exploit the possibilities
Showing 1 - 25 of 44 RSS Feed

Files Date: 2017-01-31

Hydra Network Logon Cracker 8.4
Posted Jan 31, 2017
Authored by van Hauser, thc | Site thc.org

THC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.

Changes: Multiple new protocols implemented. Various bug fixes and proxy support was re-implemented.
tags | tool, web, imap
systems | cisco, unix
SHA-256 | 482846580888f54e000bb125e263a65c32fa28ba86c9d4012371cf55c3bdc140
EMC Documentum eRoom Unverified Password Change
Posted Jan 31, 2017
Site emc.com

EMC Documentum eRoom includes an unverified password change vulnerability that could potentially be exploited by malicious users to compromise the affected system. Versions affected include 7.4.4 and 7.4.4 SP. Versions prior to 7.4.5 P04 and 7.5.0 P01 are also affected.

tags | advisory
advisories | CVE-2017-2766
SHA-256 | e835023b15095c92be0207b2036c81225742f33b18d6c5ba2baf30034498536c
WP Easy Full Backup Brute Forcer
Posted Jan 31, 2017
Authored by Larry W. Cashdollar

This is a database download brute forcing script that is written for the WordPress WP Easy Full Backup plugin.

tags | tool, scanner
systems | unix
SHA-256 | 8009e8ab50cfe48e9e83d6221a42b01e2d9572a63fa30c4d3ef32db9c178dcd1
Viscosity For Windows 1.6.7 Privilege Escalation
Posted Jan 31, 2017
Authored by Kacper Szurek

Viscosity for Windows version 1.6.7 suffers from a privilege escalation vulnerability. It is possible to execute openvpn with a custom dll as SYSTEM using ViscosityService because the path is not correctly validated.

tags | exploit
systems | windows
SHA-256 | 1e165f6606a232bfd4cc34a34c68a7346cb59ed704cf1caf321ea02cee78ab3e
Revive Adserver 4.0.0 XSS / Deserialization / Session Fixation
Posted Jan 31, 2017
Authored by Matteo Beccati

Revive Adserver versions 4.0.0 and below suffer from cross site scripting, session fixation, and deserialization of untrusted data vulnerabilities.

tags | advisory, vulnerability, xss
SHA-256 | 49fc47c53b039e7dd7aa51c531ed2ea56ab25e997650a7d59f9e2c32e722f087
Netgear Router Password Disclosure
Posted Jan 31, 2017
Authored by Simon Kenin | Site trustwave.com

Multiple Netgear routers suffers from remote and local password disclosure vulnerabilities.

tags | exploit, remote, local, vulnerability
advisories | CVE-2017-5521
SHA-256 | dbaeb4937d70280e3491b85b30c34a0d631fed2c6555336ee35deb7fefcc8dda
HPE Security Bulletin HPESBMU03701 1
Posted Jan 31, 2017
Authored by Hewlett Packard Enterprise | Site hpe.com

HPE Security Bulletin HPESBMU03701 1 - A potential vulnerability has been identified in HPE Smart Storage Administrator. The vulnerability could remotely be exploited to allow execution of arbitrary code. Revision 1 of this advisory.

tags | advisory, arbitrary
advisories | CVE-2016-8523
SHA-256 | 389f47122d3d84da0c8406651485468f4b6e77a77a96f6b2064f6ed76dcf6148
Gentoo Linux Security Advisory 201701-77
Posted Jan 31, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201701-77 - A vulnerability in Ansible may allow rogue clients to execute commands on the Ansible controller. Versions less than 2.1.4.0_rc3 are affected.

tags | advisory
systems | linux, gentoo
advisories | CVE-2016-9587
SHA-256 | 2cb237a335974f57ee8379fa18610f2a02590df401548e2efc9bc897e132ba96
Red Hat Security Advisory 2017-0215-01
Posted Jan 31, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0215-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A use-after-free vulnerability was found in the kernel's socket recvmmsg subsystem. This may allow remote attackers to corrupt memory and may allow execution of arbitrary code. This corruption takes place during the error handling routines within __sys_recvmmsg() function.

