Exploit the possiblities
Showing 1 - 17 of 17 RSS Feed

Files Date: 2016-04-22

Wireshark Analyzer 2.0.3
Posted Apr 22, 2016
Authored by Gerald Combs | Site wireshark.org

Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers.

Changes: Various updates.
tags | tool, sniffer, protocol
systems | windows, unix
MD5 | 62dc20f5a77542feed2e38f18db8ae3b
HP Data Protector 6.10 / 6.11 / 6.20 Install Service
Posted Apr 22, 2016
Authored by Ben Turner | Site metasploit.com

This Metasploit module exploits HP Data Protector Omniinet process on Windows only. This exploit invokes the install service function which allows an attacker to create a custom payload in the format of an executable. To ensure this works, the SMB server created in MSF must have a share called Omniback which has a subfolder i386.

tags | exploit
systems | windows
advisories | CVE-2011-0922
MD5 | 033040fdd99d24ef73bd5bc7f2b94831
OpenSCAP Libraries 1.2.9
Posted Apr 22, 2016
Site open-scap.org

The openscap project is a set of open source libraries that support the SCAP (Security Content Automation Protocol) set of standards from NIST. It supports CPE, CCE, CVE, CVSS, OVAL, and XCCDF.

Changes: Various updates and improvements.
tags | protocol, library
systems | unix
MD5 | 6a07b94d2d92dfec2818556ca117147a
Digitalstrom Konfigurator 1.10.0 CSRF / Cross Site Scripting
Posted Apr 22, 2016
Authored by W. Schober | Site sec-consult.com

Digitalstrom Konfigurator version 1.10.0 suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | advisory, vulnerability, xss, csrf
MD5 | 24f8039bc2456101bb0c6b11156f2c82
my devolo 1.2.8 Insecure Data Storage
Posted Apr 22, 2016
Authored by A. Nochvay | Site sec-consult.com

my devolo version 1.2.8 suffers from an insecure data storage vulnerability.

tags | advisory
MD5 | 6fcb5c7ceed0ba96585609b30dc1ae8c
HP Security Bulletin HPSBMU03573 1
Posted Apr 22, 2016
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU03573 1 - A potential security vulnerability has been identified with HPE System Management Homepage (SMH) on Windows and Linux. The vulnerability could be exploited remotely resulting in disclosure of information. Revision 1 of this advisory.

tags | advisory
systems | linux, windows
advisories | CVE-2016-0800
MD5 | 883e1f4afa33a1b5a112779c9c65c352
HP Security Bulletin HPSBGN03580 1
Posted Apr 22, 2016
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN03580 1 - Potential security vulnerabilities have been identified in HP Data Protector that could allow the remote execution of code or the unauthorized disclosure of information. Revision 1 of this advisory.

tags | advisory, remote, vulnerability
advisories | CVE-2015-2808, CVE-2016-2004, CVE-2016-2005, CVE-2016-2006, CVE-2016-2007, CVE-2016-2008
MD5 | 94b9ecc6d6516cdc4304e8005d7ddb3e
Debian Security Advisory 3553-1
Posted Apr 22, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3553-1 - Regis Leroy from Makina Corpus discovered that varnish, a caching HTTP reverse proxy, is vulnerable to HTTP smuggling issues, potentially resulting in cache poisoning or bypassing of access control policies.

tags | advisory, web
systems | linux, debian
advisories | CVE-2015-8852
MD5 | 138b448ffc681a06491c0e899449b7ce
Debian Security Advisory 3554-1
Posted Apr 22, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3554-1 - Multiple vulnerabilities have been discovered in the Xen hypervisor.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2016-3158, CVE-2016-3159, CVE-2016-3960
MD5 | 0054b0f8c53747dd4277ce657f42c89b
Advantech WebAccess 8.0 Dashboard Viewer Arbitrary File Upload
Posted Apr 22, 2016
Authored by rgod, Zhou Yu | Site metasploit.com

This Metasploit module exploits an arbitrary file upload vulnerability found in Advantech WebAccess 8.0. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Advantech WebAccess. Authentication is not required to exploit this vulnerability. The specific flaw exists within the WebAccess Dashboard Viewer. Insufficient validation within the uploadImageCommon function in the UploadAjaxAction script allows unauthenticated callers to upload arbitrary code (instead of an image) to the server, which will then be executed under the high-privilege context of the IIS AppPool.

