what you don't know can hurt you

Register | Login

FilesNewsUsersAuthors

Home Files News &[SERVICES_TAB]About Contact Add New

Showing 1 - 16 of 16

Files Date: 2016-11-22

Positive Hack Days VII Call For Papers

Posted Nov 22, 2016

Site phdays.com

Call For Papers for Positive Hack Days VII which will take place May 23rd through the 24th, 2017 in Moscow, Russia.

tags | paper, conference

SHA-256 | b4c3196d44f89de1e50e9e944a731e974ea35703b3edd696d82a142a056778e9

Download | Favorite | View

x33fcon 2017 Call For Papers

Posted Nov 22, 2016

Site x33fcon.com

The call for papers for x33fcon has been announced. It will take place April 24th through the 28th, 2017, in Poland.

tags | paper, conference

SHA-256 | 3acc312d41b80c2779e8ce5e93ee944cd27e962f11ddcde77d608d00d98139e9

Download | Favorite | View

Siemens SIMATIC Cookie Settings / Cross Site Request Forgery

Posted Nov 22, 2016

Authored by Andrea Barisani

Multiple versions of Siemens SIMATIC suffer from a cross site request forgery vulnerability and poor cookie security settings.

tags | advisory, csrf

advisories | CVE-2016-8672

SHA-256 | 26301c53dda7cca8354b059c0a9195478bf2208f7195cb4e264aa05d0d411026

Download | Favorite | View

ntpd 4.2.7.p22 / 4.3.0 Denial Of Service

Posted Nov 22, 2016

Authored by Magnus Klaaborg Stubman

ntpd versions 4.2.7p22 up to but not including 4.2.8p9 and 4.3.0 up to, but not including 4.3.94 suffer from a remote denial of service vulnerability. The vulnerability allow unauthenticated users to crash ntpd with a single malformed UDP packet, which cause a null pointer dereference.

tags | exploit, remote, denial of service, udp

advisories | CVE-2016-7434

SHA-256 | 79e55d8f072b5a9de6e9fff18dfbf9aa41a4fd7c069871b13d06e0ab37af3960

Download | Favorite | View

WonderCMS 0.9.8 Cross Site Scripting

Posted Nov 22, 2016

Authored by Manuel Garcia Cardenas

WonderCMS versions 0.9.8 and below suffer from a cross site scripting vulnerability.

tags | exploit, xss

SHA-256 | 58720b5f8ccfc0e14525cf466d3256def3710929cab1d0fd734fbae05efbfdac

Download | Favorite | View

Ubuntu Security Notice USN-3135-1

Posted Nov 22, 2016

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3135-1 - Chris Evans discovered that GStreamer Good Plugins did not correctly handle malformed FLC movie files. If a user were tricked into opening a crafted FLC movie file with a GStreamer application, an attacker could cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking the program.

tags | advisory, denial of service, arbitrary

systems | linux, ubuntu

SHA-256 | 5d1e0d264b968b7b940c1590442ffefc50798c1586401b470059c4535715fdcc

Download | Favorite | View

Ubuntu Security Notice USN-3134-1

Posted Nov 22, 2016

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3134-1 - It was discovered that the smtplib library in Python did not return an error when StartTLS fails. A remote attacker could possibly use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, remote, web, cgi, python

systems | linux, ubuntu

advisories | CVE-2016-0772, CVE-2016-1000110, CVE-2016-5636, CVE-2016-5699

SHA-256 | f4acba05d29f61abc115563263a86c66eefab809d6312eba26bddf0ab4433cc7

Download | Favorite | View

Ubuntu Security Notice USN-3132-1

Posted Nov 22, 2016

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3132-1 - Harry Sintonen discovered that tar incorrectly handled extracting files when path names are specified on the command line. If a user or automated system were tricked into processing a specially crafted archive, an attacker could possibly overwrite arbitrary files.

tags | advisory, arbitrary

systems | linux, ubuntu

advisories | CVE-2016-6321

SHA-256 | 82a69e51a38cce1aed5947f726654c16554c637877b98ca50d8794a1d1ad0663

Download | Favorite | View

Gentoo Linux Security Advisory 201611-20

Posted Nov 22, 2016

Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201611-20 - A buffer overflow in TestDisk might allow remote attackers to execute arbitrary code. Versions less than 7.0-r2 are affected.

