exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 20 of 20 RSS Feed

Files Date: 2016-12-05

BlackStratus LOGStorm 4.5.1.35 / 4.5.1.96 Remote Root
Posted Dec 5, 2016
Authored by Jeremy Brown

BlackStratus LOGStorm has multiple vulnerabilities that allow a remote unauthenticated user, among other things, to assume complete control over the virtual appliance with root privileges. This is possible due to multiple network servers listening for network connections by default, allowing authorization with undocumented credentials supported by appliance's OS, web interface and sql server. Versions 4.5.1.35 and 4.5.1.96 are affected.

tags | exploit, remote, web, root, vulnerability
SHA-256 | bd30887efb78ca75643bdfeb691e5df802ec1870544c4f1e7545cffa5cd735a5
Microsoft Authorization Manager 6.1.7601 XXE Injection
Posted Dec 5, 2016
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Microsoft Authorization Manager version 6.1.7601 suffers from an XML external entity (XXE) injection vulnerability that allows for file exfiltration.

tags | exploit, xxe
SHA-256 | f5600ff4677dedf4a8f0d1a31bfdd6548954627b3e43d8240017c183a0ae2df4
Gentoo Linux Security Advisory 201612-10
Posted Dec 5, 2016
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201612-10 - Libvirt is vulnerable to directory traversal when using Access Control Lists (ACL). Versions less than 1.2.21-r1 are affected.

tags | advisory
systems | linux, gentoo
advisories | CVE-2015-5313
SHA-256 | 1b059501eb2c63557591d9a95f0644d455c333a46016df615c5fa52a53c25838
Gentoo Linux Security Advisory 201612-09
Posted Dec 5, 2016
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201612-9 - Multiple vulnerabilities have been found in GD, the worst of which allows remote attackers to execute arbitrary code. Versions less than 2.2.3 are affected.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2016-5766, CVE-2016-6128, CVE-2016-6132, CVE-2016-6207, CVE-2016-7568
SHA-256 | ffca006ac4ed95b5c403e05ca84f0447ce1e0afa104b4c0e8ddb6e3a031ccddc
Gentoo Linux Security Advisory 201612-08
Posted Dec 5, 2016
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201612-8 - A vulnerability in LinuxCIFS utils' cifscreds PAM module might allow remote attackers to have an unspecified impact via unknown vectors. Versions less than 6.4 are affected.

tags | advisory, remote
systems | linux, gentoo
advisories | CVE-2014-2830
SHA-256 | 157e1bb44b38d6fff2d5e5d88fe6ef4ef947c69fbb690162f17ab3178fbbff7b
Gentoo Linux Security Advisory 201612-07
Posted Dec 5, 2016
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201612-7 - A vulnerability was discovered in dpkg which could potentially lead to arbitrary code execution. Versions less than 1.17.26 are affected.

tags | advisory, arbitrary, code execution
systems | linux, gentoo
advisories | CVE-2015-7805
SHA-256 | af3399d65526a3d6e88762958bcff286e63a7aa8d0d26d59ce7f69aec343c356
Gentoo Linux Security Advisory 201612-06
Posted Dec 5, 2016
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201612-6 - Nghttp2 is vulnerable to a heap-use-after-free flaw in idle stream handling code. Versions less than 1.6.0 are affected.

tags | advisory
systems | linux, gentoo
advisories | CVE-2015-8659
SHA-256 | 5ef643701dd8344ec42fd5712c2d28e84fb926a021b12ebd07a57cce90126088
Gentoo Linux Security Advisory 201612-05
Posted Dec 5, 2016
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201612-5 - Pygments is vulnerable to remote code execution if an attacker is allowed to specify the font name. Versions less than 2.0.2-r1 are affected.

tags | advisory, remote, code execution
systems | linux, gentoo
advisories | CVE-2015-8557
SHA-256 | 3c67efb2693fdda4a72b6616e7d9c934ec9aec16322ad8e1e098ba9bb453d9cd
Red Hat Security Advisory 2016-2850-01
Posted Dec 5, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2850-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 45.5.1. Security Fix: A flaw was found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird.

tags | advisory, web, arbitrary
systems | linux, redhat
advisories | CVE-2016-9079
SHA-256 | f2b5168d74f1e0e5d96b19992b90ed1ad3a05d346e5ddc46d229fe84bb406be4
Gentoo Linux Security Advisory 201612-13
Posted Dec 5, 2016
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201612-13 - Nghttp2 is vulnerable to a Denial of Service attack. Versions less than 1.7.1 are affected.

tags | advisory, denial of service
systems | linux, gentoo
advisories | CVE-2016-1544
SHA-256 | 20150f42aff377c5c1cef8934bd4d630b9112a289ce8ff72bfefc010ee9dcf61
Gentoo Linux Security Advisory 201612-12
Posted Dec 5, 2016
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201612-12 - Patch is vulnerable to a locally generated Denial of Service condition. Versions less than 2.7.4 are affected.

tags | advisory, denial of service
systems | linux, gentoo
SHA-256 | 394d191609b0f603caf26650cfe39ba295d093614d03540762ec2a9afd318aaf
Gentoo Linux Security Advisory 201612-11
Posted Dec 5, 2016
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201612-11 - Multiple vulnerabilities have been found in the Chromium web browser, the worst of which allows remote attackers to execute arbitrary code. Versions less than 55.0.2883.75 are affected.

