Exploit the possiblities
Showing 1 - 25 of 39 RSS Feed

Files Date: 2016-06-09

Wireshark Analyzer 2.0.4
Posted Jun 9, 2016
Authored by Gerald Combs | Site wireshark.org

Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers.

Changes: Various updates.
tags | tool, sniffer, protocol
systems | windows, unix
MD5 | 622928dc6cb31c227c672ec3ec697f28
I2P 0.9.26
Posted Jun 9, 2016
Authored by welterde | Site i2p2.de

I2P is an anonymizing network, offering a simple layer that identity-sensitive applications can use to securely communicate. All data is wrapped with several layers of encryption, and the network is both distributed and dynamic, with no trusted parties. This is the source code release version.

Changes: Various updates and bug fixes.
tags | tool
systems | unix
MD5 | 5eff12408cf6a93a368cb122798b7da1
Falco 0.2.0
Posted Jun 9, 2016
Authored by Sysdig | Site sysdig.org

Sysdig falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco will notify you when these rules are violated. You can think about falco as a mix between snort, ossec and strace.

Changes: Added TravisCI regression tests. Rework of ruleset. Improved JSON output.
tags | tool, intrusion detection
systems | unix
MD5 | 92d33817a8b02da1bf48e534c566ea29
Fwknop Port Knocking Utility 2.6.9
Posted Jun 9, 2016
Authored by Michael Rash | Site cipherdyne.org

fwknop implements an authorization scheme that requires only a single encrypted packet to communicate various pieces of information, including desired access through a Netfilter policy and/or specific commands to execute on the target system. The main application of this program is to protect services such as SSH with an additional layer of security in order to make the exploitation of vulnerabilities much more difficult. The authorization server works by passively monitoring authorization packets via libpcap.

Changes: Added support for the SHA3 "Keccak" algorithm. Added support for libnetfilter_queue so that fwknopd can acquire SPA packets via the NFQ target. Various other additions and fixes.
tags | tool, scanner, vulnerability
systems | unix
MD5 | f195bd31e7dc7df2e9b0c35cd80655b7
phpMyFAQ 2.9.0 Cross Site Scripting
Posted Jun 9, 2016
Authored by Kacper Szurek

phpMyFAQ version 2.9.0 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | 7b4a39d81777ece41502f1968880743d
Apache CloudStack 4.5.0 Authentication Bypass
Posted Jun 9, 2016
Authored by John Kinsella

Apache CloudStack contains an authentication module providing "single sign-on" functionality via the SAML data format. Under certain conditions, a user could manage to access the user interface without providing proper credentials. As the SAML plugin is disabled by default, this issue only affects installations that have enabled and use SAML-based authentication.

tags | advisory
advisories | CVE-2016-3085
MD5 | 5be18c1ac54f188b9b3fab4d54c69649
Poison Ivy 2.1.x C2 Buffer Overflow
Posted Jun 9, 2016
Authored by Jos Wetzels | Site metasploit.com

This Metasploit module exploits a stack buffer overflow in the Poison Ivy 2.1.x C&C server. The exploit does not need to know the password chosen for the bot/server communication.

tags | exploit, overflow
MD5 | f86d8cf59fe877c6e53d89c9b73ae949
IPFire proxy.cgi Remote Command Execution
Posted Jun 9, 2016
Authored by h00die, Yann CAM | Site metasploit.com

IPFire, a free linux based open source firewall distribution, versions prior to 2.19 Update Core 101 contain a remote command execution vulnerability in the proxy.cgi page.

tags | exploit, remote, cgi
systems | linux
MD5 | e746b797e03c49d9a2212d7299db7b23
IPFire Bash Environment Variable Injection (Shellshock)
Posted Jun 9, 2016
Authored by h00die, Claudio Viviani | Site metasploit.com

IPFire, a free linux based open source firewall distribution, versions 2.15 Update Core 82 and below contain an authenticated remote command execution vulnerability via shellshock in the request headers.

tags | exploit, remote
systems | linux
advisories | CVE-2014-6271
MD5 | 346568e36e1b3865af232e9ca23aee0a
Apache Struts REST Plugin With Dynamic Method Invocation Remote Code Execution
Posted Jun 9, 2016
Authored by Nixawk | Site metasploit.com

This Metasploit module exploits a remote command execution vulnerability in Apache Struts version between 2.3.20 and 2.3.28 (except 2.3.20.2 and 2.3.24.2). Remote Code Execution can be performed when using REST Plugin with ! operator when Dynamic Method Invocation is enabled.

