what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 76 - 100 of 379 RSS Feed

Files Date: 2015-06-01 to 2015-06-30

Microsoft Windows ClientCopyImage Improper Object Handling
Posted Jun 22, 2015
Authored by temp66, OJ Reeves, hfirefox | Site metasploit.com

This Metasploit module exploits improper object handling in the win32k.sys kernel mode driver. This Metasploit module has been tested on vulnerable builds of Windows 7 x64 and x86, and Windows 2008 R2 SP1 x64.

tags | exploit, x86, kernel
systems | windows
advisories | CVE-2015-1701
SHA-256 | 1b4009bd1a5cf1594526be1c3c92cca6c5d12b793c2e559d0e4e7218d3be8242
Tor-ramdisk i686 UClibc-based Linux Distribution x86 20150616
Posted Jun 22, 2015
Authored by Anthony G. Basile | Site opensource.dyc.edu

Tor-ramdisk is an i686 uClibc-based micro Linux distribution whose only purpose is to host a Tor server in an environment that maximizes security and privacy. Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. Security is enhanced by employing a monolithically compiled GRSEC/PAX patched kernel and hardened system tools. Privacy is enhanced by turning off logging at all levels so that even the Tor operator only has access to minimal information. Finally, since everything runs in ephemeral memory, no information survives a reboot, except for the Tor configuration file and the private RSA key which may be exported/imported by FTP. x86_64 version.

Changes: Bumped to Tor release 0.2.6.9.
tags | tool, kernel, peer2peer
systems | linux
SHA-256 | e9b2744e72d379892672beb28e25af9cc5ddf048392a6bd23c37809b744cd7fe
OpenSCAP Libraries 1.2.4
Posted Jun 22, 2015
Site open-scap.org

The openscap project is a set of open source libraries that support the SCAP (Security Content Automation Protocol) set of standards from NIST. It supports CPE, CCE, CVE, CVSS, OVAL, and XCCDF.

Changes: OVAL 5.11 support 99.8% completed! Added Scientific Linux CPEs. Added oscap-docker tool. Various other updates and improvements.
tags | protocol, library
systems | unix
SHA-256 | 7105949900d8c8fc87644b07131fe4557c4bc0514a5dc6567edf5b2295a9fc31
Gentoo Linux Security Advisory 201506-04
Posted Jun 22, 2015
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201506-4 - Multiple vulnerabilities have been fixed in Chromium, the worst of which can cause arbitrary remote code execution. Versions less than 43.0.2357.65 are affected.

tags | advisory, remote, arbitrary, vulnerability, code execution
systems | linux, gentoo
advisories | CVE-2015-1233, CVE-2015-1234, CVE-2015-1235, CVE-2015-1236, CVE-2015-1237, CVE-2015-1238, CVE-2015-1240, CVE-2015-1241, CVE-2015-1242, CVE-2015-1243, CVE-2015-1244, CVE-2015-1245, CVE-2015-1246, CVE-2015-1247, CVE-2015-1248, CVE-2015-1250, CVE-2015-1251, CVE-2015-1252, CVE-2015-1253, CVE-2015-1254, CVE-2015-1255, CVE-2015-1256, CVE-2015-1257, CVE-2015-1258, CVE-2015-1259, CVE-2015-1260, CVE-2015-1262, CVE-2015-1263
SHA-256 | 957476c058c044db28e980b30ae0cae33a242da1ea10d77234f3541a8006016c
Ubuntu Security Notice USN-2651-1
Posted Jun 22, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2651-1 - Jakub Wilk discovered that GNU patch did not correctly handle file paths in patch files. An attacker could specially craft a patch file that could overwrite arbitrary files with the privileges of the user invoking the program. This issue only affected Ubuntu 12.04 LTS. Laszlo Boszormenyi discovered that GNU patch did not correctly handle some patch files. An attacker could specially craft a patch file that could cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2010-4651, CVE-2014-9637, CVE-2015-1196, CVE-2015-1395, CVE-2015-1396
SHA-256 | e43ff81e4eac19b638143530ecd655f45f29338ebb1060483b4634127142c235
Gentoo Linux Security Advisory 201506-03
Posted Jun 22, 2015
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201506-3 - Multiple vulnerabilities have been fixed in GnuTLS, the worst of which can cause Denial of Service. Versions less than 3.3.15 are affected.

tags | advisory, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2015-3308
SHA-256 | 0adfa249575677c9d1c80449549fb0e096bbb61f049168a097fb63ed6f005d71
GeniXCMS 0.0.3 Cross Site Scripting
Posted Jun 22, 2015
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

