what you don't know can hurt you
Showing 1 - 18 of 18 RSS Feed

Files Date: 2016-11-19

Faraday 2.2.0
Posted Nov 19, 2016
Authored by Francisco Amato | Site github.com

Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use the available tools in the community to take advantage of them in a multiuser way.

Changes: New library added to connect with Faraday Server. Fixed Fplugin, now it uses the new library to communicate with the Server. New field for Vulnerabilities: plugin creator and status. Refactored in Faraday Core and GTK Client. Various other updates, fixes, and improvements.
tags | tool, rootkit
systems | unix
MD5 | 75df83b0cbe51fd7717eedd7a7889de8
Ubuntu Security Notice USN-3124-1
Posted Nov 19, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3124-1 - Christian Holler, Andrew McCreight, Dan Minor, Tyson Smith, Jon Coppeard, Jan-Ivar Bruaroey, Jesse Ruderman, Markus Stange, Olli Pettay, Ehsan Akhgari, Gary Kwong, Tooru Fujisawa, and Randell Jesup discovered multiple memory safety issues in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitrary code. A same-origin policy bypass was discovered with local HTML files in some circumstances. An attacker could potentially exploit this to obtain sensitive information. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2016-5289, CVE-2016-5290, CVE-2016-5291, CVE-2016-5292, CVE-2016-5296, CVE-2016-5297, CVE-2016-9063, CVE-2016-9064, CVE-2016-9066, CVE-2016-9067, CVE-2016-9068, CVE-2016-9069, CVE-2016-9070, CVE-2016-9071, CVE-2016-9073, CVE-2016-9075, CVE-2016-9076, CVE-2016-9077
MD5 | a52d9883504d846b2d297df7f886082f
Gentoo Linux Security Advisory 201611-11
Posted Nov 19, 2016
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201611-11 - Multiple vulnerabilities have been found in QEMU, the worst of which could cause a Denial of Service condition. Versions less than 2.7.0-r6 are affected.

tags | advisory, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2016-7161, CVE-2016-7423, CVE-2016-7466, CVE-2016-7907, CVE-2016-7908, CVE-2016-7909, CVE-2016-7994, CVE-2016-8576, CVE-2016-8577, CVE-2016-8578, CVE-2016-8668, CVE-2016-8669, CVE-2016-8909, CVE-2016-8910, CVE-2016-9102, CVE-2016-9103, CVE-2016-9104, CVE-2016-9105
MD5 | c09b8d2ac91739d0c7f1abe449c06ff3
SAP NetWeaver AS JAVA 7.5 Directory Traversal
Posted Nov 19, 2016
Authored by Mathieu Geli

SAP NetWeaver AS JAVA versions 7.1 through 7.5 suffer from a directory traversal vulnerability.

tags | exploit, java
MD5 | 066c2f50548a8eb273e683d033229e76
SAP NetWeaver AS ABAP 7.4 Directory Traversal
Posted Nov 19, 2016
Authored by Daria Prosochkina

SAP NetWeaver AS ABAP version 7.4 suffers from a directory traversal vulnerability.

tags | exploit
MD5 | 88a95b85d1d984a259dd71adc2261d8f
Microsoft Edge CTextExtractor::GetBlockText Out-Of-Bounds Read
Posted Nov 19, 2016
Authored by SkyLined

A specially crafted web-page can cause an integer underflow in Microsoft Edge. This causes CTextExtractor::GetBlockText to read data outside of the bounds of a memory block.

tags | exploit, web
advisories | CVE-2016-3247
MD5 | 656e48625cd47b6fc566f07bbf1087da
Palo Alto Networks PanOS root_reboot Privilege Escalation
Posted Nov 19, 2016
Authored by Tavis Ormandy, Google Security Research

Palo Alto Networks PanOS suffers from a root_reboot local privilege escalation vulnerability.

tags | exploit, local
MD5 | 66f01acd7fbf9a516869b366dd638a97
Palo Alto Networks PanOS root_trace Privilege Escalation
Posted Nov 19, 2016
Authored by Tavis Ormandy, Google Security Research

Palo Alto Networks PanOS suffers from a root_trace local privilege escalation vulnerability.

tags | exploit, local
MD5 | e47b997a2a0d04e529b3f7893ed7bc57
Microsoft Internet Explorer 11 iertutil LCIEGetTypedComponentFromThread Use-After-Free
Posted Nov 19, 2016
Authored by SkyLined

