exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 126 - 150 of 380 RSS Feed

Files Date: 2015-06-01 to 2015-06-30

Debian Security Advisory 3291-1
Posted Jun 18, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3291-1 - Several vulnerabilities were found in drupal7, a content management platform used to power websites.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2015-3231, CVE-2015-3232, CVE-2015-3233, CVE-2015-3234
SHA-256 | 398bb888b259027615866997ab92ee63422e667b90163d54e5414e98edb42dd1
Packet Fence 5.2.0
Posted Jun 18, 2015
Site packetfence.org

PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.

Changes: Debian packages will now stop services preinstallation. Added drop and recreate trigger for forgotten temporary_password trigger in upgrade to 5.0. Various other fixes and updates.
tags | tool, remote
systems | unix
SHA-256 | 0f3535012548c15bcf909d7f76a066881278751704c6118f74ab92879809e3fc
SAP NetWeaver Dispatcher Buffer Overflow
Posted Jun 18, 2015
Authored by George Nosenko

SAP NetWeaver Dispatcher has the function sapac01_sapgparam() that processes the ABAP kernel call C_SAPGPARAM. This function has a buffer overflow vulnerability. The vulnerability can allow an authenticated remote attacker to execute arbitrary code. It can also lead to denial of service.

tags | advisory, remote, denial of service, overflow, arbitrary, kernel
advisories | CVE-2015-2815
SHA-256 | e0d91a9cfd6ae4da1cf1d65a172beb169596c06658d1838fb88f8be6eda0f0f7
Debian Security Advisory 3290-1
Posted Jun 18, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3290-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service, information leaks or data corruption.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, debian
advisories | CVE-2015-1805, CVE-2015-3636, CVE-2015-4167
SHA-256 | 0fbb263c4d3f8891b1c58ec40a1bf47156f434e76c2141d84c6407ec9eb0c713
SAP NetWeaver Portal 7.31 XXE Injection
Posted Jun 18, 2015
Authored by Vahagn Vardanyan

SAP NetWeaver Portal version 7.31 suffers from an XXE injection vulnerability. The problem is caused by a program error in 'ValidationComponent' due to the incorrect use of an XML parser. By default, the parser opens external entities referenced within an XML input, which can then lead to malicious content being parsed. This malicious content can reference internal resources, such as files. These internal resources can be disclosed in the response to the request, or can be used to perform a denial of service attack on the parsing system, rendering the application content temporarily unavailable.

tags | advisory, denial of service, xxe
advisories | CVE-2015-2812
SHA-256 | 9756bc993b8745281faa7c356860f96edc0f791cd1ec7201932b24da9da7b059
Wonder CMS 0.6-Beta File Inclusion / Traversal / Disclosure
Posted Jun 18, 2015
Authored by indoushka

Wonder CMS version 0.6-Beta suffers from inclusion, password disclosure, and directory traversal vulnerabilities.

tags | exploit, vulnerability, file inclusion
SHA-256 | 397399516a0b38c8578b9229ed23840b442e7ec378ee95438a4c113226f252da
Vitubo CMS 2.3 Database Disclosure
Posted Jun 18, 2015
Authored by indoushka

Vitubo CMS version 2.3 suffers from a backup related database disclosure vulnerabilities.

tags | exploit, vulnerability, info disclosure
SHA-256 | ff364b84ea8625fba97d912d8dd6331b0c0dd9676463163ef07e5caaea3f8ae8
WordPress Revslider 4.2.2 XSS / Information Disclosure
Posted Jun 18, 2015
Authored by indoushka

WordPress Revslider plugin version 4.2.2 suffer from cross site scripting, file download, and information disclosure vulnerabilities. Note that this finding houses site-specific data.

tags | exploit, vulnerability, xss, info disclosure
SHA-256 | 8ad1c24b948d5a65dab914200443c87ffe00a1d155d37bbd652a95364274a234
Linux/x86 NetCat Bindshell Shellcode
Posted Jun 18, 2015
Authored by B3mB4m

60 bytes small Linux/x86 netcat bindshell shellcode that attaches to port 5555.

tags | x86, shellcode
systems | linux
SHA-256 | a448460fd0c86ff40315a54f88404738d49ecd0c1b2ffbca47171f6ced35203b
Just A Forum 2.1.1 Cross Site Scripting
Posted Jun 18, 2015
Authored by indoushka

Just A Forum version 2.1.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | f942628108d16b6d63256b6d0445ec551ce6bb7db1df80e6b5741033053809cd
Red Hat Security Advisory 2015-1123-01
Posted Jun 17, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1123-01 - CUPS provides a portable printing layer for Linux, UNIX, and similar operating systems. A string reference count bug was found in cupsd, causing premature freeing of string objects. An attacker can submit a malicious print job that exploits this flaw to dismantle ACLs protecting privileged operations, allowing a replacement configuration file to be uploaded which in turn allows the attacker to run arbitrary code in the CUPS server A cross-site scripting flaw was found in the cups web templating engine. An attacker could use this flaw to bypass the default configuration settings that bind the CUPS scheduler to the 'localhost' or loopback interface.

tags | advisory, web, arbitrary, xss
systems | linux, redhat, unix
advisories | CVE-2014-9679, CVE-2015-1158, CVE-2015-1159
SHA-256 | b8be18fe93feda9e83358ade06c07fbf33652b9dedfb62d9a8e3b997ce16a542
HP Security Bulletin HPSBGN03338 1
Posted Jun 17, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN03338 1 - A potential security vulnerability has been identified with HP Service Manager running SSLv3. The vulnerability could be exploited remotely to allow disclosure of information. Note: This is the SSLv3 vulnerability known as RC4 cipher Bar Mitzvah vulnerability. Revision 1 of this advisory.

