exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 23 of 23 RSS Feed

Files Date: 2017-01-17

TYPO3 CMS 2.0.3 Cross Site Scripting
Posted Jan 17, 2017
Authored by Siddhartha Tripathy | Site sec-consult.com

TYPO3 CMS versions 2.0.3 and below suffer from a cross site scripting vulnerability.

tags | advisory, xss
SHA-256 | 273743201ab94072e1a09e54dfb27754340fc6efe9e8db68e49310f3bf9fd3d5
BoZoN 2.4 Remote Command Execution
Posted Jan 17, 2017
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

BoZon version 2.4 suffers from a pre-authentication remote command execution vulnerability.

tags | exploit, remote
SHA-256 | 90d88ac436e0bd6d454e63e5a15ed20c1bb7096cfb24b4c551c10953a833b477
dirList 0.3.0 File Upload / Command Execution
Posted Jan 17, 2017
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

dirList version 0.3.0 suffers from file upload bypass and remote command execution vulnerabilities.

tags | exploit, remote, vulnerability, file upload
SHA-256 | 8dfcb3d5b7c96f1fe330caa0f93a307d6ee44e66ef831514a746e276371e9f6d
Atlassian Jira 7.1.7 Cross Site Scripting
Posted Jan 17, 2017
Authored by Roberto Soares

Tempest Security Intelligence Advisory ADV-2/2016 - Atlassian Jira version 7.1.7 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2016-6285
SHA-256 | 3dd9c56b41ffd99414961adca6598dde55319f70e320fedb4f66bd617a6133bd
WordPress WooCommerce Direct Download Local File Inclusion
Posted Jan 17, 2017
Authored by Diego Celdran Morell

WordPress Direct Download for WooCommerce versions up to 1.15 suffer from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
SHA-256 | c86f833ea2cb397491425f18175efc5680a0cebbd58bf33c3c099f1c010bedcf
EuskalHack Security Congress 2017 Call For Papers
Posted Jan 17, 2017
Site euskalhack.org

EuskalHack Security Congress is the first Ethical Hacking association in Euskadi, with the aim of promoting the community and culture in digital security to anyone who may be interested. It will be held June 23rd through the 24th, 2017 in Donostia - San Sebastian.

tags | paper, conference
SHA-256 | be8649ffcfd7e9ff33c05d0cf42174aded302778d7ef8baa8ba7f520ecac50a2
TrueOnline ZyXEL / Billion Command Injection / Default Credentials
Posted Jan 17, 2017
Authored by Pedro Ribeiro

TrueOnline is a Thai ISP that distributes customized versions of ZyXEL and Billion routers - customized with vulnerabilities that is. The routers contain several default administrative accounts and command injections that can be abused by authenticated and unauthenticated attackers.

tags | exploit, vulnerability
SHA-256 | 10903d4befe721f251a632833452082ea225e42bdd36042d0be7edf4cbdab914
BSidesLjubljana 2017 Call For Papers
Posted Jan 17, 2017
Site bsidesljubljana.si

B-Sides Ljubljana will be held March 10th, 2017 in Ljubljana, Slovenia.

tags | paper, conference
SHA-256 | db8cad4b160c746e4a2616592d39aa68011fcf4c54bd77d376116f12c7453905
Gentoo Linux Security Advisory 201701-40
Posted Jan 17, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201701-40 - A buffer overflow in xdelta might allow remote attackers to execute arbitrary code. Versions less than 3.0.10 are affected.

tags | advisory, remote, overflow, arbitrary
systems | linux, gentoo
SHA-256 | 849ca96fb6fbccc319a2dbc753723409f13c961ea4ac8dda7b987a20a91cd9ed
Gentoo Linux Security Advisory 201701-39
Posted Jan 17, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201701-39 - A buffer overflow in VLC might allow remote attackers to execute arbitrary code. Versions less than 2.2.4 are affected.

tags | advisory, remote, overflow, arbitrary
systems | linux, gentoo
advisories | CVE-2016-5108
SHA-256 | f487d45d161cc8c97bfe751cc0a495e171eecfd286680952e6a746196689205e
Red Hat Security Advisory 2017-0065-01
Posted Jan 17, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0065-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A use-after-free vulnerability was found in the kernels socket recvmmsg subsystem. This may allow remote attackers to corrupt memory and may allow execution of arbitrary code. This corruption takes place during the error handling routines within __sys_recvmmsg() function.

tags | advisory, remote, arbitrary, kernel
systems | linux, redhat
advisories | CVE-2016-7117
SHA-256 | 7c283a9ccd3baaf5011ece8e0a9d64f1d2e35deb0a35ec9cc520a87378b4e825
Gentoo Linux Security Advisory 201701-42
Posted Jan 17, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201701-42 - Multiple vulnerabilities have been found in file, the worst of which could allow remote attackers to execute arbitrary code. Versions less than 5.23 are affected.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2014-3710, CVE-2014-9652, CVE-2014-9653, CVE-2015-8865
SHA-256 | 78167656850b75cb7bbbedfb7cfa5ce584845f87a00c57310c1ffbb0846e730c
Gentoo Linux Security Advisory 201701-41
Posted Jan 17, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201701-41 - A buffer overflow in MiniUPnPc might allow remote attackers to cause a Denial of Service condition. Versions less than 1.9.20150427 are affected.

