Exploit the possiblities
Showing 1 - 24 of 24 RSS Feed

Files Date: 2017-04-05

Spiceworks 7.5 TFTP Improper Access Control File Overwrite / Upload
Posted Apr 5, 2017
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Spiceworks version 7.5 suffers from a TFTP improper access control file overwrite / upload vulnerability.

tags | exploit
advisories | CVE-2017-7237
MD5 | a71b67e48cbd502093ed38b28549e8d4
Hashcat Advanced Password Recovery 3.5.0 Source Code
Posted Apr 5, 2017
Authored by Kartan | Site hashcat.net

Hashcat is an advanced GPU hash cracking utility that includes the World's fastest md5crypt, phpass, mscash2 and WPA / WPA2 cracker. It also has the first and only GPGPU-based rule engine, focuses on highly iterated modern hashes, single dictionary-based attacks, and more. This is the source code release.

Changes: WPA cracking updates. Added hash-mode 15100 for Juniper/NetBSD sha1crypt. Various other updates.
tags | tool, cracker
systems | unix
MD5 | 66ebaa792c57858610592ed024259cf7
Hashcat Advanced Password Recovery 3.5.0 Binary Release
Posted Apr 5, 2017
Authored by Kartan | Site hashcat.net

Hashcat is an advanced GPU hash cracking utility that includes the World's fastest md5crypt, phpass, mscash2 and WPA / WPA2 cracker. It also has the first and only GPGPU-based rule engine, focuses on highly iterated modern hashes, single dictionary-based attacks, and more. This is the binary release.

Changes: WPA cracking updates. Added hash-mode 15100 for Juniper/NetBSD sha1crypt. Various other updates.
tags | tool, cracker
MD5 | 14d1166a6218420193f173fd7c31ed89
Ubuntu Security Notice USN-3256-2
Posted Apr 5, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3256-2 - USN-3256-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, and Ubuntu 16.10. This update provides the corresponding updates for the Linux Hardware Enablement kernel for each of the respective prior Ubuntu LTS releases. Andrey Konovalov discovered that the AF_PACKET implementation in the Linux kernel did not properly validate certain block-size data. A local attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2017-7308
MD5 | f8656c64a6b04856b436af63a16837e2
Ubuntu Security Notice USN-3256-1
Posted Apr 5, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3256-1 - Andrey Konovalov discovered that the AF_PACKET implementation in the Linux kernel did not properly validate certain block-size data. A local attacker could use this to cause a denial of service.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2017-7308
MD5 | cc98d7a3d09a559b20ce332f3280ac93
Red Hat Security Advisory 2017-0882-01
Posted Apr 5, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0882-01 - V8 is Google's open source JavaScript engine. V8 is written in C++ and is used in Google Chrome, the open source browser from Google. V8 implements ECMAScript as specified in ECMA-262, 3rd edition. Security Fix: An integer-overflow flaw was found in V8's Zone class when allocating new memory and Zone::NewExpand()). An attacker with the ability to manipulate a large zone could crash the application or, potentially, execute arbitrary code with the application privileges.

tags | advisory, overflow, arbitrary, javascript
systems | linux, redhat
advisories | CVE-2016-1669
MD5 | f105e9f87aed62bba1af303b7c9feaf9
Red Hat Security Advisory 2017-0880-01
Posted Apr 5, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0880-01 - V8 is Google's open source JavaScript engine. V8 is written in C++ and is used in Google Chrome, the open source browser from Google. V8 implements ECMAScript as specified in ECMA-262, 3rd edition. Security Fix: An integer-overflow flaw was found in V8's Zone class when allocating new memory and Zone::NewExpand()). An attacker with the ability to manipulate a large zone could crash the application or, potentially, execute arbitrary code with the application privileges.

tags | advisory, overflow, arbitrary, javascript
systems | linux, redhat
advisories | CVE-2016-1669
MD5 | dde4f33d59c42a6228fb0d31ad96f90c
Red Hat Security Advisory 2017-0881-01
Posted Apr 5, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0881-01 - V8 is Google's open source JavaScript engine. V8 is written in C++ and is used in Google Chrome, the open source browser from Google. V8 implements ECMAScript as specified in ECMA-262, 3rd edition. Security Fix: An integer-overflow flaw was found in V8's Zone class when allocating new memory and Zone::NewExpand()). An attacker with the ability to manipulate a large zone could crash the application or, potentially, execute arbitrary code with the application privileges.

tags | advisory, overflow, arbitrary, javascript
systems | linux, redhat
advisories | CVE-2016-1669
MD5 | ca2c881da5260fe98c877bc6cee1c86e
Red Hat Security Advisory 2017-0879-01
Posted Apr 5, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0879-01 - V8 is Google's open source JavaScript engine. V8 is written in C++ and is used in Google Chrome, the open source browser from Google. V8 implements ECMAScript as specified in ECMA-262, 3rd edition. Security Fix: An integer-overflow flaw was found in V8's Zone class when allocating new memory and Zone::NewExpand()). An attacker with the ability to manipulate a large zone could crash the application or, potentially, execute arbitrary code with the application privileges.

tags | advisory, overflow, arbitrary, javascript
systems | linux, redhat
advisories | CVE-2016-1669
MD5 | d54b9d477fd5892917ed666bf4f46c42
Ubuntu Security Notice USN-3255-1
Posted Apr 5, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3255-1 - It was discovered that LightDM incorrectly handled home directory creation for guest users. A local attacker could use this issue to gain ownership of arbitrary directory paths and possibly gain administrative privileges.

tags | advisory, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2017-7358
MD5 | 72192a5ad82f2958e0bf29f6bc78d105
HP Security Bulletin HPESBGN03727 1
Posted Apr 5, 2017
Authored by HP | Site hp.com

