what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 18 of 18 RSS Feed

Files Date: 2016-04-11

RSA BSAFE Lenstra's Attack
Posted Apr 11, 2016
Site emc.com

RSA BSAFE Micro Edition Suite, Crypto-C Micro Edition, Crypto-J, and SSL-J contain a fix to address Lenstra's attack. RSA BSAFE Micro Edition Suite (MES) 4.1.5, RSA BSAFE Crypto-C Micro Edition (CCME) 4.1.3, RSA BSAFE Crypto-J 6.2.1, and RSA BSAFE SSL-J 6.2.1 are affected.

tags | advisory, crypto
advisories | CVE-2016-0887
SHA-256 | c3b17fc3ee05ab56bbef557f3dbd0a4892dd5ce2a6e58fcae51101192165854f
Ubuntu Security Notice USN-2948-2
Posted Apr 11, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2948-2 - USN-2948-1 fixed vulnerabilities in the Ubuntu 14.10 Linux kernel backported to Ubuntu 14.04 LTS. An incorrect reference counting fix in the radeon driver introduced a regression that could cause a system crash. This update fixes the problem. Various other issues were also addressed.

tags | advisory, kernel, vulnerability
systems | linux, ubuntu
advisories | CVE-2015-7566, CVE-2015-7833, CVE-2015-8812, CVE-2016-0723, CVE-2016-2085, CVE-2016-2550, CVE-2016-2782, CVE-2016-2847
SHA-256 | 275b81339417c812197f69eec7beeedc365d877e550b1d20ee2bd408be49fb77
Debian Security Advisory 3547-1
Posted Apr 11, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3547-1 - Several vulnerabilities were discovered in Imagemagick, a program suite for image manipulation. This update fixes a large number of potential security problems such as null-pointer access and buffer-overflows that might lead to memory leaks or denial of service. Any of these security problems have a CVE number assigned.

tags | advisory, denial of service, overflow, vulnerability, memory leak
systems | linux, debian
SHA-256 | 142f78f9ac4ff42db8341a6ae0cff0f6e4fc9280be69a24bff7a6f6e449fd9dd
GNU Transport Layer Security Library 3.4.11
Posted Apr 11, 2016
Authored by Simon Josefsson, Nikos Mavrogiannopoulos | Site gnu.org

GnuTLS is a secure communications library implementing the SSL and TLS protocols and technologies around them. It provides a simple C language application programming interface (API) to access the secure communications protocols, as well as APIs to parse and write X.509, PKCS #12, OpenPGP, and other required structures. It is intended to be portable and efficient with a focus on security and interoperability. This is the previous stable release.

Changes: Various updates.
tags | protocol, library
SHA-256 | 70ef9c9f95822d363036c6e6b5479750e5b7fc34f50e750c3464a98ec65a9ab8
Tinc Virtual Private Network Daemon 1.0.28
Posted Apr 11, 2016
Authored by Ivo Timmermans | Site tinc.nl.linux.org

tinc is a Virtual Private Network (VPN) daemon that uses tunneling and encryption to create a secure private network between multiple hosts on the Internet. This tunneling allows VPN sites to share information with each other over the Internet without exposing any information.

Changes: Fixed compilation on BSD platforms. Added systemd service files.
tags | tool, encryption
systems | unix
SHA-256 | 0b502699360f09ce2128a39cf02abca07bfc699fc02ce829b3a90cf5e1e8b344
Perl 5.22 VDir::MapPathA/W Out-Of-Bounds Reads / Buffer Over-Reads
Posted Apr 11, 2016
Authored by John Leitch

Perl version 5.22 suffers from two out-of-bounds reads and multiple small buffer over-read vulnerabilities in the VDir::MapPathA and VDir::MapPathW functions that could potentially be exploited to achieve arbitrary code execution.

tags | exploit, arbitrary, perl, vulnerability, code execution
advisories | CVE-2015-8608
SHA-256 | cd84d70480486213183c751f06e787f023b2261ad301971f1c15757a078757f7
SnappingTurtle Web Exploitation Tool 0.1.0411.1609
Posted Apr 11, 2016
Authored by John Leitch

Exploit web applications with SnappingTurtle, a cross-platform tool written in Aphid and compiled into Python. SnappingTurtle can exploit SQL injection, arbitrary upload, local file inclusion, and cross-site scripting.

