Exploit the possiblities
Showing 1 - 25 of 380 RSS Feed

Files Date: 2016-05-01 to 2016-05-31

FlatPress 1.0.3 Cross Site Request Forgery / Shell Upload
Posted May 30, 2016
Authored by LiquidWorm | Site zeroscience.mk

FlatPress version 1.0.3 suffers from cross site request forgery and remote shell upload vulnerabilities.

tags | exploit, remote, shell, vulnerability, csrf
MD5 | 32df419065d3bac54bc4c916500598b6
Lorex ECO DVR Backdoor Account
Posted May 30, 2016
Authored by Andrew Hofmans

Lorex LH162400 DVR firmware version 5.2.0-20141008 has a hard-coded administrative backdoor credential.

tags | exploit
MD5 | 5bd5f725e5823af0ea178474e63a0442
Packet Fence 6.0.2
Posted May 30, 2016
Site packetfence.org

PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.

Changes: Various updates.
tags | tool, remote
systems | unix
MD5 | f7dae1aece93ae81ffd5939644978d7c
WebKitGTK+ Code Execution / Denial Of Service / Memory Corruption
Posted May 30, 2016
Authored by WebKitGTK+ Team

WebKitGTK+ versions prior to 2.12.3 and 2.12.1 suffer from memory corruption, code execution, information disclosure, and denial of service vulnerabilities.

tags | advisory, denial of service, vulnerability, code execution, info disclosure
advisories | CVE-2016-1854, CVE-2016-1856, CVE-2016-1857, CVE-2016-1858, CVE-2016-1859
MD5 | 02e17a3c1ed0edd30ea6d6ca3c01a2da
Jetty 9.3.8 Path Sanitization
Posted May 30, 2016
Authored by Open Source CERT, Daniele Bianco, Simon Zuckerbraun

The Jetty path normalization mechanism suffers of an implementation issue when parsing the request URLs. The path normalization logic implemented in the PathResource class and introduced in Jetty versions 9.3.x can be defeated by requesting malicious URLs containing specific escaped characters. Leveraging on this weakness, a malicious user can gain access to protected resources (e.g. WEB-INF and META-INF folders and their contents) and defeat application filters or other security constraints implemented in the servlet configuration. Versions 9.3.0 through 9.3.8 are affected.

tags | advisory, web
advisories | CVE-2016-4800
MD5 | 3ad5a064d05179a59a4a0dec382ab56b
Debian Security Advisory 3588-1
Posted May 30, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3588-1 - Two vulnerabilities were discovered in Symfony, a PHP framework.

tags | advisory, php, vulnerability
systems | linux, debian
advisories | CVE-2016-1902, CVE-2016-4423
MD5 | d28d63e37452477f21005869bbc23747
Slackware Security Advisory - mozilla-thunderbird Updates
Posted May 30, 2016
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New mozilla-thunderbird packages are available for Slackware 14.1 and -current to fix security issues.

tags | advisory
systems | linux, slackware
MD5 | c6dd19d36b7ab00f3c884b83e190e603
Slackware Security Advisory - imagemagick Updates
Posted May 30, 2016
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New imagemagick packages are available for Slackware 14.0, 14.1, and -current to fix a security issue.

tags | advisory
systems | linux, slackware
advisories | CVE-2016-5118
MD5 | 5c2148f1d1227014cbd15c16e25c0f9c
Gentoo Linux Security Advisory 201605-04
Posted May 30, 2016
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201605-4 - Multiple vulnerabilities have been found in rsync, the worst of which could allow remote attackers to write arbitrary files. Versions less than 3.1.2 are affected.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2014-8242, CVE-2014-9512
MD5 | 1d77bc0c8377bcc25836496e842e52bd
Gentoo Linux Security Advisory 201605-03
Posted May 30, 2016
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201605-3 - A double free vulnerability has been discovered in libfpx that allows remote attackers to cause a Denial of Service. Versions less than 1.3.1_p6 are affected.

tags | advisory, remote, denial of service
systems | linux, gentoo
advisories | CVE-2012-0025
MD5 | 22cf8bdd481a03e534c47988029550a6
Debian Security Advisory 3589-1
Posted May 30, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3589-1 - Several vulnerabilities have been discovered in gdk-pixbuf, a toolkit for image loading and pixel buffer manipulation. A remote attacker can take advantage of these flaws to cause a denial-of-service against an application using gdk-pixbuf (application crash), or potentially, to execute arbitrary code with the privileges of the user running the application, if a malformed image is opened.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, debian
advisories | CVE-2015-7552, CVE-2015-8875
MD5 | 717357c7ce5115ab55ee1b4845eabea1
Microsoft Office 2010 Publisher Denial Of Service
Posted May 30, 2016
Authored by Cody Sixteen

Publisher in Microsoft Office 2010 suffers from three denial of service vulnerabilities that can result in a crash.

tags | exploit, denial of service, vulnerability
systems | windows
MD5 | 659ce7beda54305710f1b03fff6b7854
PoShFoTo - PowerShell Forensics Toolkit
Posted May 30, 2016
Authored by Mark Osborne

PoShFoTo is the PowerShell Forensics Toolkit, which contains a dozen PowerShell tools that allow you to do basic incident response and malware forensics. It includes Hex Dumper, Registry timeline generator, File timeline generator, and PE-block analyzer.

