Exploit the possiblities
Showing 1 - 15 of 15 RSS Feed

Files Date: 2017-10-18

Suricata IDPE 4.0.1
Posted Oct 18, 2017
Site openinfosecfoundation.org

Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and Barnyard2 tools.

Changes: This is regular bug fix release fixing various issues. Also added is much improved Napatech support.
tags | tool, intrusion detection
systems | unix
MD5 | d05b323b2554e02678dfc896bb7cc6e7
Microsoft Windows GDFMaker 6.3.9600.16384 XXE Injection
Posted Oct 18, 2017
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Microsoft Windows Game Definition File Editor (GDFMaker) version 6.3.9600.16384 suffers from an XML external entity injection vulnerability.

tags | exploit
systems | windows
MD5 | c7d0ae4a7bf14a2d1e2cae2ae115040a
WebKitGTK+ Code Execution / Cookie Handling / Memory Corruption
Posted Oct 18, 2017
Authored by WebKitGTK+ Team

WebKitGTK+ has had numerous security vulnerabilities addressed including arbitrary code execution, memory corruption, cookie theft, and various other issues.

tags | advisory, arbitrary, vulnerability, code execution
advisories | CVE-2017-7081, CVE-2017-7087, CVE-2017-7089, CVE-2017-7090, CVE-2017-7091, CVE-2017-7092, CVE-2017-7093, CVE-2017-7094, CVE-2017-7095, CVE-2017-7096, CVE-2017-7098, CVE-2017-7099, CVE-2017-7100, CVE-2017-7102, CVE-2017-7104, CVE-2017-7107, CVE-2017-7109, CVE-2017-7111, CVE-2017-7117, CVE-2017-7120, CVE-2017-7142
MD5 | 40a14f9ee80a9b6a0dd89788c1f7de76
Apache Solr 7.0.1 XXE Injection / Code Execution
Posted Oct 18, 2017
Authored by Michael Stepankin, Olga Barinova

Apache Solar version 7.0.1 suffers from XML external entity injection and remote code execution vulnerabilities.

tags | exploit, remote, vulnerability, code execution
advisories | CVE-2017-12629
MD5 | c5a11c70eb9d20e9abf2fb6d5efc3959
Hashicorp vagrant-vmware-fusion 4.0.24 Local Root Privilege Escalation
Posted Oct 18, 2017
Authored by Mark Wadham

Hashicorp vagrant-vmware-fusion versions 4.0.24 and below suffer from a local privilege escalation vulnerability. This is the same issue that affected the last version but the vendor failed to properly address the issue.

tags | exploit, local
advisories | CVE-2017-12579
MD5 | 6c5c0f0f63ac31c446e807ee7d596117
Slackware Security Advisory - xorg-server Updates
Posted Oct 18, 2017
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New xorg-server packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues.

tags | advisory
systems | linux, slackware
advisories | CVE-2017-12176, CVE-2017-12177, CVE-2017-12178, CVE-2017-12179, CVE-2017-12180, CVE-2017-12181, CVE-2017-12182, CVE-2017-12183, CVE-2017-12184, CVE-2017-12185, CVE-2017-12186, CVE-2017-12187
MD5 | a5944f967d76efcd420fdad9ca39f446
Slackware Security Advisory - wpa_supplicant Updates
Posted Oct 18, 2017
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New wpa_supplicant packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues.

tags | advisory
systems | linux, slackware
advisories | CVE-2017-13077, CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13082, CVE-2017-13084, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088
MD5 | 5f30c98ca9d6706d0dad1a1ee2ac2c01
Slackware Security Advisory - libXres Updates
Posted Oct 18, 2017
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New libXres packages are available for Slackware 14.1, 14.2, and -current to fix a security issue.

tags | advisory
systems | linux, slackware
advisories | CVE-2013-1988
MD5 | 9b1fcaf6f1c53a47e74bb4db4e95bd71
Red Hat Security Advisory 2017-2913-01
Posted Oct 18, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-2913-01 - Tough-Cookie is a Node.js module that offers RFC6265 Cookies and Cookie Jar. The following packages have been upgraded to a later upstream version: rh-nodejs6-nodejs-tough-cookie. Security Fix: A regular expression denial of service flaw was found in Tough-Cookie. An attacker able to make an application using Touch-Cookie to parse a sufficiently large HTTP request Cookie header could cause the application to consume an excessive amount of CPU.