tags | advisory, remote, web, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2016-5203, CVE-2016-5204, CVE-2016-5205, CVE-2016-5206, CVE-2016-5207, CVE-2016-5208, CVE-2016-5209, CVE-2016-5210, CVE-2016-5211, CVE-2016-5212, CVE-2016-5213, CVE-2016-5214, CVE-2016-5215, CVE-2016-5217, CVE-2016-5218, CVE-2016-5219, CVE-2016-5220, CVE-2016-5221, CVE-2016-5222, CVE-2016-5223, CVE-2016-5224, CVE-2016-5225, CVE-2016-5226, CVE-2016-9650, CVE-2016-9651, CVE-2016-9652
SHA-256 | 675e04df4d3b8290e0c23812d63a78aa9d8e2bc5458f4e630a07f3a23d6046e5
Gentoo Linux Security Advisory 201612-04
Posted Dec 5, 2016
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201612-4 - Multiple vulnerabilities have been found in BusyBox, the worst of which allows remote attackers to execute arbitrary code. Versions less than 1.24.2 are affected.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2016-2147, CVE-2016-2148
SHA-256 | 71545632287485cb110922c64d90b90cf8e9906b0bac34723c417d2160da8fda
Alcatel Lucent Omnivista 8770 Remote Code Execution
Posted Dec 5, 2016
Authored by malerisch

Alcatel Lucent Omnivista 8770 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2016-9796
SHA-256 | ff1018a6391a7b71ee9e6ee126ecaa177711e57d33d70b676ee18561a5e59f49
Apache HTTPD Web Server 2.4.23 Memory Exhaustion
Posted Dec 5, 2016
Authored by Naveen Tiwari

Apache HTTPD web server versions 2.4.17 through 2.4.23 did not apply limitations on request headers correctly when experimental module for the HTTP/2 protocol is used to access a resource. The net result is that a server allocates too much memory instead of denying the request. This can lead to memory exhaustion of the server by a properly crafted request.

tags | advisory, web, protocol
advisories | CVE-2016-8740
SHA-256 | ce59b7317dd8f5505d72923540ebf2779ce068b9cee27dfa83ab5f0a3bf93819
Microsoft Event Viewer 1.0 XXE Injection
Posted Dec 5, 2016
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Microsoft Event Viewer version 1.0 suffers from an XML external entity (XXE) injection vulnerability that allows for file exfiltration.

tags | exploit, xxe
advisories | CVE-2019-0948
SHA-256 | 20719851705d60a871bd0171b0cb7a4f694eaa47705615b05528a7c625c3dea3
Apache CouchDB 2.0.0 Local Privilege Escalation
Posted Dec 5, 2016
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Apache CouchDB sets weak file permissions potentially allowing 'Standard' Windows users to elevate privileges. The "nssm.exe" (Apache CouchDB) executable can be replaced by a 'Standard' non administrator user, allowing them to add a backdoor Administrator account once the "Apache CouchDB" service is restarted or system rebooted. As Apache CouchDB runs as LOCALSYSTEM, standard users can now execute arbitrary code with the privileges of the SYSTEM. Version 2.0.0 is affected.

tags | exploit, arbitrary
systems | windows
advisories | CVE-2016-8742
SHA-256 | 68b1e098eddc65e76ee3877ef1fec35d1f90f759cb3fda181fd4c2b03a67aedf
GNU Netcat 0.7.1 Out-Of-Bounds Write
Posted Dec 5, 2016
Authored by n30m1nd

GNU Netcat version 0.7.1 suffers from an out-of-bounds array write.

tags | exploit
SHA-256 | 315266bebe383861e1bf5d7f9fc0f1cb78df9d056a0f1d29ac4bc1297979893e
Windows System Information 6.1.7601 XXE Injection
Posted Dec 5, 2016
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Windows System Information MSINFO32.exe version 6.1.7601 suffers from an XML external entity (XXE) injection vulnerability that allows for file exfiltration.

tags | exploit, xxe
systems | windows
SHA-256 | b295bc2456dfd9aa023fb2cc71b381c58428323e0645f6a1cec73a6adc913ec7
Shuttle Tech ADSL Wireless 920 WM XSS / Directory Traversal
Posted Dec 5, 2016
Authored by Mojtaba MobhaM

Shuttle Tech ADSL Wireless 920 WM suffers from cross site scripting, directory traversal, and default telnet root password vulnerabilities.

tags | exploit, root, vulnerability, xss, file inclusion
SHA-256 | df7ffc5dc3eac8027cfe48f6230c10862e01125d793229ac42940c11c26d4710
Page 1 of 1
Back1Next

File Archive:

June 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    19 Files
  • 2
    Jun 2nd
    16 Files
  • 3
    Jun 3rd
    28 Files
  • 4
    Jun 4th
    0 Files
  • 5
    Jun 5th
    0 Files
  • 6
    Jun 6th
    19 Files
  • 7
    Jun 7th
    23 Files
  • 8
    Jun 8th
    11 Files
  • 9
    Jun 9th
    10 Files
  • 10
    Jun 10th
    4 Files
  • 11
    Jun 11th
    0 Files
  • 12
    Jun 12th
    0 Files
  • 13
    Jun 13th
    0 Files
  • 14
    Jun 14th
    0 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    0 Files
  • 18
    Jun 18th
    0 Files
  • 19
    Jun 19th
    27 Files
  • 20
    Jun 20th
    65 Files
  • 21
    Jun 21st
    10 Files
  • 22
    Jun 22nd
    8 Files
  • 23
    Jun 23rd
    6 Files
  • 24
    Jun 24th
    6 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close