tags | advisory, remote, arbitrary, kernel
systems | linux, redhat
advisories | CVE-2016-7117
SHA-256 | 9773caf065be9c5f7c1b57330e6aebc627b8f3c6632b045a8257a108b8da6d9d
Red Hat Security Advisory 2017-0216-01
Posted Jan 31, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0216-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A use-after-free vulnerability was found in the kernel's socket recvmmsg subsystem. This may allow remote attackers to corrupt memory and may allow execution of arbitrary code. This corruption takes place during the error handling routines within __sys_recvmmsg() function.

tags | advisory, remote, arbitrary, kernel
systems | linux, redhat
advisories | CVE-2016-7117
SHA-256 | c186c3b266a35ae94614ffd7a976f4b1e2eb276249557cbb40ab3439fcd12aae
Red Hat Security Advisory 2017-0217-01
Posted Jan 31, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0217-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A use-after-free vulnerability was found in the kernel's socket recvmmsg subsystem. This may allow remote attackers to corrupt memory and may allow execution of arbitrary code. This corruption takes place during the error handling routines within __sys_recvmmsg() function.

tags | advisory, remote, arbitrary, kernel
systems | linux, redhat
advisories | CVE-2016-2847, CVE-2016-7117
SHA-256 | 0f04199e8b96f3c0ef49b41aa0b81c70b56ac8c4e9e510b9a19ddf9c1b0c225a
Gentoo Linux Security Advisory 201701-76
Posted Jan 31, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201701-76 - Multiple vulnerabilities have been found in HarfBuzz, the worst of which could allow remote attackers to cause a Denial of Service condition. Versions less than 1.0.6 are affected.

tags | advisory, remote, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2015-8947, CVE-2016-2052
SHA-256 | c4c43fcf2857f96ff6e6e6c393e86dcc4e8f80c56171ed36cf7a530c3cb25994
Red Hat Security Advisory 2017-0214-01
Posted Jan 31, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0214-01 - Nagios is a program that monitors hosts and services on your network, and has the ability to send email or page alerts when a problem arises or is resolved. Nagios is written in C and designed to run under Linux as a background process, intermittently running checks on various services that you specify. The actual service checks are performed by separate "plugin" programs which return the status of the checks to Nagios. Nagios plugins are available at http://sourceforge.net/projects/nagiosplug. This package provides the core program, web interface, and documentation files for Nagios. Development files are built as a separate package.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2008-7313, CVE-2014-5008, CVE-2014-5009, CVE-2016-9565, CVE-2016-9566
SHA-256 | f4f50df16590df135e030cf35334e92ba1f77e66d0e7be3a8b1762fff8cdb46e
Red Hat Security Advisory 2017-0212-01
Posted Jan 31, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0212-01 - Nagios is a program that monitors hosts and services on your network, and has the ability to send email or page alerts when a problem arises or is resolved. Nagios is written in C and designed to run under Linux as a background process, intermittently running checks on various services that you specify. The actual service checks are performed by separate "plugin" programs which return the status of the checks to Nagios. Nagios plugins are available at http://sourceforge.net/projects/nagiosplug. This package provides the core program, web interface, and documentation files for Nagios. Development files are built as a separate package.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2008-7313, CVE-2014-5008, CVE-2014-5009, CVE-2016-9565, CVE-2016-9566
SHA-256 | b998263bac801bdf05507dd054133c1c0a715741d1d2f96c11ded4a4c365f07b
Red Hat Security Advisory 2017-0211-01
Posted Jan 31, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0211-01 - Nagios is a program that monitors hosts and services on your network, and has the ability to send email or page alerts when a problem arises or is resolved. Nagios is written in C and designed to run under Linux as a background process, intermittently running checks on various services that you specify. The actual service checks are performed by separate "plugin" programs which return the status of the checks to Nagios. Nagios plugins are available at http://sourceforge.net/projects/nagiosplug. This package provides the core program, web interface, and documentation files for Nagios. Development files are built as a separate package.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2008-7313, CVE-2014-5008, CVE-2014-5009, CVE-2016-9565, CVE-2016-9566
SHA-256 | cbd1b0894feca5060b35372d9de8469d1a1ab60046d7d13765e6cb15c5f5c95a
Red Hat Security Advisory 2017-0213-01
Posted Jan 31, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0213-01 - Nagios is a program that monitors hosts and services on your network, and has the ability to send email or page alerts when a problem arises or is resolved. Nagios is written in C and designed to run under Linux as a background process, intermittently running checks on various services that you specify. The actual service checks are performed by separate "plugin" programs which return the status of the checks to Nagios. Nagios plugins are available at http://sourceforge.net/projects/nagiosplug. This package provides the core program, web interface, and documentation files for Nagios. Development files are built as a separate package.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2008-7313, CVE-2014-5008, CVE-2014-5009, CVE-2016-9565, CVE-2016-9566
SHA-256 | b2641d56ba15d1ad8f1fb0ac80fb12918d10204de071e367093ddb8886171dc5
Libarchive 3.2.2 lha_read_file_header_1() Denial Of Service
Posted Jan 31, 2017
Authored by Jakub Jirasek | Site secunia.com