GeniXCMS version 0.0.3 suffers from reflective and persistent cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2015-5066
SHA-256 | ff313547076a385010a0388e8090baf724db16c86726dcf25cf49f517e03e6e9
Gentoo Linux Security Advisory 201506-02
Posted Jun 22, 2015
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201506-2 - Multiple vulnerabilities have been found in OpenSSL that can result in either Denial of Service or information disclosure. Versions less than 1.0.1o are affected.

tags | advisory, denial of service, vulnerability, info disclosure
systems | linux, gentoo
advisories | CVE-2014-8176, CVE-2015-1788, CVE-2015-1789, CVE-2015-1790, CVE-2015-1791, CVE-2015-1792, CVE-2015-4000
SHA-256 | b959832120295fdb5bd555f5691546a5d3d9c082cbb839a74bf11f43345d673f
KMPlayer 3.9.1.136 Buffer Overflow
Posted Jun 22, 2015
Authored by Naser Farhadi

KMPlayer version 3.9.1.136 capture unicode buffer overflow with ASLR bypass.

tags | exploit, overflow
SHA-256 | 2839a962a1c9141ad1a237627223860d9b437a87fad0900b00a60f3e119b8993
CUPS XSS / String Handling / Improper Teardown
Posted Jun 22, 2015
Authored by Google Security Research

CUPS versions prior to 2.0.3 suffers from improper teardown and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2015-1158, CVE-2015-1159
SHA-256 | db8fd44b429f5efa8ee12d1dc6642d89f935862eccf6819e967b27dda65afd5a
ManageEngine Asset Explorer 6.1 Cross Site Scripting
Posted Jun 22, 2015
Authored by Vulnerability Laboratory, Alain Homewood | Site vulnerability-lab.com

ManageEngine Asset Explorer version 6.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 22a17aa937ccf964e96c88e5892c722b2bea044a4c82a4739419702d6e36d718
Ubuntu Security Notice USN-2640-2
Posted Jun 22, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2640-2 - The Fix for CVE-2015-1328 introduced a regression into the Linux kernel's overlayfs file system. The removal of a directory that only exists on the lower layer results in a kernel panic. Philip Pettersson discovered a privilege escalation when using overlayfs mounts inside of user namespaces. A local user could exploit this flaw to gain administrative privileges on the system. Various other issues were also addressed.

tags | advisory, kernel, local
systems | linux, ubuntu
SHA-256 | 697723b7199c741ae728da226f5bebcdcee68c66ea47a4362db06cd672ac6bf3
Linux/x86 mkdir / chmod Shellcode
Posted Jun 22, 2015
Authored by B3mB4m

29 bytes small mkdir HACK and chmod 777 and exit(0) shellcode.

tags | shellcode
SHA-256 | 7e4f76745a4a18bf209987c7fed55be4df47c18655fd51ab200f288f5b53157a
MySQL Lite Administrator Beta 1 Cross Site Scripting
Posted Jun 22, 2015
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

MySQL Lite Administrator version Beta 1 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, sql injection, add administrator
advisories | CVE-2015-5064
SHA-256 | 22e45557bdd5891450a60cc931c906cf5ba0d0604bd539d0826cc6689d1c1fa9
Zurmo CRM 3.0.2 Cross Site Scripting
Posted Jun 22, 2015
Authored by Provensec

Zurmo CRM version 3.0.2 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | b2542c507f34d80b4f84194b95281d6052024b7288453da30fcf989523252891
PHPWCMS 1.5.4 Cross Site Request Forgery
Posted Jun 22, 2015
Authored by Provensec

PHPWCMS version 1.5.4 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | 1046ce106cdd2916a9cfc71edf099e976203abb3d5850f12d20df43b99c303ca
White Way Systems SQL Injection
Posted Jun 21, 2015
Authored by Shelesh Rauthan

Sites developed by White Way Systems suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 2711db212fd821bdf5fc0bd539ab07d9089b0f3c6545cadf56b35a39b330a06c
Gentoo Linux Security Advisory 201506-01
Posted Jun 21, 2015
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201506-1 - Multiple vulnerabilities have been found in Adobe Flash Player, the worst of which allows remote attackers to execute arbitrary code. Versions less than 11.2.202.466 are affected.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2015-3096, CVE-2015-3097, CVE-2015-3098, CVE-2015-3099, CVE-2015-3100, CVE-2015-3101, CVE-2015-3102, CVE-2015-3103, CVE-2015-3104, CVE-2015-3105, CVE-2015-3106, CVE-2015-3107, CVE-2015-3108, CVE-2015-4472
SHA-256 | 36dce6b22065c49f042cfb2fdc6d8713a73b6834f0c321a35035a7f6002d7abd
Why Web Developments SQL Injection
Posted Jun 21, 2015
Authored by Shelesh Rauthan

Sites developed by Why Web Developments suffer from a remote SQL injection vulnerability.

