accept no compromises
Showing 1 - 18 of 18 RSS Feed

Files Date: 2016-12-15

Wireshark Analyzer 2.2.3
Posted Dec 15, 2016
Authored by Gerald Combs | Site wireshark.org

Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers.

Changes: Various updates.
tags | tool, sniffer, protocol
systems | windows, unix
MD5 | 68e201e06873c67cb7544d27991e79bf
I2P 0.9.28
Posted Dec 15, 2016
Authored by welterde | Site i2p2.de

I2P is an anonymizing network, offering a simple layer that identity-sensitive applications can use to securely communicate. All data is wrapped with several layers of encryption, and the network is both distributed and dynamic, with no trusted parties. This is the source code release version.

Changes: Various updates and bug fixes.
tags | tool
systems | unix
MD5 | 6c9566c265b4c4c59e2b121f0b07f3da
Bettercap 1.5.9
Posted Dec 15, 2016
Authored by evilsocket | Site bettercap.org

BetterCAP is a powerful, flexible, and portable tool created to perform various types of MITM attacks against a network, manipulate HTTP, HTTPS and TCP traffic in realtime, sniff for credentials and much more.

Changes: New --no-http-logs proxy option. New Response#redirect! helper method. Various other features and bug fixes.
tags | tool, web, sniffer, tcp
systems | unix
MD5 | 45dc1892b89449cb25a45c72f3a98d06
Microsoft Windows Type 1 Font Processing Privilege Escalation
Posted Dec 15, 2016
Authored by Behzad Najjarpour Jabbari | Site secunia.com

Secunia Research has discovered a vulnerability in Microsoft Windows, which can be exploited by malicious, local users to gain escalated privileges and by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an error within the win32k.sys when processing Type 1 fonts, which can be exploited to trigger a NULL pointer dereference and subsequently cause a kernel crash or gain elevated privileges via a specially crafted PFB font. The vulnerability is confirmed on a fully patched Windows 7 Professional (win32k.sys version 6.1.7601.23545).

tags | advisory, denial of service, kernel, local
systems | windows, 7
advisories | CVE-2016-7259
MD5 | feffd2a6827fd6748079e32126b68294
XNU Kernel set_dp_control_port Use-After-Free
Posted Dec 15, 2016
Authored by Google Security Research, ianbeer

The XNU kernel suffers from a use-after-free vulnerability due to a lack of locking in set_dp_control_port.

tags | exploit, kernel
advisories | CVE-2016-7644
MD5 | 49ab3b54365c79284a1f81feeb6693f0
Nagios Core Curl Command Injection / Code Execution
Posted Dec 15, 2016
Authored by Dawid Golunski

Nagios Core versions prior to 4.2.2 suffer from a curl command injection vulnerability that can lead to remote code execution.

tags | exploit, remote, code execution
advisories | CVE-2016-9565
MD5 | 6dc98bfd8857fb90408586ac4fad6fd0
Microsoft Internet Explorer 9 IEFRAME CMarkupPointer::MoveToGap Use-After-Free
Posted Dec 15, 2016
Authored by SkyLined

Microsoft Internet Explorer 9 suffers from an IEFRAME CMarkupPointer::MoveToGap use-after-free vulnerability.

tags | exploit
MD5 | 00d283aeffd9f0037536744ec7a5562a
VMPanel 2.7.4 SQL Injection
Posted Dec 15, 2016
Authored by ZwX

VMPanel version 2.7.4 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | b099ad47c1961c838930a6ff111ddc4f
Microsoft Internet Explorer 9 IEFRAME CMarkup..RemovePointerPos Use-After-Free
Posted Dec 15, 2016
Authored by SkyLined

Microsoft Internet Explorer 9 suffers from an IEFRAME CMarkup..RemovePointerPos use-after-free vulnerability.

tags | exploit
advisories | CVE-2013-3143
MD5 | a6a25ec5395b8f93761076ab563305c4
Microsoft Internet Explorer 9 MSHTML CMarkup::ReloadInCompatView Use-After-Free
Posted Dec 15, 2016
Authored by SkyLined

Microsoft Internet Explorer 9 suffers from an MSHTML CMarkup::ReloadInCompatView use-after-free vulnerability.

tags | exploit
MD5 | 60d09a86269f91a3f282b588cbd1af1d
Nidesoft MP3 Converter 2.6.18 Buffer Overflow
Posted Dec 15, 2016
Authored by malwrforensics

Nidesoft MP3 Converter version 2.6.18 SEH local buffer overflow exploit.

tags | exploit, overflow, local
MD5 | b901a01f948bdd38cb89b4e596a6ed81
Adobe Animate 15.2.1.95 Buffer Overflow
Posted Dec 15, 2016
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Adobe Animate versions 15.2.1.95 and below suffer from a buffer overflow vulnerability.

