what you don't know can hurt you
Showing 1 - 15 of 15 RSS Feed

Files Date: 2016-04-21

libgd 2.1.1 Signedness
Posted Apr 21, 2016
Authored by Hans Jerry Illikainen

A signedness vulnerability exists in libgd version 2.1.1 which may result in a heap overflow when processing compressed gd2 data.

tags | exploit, overflow
advisories | CVE-2016-3074
MD5 | ac4ec412c1ea555ee8fa7938bfa468b2
Symantec Brightmail 10.6.0-7 LDAP Credential Grabber
Posted Apr 21, 2016
Authored by Fakhir Karim Reda

Symantec Brightmail versions 10.6.0-7 and below save the AD password in a place where it can be retrieved.

tags | exploit
advisories | CVE-2016-2203
MD5 | f0b78735e4321213a3e73c70d40c6120
Exponent CMS 2.3.5 File Upload Cross Site Scripting
Posted Apr 21, 2016
Authored by Sachin Wagh

Exponent CMS version 2.3.5 suffers from a file upload vulnerability that allows for cross site scripting.

tags | exploit, xss, file upload
advisories | CVE-2015-8684
MD5 | b037db1157567f017d07398a919ac6b4
Exponent CMS 2.3.5 Cross Site Scripting
Posted Apr 21, 2016
Authored by Sachin Wagh

Exponent CMS version 2.3.5 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2015-8667
MD5 | b0e030450f57321122de61f7e1e644f6
Ubuntu Security Notice USN-2952-1
Posted Apr 21, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2952-1 - It was discovered that the PHP Zip extension incorrectly handled directories when processing certain zip files. A remote attacker could possibly use this issue to create arbitrary directories. It was discovered that the PHP Soap client incorrectly validated data types. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, php
systems | linux, ubuntu
advisories | CVE-2014-9767, CVE-2015-8835, CVE-2015-8838, CVE-2016-1903, CVE-2016-2554, CVE-2016-3141, CVE-2016-3142, CVE-2016-3185
MD5 | f539f84a17077d4372a6d9100aacbd29
ImpressCMS 1.3.9 SQL Injection
Posted Apr 21, 2016
Authored by Manuel Garcia Cardenas

ImpressCMS versions 1.3.9 and below suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | ec4eaca97dc5479ec42463e48ea2709f
Red Hat Security Advisory 2016-0678-01
Posted Apr 21, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0678-01 - Oracle Java SE version 7 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update upgrades Oracle Java SE 7 to version 7 Update 101. Security Fix: This update fixes multiple vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2016-0686, CVE-2016-0687, CVE-2016-0695, CVE-2016-3422, CVE-2016-3425, CVE-2016-3427, CVE-2016-3443, CVE-2016-3449
MD5 | a40b18aecce062412735a38499154204
Red Hat Security Advisory 2016-0677-01
Posted Apr 21, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0677-01 - Oracle Java SE version 8 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update upgrades Oracle Java SE 8 to version 8 Update 91. Security Fix: This update fixes multiple vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2016-0686, CVE-2016-0687, CVE-2016-0695, CVE-2016-3422, CVE-2016-3425, CVE-2016-3426, CVE-2016-3427, CVE-2016-3443, CVE-2016-3449
MD5 | f08fe07ea61ae998643739c9ea29db5e
Red Hat Security Advisory 2016-0676-01
Posted Apr 21, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0676-01 - The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. Security Fix: Multiple flaws were discovered in the Serialization and Hotspot components in OpenJDK. An untrusted Java application or applet could use these flaws to completely bypass Java sandbox restrictions. It was discovered that the RMI server implementation in the JMX component in OpenJDK did not restrict which classes can be deserialized when deserializing authentication credentials. A remote, unauthenticated attacker able to connect to a JMX port could possibly use this flaw to trigger deserialization flaws.

tags | advisory, java, remote
systems | linux, redhat
advisories | CVE-2016-0686, CVE-2016-0687, CVE-2016-0695, CVE-2016-3425, CVE-2016-3427
MD5 | fdb207b43011dda54c95177d4a8c4c21
Red Hat Security Advisory 2016-0675-01
Posted Apr 21, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0675-01 - The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. Security Fix: Multiple flaws were discovered in the Serialization and Hotspot components in OpenJDK. An untrusted Java application or applet could use these flaws to completely bypass Java sandbox restrictions. It was discovered that the RMI server implementation in the JMX component in OpenJDK did not restrict which classes can be deserialized when deserializing authentication credentials. A remote, unauthenticated attacker able to connect to a JMX port could possibly use this flaw to trigger deserialization flaws.

tags | advisory, java, remote
systems | linux, redhat
advisories | CVE-2016-0686, CVE-2016-0687, CVE-2016-0695, CVE-2016-3425, CVE-2016-3427
MD5 | b4f6208215afc5280198dd0dce54d58d
OpenTSDB Remote Code Execution
Posted Apr 21, 2016
Authored by gsoc

OpenTSDB suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
MD5 | 064abc9285703f1b7089680c28508d36
Webutler CMS 3.2 Cross Site Request Forgery
Posted Apr 21, 2016
Authored by Keerati T.

Webutler CMS version 3.2 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | bc61c99670ecf4b1a1527c4ca0905eb4
WordPress iThemes Security Insecure Backup / Logfile Generation
Posted Apr 21, 2016
Authored by Nicolas Chatelain

WordPress iThemes Security suffers from insecure backup and logfile generation vulnerabilities.

tags | exploit, vulnerability
MD5 | 0a72248fec890cb6ef88cbe6f6554721
Linux/x86 Port 5600 Bindshell Shellcode
Posted Apr 21, 2016
Authored by Ajith KP

86 bytes small Linux/x86_64 bindshell shellcode that binds to port 5600.

tags | shellcode
systems | linux
MD5 | ae9b1afeac08883d5def7cf39d3c198e
Shellsploit Framework Beta 0.2
Posted Apr 21, 2016
Authored by B3mB4m | Site github.com

Shellsploit lets you generate customized shellcodes, backdoors, and injectors for various operating systems. It also has obfuscation abilities.

tags | tool, shellcode
systems | unix
MD5 | 326de2235d3c4a5bde785c1387d53de5
Page 1 of 1
Back1Next

File Archive:

April 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    60 Files
  • 2
    Apr 2nd
    20 Files
  • 3
    Apr 3rd
    15 Files
  • 4
    Apr 4th
    5 Files
  • 5
    Apr 5th
    5 Files
  • 6
    Apr 6th
    27 Files
  • 7
    Apr 7th
    0 Files
  • 8
    Apr 8th
    0 Files
  • 9
    Apr 9th
    0 Files
  • 10
    Apr 10th
    0 Files
  • 11
    Apr 11th
    0 Files
  • 12
    Apr 12th
    0 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    0 Files
  • 16
    Apr 16th
    0 Files
  • 17
    Apr 17th
    0 Files
  • 18
    Apr 18th
    0 Files
  • 19
    Apr 19th
    0 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close