tags | exploit, remote, web, sql injection
SHA-256 | 96c47ccd58b0110498b89fc2e837db40a6dc3a9ba624c10e5ef5c2807336bf90
Ubuntu Security Notice USN-2646-2
Posted Jun 21, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2646-2 - The Fix for CVE-2015-1328 introduced a regression into the Linux kernel's overlayfs file system. The removal of a directory that only exists on the lower layer results in a kernel panic. Philip Pettersson discovered a privilege escalation when using overlayfs mounts inside of user namespaces. A local user could exploit this flaw to gain administrative privileges on the system. Various other issues were also addressed.

tags | advisory, kernel, local
systems | linux, ubuntu
SHA-256 | c7380d91baf0065b79685c232e5e5e2202d948f49edf549da8ad314856cd6ce3
Ubuntu Security Notice USN-2644-2
Posted Jun 21, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2644-2 - The Fix for CVE-2015-1328 introduced a regression into the Linux kernel's overlayfs file system. The removal of a directory that only exists on the lower layer results in a kernel panic. Philip Pettersson discovered a privilege escalation when using overlayfs mounts inside of user namespaces. A local user could exploit this flaw to gain administrative privileges on the system. Various other issues were also addressed.

tags | advisory, kernel, local
systems | linux, ubuntu
SHA-256 | 369222ceb6590020b1886ad884d11700b41c94fa8ea8a7d63f869a68478feba4
Ubuntu Security Notice USN-2643-2
Posted Jun 21, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2643-2 - The Fix for CVE-2015-1328 introduced a regression into the Linux kernel's overlayfs file system. The removal of a directory that only exists on the lower layer results in a kernel panic. Philip Pettersson discovered a privilege escalation when using overlayfs mounts inside of user namespaces. A local user could exploit this flaw to gain administrative privileges on the system. Various other issues were also addressed.

tags | advisory, kernel, local
systems | linux, ubuntu
SHA-256 | 869ab9fcf03b2b3d337d915edb3a01426458905b77264337fe0d1729ac758123
Ubuntu Security Notice USN-2642-2
Posted Jun 21, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2642-2 - The Fix for CVE-2015-1328 introduced a regression into the Linux kernel's overlayfs file system. The removal of a directory that only exists on the lower layer results in a kernel panic. Philip Pettersson discovered a privilege escalation when using overlayfs mounts inside of user namespaces. A local user could exploit this flaw to gain administrative privileges on the system. Various other issues were also addressed.

tags | advisory, kernel, local
systems | linux, ubuntu
SHA-256 | 0b25925f01216f67d0afe0e7b5c7868672e9816c3ae053c9f217e953c39e477a
Ubuntu Security Notice USN-2641-2
Posted Jun 21, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2641-2 - The Fix for CVE-2015-1328 introduced a regression into the Linux kernel's overlayfs file system. The removal of a directory that only exists on the lower layer results in a kernel panic. Philip Pettersson discovered a privilege escalation when using overlayfs mounts inside of user namespaces. A local user could exploit this flaw to gain administrative privileges on the system. Various other issues were also addressed.

tags | advisory, kernel, local
systems | linux, ubuntu
SHA-256 | 96a20eaa0b469006860a8f807d961c9932f2e95a258abdc96e1c6ae1be1a9810
Tutanota Encrypted Email Missing MAC
Posted Jun 21, 2015
Authored by Scott Arciszewski

The symmetric-key encryption used in Tutanota is vulnerable to ciphertext malleability (a.k.a. arbitrary bit rewriting), since they fail to authenticate their ciphertexts.

tags | advisory, arbitrary
SHA-256 | 00f4d00f46d790844e3f65ca4d008f1940000c4fbc31fee4ddcc2012120e85ae
Page 4 of 16
Back23456Next

File Archive:

September 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    23 Files
  • 2
    Sep 2nd
    12 Files
  • 3
    Sep 3rd
    0 Files
  • 4
    Sep 4th
    0 Files
  • 5
    Sep 5th
    10 Files
  • 6
    Sep 6th
    8 Files
  • 7
    Sep 7th
    30 Files
  • 8
    Sep 8th
    14 Files
  • 9
    Sep 9th
    26 Files
  • 10
    Sep 10th
    0 Files
  • 11
    Sep 11th
    0 Files
  • 12
    Sep 12th
    5 Files
  • 13
    Sep 13th
    28 Files
  • 14
    Sep 14th
    15 Files
  • 15
    Sep 15th
    17 Files
  • 16
    Sep 16th
    9 Files
  • 17
    Sep 17th
    0 Files
  • 18
    Sep 18th
    0 Files
  • 19
    Sep 19th
    12 Files
  • 20
    Sep 20th
    15 Files
  • 21
    Sep 21st
    20 Files
  • 22
    Sep 22nd
    13 Files
  • 23
    Sep 23rd
    12 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close