tags | advisory
advisories | CVE-2015-2808
SHA-256 | f73faeaa3c71b97758427a435b20b04199bd569651d10e0bdb1c92b0a1354ca4
HP Security Bulletin HPSBGN03350 1
Posted Jun 17, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN03350 1 - A potential security vulnerability has been identified with HP SiteScope. The vulnerability could be exploited remotely to allow disclosure of information. Note: This is the TLS vulnerability known as the RC4 cipher Bar Mitzvah vulnerability, which could be exploited remotely to allow disclosure of information. Revision 1 of this advisory.

tags | advisory
advisories | CVE-2015-2802, CVE-2015-2808
SHA-256 | fe1d558fbe29c55c7783573f0e8ce2e327d549008101137a3d8ffbedd47b5e51
Wireshark Analyzer 1.12.6
Posted Jun 17, 2015
Authored by Gerald Combs | Site wireshark.org

Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers.

Changes: Multiple bug fixes and updates.
tags | tool, sniffer, protocol
systems | windows, unix
SHA-256 | 22ac0cc872f12cef9bb2cacfe0720eed8533dc5cea102d21de511620606cb3b6
Vesta Control Panel 0.9.8 OS Command Injection
Posted Jun 17, 2015
Authored by High-Tech Bridge SA | Site htbridge.com

Vesta Control Panel version 0.9.8 suffers from an OS command injection vulnerability.

tags | exploit
advisories | CVE-2015-4117
SHA-256 | 8afef03dc758fc7e9258cea86f2165628c4ee859debcb92aa2ea90cfb8973453
SearchBlox 8.2 Cross Site Scripting
Posted Jun 17, 2015
Authored by High-Tech Bridge SA | Site htbridge.ch

SearchBlox version 8.2 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2015-3422
SHA-256 | c50cf93766fdeb247be5b7f551e3e1f70a06620929967b43da8b53e840f1e73c
VCE Vision(TM) Intelligent Operations Cryptographic / Cleartext Issues
Posted Jun 17, 2015
Site support.vce.com

VCE Vision(TM) software versions prior to 2.6.5 have been identified to contain security vulnerabilities that may potentially be leveraged by a malicious user to obtain sensitive information. A weak cryptographic scheme exists in the system library and a cleartext transmission issue exists in the plugin for VMware vCenter.

tags | advisory, vulnerability
advisories | CVE-2015-4056, CVE-2015-4057
SHA-256 | 51ade347570617484b11d1238e172c175ac13263924dc5c99651107083d0793c
Symantec Encryption Gateway Remote Command Injection
Posted Jun 17, 2015
Authored by Mohammad Reza Espargham

Symantec Encryption Gateway suffers from a remote command injection vulnerability. Versions prior to 3.2.0 MP6 are affected.

tags | exploit, remote
advisories | CVE-2014-7288
SHA-256 | e6ac92a40468adfad041080b0dc12276912bcdfa8a08e999f17136b0003f5f9e
BIGACE 2.7.8 Cross Site Scripting / File Upload
Posted Jun 17, 2015
Authored by indoushka

BIGACE version 2.7.8 suffers from cross site scripting and file upload vulnerabilities.

tags | exploit, vulnerability, xss, file upload
SHA-256 | 33159b3a9180da99ad88ee3d773bbc6ec6a99088dc5297a33bf65aaf68c6079d
Audio Share 2.0.2 Cross Site Scripting / Remote File Inclusion
Posted Jun 17, 2015
Authored by indoushka

Audio Share version 2.0.2 suffers from cross site scripting and remote file inclusion vulnerabilities.

tags | exploit, remote, vulnerability, code execution, xss, file inclusion
SHA-256 | a3a8905088e570ff7fa1984524f21cf56f5f55619ab6518165d24f7c5f880f37
Alitalk 1.80 SQL Injection / Bypass
Posted Jun 17, 2015
Authored by indoushka

Alitalk version 1.80 suffers from various bypass and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection, bypass
SHA-256 | 8471cf9736c040db77b8cbf37badbcfdb3f137f9f3664d06af4cbb5b1d6b2457
4images 1.7.11 File Inclusion
Posted Jun 17, 2015
Authored by indoushka

4images version 1.7.11 suffers from inclusion vulnerabilities due to trusting the host header.

tags | exploit, vulnerability, code execution, file inclusion
SHA-256 | 58c8498e8bf4f00d45c7e52fd8d323c053bb404232140cfc9cb9537707c06ec0
Imagevue 2.8.9 XSS / Password Disclosure
Posted Jun 17, 2015
Authored by indoushka

Imagevue version 2.8.9 suffers from cross site scripting and password disclosure vulnerabilities.

tags | exploit, vulnerability, xss, info disclosure
SHA-256 | da17b864a9c9189ea39befb9d3b0dd1691517d8f6afb17b6cddc81e4e0716486
MantisBT 1.3.0 File Download
Posted Jun 17, 2015
Authored by indoushka

MantisBT version 1.3.0 suffers from a remote file download vulnerability.

tags | exploit, remote, info disclosure
SHA-256 | 671ba2e0e285945b42223f1727978cb7d9171580b07eb50f0c2b649e8ebddb1e
Linux/x86 chmod('/etc/gshadow','777') Shellcode
Posted Jun 17, 2015
Authored by Mohammad Reza Espargham

37 bytes small Linux/x86 chmod('/etc/gshadow','777') shellcode.

tags | x86, shellcode
systems | linux
SHA-256 | 7835ef8dd303091aaa34f09e786f8af1c69d6250ccbffb724347d83a9ab3dcce
Page 6 of 16
Back45678Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close