HP Security Bulletin HPESBGN03727 1 - A potential security vulnerability has been identified in the HPE Business Process Monitor. This vulnerability could be remotely exploited to allow Unauthorized Access to Data. Revision 1 of this advisory.

tags | advisory
advisories | CVE-2017-5801
MD5 | 70563e7a989ba9a9ccfc3c2dd5cbc286
Ubuntu Security Notice USN-3254-1
Posted Apr 5, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3254-1 - It was discovered that Django incorrectly handled numeric redirect URLs. A remote attacker could possibly use this issue to perform XSS attacks, and to use a Django server as an open redirect. Phithon Gong discovered that Django incorrectly handled certain URLs when the jango.views.static.serve view is being used. A remote attacker could possibly use a Django server as an open redirect.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2017-7233, CVE-2017-7234
MD5 | 2771c49cbc063538415b920da8b4cb7c
Debian Security Advisory 3826-1
Posted Apr 5, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3826-1 - It was discovered that the original patch to address CVE-2016-1242 did not cover all cases, which may result in information disclosure of file contents.

tags | advisory, info disclosure
systems | linux, debian
advisories | CVE-2017-0360
MD5 | 85f53a5e97ba0ea42d32b9366dbdf293
Red Hat Security Advisory 2017-0876-01
Posted Apr 5, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0876-01 - Red Hat Single Sign-On is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.1 serves as a replacement for Red Hat Single Sign-On 7.0, and includes several bug fixes and enhancements. For further information, refer to the Release Notes linked to in the References section. Multiple security issues have been addressed.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2016-8629, CVE-2016-9589, CVE-2017-2585
MD5 | e3635dc76b3aea59a662ade7ceac5216
Red Hat Security Advisory 2017-0873-01
Posted Apr 5, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0873-01 - Red Hat Single Sign-On is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.1 serves as a replacement for Red Hat Single Sign-On 7.0, and includes several bug fixes and enhancements. For further information regarding those, refer to the Release Notes linked to in the References section. Multiple security issues have been addressed.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2016-8629, CVE-2016-9589, CVE-2017-2585
MD5 | c685888bef47abb8891a89e304ec1582
Red Hat Security Advisory 2017-0872-01
Posted Apr 5, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0872-01 - Red Hat Single Sign-On is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.1 serves as a replacement for Red Hat Single Sign-On 7.0, and includes several bug fixes and enhancements. For further information regarding those, refer to the Release Notes linked to in the References section. Multiple security issues have been addressed.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2016-8629, CVE-2016-9589, CVE-2017-2585
MD5 | d1700b81a58c173dd2e62894679aaa44
Airbnb Crashpadder Clone Script SQL Injection
Posted Apr 5, 2017
Authored by Ihsan Sencan

Airbnb Crashpadder Clone Script suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 5b2ac7f4745817f857e0440bc010e866
D-Link DIR-615 Cross Site Request Forgery
Posted Apr 5, 2017
Authored by Pratik S. Shah

D-Link DIR-615 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
advisories | CVE-2017-7398
MD5 | 99d8cbc36fbf244a16318e8a9994a3a3
Faveo Helpdesk Community 1.9.3 Cross Site Request Forgery
Posted Apr 5, 2017
Authored by yokoacc, rungga_reksya, AdyWikradinata, dvnrcy, dickysofficial

Faveo Helpdesk Community version 1.9.3 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
advisories | CVE-2017-7571
MD5 | cf49c573f7691663fb0e7bd16cdabab8
Premium Penny Auction Script SQL Injection
Posted Apr 5, 2017
Authored by Ihsan Sencan

Premium Penny Auction Script suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 15eb86778817d8d61cd6ab92ba6d3920
HelpDEZK 1.1.1 CSRF / Code Execution
Posted Apr 5, 2017
Authored by yokoacc, rungga_reksya, AdyWikradinata, dvnrcy, dickysofficial

HelpDEZK version 1.1.1 suffers from code execution and cross site request forgery vulnerabilities.

tags | exploit, vulnerability, code execution, csrf
advisories | CVE-2017-7446, CVE-2017-7447
MD5 | 39ff9b5e973e4cc6e07d3260e5985c65
ImagePro Lazygirls Clone Script SQL Injection
Posted Apr 5, 2017
Authored by Ihsan Sencan

ImagePro Lazygirls Clone Script suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | a1882db7c7f3647edd706f923958378b
Sweepstakes Pro Software SQL Injection
Posted Apr 5, 2017
Authored by Ihsan Sencan

Sweepstakes Pro Software suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 0367e750a371cbd79b30049d4c875d91
Doctors Appointment Script SQL Injection
Posted Apr 5, 2017
Authored by Ihsan Sencan

Doctors Appointment Script suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | ccf3a40a1b2265c3ff7b9c3ae88a14e9
Page 1 of 1
Back1Next

File Archive:

November 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    22 Files
  • 2
    Nov 2nd
    28 Files
  • 3
    Nov 3rd
    10 Files
  • 4
    Nov 4th
    1 Files
  • 5
    Nov 5th
    5 Files
  • 6
    Nov 6th
    15 Files
  • 7
    Nov 7th
    15 Files
  • 8
    Nov 8th
    13 Files
  • 9
    Nov 9th
    9 Files
  • 10
    Nov 10th
    9 Files
  • 11
    Nov 11th
    3 Files
  • 12
    Nov 12th
    2 Files
  • 13
    Nov 13th
    15 Files
  • 14
    Nov 14th
    17 Files
  • 15
    Nov 15th
    19 Files
  • 16
    Nov 16th
    15 Files
  • 17
    Nov 17th
    19 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close