Exploit the possiblities
Showing 1 - 20 of 20 RSS Feed

Files Date: 2016-12-05

BlackStratus LOGStorm 4.5.1.35 / 4.5.1.96 Remote Root
Posted Dec 5, 2016
Authored by Jeremy Brown

BlackStratus LOGStorm has multiple vulnerabilities that allow a remote unauthenticated user, among other things, to assume complete control over the virtual appliance with root privileges. This is possible due to multiple network servers listening for network connections by default, allowing authorization with undocumented credentials supported by appliance's OS, web interface and sql server. Versions 4.5.1.35 and 4.5.1.96 are affected.

tags | exploit, remote, web, root, vulnerability
MD5 | 229e9c7351054e6f28651057eb3cffda
Microsoft Authorization Manager 6.1.7601 XXE Injection
Posted Dec 5, 2016
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Microsoft Authorization Manager version 6.1.7601 suffers from an XML external entity (XXE) injection vulnerability that allows for file exfiltration.

tags | exploit
MD5 | 982c09b54dae36f9b5ae432e6c1d0409
Gentoo Linux Security Advisory 201612-10
Posted Dec 5, 2016
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201612-10 - Libvirt is vulnerable to directory traversal when using Access Control Lists (ACL). Versions less than 1.2.21-r1 are affected.

tags | advisory
systems | linux, gentoo
advisories | CVE-2015-5313
MD5 | d0f8a7b4b45ad29dfacc288b6c681896
Gentoo Linux Security Advisory 201612-09
Posted Dec 5, 2016
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201612-9 - Multiple vulnerabilities have been found in GD, the worst of which allows remote attackers to execute arbitrary code. Versions less than 2.2.3 are affected.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2016-5766, CVE-2016-6128, CVE-2016-6132, CVE-2016-6207, CVE-2016-7568
MD5 | eba366b42804a6674922d4f6746456c4
Gentoo Linux Security Advisory 201612-08
Posted Dec 5, 2016
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201612-8 - A vulnerability in LinuxCIFS utils' cifscreds PAM module might allow remote attackers to have an unspecified impact via unknown vectors. Versions less than 6.4 are affected.

tags | advisory, remote
systems | linux, gentoo
advisories | CVE-2014-2830
MD5 | a1ce0e9f90258e308c0d82c9362cb032
Gentoo Linux Security Advisory 201612-07
Posted Dec 5, 2016
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201612-7 - A vulnerability was discovered in dpkg which could potentially lead to arbitrary code execution. Versions less than 1.17.26 are affected.

tags | advisory, arbitrary, code execution
systems | linux, gentoo
advisories | CVE-2015-7805
MD5 | d1dd5663c3a67ac615f4efb9d807738d
Gentoo Linux Security Advisory 201612-06
Posted Dec 5, 2016
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201612-6 - Nghttp2 is vulnerable to a heap-use-after-free flaw in idle stream handling code. Versions less than 1.6.0 are affected.

tags | advisory
systems | linux, gentoo
advisories | CVE-2015-8659
MD5 | 2b4d2c4c171b6c8d5c9ae5973bb12028
Gentoo Linux Security Advisory 201612-05
Posted Dec 5, 2016
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201612-5 - Pygments is vulnerable to remote code execution if an attacker is allowed to specify the font name. Versions less than 2.0.2-r1 are affected.

tags | advisory, remote, code execution
systems | linux, gentoo
advisories | CVE-2015-8557
MD5 | 85d3b675a489d8b1f7860657ff54948a
Red Hat Security Advisory 2016-2850-01
Posted Dec 5, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2850-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 45.5.1. Security Fix: A flaw was found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird.

tags | advisory, web, arbitrary
systems | linux, redhat
advisories | CVE-2016-9079
MD5 | efb2211109d65e3cf26634ef0c2472ac
Gentoo Linux Security Advisory 201612-13
Posted Dec 5, 2016
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201612-13 - Nghttp2 is vulnerable to a Denial of Service attack. Versions less than 1.7.1 are affected.

tags | advisory, denial of service
systems | linux, gentoo
advisories | CVE-2016-1544
MD5 | 6e1898f00988eebe38635762f4164ade
Gentoo Linux Security Advisory 201612-12
Posted Dec 5, 2016
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201612-12 - Patch is vulnerable to a locally generated Denial of Service condition. Versions less than 2.7.4 are affected.

tags | advisory, denial of service
systems | linux, gentoo
MD5 | 8892389cdb81c439be46ca854ed5470f
Gentoo Linux Security Advisory 201612-11
Posted Dec 5, 2016
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201612-11 - Multiple vulnerabilities have been found in the Chromium web browser, the worst of which allows remote attackers to execute arbitrary code. Versions less than 55.0.2883.75 are affected.

