Exploit the possiblities
Showing 1 - 11 of 11 RSS Feed

Files Date: 2016-04-14

Exim perl_startup Privilege Escalation
Posted Apr 14, 2016
Authored by Dawid Golunski, wvu | Site metasploit.com

This Metasploit module exploits a Perl injection vulnerability in Exim versions prior to 4.86.2 given the presence of the "perl_startup" configuration parameter.

tags | exploit, perl
MD5 | 1b3e86403723d9ae893f6c3110bbd0c2
Brickcom Network Cameras XSS / CSRF / Insecure Direct Object Reference
Posted Apr 14, 2016
Authored by OrwellLabs | Site orwelllabs.com

Brickcom Network Cameras suffer from insecure direct object reference, hard-coded credentials, information disclosure, cross site request forgery, and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, info disclosure, csrf
MD5 | 83ad134cd682d6ffe4a99cd87c155328
Asterisk Project Security Advisory - AST-2016-005
Posted Apr 14, 2016
Authored by Mark Michelson, George Joseph | Site asterisk.org

Asterisk Project Security Advisory - PJProject has a limit on the number of TCP connections that it can accept. Furthermore, PJProject does not close TCP connections it accepts. By default, this value is approximately 60. An attacker can deplete the number of allowed TCP connections by opening TCP connections and sending no data to Asterisk. If PJProject has been compiled in debug mode, then once the number of allowed TCP connections has been depleted, the next attempted TCP connection to Asterisk will crash due to an assertion in PJProject. If PJProject has not been compiled in debug mode, then any further TCP connection attempts will be rejected. This makes Asterisk unable to process TCP SIP traffic. Note that this only affects TCP/TLS, since UDP is connectionless. Also note that this does not affect chan_sip.

tags | advisory, udp, tcp
MD5 | 026e4e632f5b124c8f698629af722616
Asterisk Project Security Advisory - AST-2016-004
Posted Apr 14, 2016
Authored by Mark Michelson, George Joseph | Site asterisk.org

Asterisk Project Security Advisory - Asterisk may crash when processing an incoming REGISTER request if that REGISTER contains a Contact header with a lengthy URI. This crash will only happen for requests that pass authentication. Unauthenticated REGISTER requests will not result in a crash occurring. This vulnerability only affects Asterisk when using PJSIP as its SIP stack. The chan_sip module does not have this problem.

tags | advisory
MD5 | e359007a7da13be531dbe7c2837f3a46
Red Hat Security Advisory 2016-0632-01
Posted Apr 14, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0632-01 - In accordance with the Red Hat Storage Support Life Cycle policy, the Red Hat Ceph Storage 1.2 offering will be retired as of May 31, 2016, and support will no longer be provided. Accordingly, Red Hat will not provide extended support for this product, including Critical impact security patches or urgent priority bug fixes, after this date.

tags | advisory
systems | linux, redhat
MD5 | cfa970e380dc79946ba0d6ad46b4d621
Cisco Security Advisory 20160413-ucs
Posted Apr 14, 2016
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - A vulnerability in the web framework of Cisco Unified Computing System (UCS) Central Software could allow an unauthenticated, remote attacker to execute arbitrary commands on a targeted system. The vulnerability is due to improper input validation by the affected software. An attacker could exploit this vulnerability by sending a malicious HTTP request to an affected system. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

tags | advisory, remote, web, arbitrary
systems | cisco
MD5 | 903fe72434eb5433ba19cb7b5fdc7c0f
Django CMS 3.2.3 Filter Bypass / Script Insertion
Posted Apr 14, 2016
Authored by Benjamin Kunz Mejri | Site vulnerability-lab.com

Django CMS version 3.2.3 suffers from filter bypass and malicious script insertion vulnerabilities.

tags | exploit, vulnerability
MD5 | 0d56a4453eaa77ee085d26a461884c7c
PHPmongoDB 1.0.0 Cross Site Request Forgery / Cross Site Scripting
Posted Apr 14, 2016
Authored by Ozer Goker

PHPmongoDB version 1.0.0 suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
MD5 | 2d4ae80a8e655c6ad8a980b6bb88471e
Debian Security Advisory 3548-2
Posted Apr 14, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3548-2 - The upgrade to Samba 4.2 issued as DSA-3548-1 introduced a packaging regression causing an additional dependency on the samba binary package for the samba-libs, samba-common-bin, python-samba and samba-vfs-modules binary packages. Updated packages are now available to address this problem.

tags | advisory, python
systems | linux, debian
MD5 | 22521b87923b32486187a5b55402956d
Windows Kernel ATMFD.DLL NamedEscape 0x2511 Out-Of-Bounds Read
Posted Apr 14, 2016
Authored by Google Security Research, mjurczyk

The Adobe Type Manager Font Driver (ATMFD.DLL) suffers from a NamedEscape out-of-bounds read.

tags | exploit
systems | linux
MD5 | d97ac45e04d9ed1bb816b067247eea14
ChitaSoft CMS 3 Cross Site Scripting
Posted Apr 14, 2016
Authored by T3NZOG4N, Mojtaba MobhaM

ChitaSoft CMS version 3 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | e06791e76188f9902b06fe5cd0663aed
Page 1 of 1
Back1Next

Want To Donate?


Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

File Archive:

January 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    2 Files
  • 2
    Jan 2nd
    13 Files
  • 3
    Jan 3rd
    16 Files
  • 4
    Jan 4th
    39 Files
  • 5
    Jan 5th
    26 Files
  • 6
    Jan 6th
    40 Files
  • 7
    Jan 7th
    2 Files
  • 8
    Jan 8th
    16 Files
  • 9
    Jan 9th
    25 Files
  • 10
    Jan 10th
    28 Files
  • 11
    Jan 11th
    44 Files
  • 12
    Jan 12th
    32 Files
  • 13
    Jan 13th
    2 Files
  • 14
    Jan 14th
    4 Files
  • 15
    Jan 15th
    31 Files
  • 16
    Jan 16th
    0 Files
  • 17
    Jan 17th
    0 Files
  • 18
    Jan 18th
    0 Files
  • 19
    Jan 19th
    0 Files
  • 20
    Jan 20th
    0 Files
  • 21
    Jan 21st
    0 Files
  • 22
    Jan 22nd
    0 Files
  • 23
    Jan 23rd
    0 Files
  • 24
    Jan 24th
    0 Files
  • 25
    Jan 25th
    0 Files
  • 26
    Jan 26th
    0 Files
  • 27
    Jan 27th
    0 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close