tags | exploit, overflow
advisories | CVE-2016-7866
MD5 | 2af4c707ec5d6a185506c83a824702c6
Red Hat Security Advisory 2016-2947-01
Posted Dec 15, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2947-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update upgrades Flash Player to version 24.0.0.186. Security Fix: This update fixes multiple vulnerabilities in Adobe Flash Player. These vulnerabilities, detailed in the Adobe Security Bulletin listed in the References section, could allow an attacker to create a specially crafted SWF file that would cause flash-plugin to crash, execute arbitrary code, or disclose sensitive information when the victim loaded a page containing the malicious SWF content.

tags | advisory, web, arbitrary, vulnerability
systems | linux, redhat
advisories | CVE-2016-7867, CVE-2016-7868, CVE-2016-7869, CVE-2016-7870, CVE-2016-7871, CVE-2016-7872, CVE-2016-7873, CVE-2016-7874, CVE-2016-7875, CVE-2016-7876, CVE-2016-7877, CVE-2016-7878, CVE-2016-7879, CVE-2016-7880, CVE-2016-7881, CVE-2016-7890, CVE-2016-7892
MD5 | b444cb4b766029ef2aad8fd1d8c33148
Red Hat Security Advisory 2016-2946-01
Posted Dec 15, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2946-01 - Mozilla Firefox is an open source web browser. This update upgrades Firefox to version 45.6.0 ESR. Security Fix: Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox.

tags | advisory, web, arbitrary
systems | linux, redhat
advisories | CVE-2016-9893, CVE-2016-9895, CVE-2016-9897, CVE-2016-9898, CVE-2016-9899, CVE-2016-9900, CVE-2016-9901, CVE-2016-9902, CVE-2016-9904, CVE-2016-9905
MD5 | 7c075a991246c8475ae1682648bbad2f
Slackware Security Advisory - mozilla-firefox Updates
Posted Dec 15, 2016
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New mozilla-firefox packages are available for Slackware 14.1, 14.2, and -current to fix security issues.

tags | advisory
systems | linux, slackware
MD5 | bfa8c95ebc9f0fbdb3e11c4cea93e729
Ubuntu Security Notice USN-3157-1
Posted Dec 15, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3157-1 - Donncha O Cearbhaill discovered that the crash file parser in Apport improperly treated the CrashDB field as python code. An attacker could use this to convince a user to open a maliciously crafted crash file and execute arbitrary code with the privileges of that user. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. Donncha O Cearbhaill discovered that Apport did not properly sanitize the Package and SourcePackage fields in crash files before processing package specific hooks. An attacker could use this to convince a user to open a maliciously crafted crash file and execute arbitrary code with the privileges of that user. Various other issues were also addressed.

tags | advisory, arbitrary, python
systems | linux, ubuntu
advisories | CVE-2016-9949, CVE-2016-9950, CVE-2016-9951
MD5 | 67b555399730f2ee8248463e13814325
WordPress MailChimp 3.1.5 / 4.0.10 Cross Site Scripting
Posted Dec 15, 2016
Authored by Tom Adams

WordPress MailChimp versions 3.1.5 and 4.0.10 suffer from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 6c1823c316f75b3a66c94add5ee70c23
Gstreamer 0.10.x Logic Error
Posted Dec 15, 2016
Authored by Chris Evans | Site scarybeastsecurity.blogspot.com

A vulnerability and a separate logic error exist in the gstreamer 0.10.x player for NSF music files. Combined, they allow for very reliable exploitation and the bypass of 64-bit ASLR, DEP, etc. The reliability is provided by the presence of a turing complete "scripting" inside a music player. Read the homepage link for full analysis. Proof of concept exploit included in this archive.

tags | exploit, proof of concept
MD5 | da231d9408e25a8f4d0e8b1c067159dc
Page 1 of 1
Back1Next

File Archive:

October 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    15 Files
  • 2
    Oct 2nd
    16 Files
  • 3
    Oct 3rd
    15 Files
  • 4
    Oct 4th
    15 Files
  • 5
    Oct 5th
    11 Files
  • 6
    Oct 6th
    6 Files
  • 7
    Oct 7th
    2 Files
  • 8
    Oct 8th
    1 Files
  • 9
    Oct 9th
    13 Files
  • 10
    Oct 10th
    16 Files
  • 11
    Oct 11th
    15 Files
  • 12
    Oct 12th
    23 Files
  • 13
    Oct 13th
    13 Files
  • 14
    Oct 14th
    12 Files
  • 15
    Oct 15th
    2 Files
  • 16
    Oct 16th
    5 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close