exploit the possibilities
Showing 1 - 23 of 23 RSS Feed

Files Date: 2019-01-10

Scapy Packet Manipulation Tool 2.4.2
Posted Jan 10, 2019
Authored by Philippe Biondi | Site secdev.org

Scapy is a powerful interactive packet manipulation tool, packet generator, network scanner, network discovery tool, and packet sniffer. It provides classes to interactively create packets or sets of packets, manipulate them, send them over the wire, sniff other packets from the wire, match answers and replies, and more. Interaction is provided by the Python interpreter, so Python programming structures can be used (such as variables, loops, and functions). Report modules are possible and easy to make. It is intended to do the same things as ttlscan, nmap, hping, queso, p0f, xprobe, arping, arp-sk, arpspoof, firewalk, irpas, tethereal, tcpdump, etc.

Changes: Various updates.
tags | tool, scanner, python
systems | unix
MD5 | c5a7d5eac3b06489ec893ffc548af781
Capstone 4.0.1
Posted Jan 10, 2019
Authored by Nguyen Anh Quynh | Site capstone-engine.org

Capstone is a multi-architecture, multi-platform disassembly framework. It has a simple and lightweight architecture-neutral API, thread-safe by design, provides details on disassembled instruction, and more.

Changes: This release fixes some minor bugs of v4.0, as well as introduces some improvements for Python binding.
tags | tool
systems | unix
MD5 | 1b0a9a0d50d9515dcf7684ce0a2270a4
Adobe Coldfusion 11 CKEditor Arbitrary File Upload
Posted Jan 10, 2019
Authored by Vahagn Vardanian, Pete Freitag de Foundeo, Qazeer | Site metasploit.com

A file upload vulnerability exists in the CKEditor of Adobe ColdFusion 11 (Update 14 and earlier).

tags | exploit, file upload
advisories | CVE-2018-15961
MD5 | 1295c307779f896cb864d27811f2dbd7
PEAR Archive_Tar PHP Object Injection
Posted Jan 10, 2019
Authored by farisv

PEAR Archive_Tar versions prior to 1.4.4 suffers from a php object injection vulnerability.

tags | exploit, php
advisories | CVE-2018-1000888
MD5 | 301d1addd2f16d82750f17ee54102420
eBrigade ERP 4.5 Arbitrary File Download
Posted Jan 10, 2019
Authored by Ozkan Mustafa Akkus

eBrigade ERP version 4.5 suffers from an arbitrary file download vulnerability.

tags | exploit, arbitrary, info disclosure
MD5 | 8bc43e99087544d6ef0f5bd9aa68c798
OpenSource ERP 6.3.1 SQL Injection
Posted Jan 10, 2019
Authored by Emre OVUNC

OpenSource ERP version 6.3.1 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2019-5893
MD5 | 2a268368407198705d6a03bfeb1b4838
eBrigade ERP 4.5 SQL Injection
Posted Jan 10, 2019
Authored by Ihsan Sencan

eBrigade ERP version 4.5 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | b180de8386dbc7acc0a308fff06986cf
Event Locations 1.0.1 SQL Injection
Posted Jan 10, 2019
Authored by Ihsan Sencan

Event Locations version 1.0.1 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | e61e131206faa7a2e852953b5f4bcc01
Event Calendar 3.7.4 SQL Injection
Posted Jan 10, 2019
Authored by Ihsan Sencan

Event Calendar version 3.7.4 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 15e4e6bf74803944e724260356ab257d
Matrix MLM Script 1.0 Information Disclosure
Posted Jan 10, 2019
Authored by Ihsan Sencan

Matrix MLM Script version 1.0 suffers from an information leakage vulnerability.

tags | exploit, info disclosure
MD5 | 7b885b116aefc258a9d8f2ea21a6a7c9
doitX 1.0 SQL Injection
Posted Jan 10, 2019
Authored by Ihsan Sencan

doitX version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | eeefe90ea7fd49acf9c4d504df54e8de
Matrix MLM Script 1.0 SQL Injection
Posted Jan 10, 2019
Authored by Ihsan Sencan

Matrix MLM Script version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 26a0bef0a18bd46278311177953d0b5c
Architectural CMS 1.0 SQL Injection
Posted Jan 10, 2019
Authored by Ihsan Sencan

Architectural CMS version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 498e009856d1a49b06311826be376cd7
Shield CMS 2.2 Cross Site Request Forgery / SQL Injection
Posted Jan 10, 2019
Authored by Ihsan Sencan