tags | tool, registry, forensics
MD5 | 673b2a4b87cedb101f9de66c93749bb4
Linux x86_64 XOR Encoe execve Shellcode
Posted May 30, 2016
Authored by Roziul Hasan Khan Shifat

Linux x86_64 XOR encode execve shellcode.

tags | shellcode
systems | linux
MD5 | 729efe51c4815a7cc3355d9d52293b19
Microsoft Internet Explorer 8 Divide By Zero Proof Of Concept
Posted May 30, 2016
Authored by Cody Sixteen

Microsoft Internet Explorer divide by zero proof of concept denial of service exploit.

tags | exploit, denial of service, proof of concept
MD5 | 023604e7336d88153edad098a13b2cf1
Open Source Real Estate Script 3.6.0 SQL Injection
Posted May 30, 2016
Authored by Meisam Monsef

Open Source Real Estate Script version 3.6.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 0a06b3c78753e60b0908deeb0a80b1e3
Process Hacker DLL Hijacking
Posted May 29, 2016
Authored by rugk

Process Hacker suffers from a DLL hijacking vulnerability.

tags | exploit
systems | windows
MD5 | 3c977085bb7627cc166ece5922a1efb1
MySQL Procedure Analyse Denial Of Service
Posted May 28, 2016
Authored by Osanda Malith

MySQL Procedure Analyse denial of service exploit that affects versions up to 5.5.45.

tags | exploit, denial of service
advisories | CVE-2015-4870
MD5 | 1a85e20529f00c83a924fa4025add3b4
Intex Wireless N150 Router CSRF / Insecure Transport
Posted May 28, 2016
Authored by mohitreload

Intex Wireless N150 router suffers from cross site request forgery, credential management, insecure transport, and various other vulnerabilities.

tags | advisory, vulnerability, csrf
MD5 | b1d7574c88f26cbccbcc6f421e1fa5a3
Apache PDFBox 1.8.11 / 2.0.0 / XML Injection
Posted May 27, 2016
Authored by Mesut Timur, Arthur Khashaev, Seulgi Kim

Apache PDFBox versions 1.8.0 through 1.8.11 and 2.0.0 suffer from an XML external entity injection vulnerability.

tags | advisory
advisories | CVE-2016-2175
MD5 | 81953302389640242bde73ad8e3466d4
Faraday 1.0.20
Posted May 27, 2016
Authored by Francisco Amato

Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use the available tools in the community to take advantage of them in a multiuser way.

Changes: Removed description from Hosts list in WEB UI. Fixed sort in Hosts list in WEB UI. Fixed ports sorting in Host view in WEB UI. Added search link for OS in Hosts list in WEB UI. Removed description from Services list in WEB UI. Added version to Services list in WEB UI. Modified false values in Hosts list in WEB UI. Added search links in Services list in WEB UI. Added scrollbar in Gtk Terminal. Various other updates and improvements.
tags | tool, rootkit
systems | unix
MD5 | 342f2cef914d88721526f1478b7bd6d9
Citrix Netscaler 11.0 Build 64.35 Cross Site Scripting
Posted May 27, 2016
Authored by Dr. Daniel Schliebner

The login page of the Citrix Netscaler Gateway web front-end is vulnerable to a DOM-based cross site scripting (XSS) vulnerability due to improper sanitization of the content of the "NSC_TMAC" cookie.

tags | exploit, web, xss
advisories | CVE-2016-4945
MD5 | 7fd954e4ba1557ede715df01dfcc253f
Apache Qpid Java Broker 6.0.2 Denial Of Service
Posted May 27, 2016
Authored by Alex Szczuczko

Apache Qpid Java Broker versions 6.0.0, 6.0.1, and 6.0.2 suffer from a denial of service vulnerability.

tags | advisory, java, denial of service
advisories | CVE-2016-3094
MD5 | ade15790275938230b1ba0c359a3a318
Apache Qpid Java Broker 6.0.2 Authentication Bypass
Posted May 27, 2016

Apache Qpid Java Broker versions 6.0.2 and below suffer from an authentication bypass vulnerability.

tags | advisory, java, bypass
advisories | CVE-2016-4432
MD5 | 8123c6cc25c548b9c03f9be6318cb089
Slackware Security Advisory - php Updates
Posted May 27, 2016
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New php packages are available for Slackware 14.0, 14.1, and -current to fix security issues.

tags | advisory, php
systems | linux, slackware
advisories | CVE-2013-7456, CVE-2016-5093, CVE-2016-5094, CVE-2016-5096
MD5 | 0216fa0b9859d4bcee99cb0f8db6879a
Page 1 of 16
Back12345Next

File Archive:

December 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    15 Files
  • 2
    Dec 2nd
    2 Files
  • 3
    Dec 3rd
    1 Files
  • 4
    Dec 4th
    15 Files
  • 5
    Dec 5th
    15 Files
  • 6
    Dec 6th
    18 Files
  • 7
    Dec 7th
    17 Files
  • 8
    Dec 8th
    15 Files
  • 9
    Dec 9th
    13 Files
  • 10
    Dec 10th
    4 Files
  • 11
    Dec 11th
    41 Files
  • 12
    Dec 12th
    44 Files
  • 13
    Dec 13th
    25 Files
  • 14
    Dec 14th
    15 Files
  • 15
    Dec 15th
    28 Files
  • 16
    Dec 16th
    3 Files
  • 17
    Dec 17th
    13 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close