tags | advisory, remote, web, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2016-5203, CVE-2016-5204, CVE-2016-5205, CVE-2016-5206, CVE-2016-5207, CVE-2016-5208, CVE-2016-5209, CVE-2016-5210, CVE-2016-5211, CVE-2016-5212, CVE-2016-5213, CVE-2016-5214, CVE-2016-5215, CVE-2016-5217, CVE-2016-5218, CVE-2016-5219, CVE-2016-5220, CVE-2016-5221, CVE-2016-5222, CVE-2016-5223, CVE-2016-5224, CVE-2016-5225, CVE-2016-5226, CVE-2016-9650, CVE-2016-9651, CVE-2016-9652
MD5 | 6f6575408796ebabfef21f46b1313c7e
Gentoo Linux Security Advisory 201612-04
Posted Dec 5, 2016
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201612-4 - Multiple vulnerabilities have been found in BusyBox, the worst of which allows remote attackers to execute arbitrary code. Versions less than 1.24.2 are affected.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2016-2147, CVE-2016-2148
MD5 | 48635d37d09f16afc937b5f584ef1ab1
Alcatel Lucent Omnivista 8770 Remote Code Execution
Posted Dec 5, 2016
Authored by malerisch

Alcatel Lucent Omnivista 8770 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2016-9796
MD5 | 044705704c622edddf65762264a6e2ae
Apache HTTPD Web Server 2.4.23 Memory Exhaustion
Posted Dec 5, 2016
Authored by Naveen Tiwari

Apache HTTPD web server versions 2.4.17 through 2.4.23 did not apply limitations on request headers correctly when experimental module for the HTTP/2 protocol is used to access a resource. The net result is that a server allocates too much memory instead of denying the request. This can lead to memory exhaustion of the server by a properly crafted request.

tags | advisory, web, protocol
advisories | CVE-2016-8740
MD5 | c842fcb4e9605beaf9695dcc9fd9c570
Microsoft Event Viewer 1.0 XXE Injection
Posted Dec 5, 2016
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Microsoft Event Viewer version 1.0 suffers from an XML external entity (XXE) injection vulnerability that allows for file exfiltration.

tags | exploit
MD5 | c7a519a9ce4acb64b45e6199d6ff5ae3
Apache CouchDB 2.0.0 Local Privilege Escalation
Posted Dec 5, 2016
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Apache CouchDB sets weak file permissions potentially allowing 'Standard' Windows users to elevate privileges. The "nssm.exe" (Apache CouchDB) executable can be replaced by a 'Standard' non administrator user, allowing them to add a backdoor Administrator account once the "Apache CouchDB" service is restarted or system rebooted. As Apache CouchDB runs as LOCALSYSTEM, standard users can now execute arbitrary code with the privileges of the SYSTEM. Version 2.0.0 is affected.

tags | exploit, arbitrary
systems | windows
advisories | CVE-2016-8742
MD5 | b104af36d71c69f9585d42fac4d22151
GNU Netcat 0.7.1 Out-Of-Bounds Write
Posted Dec 5, 2016
Authored by n30m1nd

GNU Netcat version 0.7.1 suffers from an out-of-bounds array write.

tags | exploit
MD5 | 1073a469895264720c0cb74e10613548
Windows System Information 6.1.7601 XXE Injection
Posted Dec 5, 2016
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Windows System Information MSINFO32.exe version 6.1.7601 suffers from an XML external entity (XXE) injection vulnerability that allows for file exfiltration.

tags | exploit
systems | windows
MD5 | a3e8668872972b93951845a9522c667a
Shuttle Tech ADSL Wireless 920 WM XSS / Directory Traversal
Posted Dec 5, 2016
Authored by Mojtaba MobhaM

Shuttle Tech ADSL Wireless 920 WM suffers from cross site scripting, directory traversal, and default telnet root password vulnerabilities.

tags | exploit, root, vulnerability, xss, file inclusion
MD5 | 12cc6978db8c204b2d1073780c184793
Page 1 of 1
Back1Next

File Archive:

December 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    15 Files
  • 2
    Dec 2nd
    2 Files
  • 3
    Dec 3rd
    1 Files
  • 4
    Dec 4th
    15 Files
  • 5
    Dec 5th
    15 Files
  • 6
    Dec 6th
    18 Files
  • 7
    Dec 7th
    17 Files
  • 8
    Dec 8th
    15 Files
  • 9
    Dec 9th
    13 Files
  • 10
    Dec 10th
    4 Files
  • 11
    Dec 11th
    41 Files
  • 12
    Dec 12th
    33 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close