accept no compromises
Showing 1 - 19 of 19 RSS Feed

Files Date: 2017-04-06

Samhain File Integrity Checker 4.2.1
Posted Apr 6, 2017
Authored by Rainer Wichmann | Site samhain.sourceforge.net

Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.

Changes: Various updates.
tags | tool, tcp, intrusion detection
systems | linux, unix, solaris, aix, hpux, unixware
MD5 | 40fdc9d20233e6c63da2ecd3a623fbe2
Apple Security Advisory 2017-04-04-1
Posted Apr 6, 2017
Authored by Apple | Site apple.com

Apple Security Advisory 2017-04-04-1 - Apple Music 2.0 for Android is now available and addresses a certificate validation issue.

tags | advisory
systems | apple
advisories | CVE-2017-2387
MD5 | 9f11f66b27eed86f631942da657aba56
Cambium SNMP Access Controls
Posted Apr 6, 2017
Authored by Karn Ganeshen

Cambium products suffer from SNMP access control issues that may allow for unauthorized changes to the device configuration. Models affected include Cambium ePMP 1000, Cambium ePMP 2000, Cambium PMP XXX, and Cambium ForceXXX models.

tags | exploit, bypass
MD5 | 554ca0450724f285790b803edba59020
From Zero to ZeroDay Journey: Router Hacking
Posted Apr 6, 2017
Authored by Leon Juranic

Whitepaper called From Zero to ZeroDay Journey: Router Hacking (WRT54GL Linksys Case).

tags | paper
MD5 | db1a8ee4cfe26b0939e229c55041d19f
Asterisk Project Security Advisory - AST-2017-001
Posted Apr 6, 2017
Authored by Kevin Harwell | Site asterisk.org

Asterisk Project Security Advisory - No size checking is done when setting the user field on a CDR. Thus, it is possible for someone to use an arbitrarily large string and write past the end of the user field storage buffer. This allows the possibility of remote code injection.

tags | advisory, remote
MD5 | 846effee380705e0cfaa9ddc9c3ff479
SenNet Data Logger / Electricity Meter Code Execution
Posted Apr 6, 2017
Authored by Karn Ganeshen

SenNet data logger and electricity meter appliances suffer from insecure configuration and OS command injection vulnerabilities.

tags | exploit, vulnerability
MD5 | 5ed44024950355678f2a08408a51601d
Sistemi Winlog SCADA Software DLL Hijacking
Posted Apr 6, 2017
Authored by Karn Ganeshen

Sielco Sistemi Winlog SCADA Software versions prior to 3.02.01 suffer from a dll hijacking vulnerability.

tags | exploit
systems | windows
advisories | CVE-2017-5161
MD5 | aeab43959e2123f0d35c8a06fcd50a72
VMU-C CSRF / XSS / Access Control
Posted Apr 6, 2017
Authored by Karn Ganeshen

The VMU-C webserver suffers from cross site request forgery, cross site scripting, access control, weak credential management, and insecure storage vulnerabilities. VMU-C EM prior to firmware Version A11_U05 and VMU-C PV prior to firmware Version A17 are affected.

tags | advisory, vulnerability, xss, info disclosure, csrf
advisories | CVE-2017-5144, CVE-2017-5145, CVE-2017-5146
MD5 | 07e16456b846d15782e24a428bd71425
WordPress Firewall 2 1.3 Cross Site Request Forgery / Cross Site Scripting
Posted Apr 6, 2017
Authored by Tom Adams

WordPress Firewall 2 version 1.3 suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
MD5 | 9cba4da0c8d9e5bdf1580330f2044878
QNAP QTS Remote Command Injection
Posted Apr 6, 2017
Authored by Harry Sintonen

QNAP QTS suffers from multiple command injection vulnerabilities.

tags | exploit, vulnerability
advisories | CVE-2017-6359, CVE-2017-6360, CVE-2017-6361
MD5 | 8a60f0133f5885926f3653003951a642
Apache Tomcat 7.0.76 Directory Traversal
Posted Apr 6, 2017
Authored by DefenseCode