tags | exploit, remote, code execution
advisories | CVE-2016-3087
MD5 | a500c7d4893ccc30f624a84876393fb9
Debian Security Advisory 3598-1
Posted Jun 9, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3598-1 - Patrick Coleman discovered that missing input sanitising in the ADPCM decoder of the VLC media player may result in the execution of arbitrary code if a malformed media file is opened.

tags | advisory, arbitrary
systems | linux, debian
advisories | CVE-2016-5108
MD5 | 67d12dd1ebb97129e9f9e588f0ef685a
HP Security Bulletin HPSBGN03623 1
Posted Jun 9, 2016
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN03623 1 - A potential security vulnerability has been identified in HPE Universal CMDB. The vulnerability could be exploited remotely to allow remote disclosure of sensitive information. Revision 1 of this advisory.

tags | advisory, remote
advisories | CVE-2016-4367
MD5 | bae295d442f7e62e0a90caf5bc644693
HP Security Bulletin HPSBGN03622 1
Posted Jun 9, 2016
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN03622 1 - A potential security vulnerability has been identified in the Apache Commons Collections (ACC) component in HPE Universal CMDB, HPE Universal Discovery, and HPE Universal CMDB Configuration Manager. The vulnerability could be exploited remotely to allow remote code execution. Revision 1 of this advisory.

tags | advisory, remote, code execution
advisories | CVE-2016-4368
MD5 | e9051053fec7e7e81ade9c91a0a44b04
HP Security Bulletin HPSBGN03621 1
Posted Jun 9, 2016
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN03621 1 - Several potential security vulnerabilities have been identified in the OpenSSL library for HPE Universal CMDB. These vulnerabilities could be exploited remotely to allow disclosure of sensitive information. Revision 1 of this advisory.

tags | advisory, vulnerability
advisories | CVE-2016-0701
MD5 | 678e5b51f3d3cae550ef9dc910fea2d8
Ubuntu Security Notice USN-2995-1
Posted Jun 9, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2995-1 - Yuriy M. Kaminskiy discovered that the Squid pinger utility incorrectly handled certain ICMPv6 packets. A remote attacker could use this issue to cause Squid to crash, resulting in a denial of service, or possibly cause Squid to leak information into log files. Yuriy M. Kaminskiy discovered that the Squid cachemgr.cgi tool incorrectly handled certain crafted data. A remote attacker could use this issue to cause Squid to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, cgi
systems | linux, ubuntu
advisories | CVE-2016-3947, CVE-2016-4051, CVE-2016-4052, CVE-2016-4053, CVE-2016-4054, CVE-2016-4553, CVE-2016-4554, CVE-2016-4555, CVE-2016-4556
MD5 | bb2147c6eb5504215df16972765f0e77
Debian Security Advisory 3599-1
Posted Jun 9, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3599-1 - Marcin 'Icewall' Noga of Cisco Talos discovered an out-of-bound read vulnerability in the CInArchive::ReadFileItem method in p7zip, a 7zr file archiver with high compression ratio. A remote attacker can take advantage of this flaw to cause a denial-of-service or, potentially the execution of arbitrary code with the privileges of the user running p7zip, if a specially crafted UDF file is processed.

tags | advisory, remote, arbitrary
systems | cisco, linux, debian
advisories | CVE-2016-2335
MD5 | ee4298e84a7a528ffe48bcfec94a5efe
Ubuntu Security Notice USN-2993-1
Posted Jun 9, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2993-1 - Christian Holler, Gary Kwong, Jesse Ruderman, Tyson Smith, Timothy Nikkel, Sylvestre Ledru, Julian Seward, Olli Pettay, Karl Tomlinson, Christoph Diehl, Julian Hector, Jan de Mooij, Mats Palmgren, and Tooru Fujisawa discovered multiple memory safety issues in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitrary code. A buffer overflow was discovered when parsing HTML5 fragments in some circumstances. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash, or execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, overflow, arbitrary
systems | linux, ubuntu
advisories | CVE-2016-2815, CVE-2016-2818, CVE-2016-2819, CVE-2016-2821, CVE-2016-2822, CVE-2016-2825, CVE-2016-2828, CVE-2016-2829, CVE-2016-2831, CVE-2016-2832, CVE-2016-2833, CVE-2016-2834
MD5 | e5cc784ed28428fe8fd6b2f542ffe893
Red Hat Security Advisory 2016-1218-01
Posted Jun 9, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1218-01 - Red Hat JBoss BPM Suite is a business rules and processes management system for the management, storage, creation, modification, and deployment of JBoss rules and BPMN2-compliant business processes. Security Fix: A denial of service flaw was found in the way Spring processes inline DTD declarations. A remote attacker could submit a specially crafted XML file that would cause out-of-memory errors when parsed.

