exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 16 of 16 RSS Feed

Files Date: 2015-06-12 to 2015-06-13

FreeBSD Security Advisory - OpenSSL
Posted Jun 12, 2015
Site security.freebsd.org

FreeBSD Security Advisory - A vulnerability in the TLS protocol would allow a man-in-the-middle attacker to downgrade vulnerable TLS connections using ephemeral Diffie-Hellman key exchange to 512-bit export-grade cryptography. This vulnerability is also known as Logjam. When processing an ECParameters structure OpenSSL enters an infinite loop if the curve specified is over a specially malformed binary polynomial field. When verifying a signedData message the CMS code can enter an infinite loop if presented with an unknown hash function OID. Various other issues have also been addressed.

tags | advisory, protocol
systems | freebsd
advisories | CVE-2015-1788, CVE-2015-1789, CVE-2015-1790, CVE-2015-1791, CVE-2015-1792, CVE-2015-4000
SHA-256 | 0f31d8be8e851db5b69fa3df18252499edec9d5d973028af8019e2d1dedd741b
ZENWorks Mobile Management 3.1.0 Cross Site Scripting
Posted Jun 12, 2015
Authored by Ludwig Stage | Site syss.de

ZENWorks Mobile Management version 3.1.0 suffers from cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 4bbde26ce7965cf1887a851e3e9618d8219aa196922007ddf099b40bc39424d9
ZCMS 1.1 Cross Site Scripting / SQL Injection
Posted Jun 12, 2015
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

ZCMS version 1.1 suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
advisories | CVE-2015-7346, CVE-2015-7347
SHA-256 | 48b7985536c829c68f8c273b6cbb3c70ba81616e23a0a6717f970b9388c773f3
Slackware Security Advisory - openssl Updates
Posted Jun 12, 2015
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New openssl packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix security issues.

tags | advisory
systems | linux, slackware
advisories | CVE-2015-1788, CVE-2015-1789, CVE-2015-1790, CVE-2015-1791, CVE-2015-1792
SHA-256 | 2962493df3bab04e6da05c5a3ab7712dc75bd67fbb5d58875167e328474e2492
Slackware Security Advisory - php Updates
Posted Jun 12, 2015
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New php packages are available for Slackware 14.0, 14.1, and -current to fix security issues.

tags | advisory, php
systems | linux, slackware
advisories | CVE-2006-7243, CVE-2015-2325, CVE-2015-2326, CVE-2015-4021, CVE-2015-4022, CVE-2015-4024, CVE-2015-4025, CVE-2015-4026
SHA-256 | d46bff1ad8715f8db73bf3d6deb2ea0641bf605d7e81b4b90da0ea972c16a264
OpenSSL Toolkit 1.0.2b
Posted Jun 12, 2015
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.

Changes: Infinite loop on malformed ECParameters structure addressed. PKCS7 crash addressed. Various other issues addressed.
tags | tool, encryption, protocol
systems | unix
advisories | CVE-2015-1788, CVE-2015-1789, CVE-2015-1790, CVE-2015-1791, CVE-2015-1792
SHA-256 | d5d488cc9f0a07974195a7427094ea3cab9800a4e90178b989aa621fbc238e3f
TOR Virtual Network Tunneling Tool 0.2.6.9
Posted Jun 12, 2015
Authored by Roger Dingledine | Site tor.eff.org

Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).

Changes: Tor 0.2.6.9 fixes a regression in the circuit isolation code, increases the requirements for receiving an HSDir flag, and addresses some other small bugs in the systemd and sandbox code. Clients using circuit isolation should upgrade; all directory authorities should upgrade.
tags | tool, remote, local, peer2peer
systems | unix
SHA-256 | 4a6c29ad89a98d7832c599d9480d6d8e55355fb3b8f4b506c5df557f15942f9c
Concrete5 5.7.4 SQL Injection
Posted Jun 12, 2015
Authored by EgiX

Concrete5 versions 5.7.4 and below suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 09135e38d13882eebea77629d624025c3928967909de59178c537978dfc7e7ac
Concrete5 5.7.3.1 Cross Site Scripting
Posted Jun 12, 2015
Authored by EgiX

Concrete5 versions 5.7.3.1 and below suffer from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 5a6ef1506e51dfe8f5c743d4ac107de78835ad514c929a0dbd4c1e19c02acdda
Nakid CMS CSRF / XSS / Local File Inclusion
Posted Jun 12, 2015
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Nakid CMS suffers from cross site request forgery, cross site scripting, and local file inclusion vulnerabilities.

tags | exploit, local, vulnerability, xss, file inclusion, csrf
SHA-256 | 213644d6e877f9fa9f9a49e5bc61b7ee71f973106f713dd2bf637428e4c5a084
Concrete5 5.7.3.1 sendmail Remote Code Execution
Posted Jun 12, 2015
Authored by EgiX

Concrete5 versions 5.7.3.1 and below suffers from a sendmail-related remote code execution vulnerability.

tags | exploit, remote, code execution
SHA-256 | 2738129737c2ca9db8afcb24d75b7688377742b1d8ad9da2b2e8397c4bd6faed
HP WebInspect 10.4 XML External Entity
Posted Jun 12, 2015
Authored by Jakub Palaczynski

HP WebInspect versions 7.x, 8.x, 9.x, and 10.0 through 10.4 suffer from an XML external entity vulnerability.

tags | exploit, xxe
advisories | CVE-2015-2125
SHA-256 | 44df7fcf639b2f66354665111858dd4bced1a796a547d6fed87ff5cd8eccb16d
D-Link DSP-W110 Command Execution / SQL Injection / File Upload
Posted Jun 12, 2015
Authored by Peter Adkins

D-Link DSP-W110 suffers from command execution, remote file upload, and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection, file upload
SHA-256 | 987c2150fb283efdb56ad6e1fe865f4be1e2dd33aa09a56da9ad840d2f12fcee
OSSEC 2.8.1 Local Root Escalation
Posted Jun 12, 2015
Authored by Andrew Widdersheim

OSSEC versions 2.7 through 2.8.1 suffer from a local root escalation vulnerability.

tags | exploit, local, root
advisories | CVE-2015-3222
SHA-256 | da7900816ec1317c697a05427f893356afcf036cd0b4650baf2f3a1691906bca
WordPress Paypal Currency Converter Basic For Woocommerce 1.3 File Read
Posted Jun 12, 2015
Authored by Kuroi SH

WordPress Paypal Currency Converter Basic For Woocommerce plugin version 1.3 suffers from a remote file read vulnerability.

tags | exploit, remote
SHA-256 | e04dd5ea02115e46a5cc0fb22ba122f16b77c65143a6298895abb799aa17cfc8
WordPress History Collection 1.1.1 Arbitrary File Download
Posted Jun 12, 2015
Authored by Kuroi SH

WordPress History Collection versions 1.1.1 and below suffers from an arbitrary file download vulnerability.

tags | exploit, arbitrary
SHA-256 | 292b146038de272d4fe5d399d89090da275db148602fb4c38a8f1875b905c077
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close