Apache Tomcat version 7.0.76 suffers from a directory traversal vulnerability.

tags | exploit
MD5 | 1e538bcf61ae8964acad592471f749a1
LAquis SCADA 4.1 Access Control
Posted Apr 6, 2017
Authored by Karn Ganeshen

LAquis SCADA version 4.1 suffers from access control issues.

tags | advisory, bypass
advisories | CVE-2017-6016
MD5 | ceb0e533f4ea33ad349ea2f06a537f58
DragonWave Horizon 1.01.03 Hardcoded Credentials
Posted Apr 6, 2017
Authored by Ian Ling

DragonWave Horizon version 1.01.03 suffers from having hardcoded credentials embedded in the device.

tags | advisory
MD5 | 75288bf520b969143ef79b2a1368c8f3
Apple Music Android Application Man-In-The-Middle
Posted Apr 6, 2017
Authored by David Coomber

The Apple Music Android application (version 1.2.1 and below) does not validate the SSL certificate received when connecting to the mobile application login and payment servers.

tags | advisory
systems | apple
advisories | CVE-2017-2387
MD5 | 77f6d3bf2a4d79ba1870023309aa385e
iPlatinum iOneView Cross Site Scripting
Posted Apr 6, 2017
Authored by Patrick Webster

iPlatinum iOneView suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 3f9fed4ce85ee1fede4977bc23ef4a4a
Moodle 2.4.10 / 2.5.6 / 2.6.3 / 2.7 Account Information Disclosure
Posted Apr 6, 2017
Authored by Patrick Webster

Moodle versions 2.7 and earlier suffer from a vulnerability that discloses the account name for a specified profile ID.

tags | exploit, info disclosure
MD5 | 3e167578263db5e084328661c2ca6f40
DAVOSET 1.3.1
Posted Apr 6, 2017
Authored by MustLive

DAVOSET is a tool for committing distributed denial of service attacks using execution on other sites.

Changes: New services added into list of zombies. Non-working services removed. Security bypass added by using cookies are appropriate sites.
tags | tool, denial of service
MD5 | 6bccdf94dc473d5e07af715976147182
Schneider Hardcoded Password
Posted Apr 6, 2017
Authored by Ralf Spenneberg, Hendrik Schwartke, Simon Heming, Maik Bruggemann

The password for the project protection of the Schneider Modicon TM221CE16R is hard-coded and cannot be changed.

tags | exploit
MD5 | eabeef29ad59458466fadb54b45f08c9
Windows 10 x64 Egghunter Shellcode
Posted Apr 6, 2017
Authored by Peter Baris

45 bytes small Windows 10 x64 egghunter shellcode.

tags | shellcode
systems | windows
MD5 | 6552b6fbb3c0d7d45075d31bac77a69e
Page 1 of 1
Back1Next

File Archive:

September 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    5 Files
  • 2
    Sep 2nd
    5 Files
  • 3
    Sep 3rd
    3 Files
  • 4
    Sep 4th
    13 Files
  • 5
    Sep 5th
    16 Files
  • 6
    Sep 6th
    15 Files
  • 7
    Sep 7th
    20 Files
  • 8
    Sep 8th
    16 Files
  • 9
    Sep 9th
    4 Files
  • 10
    Sep 10th
    2 Files
  • 11
    Sep 11th
    15 Files
  • 12
    Sep 12th
    19 Files
  • 13
    Sep 13th
    20 Files
  • 14
    Sep 14th
    38 Files
  • 15
    Sep 15th
    31 Files
  • 16
    Sep 16th
    1 Files
  • 17
    Sep 17th
    7 Files
  • 18
    Sep 18th
    15 Files
  • 19
    Sep 19th
    40 Files
  • 20
    Sep 20th
    8 Files
  • 21
    Sep 21st
    1 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close