7bd4f274aa06f06b50d992e05391c4ad
SnappingTurtle Web Exploitation Tool 0.1.0411.1609
Posted Apr 11, 2016
Authored by John Leitch

Exploit web applications with SnappingTurtle, a cross-platform tool written in Aphid and compiled into Python. SnappingTurtle can exploit SQL injection, arbitrary upload, local file inclusion, and cross-site scripting.

Changes: Improved PHP shell polymorphism. Multiple reliability improvements for LFI to RCE. Several functional improvements to SQL injection.
tags | tool, web, arbitrary, local, xss, sql injection, python, file inclusion
systems | unix
MD5 | 2be7b508b3f9e65340cbf87c0fa81573
Novell Service Desk 7.1.0 Code Execution / Information Disclosure
Posted Apr 11, 2016
Authored by Pedro Ribeiro

Novell Service Desk versions 7.1.0 and below suffer from code execution, information disclosure, cross site scripting, remote file upload, HQL injection, and traversal vulnerabilities.

tags | exploit, remote, vulnerability, code execution, xss, info disclosure, file upload
advisories | CVE-2016-1593, CVE-2016-1594, CVE-2016-1595, CVE-2016-1596
MD5 | 96ca11a4d3ed6007f2182749ed202e09
Linux/x86_64 Port 5600 Bindshell Shellcode
Posted Apr 11, 2016
Authored by Ajith KP

81 bytes small Linux/x86_64 bindshell shellcode that binds to port 5600.

tags | shellcode
systems | linux
MD5 | d6eaea7d59ba968ac2601a360d36fb8f
CAM UnZip 5.1 Path Traversal / Code Execution
Posted Apr 11, 2016
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

CAM UnZip version 5.1 suffers from a path traversal vulnerability that allows for code execution.

tags | exploit, code execution
MD5 | 3aadba5b964c2686a4b3e0a9701e6dd4
OpenCart Remote PHP Code Execution
Posted Apr 11, 2016
Authored by Naser Farhadi

OpenCart version suffers from a remote PHP code execution vulnerability.

tags | exploit, remote, php, code execution
MD5 | a0c62bd7f4f788bdad258431ef305892
WPN-XM 0.8.6 Cross Site Request Forgery
Posted Apr 11, 2016
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

WPN-XM version 0.8.6 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | 5ec3a61b683538a69832cdb21060f5b8
WPN-XM 0.8.6 Cross Site Scripting
Posted Apr 11, 2016
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

WPN-XM version 0.8.6 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 63606aedf99da9f40a800e310a740710
DirectAdmin Control Panel 1.50.0 Cross Site Scripting
Posted Apr 11, 2016
Authored by Amir

DirectAdmin Control Panel version 1.50.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 778f0fd111bb171019de201d1690f246
Apache OFBiz 13.07.02 / 13.07.01 Information Disclosure
Posted Apr 11, 2016
Authored by Jacques Leroux

Apache OFBiz versions 13.07.02 and 13.07.01 suffer from an information disclosure vulnerability.

tags | advisory, info disclosure
advisories | CVE-2016-2170
MD5 | 7077ed36b6f93f67aad1bfdd06b20521
Posted Apr 11, 2016
Authored by MustLive

DAVOSET is a tool for committing distributed denial of service attacks using execution on other sites.

Changes: Added support of XXE vulnerability in EMC Cloud Tiering Appliance. Added new services into full list of zombies. Removed non-working services from full list of zombies.
tags | tool, denial of service
MD5 | 7e3b38b0ed4a0d7d607a9a1c3458130e
Mobilya Scripti 2 Shell Upload
Posted Apr 11, 2016
Authored by Antidote

Mobilya Scripti 2 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
MD5 | 57632910d06519aa82384f3ae904a9e1
IDA SDK 6.9 Demo / IDA 5.0 Freeware DLL Hijacking
Posted Apr 11, 2016
Authored by Jeet Pandya

IDA SDK version 6.9 Demo and IDA 5.0 Freeware suffer from a DLL hijacking vulnerability.

tags | exploit
systems | windows
MD5 | 7074ded3429ece3120affa1bce9a1a96
Page 1 of 1

File Archive:

September 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    20 Files
  • 2
    Sep 2nd
    15 Files
  • 3
    Sep 3rd
    15 Files
  • 4
    Sep 4th
    4 Files
  • 5
    Sep 5th
    1 Files
  • 6
    Sep 6th
    1 Files
  • 7
    Sep 7th
    15 Files
  • 8
    Sep 8th
    27 Files
  • 9
    Sep 9th
    7 Files
  • 10
    Sep 10th
    16 Files
  • 11
    Sep 11th
    9 Files
  • 12
    Sep 12th
    0 Files
  • 13
    Sep 13th
    0 Files
  • 14
    Sep 14th
    25 Files
  • 15
    Sep 15th
    15 Files
  • 16
    Sep 16th
    15 Files
  • 17
    Sep 17th
    15 Files
  • 18
    Sep 18th
    12 Files
  • 19
    Sep 19th
    1 Files
  • 20
    Sep 20th
    1 Files
  • 21
    Sep 21st
    15 Files
  • 22
    Sep 22nd
    21 Files
  • 23
    Sep 23rd
    8 Files
  • 24
    Sep 24th
    15 Files
  • 25
    Sep 25th
    4 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2020 Packet Storm. All rights reserved.

Security Services
Hosting By