Secunia Research has discovered a vulnerability in libarchive, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an error in the "lha_read_file_header_1()" function (archive_read_support_format_lha.c), which can be exploited to trigger an out-of-bounds read memory access via a specially crafted archive. The vulnerability is confirmed in version 3.2.2. Other versions may also be affected.

tags | advisory, denial of service
advisories | CVE-2017-5601
SHA-256 | aa2df6dcc8af97d089cfa8e980271155e3918baf57560ac35d78aea7e00ccc4b
Hacking Printers Advisory 6
Posted Jan 31, 2017
Authored by Jens Mueller

This post is about putting printers out of their misery and destroying the NVRAM through ordinary print jobs.

tags | advisory
SHA-256 | e2cd86b8adc6667167b8f7b8f181989c96fee30d127929b13743dc8b7d1e5967
Hacking Printers Advisory 5
Posted Jan 31, 2017
Authored by Jens Mueller

This post is about resetting a printer to factory defaults through ordinary print jobs, therefore bypassing all protection mechanisms like user-set passwords.

tags | advisory
SHA-256 | c0d3ac08f94bc071adf9e63784f30829f42fad0694c4e352f9eb78b9c01cd3f8
Hacking Printers Advisory 4
Posted Jan 31, 2017
Authored by Jens Mueller

This post is about buffer overflows in a printer's LPD daemon and PJL interpreter which leads to denial of service or potentially even to code execution. Multiple printers are affected.

tags | advisory, denial of service, overflow, code execution
SHA-256 | ed3f781546ee705d1385f6e94873f6738e66f693d3e7c6ffb379426cacaefa6b
Heimdal Security DLL Hijacking
Posted Jan 31, 2017
Authored by Stefan Kanthak

Heimdal Security's SetupLauncher is vulnerable to DLL hijacking.

tags | advisory
systems | windows
SHA-256 | 943d15090aa9969816c66d337a95a511ef46089ce4b7786320fe7e66d6aa41c9
Itech Multi Vendor Script 6.49 SQL Injection
Posted Jan 31, 2017
Authored by Kaan KAMIS

Itech Multi Vendor Script version 6.49 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 3b956b159cd882b8b43f719ce66d2222edcf0227acab224b8cfbd1c3ded4ad83
Netman 204 Backdoor / Password Reset
Posted Jan 31, 2017
Authored by Saeed reza Zamania, Simon Gurney

Netman 204 suffers from backdoor accounts and a password reset vulnerability. The backdoor accounts were already discovered in September of 2016 by Saeed reza Zamania.

tags | exploit
SHA-256 | 604c3bc5a72eb8e9929ea3e43976a09ff9667d1f8bff94b645c84be2b5255741
Itech News Portal Script 6.28 SQL Injection
Posted Jan 31, 2017
Authored by Kaan KAMIS

Itech News Portal Script version 6.28 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 66666fa7d3b32270be5df5fb8f2232b2476f89ebef78c89e9ff8002d7094d1ce
PHP Product Designer Script Arbitrary File Upload
Posted Jan 31, 2017
Authored by Ihsan Sencan

PHP Product Designer Script suffers from a remote file upload vulnerability.

tags | exploit, remote, php, file upload
SHA-256 | 7d790c1ec21fded17dacbbc17620efc38ecb001d6fc9c52edfe9851c78357a60
Page 1 of 2
Back12Next

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    26 Files
  • 18
    May 18th
    4 Files
  • 19
    May 19th
    17 Files
  • 20
    May 20th
    2 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close