tags | advisory, remote, overflow, arbitrary

systems | linux, gentoo

SHA-256 | dcdc93994e2a08593c7364a725d76d01ba45b80293d2feb7bd194282f907df0b

Download | Favorite | View

Gentoo Linux Security Advisory 201611-19

Posted Nov 22, 2016

Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201611-19 - A path traversal attack in Tar may lead to the remote execution of arbitrary code. Versions less than 1.29-r1 are affected.

tags | advisory, remote, arbitrary

systems | linux, gentoo

advisories | CVE-2016-6321

SHA-256 | 61af9c3e2fef42cd67d49fe15711105155cf77af77c4e6aaa875cbb347291165

Download | Favorite | View

Gentoo Linux Security Advisory 201611-18

Posted Nov 22, 2016

Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201611-18 - Multiple vulnerabilities have been found in Adobe Flash Player, the worst of which allows remote attackers to execute arbitrary code. Versions less than 23.0.0.207 are affected.

tags | advisory, remote, arbitrary, vulnerability

systems | linux, gentoo

advisories | CVE-2016-7857, CVE-2016-7858, CVE-2016-7859, CVE-2016-7860, CVE-2016-7861, CVE-2016-7862, CVE-2016-7863, CVE-2016-7864, CVE-2016-7865

SHA-256 | 25374cbf5545f7ef72ab04c1eb0309daf105a811087b8f8a8f20156f79f743b1

Download | Favorite | View

Gentoo Linux Security Advisory 201611-17

Posted Nov 22, 2016

Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201611-17 - A buffer overflow in RPCBind might allow remote attackers to cause a Denial of Service. Versions less than 0.2.3-r1 are affected.

tags | advisory, remote, denial of service, overflow

systems | linux, gentoo

advisories | CVE-2015-7236

SHA-256 | afd05a0c233637b1e7809dcbcc7edbb1b672dd4a08a6ed63f1e333c2983b0d87

Download | Favorite | View

Gentoo Linux Security Advisory 201611-16

Posted Nov 22, 2016

Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201611-16 - Multiple vulnerabilities have been found in the Chromium web browser, the worst of which allows remote attackers to execute arbitrary code. Versions less than 54.0.2840.100 are affected.

tags | advisory, remote, web, arbitrary, vulnerability

systems | linux, gentoo

advisories | CVE-2016-5199, CVE-2016-5200, CVE-2016-5201, CVE-2016-5202

SHA-256 | a8397f1dead0b8746099dc52697372ef684258ab45498b92df26cd99cee4688b

Download | Favorite | View

Gentoo Linux Security Advisory 201611-15

Posted Nov 22, 2016

Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201611-15 - Multiple vulnerabilities have been found in Poppler, the worst of which allows remote attackers to execute arbitrary code. Versions less than 0.42.0 are affected.

tags | advisory, remote, arbitrary, vulnerability

systems | linux, gentoo

advisories | CVE-2015-8868

SHA-256 | 9e867017ee405f2ab3aa5e78c21182ba068554c3f7411e1496a5456c49780f29

Download | Favorite | View

Microsoft Internet Explorer 8 MSHTML Ptls5::LsFindSpanVisualBoundaries Memory Corruption

Posted Nov 22, 2016

Authored by SkyLined

Microsoft Internet Explorer 8 suffers from an MSHTML Ptls5::LsFindSpanVisualBoundaries memory corruption vulnerability.

tags | exploit

SHA-256 | 39193e6a0c7f58240b0b440fbf410393465f8e4e139f4ef637e931620333d816

Download | Favorite | View

NodCMS Installer Client-Side Cross Site Scripting

Posted Nov 22, 2016

Authored by ZwX

NodCMS Installer suffers from a client-side cross site scripting vulnerability.

tags | exploit, xss

SHA-256 | b72247de0d6f1b4df2dbe1e8df61deb5ca0d4dd106a7e4a4d5933ab2e467339d

Download | Favorite | View