Shield CMS version 2.2 suffers from cross site request forgery and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection, csrf
MD5 | 2160f72b93bec055401fe6ae4869430f
RGui 3.5.0 Buffer Overflow
Posted Jan 10, 2019
Authored by bzyo

RGui version 3.5.0 suffers from a buffer overflow vulnerability.

tags | exploit, overflow
MD5 | b33970f0cfa73cea735f5f0d172da94d
Ubuntu Security Notice USN-3854-1
Posted Jan 10, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3854-1 - A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.

tags | advisory, remote, web, denial of service, arbitrary, javascript, code execution, xss
systems | linux, ubuntu
advisories | CVE-2018-4437
MD5 | f8474b7b46329623febcb7514c73d299
Hodorsec Linux Binary Encryption Utility
Posted Jan 10, 2019
Authored by Hodorsec

This archive contains a Linux x86/x64 payload AES-128 CBC encrypter and payload decrypter/runner.

tags | tool, x86
systems | linux, unix
MD5 | 5a5ac347d6ff823061529155881b38a8
Ubuntu Security Notice USN-3852-1
Posted Jan 10, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3852-1 - It was discovered that Exiv2 incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service. CVE-2017-9239 only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2017-11591, CVE-2017-14864, CVE-2017-17669, CVE-2017-9239, CVE-2018-1758, CVE-2018-17581
MD5 | 2d2b8c5b592712349927164a5836b956
Ubuntu Security Notice USN-3853-1
Posted Jan 10, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3853-1 - Ben Fuhrmannek discovered that GnuPG incorrectly handled Web Key Directory lookups. A remote attacker could possibly use this issue to cause a denial of service, or perform Cross-Site Request Forgery attacks.

tags | advisory, remote, web, denial of service, csrf
systems | linux, ubuntu
advisories | CVE-2018-1000858
MD5 | 9dff487091705ecddb0783a58af51804
Google Chrome V8 JavaScript Engine 71.0.3578.98 Memory Exhaustion
Posted Jan 10, 2019
Authored by Bogdan Kurinnoy

Google Chrome V8 JavaScript Engine version 71.0.3578.98 has an out-of-memory in invalid array length denial of service vulnerability.

tags | exploit, denial of service, javascript
MD5 | 9238cf2c2f6c3d4798813d47b4515b14
Packet Fence 8.3.0
Posted Jan 10, 2019
Site packetfence.org

PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.

Changes: Added support for Juniper EX2300 (JUNOS 18.2) switches. Added a random algorithm for VLAN pooling. Added the ability to reserve IP addresses in pfdhcp. Added a way to trigger a violation when device profiling detects a change in the device class. Various other additions.
tags | tool, remote
systems | unix
MD5 | 8c7af97cb60c4fdba7cbf0fe540a08e5
Ubuntu Security Notice USN-3851-1
Posted Jan 10, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3851-1 - It was discovered that Django incorrectly handled the default 404 page. A remote attacker could use this issue to spoof content using a malicious URL.

tags | advisory, remote, spoof
systems | linux, ubuntu
advisories | CVE-2019-3498
MD5 | 2d5950123f9a670fa08c8a5cb6410857
Cisco VoIP Script Insertion / Weak Passwords / Undocumented Functionality
Posted Jan 10, 2019
Authored by W. Schober | Site sec-consult.com

Cisco VoIP phone such as models 88XX suffer from script insertion, weak and hard-coded passwords, undocumented debug functionality, and various outdated components with known vulnerabilities.

tags | exploit, vulnerability
systems | cisco
advisories | CVE-2018-0461
MD5 | 58d3ffb956311c84e54d85560df06007
Page 1 of 1
Back1Next

File Archive:

February 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    22 Files
  • 2
    Feb 2nd
    9 Files
  • 3
    Feb 3rd
    2 Files
  • 4
    Feb 4th
    15 Files
  • 5
    Feb 5th
    50 Files
  • 6
    Feb 6th
    24 Files
  • 7
    Feb 7th
    15 Files
  • 8
    Feb 8th
    6 Files
  • 9
    Feb 9th
    1 Files
  • 10
    Feb 10th
    1 Files
  • 11
    Feb 11th
    22 Files
  • 12
    Feb 12th
    25 Files
  • 13
    Feb 13th
    16 Files
  • 14
    Feb 14th
    32 Files
  • 15
    Feb 15th
    15 Files
  • 16
    Feb 16th
    10 Files
  • 17
    Feb 17th
    0 Files
  • 18
    Feb 18th
    0 Files
  • 19
    Feb 19th
    0 Files
  • 20
    Feb 20th
    0 Files
  • 21
    Feb 21st
    0 Files
  • 22
    Feb 22nd
    0 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close