tags | advisory, web, denial of service
systems | linux, redhat
advisories | CVE-2017-15010
MD5 | 1bb4f60348aca969b49b49177bbb559a
Red Hat Security Advisory 2017-2912-01
Posted Oct 18, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-2912-01 - Tough-Cookie is a Node.js module that offers RFC6265 Cookies and Cookie Jar. The following packages have been upgraded to a later upstream version: rh-nodejs4-nodejs-tough-cookie. Security Fix: Regular expression denial of service flaws were found in Tough-Cookie. An attacker able to make an application using Touch-Cookie to parse a sufficiently large HTTP request Cookie header could cause the application to consume an excessive amount of CPU.

tags | advisory, web, denial of service
systems | linux, redhat
advisories | CVE-2016-1000232, CVE-2017-15010
MD5 | b34cf10bfe50a5eec139fcbdbb2d214d
Red Hat Security Advisory 2017-2911-01
Posted Oct 18, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-2911-01 - The wpa_supplicant packages contain an 802.1X Supplicant with support for WEP, WPA, WPA2, and various EAP authentication methods. They implement key negotiation with a WPA Authenticator for client stations and controls the roaming and IEEE 802.11 authentication and association of the WLAN driver. Security Fix: A new exploitation technique called key reinstallation attacks affecting WPA2 has been discovered. A remote attacker within Wi-Fi range could exploit these attacks to decrypt Wi-Fi traffic or possibly inject forged Wi-Fi packets by manipulating cryptographic handshakes used by the WPA2 protocol.

tags | advisory, remote, protocol
systems | linux, redhat
advisories | CVE-2017-13077, CVE-2017-13078, CVE-2017-13080, CVE-2017-13087
MD5 | 827665e961e348671c6b78cd391318d4
Faraday 2.6.3
Posted Oct 18, 2017
Authored by Francisco Amato | Site github.com

Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use the available tools in the community to take advantage of them in a multiuser way.

Changes: Updated Core Impact plugin to be compatible with 2016 version. Improved loading of fields request and website in Burp Plugin. Improved Nexpose Full plugin. Improved Acunetix plugin to avoid conflicts and missing imported data, and to correctly parse URLs and resolutions.
tags | tool, rootkit
systems | unix
MD5 | b2ee214f83214420e88ea9ae5cf07015
Career Portal 1.0 SQL Injection
Posted Oct 18, 2017
Authored by 8bitsec

Career Portal version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | c35d9e9437faf629db8b4cbdeec660cc
WordPress Car Park Booking SQL Injection
Posted Oct 18, 2017
Authored by 8bitsec

WordPress Car Park Booking plugin suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | eef7c64d55a3975b1e686ced7ec5a15f
Microsoft Security Bulletin CVE Revision Increment For October, 2017
Posted Oct 18, 2017
Site microsoft.com

This Microsoft bulletin summary lists a CVE that has undergone a major revision increment.

tags | advisory
advisories | CVE-2017-13080
MD5 | 640e4002ea6570545ff5107bfaeb02d0
Page 1 of 1
Back1Next

Want To Donate?


Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

File Archive:

January 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    2 Files
  • 2
    Jan 2nd
    13 Files
  • 3
    Jan 3rd
    16 Files
  • 4
    Jan 4th
    39 Files
  • 5
    Jan 5th
    26 Files
  • 6
    Jan 6th
    40 Files
  • 7
    Jan 7th
    2 Files
  • 8
    Jan 8th
    16 Files
  • 9
    Jan 9th
    25 Files
  • 10
    Jan 10th
    28 Files
  • 11
    Jan 11th
    44 Files
  • 12
    Jan 12th
    32 Files
  • 13
    Jan 13th
    2 Files
  • 14
    Jan 14th
    4 Files
  • 15
    Jan 15th
    31 Files
  • 16
    Jan 16th
    0 Files
  • 17
    Jan 17th
    0 Files
  • 18
    Jan 18th
    0 Files
  • 19
    Jan 19th
    0 Files
  • 20
    Jan 20th
    0 Files
  • 21
    Jan 21st
    0 Files
  • 22
    Jan 22nd
    0 Files
  • 23
    Jan 23rd
    0 Files
  • 24
    Jan 24th
    0 Files
  • 25
    Jan 25th
    0 Files
  • 26
    Jan 26th
    0 Files
  • 27
    Jan 27th
    0 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close