Changes: Improved PHP shell polymorphism. Multiple reliability improvements for LFI to RCE. Several functional improvements to SQL injection.
tags | tool, web, arbitrary, local, xss, sql injection, python, file inclusion
systems | unix
SHA-256 | a5b8094701db252077afcb55bbe7d22f2e1f457fb1b671ab24b4f46b2f5011ce
Novell Service Desk 7.1.0 Code Execution / Information Disclosure
Posted Apr 11, 2016
Authored by Pedro Ribeiro

Novell Service Desk versions 7.1.0 and below suffer from code execution, information disclosure, cross site scripting, remote file upload, HQL injection, and traversal vulnerabilities.

tags | exploit, remote, vulnerability, code execution, xss, info disclosure, file upload
advisories | CVE-2016-1593, CVE-2016-1594, CVE-2016-1595, CVE-2016-1596
SHA-256 | c58735b33740e5edd50a8cae45802afa2db11198bcbbc4f1e7779e1640bb8f1c
Linux/x86_64 Port 5600 Bindshell Shellcode
Posted Apr 11, 2016
Authored by Ajith KP

81 bytes small Linux/x86_64 bindshell shellcode that binds to port 5600.

tags | shellcode
systems | linux
SHA-256 | 859e1a75311395afca3aca7390e65eccadd68ad886acb0c72d8106f5ec081eb5
CAM UnZip 5.1 Path Traversal / Code Execution
Posted Apr 11, 2016
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

CAM UnZip version 5.1 suffers from a path traversal vulnerability that allows for code execution.

tags | exploit, code execution
SHA-256 | 801d5878708fdba9cecf84f8db7cae0615b691a858521efc97847de2890f7721
OpenCart Remote PHP Code Execution
Posted Apr 11, 2016
Authored by Naser Farhadi

OpenCart version suffers from a remote PHP code execution vulnerability.

tags | exploit, remote, php, code execution
SHA-256 | 1417eaf1f6b4295c475e0cc0fe94f8b4ddfb74538eee3554c3b8bb9362212ef5
WPN-XM 0.8.6 Cross Site Request Forgery
Posted Apr 11, 2016
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

WPN-XM version 0.8.6 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | ee094c05732b4c27eea8c21fd850ef9e38ee6b36fe9b509f2145d5431162b38c
WPN-XM 0.8.6 Cross Site Scripting
Posted Apr 11, 2016
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

WPN-XM version 0.8.6 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 7a7c1e768bebb233949624598b2001150a93cbf0cb5ae10be6a52ab59e4d034b
DirectAdmin Control Panel 1.50.0 Cross Site Scripting
Posted Apr 11, 2016
Authored by Amir

DirectAdmin Control Panel version 1.50.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | d936827aaafa73b7b8ec6b09f4046e372adf34843e950a51329f0ec0256f2db4
Apache OFBiz 13.07.02 / 13.07.01 Information Disclosure
Posted Apr 11, 2016
Authored by Jacques Leroux

Apache OFBiz versions 13.07.02 and 13.07.01 suffer from an information disclosure vulnerability.

tags | advisory, info disclosure
advisories | CVE-2016-2170
SHA-256 | 419380278b70977a96c3bc0eef27a2f2209090aa141ae65089eb28df4f069f25
Posted Apr 11, 2016
Authored by MustLive

DAVOSET is a tool for committing distributed denial of service attacks using execution on other sites.

Changes: Added support of XXE vulnerability in EMC Cloud Tiering Appliance. Added new services into full list of zombies. Removed non-working services from full list of zombies.
tags | tool, denial of service
SHA-256 | c6049c29760e3c6257198295b2fdd4c6a5000e1a5fc071f0a180bf1f99425985
Mobilya Scripti 2 Shell Upload
Posted Apr 11, 2016
Authored by Antidote

Mobilya Scripti 2 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
SHA-256 | f0553b31a8ebb47291d787fabfc5388080415751f064cf2557a9a45ab3fa50ca
IDA SDK 6.9 Demo / IDA 5.0 Freeware DLL Hijacking
Posted Apr 11, 2016
Authored by Jeet Pandya

IDA SDK version 6.9 Demo and IDA 5.0 Freeware suffer from a DLL hijacking vulnerability.

tags | exploit
systems | windows
SHA-256 | 48366b45036a800a749b85bca2248bdb06ecde55c5a24ec7a1a74aa165a54239
Page 1 of 1

File Archive:

September 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    2 Files
  • 2
    Sep 2nd
    21 Files
  • 3
    Sep 3rd
    0 Files
  • 4
    Sep 4th
    17 Files
  • 5
    Sep 5th
    34 Files
  • 6
    Sep 6th
    29 Files
  • 7
    Sep 7th
    11 Files
  • 8
    Sep 8th
    25 Files
  • 9
    Sep 9th
    0 Files
  • 10
    Sep 10th
    0 Files
  • 11
    Sep 11th
    26 Files
  • 12
    Sep 12th
    23 Files
  • 13
    Sep 13th
    17 Files
  • 14
    Sep 14th
    22 Files
  • 15
    Sep 15th
    16 Files
  • 16
    Sep 16th
    0 Files
  • 17
    Sep 17th
    0 Files
  • 18
    Sep 18th
    19 Files
  • 19
    Sep 19th
    60 Files
  • 20
    Sep 20th
    23 Files
  • 21
    Sep 21st
    15 Files
  • 22
    Sep 22nd
    8 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2022 Packet Storm. All rights reserved.

Security Services
Hosting By