A specially crafted web-page can cause the iertutil.dll module of Microsoft Internet Explorer 11 to free some memory while it still holds a reference to this memory. The module can be made to use this reference after the memory has been freed. Unlike many use-after-free bugs in MSIE, this issue, and apparently all code in this module, is not mitigated by MemGC. This issue appears to have been addressed in July 2016, as it failed to reproduce after the July security updates were installed.

tags | exploit, web
MD5 | 16a91c39281d3aa5ed25e13e1bf53a7d
Relevanssi Premium 1.14.4 SQL Injection
Posted Nov 19, 2016
Authored by Glyn Wintle

Relevanssi Premium version 1.14.4 suffers from a remote SQL injection vulnerability.

tags | advisory, remote, sql injection
MD5 | 24cd854ab91a43b7223fe385861d934f
Relevanssi Premium 1.14.4 Code Execution
Posted Nov 19, 2016
Authored by Glyn Wintle

An unserialization vulnerability in Relevanssi Premium version 1.14.4 could allow for code execution.

tags | advisory, code execution
MD5 | eef079934843a22b719f148f753bac94
Huawei Flybox B660 3G/4G Router Authentication Bypass
Posted Nov 19, 2016
Authored by SaifAllah benMassaoud | Site vulnerability-lab.com

Huawei Flybox B660 3G/4G router suffers from an authentication bypass vulnerability.

tags | exploit, bypass
MD5 | 0f10ffe81bd60145d86276f8e0184bf2
Habari CMS 0.9.2 Cross Site Scripting
Posted Nov 19, 2016
Authored by Benjamin Kunz Mejri | Site vulnerability-lab.com

Habari CMS version 0.9.2 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 976ccfb33d533141b4450a78fa9a4cb1
Post Indexer 3.0.6.1 Man-In-The-Middle
Posted Nov 19, 2016
Authored by Glyn Wintle

Post Indexer version 3.0.6.1 suffers from a man-in-the-middle vulnerability that may allow for arbitrary code execution.

tags | advisory, arbitrary, code execution
MD5 | 207e444add72f56a61bf15cea01208cb
Post Indexer 3.0.6.1 SQL Injection
Posted Nov 19, 2016
Authored by Glyn Wintle

Post Indexer version 3.0.6.1 suffers from a remote SQL injection vulnerability.

tags | advisory, remote, sql injection
MD5 | 3554a985d08429b11aae0cec9c1ec6b3
Teradata Studio Express 15.12.00.00 Race Condition
Posted Nov 19, 2016
Authored by Larry W. Cashdollar

Teradata Studio Express version 15.12.00.00 suffers from a /tmp race condition.

tags | exploit
advisories | CVE-2016-7490
MD5 | c534e57d657bd8d1f6decd5327bb0f76
Palo Alto Networks PanOS Buffer Overflow
Posted Nov 19, 2016
Authored by Tavis Ormandy, Google Security Research

Palo Alto Networks PanOS suffers from a stack buffer overflow in the appweb3 embedded webserver.

tags | advisory, overflow
MD5 | 664bd66ebc38fa83fec6cef539b711ad
Apple iOS 10.1 Access Permissions
Posted Nov 19, 2016
Authored by Benjamin Kunz Mejri | Site vulnerability-lab.com

Apple iOS version 1.0 suffers from multiple access permission vulnerabilities.

tags | exploit, vulnerability
systems | apple, ios
MD5 | a4713c8f6e026a18210458f10dda0b79
Page 1 of 1
Back1Next

File Archive:

September 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    5 Files
  • 2
    Sep 2nd
    5 Files
  • 3
    Sep 3rd
    3 Files
  • 4
    Sep 4th
    13 Files
  • 5
    Sep 5th
    16 Files
  • 6
    Sep 6th
    15 Files
  • 7
    Sep 7th
    20 Files
  • 8
    Sep 8th
    16 Files
  • 9
    Sep 9th
    4 Files
  • 10
    Sep 10th
    2 Files
  • 11
    Sep 11th
    15 Files
  • 12
    Sep 12th
    19 Files
  • 13
    Sep 13th
    20 Files
  • 14
    Sep 14th
    38 Files
  • 15
    Sep 15th
    31 Files
  • 16
    Sep 16th
    1 Files
  • 17
    Sep 17th
    7 Files
  • 18
    Sep 18th
    15 Files
  • 19
    Sep 19th
    40 Files
  • 20
    Sep 20th
    8 Files
  • 21
    Sep 21st
    1 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close