tags | advisory, remote, denial of service
systems | linux, redhat
advisories | CVE-2015-3192
MD5 | c498835c94f79f9e7db27eb26ef54368
Red Hat Security Advisory 2016-1219-01
Posted Jun 9, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1219-01 - Red Hat JBoss BRMS is a business rules management system for the management, storage, creation, modification, and deployment of JBoss Rules. Security Fix: A denial of service flaw was found in the way Spring processes inline DTD declarations. A remote attacker could submit a specially crafted XML file that would cause out-of-memory errors when parsed.

tags | advisory, remote, denial of service
systems | linux, redhat
advisories | CVE-2015-3192
MD5 | 529f50c0d5893d6d69713cd7b18e3326
HP Security Bulletin HPSBMU03614 1
Posted Jun 9, 2016
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU03614 1 - Security vulnerabilities in Samba could potentially impact HPE Systems Insight Manager. These vulnerabilities could be remotely exploited using man-in-the-middle (MITM) attacks resulting in unauthorized identification of valid users and unqualified configuration changes. Revision 1 of this advisory.

tags | advisory, vulnerability
advisories | CVE-2016-2118
MD5 | 58f3986d000d7b39ecfa3c0fab441587
HP Security Bulletin HPSBMU03584 2
Posted Jun 9, 2016
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU03584 2 - Multiple potential vulnerabilities have been addressed by HPE Network Node Manager I (NNMi). These vulnerabilities could be remotely exploited resulting in authentication bypass, Cross-Site Scripting (XSS), disclosure of information, or unauthorized access. Revision 2 of this advisory.

tags | advisory, vulnerability, xss
advisories | CVE-2012-6153, CVE-2014-3577, CVE-2016-2010, CVE-2016-2011, CVE-2016-2012, CVE-2016-2013, CVE-2016-2014
MD5 | d3b12b423aa2e760dd1dde85357a24b3
HP Security Bulletin HPSBGN03618 1
Posted Jun 9, 2016
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN03618 1 - Potential vulnerabilities have been identified in HPE Service Manager. These vulnerabilities could be remotely exploited to allow disclosure of information, unauthorized read access to files and server side request forgery. Revision 1 of this advisory.

tags | advisory, vulnerability
advisories | CVE-2016-4371
MD5 | f235e4221e20dbb638caf69a7a3f8573
HP Security Bulletin HPSBGN03624 1
Posted Jun 9, 2016
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN03624 1 - A potential vulnerability has been identified in Project and Portfolio Management Center. This vulnerability could be exploited to remotely to allow execution of arbitrary commands and disclosure of sensitive information. Revision 1 of this advisory.

tags | advisory, arbitrary
advisories | CVE-2016-4370
MD5 | 12a31c4dc3e7c4a3830720678ecb95d7
Red Hat Security Advisory 2016-1217-01
Posted Jun 9, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1217-01 - Mozilla Firefox is an open source web browser. This update upgrades Firefox to version 45.2.0 ESR. Security Fix: Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox.

tags | advisory, web, arbitrary
systems | linux, redhat
advisories | CVE-2016-2818, CVE-2016-2819, CVE-2016-2821, CVE-2016-2822, CVE-2016-2828, CVE-2016-2831
MD5 | 8efa2083bc043c001a44cbf239a31385
Android /system/bin/sdcard Stack Buffer Overflow
Posted Jun 9, 2016
Authored by Google Security Research, markbrand

There's an integer overflow issue in get_node_path_locked in /system/bin/sdcard on Android, which results in a buffer overflow.

tags | exploit, overflow
systems | linux
advisories | CVE-2016-2494
MD5 | 1bdd88725bdd46fe78efd604f1fac79e
Page 1 of 2
Back12Next

File Archive:

November 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    22 Files
  • 2
    Nov 2nd
    28 Files
  • 3
    Nov 3rd
    10 Files
  • 4
    Nov 4th
    1 Files
  • 5
    Nov 5th
    5 Files
  • 6
    Nov 6th
    15 Files
  • 7
    Nov 7th
    15 Files
  • 8
    Nov 8th
    13 Files
  • 9
    Nov 9th
    9 Files
  • 10
    Nov 10th
    9 Files
  • 11
    Nov 11th
    3 Files
  • 12
    Nov 12th
    2 Files
  • 13
    Nov 13th
    15 Files
  • 14
    Nov 14th
    17 Files
  • 15
    Nov 15th
    19 Files
  • 16
    Nov 16th
    15 Files
  • 17
    Nov 17th
    19 Files
  • 18
    Nov 18th
    4 Files
  • 19
    Nov 19th
    2 Files
  • 20
    Nov 20th
    9 Files
  • 21
    Nov 21st
    15 Files
  • 22
    Nov 22nd
    23 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close