Exploit the possiblities
Showing 1 - 15 of 15 RSS Feed

Files Date: 2016-08-09

Raptor WAF 0.2
Posted Aug 9, 2016
Authored by coolervoid

Raptor is a web application firewall written in C that uses DFA to block SQL injection, cross site scripting, and path traversals.

Changes: Various updates.
tags | tool, web, firewall, xss, sql injection
systems | unix
MD5 | 4dad6a19ebfcf7b16f9cabcd18cb59d7
Lynis Auditing Tool 2.3.2
Posted Aug 9, 2016
Authored by Michael Boelen | Site cisofy.com

Lynis is an auditing tool for Unix (specialists). It scans the system and available software to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated auditing, software patch management, vulnerability and malware scanning of Unix based systems.

Changes: Tests are now grouped by their focus area and named groups accordingly. Besides groups, each test will belong to a category (performance, privacy, or security). Various other updates.
tags | tool, scanner
systems | unix
MD5 | 7ec7fdb041369cb4a910a0abff62d1dd
Facebook User ID Bypass Issue
Posted Aug 9, 2016
Authored by SaifAllah benMassaoud, Zahid Mehmood | Site vulnerability-lab.com

A vulnerability allowed remote attackers to determine which specific Facebook user ID is linked with a mobile phone number without secure approval. The vulnerability is located in the ctx and recover lwv parameters and /login/identify modules.

tags | exploit, remote
MD5 | 9be8aae6902fd863acbfbf3683414143
AirSnort 0.2.7 Stack Corruption Denial Of Service
Posted Aug 9, 2016
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

AirSnort version 0.2.7 suffers from a stack corruption denial of service vulnerability.

tags | exploit, denial of service
MD5 | b42bce9c913c5feedee4fd8e96a9167f
Any Video Converter 5.9.5 DLL Hijacking
Posted Aug 9, 2016
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Any Video Converter version 5.9.5 suffers from a dll hijacking vulnerability.

tags | exploit
MD5 | 96caf836b55ce6ff6062e3b67646ecee
Microsoft GDI+ Out-Of-Bounds Read
Posted Aug 9, 2016
Authored by Google Security Research, mjurczyk

Microsoft GDI+ suffers from an out-of-bounds read in DIB palette handling in ValidateBitmapInfo.

tags | exploit
MD5 | c71d51e371c6db06fc50583c3f41c250
Red Hat Security Advisory 2016-1583-01
Posted Aug 9, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1583-01 - Minimatch is a minimal matching utility that works by converting glob expressions into JavaScript RegExp objects. Security Fix: A regular expression denial of service flaw was found in Minimatch. An attacker able to make an application using Minimatch to perform matching using a specially crafted glob pattern could cause the application to consume an excessive amount of CPU.

tags | advisory, denial of service, javascript
systems | linux, redhat
advisories | CVE-2016-1000023
MD5 | 4229df6159430f784197b10d23734fb5
Red Hat Security Advisory 2016-1582-01
Posted Aug 9, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1582-01 - Minimatch is a minimal matching utility that works by converting glob expressions into JavaScript RegExp objects. Security Fix: A regular expression denial of service flaw was found in Minimatch. An attacker able to make an application using Minimatch to perform matching using a specially crafted glob pattern could cause the application to consume an excessive amount of CPU.

tags | advisory, denial of service, javascript
systems | linux, redhat
advisories | CVE-2016-1000023
MD5 | 78897d66888808d3dcb5846014598576
Red Hat Security Advisory 2016-1581-01
Posted Aug 9, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1581-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A flaw was found in the way certain interfaces of the Linux kernel's Infiniband subsystem used write() as bi-directional ioctl() replacement, which could lead to insufficient memory security checks when being invoked using the splice() system call. A local unprivileged user on a system with either Infiniband hardware present or RDMA Userspace Connection Manager Access module explicitly loaded, could use this flaw to escalate their privileges on the system.

tags | advisory, kernel, local
systems | linux, redhat
advisories | CVE-2016-4565
MD5 | 48e9b4a44feac2bce80993045b0ecb3e
Red Hat Security Advisory 2016-1580-01
Posted Aug 9, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1580-01 - Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 52.0.2743.116. Security Fix: Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Chromium to crash, execute arbitrary code, or disclose sensitive information when visited by the victim.

tags | advisory, web, arbitrary
systems | linux, redhat
advisories | CVE-2016-5139, CVE-2016-5140, CVE-2016-5141, CVE-2016-5142, CVE-2016-5143, CVE-2016-5144, CVE-2016-5145, CVE-2016-5146
MD5 | 8ae44ad6eecdc112a90f2af907e2c1a6
Samhain File Integrity Checker 4.1.5
Posted Aug 9, 2016
Authored by Rainer Wichmann | Site samhain.sourceforge.net

Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.

Changes: Various updates.
tags | tool, tcp, intrusion detection
systems | linux, unix, solaris, aix, hpux, unixware
MD5 | 835b65ab9ed2a93640b957051708e500
Microsoft Security Bulletin Revision Increment For August, 2016
Posted Aug 9, 2016
Site microsoft.com

This bulletin summary lists two bulletins that have undergone a major revision increment.

tags | advisory
MD5 | c498f5fe9ed41b0d828993826459257b
Microsoft Internet Explorer Local File Name Disclosure
Posted Aug 9, 2016
Authored by Yorick Koster, Securify B.V.

Microsoft Internet Explorer suffers from an iframe sandbox local file name disclosure vulnerability.

tags | advisory, local, info disclosure
advisories | CVE-2016-3321
MD5 | 376f6201c7fdd9986dd43f743ee646b7
Nuke Evolution 2.0.9d Cross Site Scripting
Posted Aug 9, 2016
Authored by Benjamin Kunz Mejri | Site vulnerability-lab.com

Nuke Evolution version 2.0.9d suffers from multiple client-side cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 6d20f165e00fed981f8a052243305a76
FortiVoice 5.0 Cross Site Scripting
Posted Aug 9, 2016
Authored by Benjamin Kunz Mejri | Site vulnerability-lab.com

FortiVoice version 5.0 suffers from filter bypass and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 0004b34f49f884e8cc7c5d21af24606f
Page 1 of 1
Back1Next

File Archive:

November 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    22 Files
  • 2
    Nov 2nd
    28 Files
  • 3
    Nov 3rd
    10 Files
  • 4
    Nov 4th
    1 Files
  • 5
    Nov 5th
    5 Files
  • 6
    Nov 6th
    15 Files
  • 7
    Nov 7th
    15 Files
  • 8
    Nov 8th
    13 Files
  • 9
    Nov 9th
    9 Files
  • 10
    Nov 10th
    9 Files
  • 11
    Nov 11th
    3 Files
  • 12
    Nov 12th
    2 Files
  • 13
    Nov 13th
    15 Files
  • 14
    Nov 14th
    17 Files
  • 15
    Nov 15th
    19 Files
  • 16
    Nov 16th
    15 Files
  • 17
    Nov 17th
    19 Files
  • 18
    Nov 18th
    4 Files
  • 19
    Nov 19th
    2 Files
  • 20
    Nov 20th
    9 Files
  • 21
    Nov 21st
    15 Files
  • 22
    Nov 22nd
    23 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close