tags | exploit, remote, arbitrary, file upload
advisories | CVE-2016-0854
MD5 | 0cd699d2ba08a1eea8e330908b98312a
Pcapteller 1.0
Posted Apr 22, 2016
Authored by Juan J. Guelfo | Site encripto.no

Pcapteller is a tool designed for simple traffic manipulation and replay. The tool allows you to recreate a recorded network traffic scenario that occurred in a foreign network, as it really happened in yours. Basically, the tool reads network packets from a PCAP file, and it replaces a given IP address with one that fits your needs. Afterwards, the manipulated packets are injected into the network. The tool is useful if you want to recreate scenarios where computer attacks or malware infections occurred. Using such scenarios as a base, Pcapteller will make it look like everything is really happening in your network. Pcapteller can help you improving your blue team's network security monitoring skills, or creating network decoys during red team operations.

Changes: Support for multiple / simultaneous address manipulation (both for MAC and IP addresses), and support for pcap replay without manipulation has been added. Improved argument validation.
tags | tool
systems | unix
MD5 | 350c9c9cd5acf22176045348ea9666de
Red Hat Security Advisory 2016-0679-01
Posted Apr 22, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0679-01 - Oracle Java SE version 6 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update upgrades Oracle Java SE 6 to version 6 Update 115. Security Fix: This update fixes multiple vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2016-0686, CVE-2016-0687, CVE-2016-0695, CVE-2016-3422, CVE-2016-3425, CVE-2016-3427, CVE-2016-3443, CVE-2016-3449
MD5 | d9e5ad41f98e2de235aa571f1acfa273
Ubuntu Security Notice USN-2953-1
Posted Apr 22, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2953-1 - Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 5.5.49 in Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. Ubuntu 15.10 has been updated to MySQL 5.6.30. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Various other issues were also addressed.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2016-0639, CVE-2016-0640, CVE-2016-0641, CVE-2016-0642, CVE-2016-0643, CVE-2016-0644, CVE-2016-0646, CVE-2016-0647, CVE-2016-0648, CVE-2016-0649, CVE-2016-0650, CVE-2016-0655, CVE-2016-0661, CVE-2016-0665, CVE-2016-0666, CVE-2016-0668, CVE-2016-2047
MD5 | bd07077a278991ff8a8faa88a7622969
phpLiteAdmin 1.9.6 Cross Site Request Forgery / Cross Site Scripting
Posted Apr 22, 2016
Authored by Ozer Goker

phpLiteadmin version 1.9.6 suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
MD5 | c29dcc9cc8487951afbb19cad31a9ce1
Gemtek CPE7000 WLTCS-106 Authentication Bypass / Code Execution
Posted Apr 22, 2016
Authored by Federico Ramondino

Gemtek CPE7000 WLTCS-106 suffers from authentication bypass and remote code execution vulnerabilities.

tags | exploit, remote, vulnerability, code execution, bypass
MD5 | 49acda9e380fa5d5206354109127395e
Linux/x86 Bind Shell Shellcode Generator
Posted Apr 22, 2016
Authored by Ajith KP

This python script generates bind shell shellcode for Linux x64.

tags | tool, shell, shellcode, python
systems | linux
MD5 | 06811d24e0e32273cc53ea6465d185f2
Microsoft Security Bulletin Revision Increment For April, 2016
Posted Apr 22, 2016
Site microsoft.com

This bulletin summary lists MS16-039 which has undergone a major revision increment.

tags | advisory
MD5 | d7d6e3ff4b922dc198ea39214232acd6
Page 1 of 1
Back1Next

File Archive:

November 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    22 Files
  • 2
    Nov 2nd
    28 Files
  • 3
    Nov 3rd
    10 Files
  • 4
    Nov 4th
    1 Files
  • 5
    Nov 5th
    5 Files
  • 6
    Nov 6th
    15 Files
  • 7
    Nov 7th
    15 Files
  • 8
    Nov 8th
    13 Files
  • 9
    Nov 9th
    9 Files
  • 10
    Nov 10th
    9 Files
  • 11
    Nov 11th
    3 Files
  • 12
    Nov 12th
    2 Files
  • 13
    Nov 13th
    15 Files
  • 14
    Nov 14th
    17 Files
  • 15
    Nov 15th
    19 Files
  • 16
    Nov 16th
    15 Files
  • 17
    Nov 17th
    12 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close