Exploit the possiblities
Showing 1 - 16 of 16 RSS Feed

Files Date: 2016-05-30

FlatPress 1.0.3 Cross Site Request Forgery / Shell Upload
Posted May 30, 2016
Authored by LiquidWorm | Site zeroscience.mk

FlatPress version 1.0.3 suffers from cross site request forgery and remote shell upload vulnerabilities.

tags | exploit, remote, shell, vulnerability, csrf
MD5 | 32df419065d3bac54bc4c916500598b6
Lorex ECO DVR Backdoor Account
Posted May 30, 2016
Authored by Andrew Hofmans

Lorex LH162400 DVR firmware version 5.2.0-20141008 has a hard-coded administrative backdoor credential.

tags | exploit
MD5 | 5bd5f725e5823af0ea178474e63a0442
Packet Fence 6.0.2
Posted May 30, 2016
Site packetfence.org

PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.

Changes: Various updates.
tags | tool, remote
systems | unix
MD5 | f7dae1aece93ae81ffd5939644978d7c
WebKitGTK+ Code Execution / Denial Of Service / Memory Corruption
Posted May 30, 2016
Authored by WebKitGTK+ Team

WebKitGTK+ versions prior to 2.12.3 and 2.12.1 suffer from memory corruption, code execution, information disclosure, and denial of service vulnerabilities.

tags | advisory, denial of service, vulnerability, code execution, info disclosure
advisories | CVE-2016-1854, CVE-2016-1856, CVE-2016-1857, CVE-2016-1858, CVE-2016-1859
MD5 | 02e17a3c1ed0edd30ea6d6ca3c01a2da
Jetty 9.3.8 Path Sanitization
Posted May 30, 2016
Authored by Open Source CERT, Daniele Bianco, Simon Zuckerbraun

The Jetty path normalization mechanism suffers of an implementation issue when parsing the request URLs. The path normalization logic implemented in the PathResource class and introduced in Jetty versions 9.3.x can be defeated by requesting malicious URLs containing specific escaped characters. Leveraging on this weakness, a malicious user can gain access to protected resources (e.g. WEB-INF and META-INF folders and their contents) and defeat application filters or other security constraints implemented in the servlet configuration. Versions 9.3.0 through 9.3.8 are affected.

tags | advisory, web
advisories | CVE-2016-4800
MD5 | 3ad5a064d05179a59a4a0dec382ab56b
Debian Security Advisory 3588-1
Posted May 30, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3588-1 - Two vulnerabilities were discovered in Symfony, a PHP framework.

tags | advisory, php, vulnerability
systems | linux, debian
advisories | CVE-2016-1902, CVE-2016-4423
MD5 | d28d63e37452477f21005869bbc23747
Slackware Security Advisory - mozilla-thunderbird Updates
Posted May 30, 2016
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New mozilla-thunderbird packages are available for Slackware 14.1 and -current to fix security issues.

tags | advisory
systems | linux, slackware
MD5 | c6dd19d36b7ab00f3c884b83e190e603
Slackware Security Advisory - imagemagick Updates
Posted May 30, 2016
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New imagemagick packages are available for Slackware 14.0, 14.1, and -current to fix a security issue.

tags | advisory
systems | linux, slackware
advisories | CVE-2016-5118
MD5 | 5c2148f1d1227014cbd15c16e25c0f9c
Gentoo Linux Security Advisory 201605-04
Posted May 30, 2016
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201605-4 - Multiple vulnerabilities have been found in rsync, the worst of which could allow remote attackers to write arbitrary files. Versions less than 3.1.2 are affected.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2014-8242, CVE-2014-9512
MD5 | 1d77bc0c8377bcc25836496e842e52bd
Gentoo Linux Security Advisory 201605-03
Posted May 30, 2016
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201605-3 - A double free vulnerability has been discovered in libfpx that allows remote attackers to cause a Denial of Service. Versions less than 1.3.1_p6 are affected.

tags | advisory, remote, denial of service
systems | linux, gentoo
advisories | CVE-2012-0025
MD5 | 22cf8bdd481a03e534c47988029550a6
Debian Security Advisory 3589-1
Posted May 30, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3589-1 - Several vulnerabilities have been discovered in gdk-pixbuf, a toolkit for image loading and pixel buffer manipulation. A remote attacker can take advantage of these flaws to cause a denial-of-service against an application using gdk-pixbuf (application crash), or potentially, to execute arbitrary code with the privileges of the user running the application, if a malformed image is opened.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, debian
advisories | CVE-2015-7552, CVE-2015-8875
MD5 | 717357c7ce5115ab55ee1b4845eabea1
Microsoft Office 2010 Publisher Denial Of Service
Posted May 30, 2016
Authored by Cody Sixteen

Publisher in Microsoft Office 2010 suffers from three denial of service vulnerabilities that can result in a crash.

tags | exploit, denial of service, vulnerability
systems | windows
MD5 | 659ce7beda54305710f1b03fff6b7854
PoShFoTo - PowerShell Forensics Toolkit
Posted May 30, 2016
Authored by Mark Osborne

PoShFoTo is the PowerShell Forensics Toolkit, which contains a dozen PowerShell tools that allow you to do basic incident response and malware forensics. It includes Hex Dumper, Registry timeline generator, File timeline generator, and PE-block analyzer.

tags | tool, registry, forensics
MD5 | 673b2a4b87cedb101f9de66c93749bb4
Linux x86_64 XOR Encoe execve Shellcode
Posted May 30, 2016
Authored by Roziul Hasan Khan Shifat

Linux x86_64 XOR encode execve shellcode.

tags | shellcode
systems | linux
MD5 | 729efe51c4815a7cc3355d9d52293b19
Microsoft Internet Explorer 8 Divide By Zero Proof Of Concept
Posted May 30, 2016
Authored by Cody Sixteen

Microsoft Internet Explorer divide by zero proof of concept denial of service exploit.

tags | exploit, denial of service, proof of concept
MD5 | 023604e7336d88153edad098a13b2cf1
Open Source Real Estate Script 3.6.0 SQL Injection
Posted May 30, 2016
Authored by Meisam Monsef

Open Source Real Estate Script version 3.6.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 0a06b3c78753e60b0908deeb0a80b1e3
Page 1 of 1
Back1Next

File Archive:

November 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    22 Files
  • 2
    Nov 2nd
    28 Files
  • 3
    Nov 3rd
    10 Files
  • 4
    Nov 4th
    1 Files
  • 5
    Nov 5th
    5 Files
  • 6
    Nov 6th
    15 Files
  • 7
    Nov 7th
    15 Files
  • 8
    Nov 8th
    13 Files
  • 9
    Nov 9th
    9 Files
  • 10
    Nov 10th
    9 Files
  • 11
    Nov 11th
    3 Files
  • 12
    Nov 12th
    2 Files
  • 13
    Nov 13th
    15 Files
  • 14
    Nov 14th
    17 Files
  • 15
    Nov 15th
    19 Files
  • 16
    Nov 16th
    15 Files
  • 17
    Nov 17th
    19 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close