Twenty Year Anniversary
Showing 1 - 15 of 15 RSS Feed

Files Date: 2018-10-05

Clam AntiVirus Toolkit 0.100.2
Posted Oct 5, 2018
Authored by Tomasz Kojm | Site clamav.net

Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a command-line scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.

Changes: Various updates. See changelog.
tags | tool, virus
systems | unix
MD5 | 253dd79dd57da759567e42543a569c5c
Claromentis Discuss 1.2.1 Cross Site Scripting
Posted Oct 5, 2018
Authored by David Vargas

Claromentis Discuss module version 1.2.1 suffers from a stored cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2018-15903
MD5 | f8fbe622595d04e4b37fac94f93ea9d0
Unitrends UEB HTTP API Remote Code Execution
Posted Oct 5, 2018
Authored by h00die, Benny Husted, Cale Smith, Jared Arave | Site metasploit.com

It was discovered that the api/storage web interface in Unitrends Backup (UB) before 10.0.0 has an issue in which one of its input parameters was not validated. A remote attacker could use this flaw to bypass authentication and execute arbitrary commands with root privilege on the target system. UEB v9 runs the api under root privileges and api/storage is vulnerable. UEB v10 runs the api under limited privileges and api/hosts is vulnerable.

tags | exploit, remote, web, arbitrary, root
advisories | CVE-2017-12478, CVE-2018-6328
MD5 | a0e08b19c154dc12f718909d936f193c
Zahir Enterprise Plus 6 Stack Buffer Overflow
Posted Oct 5, 2018
Authored by modpr0be, f3ci | Site metasploit.com

This Metasploit module exploits a stack buffer overflow in Zahir Enterprise Plus version 6 build 10b and below. The vulnerability is triggered when opening a CSV file containing CR/LF and overly long string characters via Import from other File. This results in overwriting a structured exception handler record.

tags | exploit, overflow
advisories | CVE-2018-17408
MD5 | cfd4757165bcf0b8e10de824abd789c6
ISDF 2018 Call For Papers
Posted Oct 5, 2018
Authored by ISDF2018 | Site sdiwc.net

The Fourth International Conference on Information Security and Digital Forensics Call For Papers has been announced. It will take place at the Metropolitan College, Thessaloniki, Greece December 7th through the 9th, 2018.

tags | paper, conference
MD5 | e5581c81abd536268bde61b66a8581d3
Ceaser Cypher Single Byte Payload Encryption
Posted Oct 5, 2018
Authored by Jonathan Loveless

This program takes a payload and does a single offset on the payload (ceaser cypher encryption) and allows you to take the payload and decrypt and execute it in memory to bypass signature detection of currently detectable payloads.

tags | tool, shellcode
MD5 | c2e2103453482744e4d3fa4363c45945
Navigate CMS Unauthenticated Remote Code Execution
Posted Oct 5, 2018
Authored by Pyriphlegethon | Site metasploit.com

This Metasploit module exploits insufficient sanitization in the database::protect method, of Navigate CMS versions 2.8 and prior, to bypass authentication. The module then uses a path traversal vulnerability in navigate_upload.php that allows authenticated users to upload PHP files to arbitrary locations. Together these vulnerabilities allow an unauthenticated attacker to execute arbitrary PHP code remotely. This Metasploit module was tested against Navigate CMS 2.8.

tags | exploit, arbitrary, php, vulnerability
advisories | CVE-2018-17552, CVE-2018-17553
MD5 | da3b2bf872655ae3a17ea15d8ed164aa
Netis ADSL Router DL4322D RTK 2.1.1 Cross Site Request Forgery
Posted Oct 5, 2018
Authored by Cakes

Netis ADSL Router DL4322D RTK 2.1.1 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | 610b8e0979a26b0265d52c13cd87df5e
Windows Net-NTLMv2 Reflection DCOM/RPC
Posted Oct 5, 2018
Authored by Mumbai, breenmachine, FoxGloveSec | Site metasploit.com

This Metasploit module utilizes the Net-NTLMv2 reflection between DCOM/RPC to achieve a SYSTEM handle for elevation of privilege. Currently the module does not spawn as SYSTEM, however once achieving a shell, one can easily use incognito to impersonate the token.

tags | exploit, shell
advisories | CVE-2016-3225
MD5 | 1a7e8a734c23473ecf8326f09bd374aa
Linux Kernel PTR Leak Via BPF
Posted Oct 5, 2018
Authored by Jann Horn, Google Security Research

The Linux kernel suffers from a ptr leak via BPF due to a broken subtraction check.

tags | exploit, kernel
systems | linux
MD5 | 3c1a45fa16b073a790adbcf32e65e7e7
WordPress Penetration Testing Using WPScan And Metasploit
Posted Oct 5, 2018
Authored by Behrouz Mansoori

Whitepaper called WordPress Penetration Testing Using WPScan and Metasploit. Written in English.

tags | paper
MD5 | 895afd8fb205d1c465066697456d034b
Chamilo LMS 1.11.8 Cross Site Scripting
Posted Oct 5, 2018
Authored by Cakes

Chamilo LMS version 1.11.8 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 34337fc4361af47aecbca2e1795141fc
Chrome OS /sbin/crash_reporter Symlink Traversal
Posted Oct 5, 2018
Authored by Jann Horn, Google Security Research

Chrome OS suffers from a /sbin/crash_reporter symlink traversal vulnerability.

tags | exploit
MD5 | c687c89c005c3b62a720e1c1f587693f
Easy File Sharing Web Server 7.2 Domain Name Buffer Overflow
Posted Oct 5, 2018
Authored by ZwX

Easy File Sharing Web Server version 7.2 suffers from a domain name buffer overflow vulnerability.

tags | exploit, web, overflow
MD5 | 0d3cc7fc1bb84f794d1756a2f00f68bd
WordPress Security
Posted Oct 5, 2018
Authored by Behrouz Mansoori

This is a whitepaper that provides an overview on WordPress Security. Written in Persian.

tags | paper
MD5 | 435d0d9d605b6700d89a567491f0e445
Page 1 of 1
Back1Next

File Archive:

October 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    26 Files
  • 2
    Oct 2nd
    15 Files
  • 3
    Oct 3rd
    15 Files
  • 4
    Oct 4th
    15 Files
  • 5
    Oct 5th
    15 Files
  • 6
    Oct 6th
    2 Files
  • 7
    Oct 7th
    3 Files
  • 8
    Oct 8th
    23 Files
  • 9
    Oct 9th
    16 Files
  • 10
    Oct 10th
    15 Files
  • 11
    Oct 11th
    19 Files
  • 12
    Oct 12th
    16 Files
  • 13
    Oct 13th
    2 Files
  • 14
    Oct 14th
    2 Files
  • 15
    Oct 15th
    15 Files
  • 16
    Oct 16th
    20 Files
  • 17
    Oct 17th
    19 Files
  • 18
    Oct 18th
    21 Files
  • 19
    Oct 19th
    16 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close