tags | advisory, remote, denial of service, overflow
systems | linux, gentoo
advisories | CVE-2014-3985
SHA-256 | 718f757ac77cd3faeec090845f5f38049fcf8f01f0f907bcb534673d44fbedc7
Gentoo Linux Security Advisory 201701-38
Posted Jan 17, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201701-38 - Multiple vulnerabilities have been found in Pidgin, the worst of which could lead to execution of arbitrary code. Versions less than 2.11.0 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2016-1000030, CVE-2016-2365, CVE-2016-2366, CVE-2016-2367, CVE-2016-2368, CVE-2016-2369, CVE-2016-2370, CVE-2016-2371, CVE-2016-2372, CVE-2016-2373, CVE-2016-2374, CVE-2016-2375, CVE-2016-2376, CVE-2016-2377, CVE-2016-2378, CVE-2016-2379, CVE-2016-2380, CVE-2016-4323
SHA-256 | 8a00adaf28744a0f8b85c6aa185e2e04baef9410c1941237381a020576a41e77
Check Box 2016 Q2 Survey Directory Traversal / Open Redirection
Posted Jan 17, 2017
Authored by Fady Mohamed Osman

Check Box 2016 Q2 Survey suffers from insecure direct object reference, open redirection, and directory traversal vulnerabilities.

tags | exploit, vulnerability, file inclusion
SHA-256 | 9b4750f5dcfb38041c933481c1c73bcee5f56bc5a8dcd1690f3f211a04f0f949
PHP LibGD Heap Buffer Overflow
Posted Jan 17, 2017
Authored by Hans Jerry Illikainen

Proof of concept exploit for CVE-2016-3074 targeting Ubuntu 15.10 x86-64 with php5-gd and php5-fpm running behind nginx.

tags | exploit, overflow, x86, proof of concept
systems | linux, ubuntu
advisories | CVE-2016-3074
SHA-256 | ce82b05af66a6cc890010631b025d315ce68856b73a262d38038ee440aded59d
Tinc Virtual Private Network Daemon 1.0.31
Posted Jan 17, 2017
Authored by Ivo Timmermans | Site tinc.nl.linux.org

tinc is a Virtual Private Network (VPN) daemon that uses tunneling and encryption to create a secure private network between multiple hosts on the Internet. This tunneling allows VPN sites to share information with each other over the Internet without exposing any information.

Changes: Minor update.
tags | tool, encryption
systems | unix
SHA-256 | d3cbc82e6e07975a2ccc0b369d07e30fc3324e71e240dca8781ce9a4f629519b
Botan C++ Crypto Algorithms Library 1.10.15
Posted Jan 17, 2017
Site botan.randombit.net

Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS #10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to most systems and compilers, and includes a substantial tutorial and API reference.

Changes: Various updates.
tags | library
SHA-256 | c0cc8ffd470fda4b257c3ef9faf5cf93751f4c283dfba878148acafedfab70fe
Gentoo Linux Security Advisory 201701-37
Posted Jan 17, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201701-37 - Multiple vulnerabilities have been found in libxml2, the worst of which could lead to the execution of arbitrary code. Versions less than 2.9.4-r1 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2015-1819, CVE-2015-5312, CVE-2015-7497, CVE-2015-7498, CVE-2015-7499, CVE-2015-7500, CVE-2015-7941, CVE-2015-7942, CVE-2015-8035, CVE-2015-8242, CVE-2015-8806, CVE-2016-1836, CVE-2016-1838, CVE-2016-1839, CVE-2016-1840, CVE-2016-2073, CVE-2016-3627, CVE-2016-3705, CVE-2016-4483, CVE-2016-4658, CVE-2016-5131
SHA-256 | 2628a764d5a6e85b5317a6369ff43fe467ae6831e0273a58e6987ad7f00c5ad7
Apache NiFi 1.0.0 / 1.1.0 Cross Site Scripting
Posted Jan 17, 2017
Authored by Matt Gilman

Apache NiFi versions 1.0.0 and 1.1.0 suffer from a cross site scripting vulnerability.

tags | advisory, xss
advisories | CVE-2016-8748
SHA-256 | 27d8af85dd965e878a3edbed6e172052a109ae2774adf35ecb90f823f2461300
Tenda ADSL2/2+ Modem D840R DNS Changer
Posted Jan 17, 2017
Authored by Todor Donev

Tenda ADSL2/2+ Modem D840R unauthenticated remote DNS changer exploit.

tags | exploit, remote
SHA-256 | c74eb3c2266af09f6bcf87b519630c7d6880210b33d25893b5973b93f7c34766
Pirelli DRG A115 ADSL Router DNS Changer
Posted Jan 17, 2017
Authored by Todor Donev

Pirelli DRG A115 ADSL router unauthenticated remote DNS changer exploit.

tags | exploit, remote
SHA-256 | 7d1b621d700ac653f04afe392e27a9d02df8c045899e6c2fae15aba1cabf37ed
Android ssp_batch_ioctl Out-Of-Bounds Write
Posted Jan 17, 2017
Authored by Google Security Research, laginimaineb

Android suffers from an out-of-bounds write in ssp_batch_ioctl.

tags | advisory
SHA-256 | d8251df417f20cd57db8bb9ace2de1104fca9ec41f56cbe14574daaf5e879d27
Page 1 of 1
Back1Next

File Archive:

December 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    2 Files
  • 2
    Dec 2nd
    12 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    14 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close