exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 23 of 23 RSS Feed

Files Date: 2015-11-04 to 2015-11-05

Nmap Port Scanner 6.49BETA6
Posted Nov 4, 2015
Authored by Fyodor | Site insecure.org

Nmap is a utility for port scanning large networks, although it works fine for single hosts. Sometimes you need speed, other times you may need stealth. In some cases, bypassing firewalls may be required. Not to mention the fact that you may want to scan different protocols (UDP, TCP, ICMP, etc.). Nmap supports Vanilla TCP connect() scanning, TCP SYN (half open) scanning, TCP FIN, Xmas, or NULL (stealth) scanning, TCP ftp proxy (bounce attack) scanning, SYN/FIN scanning using IP fragments (bypasses some packet filters), TCP ACK and Window scanning, UDP raw ICMP port unreachable scanning, ICMP scanning (ping-sweep), TCP Ping scanning, Direct (non portmapper) RPC scanning, Remote OS Identification by TCP/IP Fingerprinting, and Reverse-ident scanning. Nmap also supports a number of performance and reliability features such as dynamic delay time calculations, packet timeout and retransmission, parallel port scanning, detection of down hosts via parallel pings.

Changes: Integrated all IPv6 OS fingerprint submissions from April to October. Integrated all IPv4 OS fingerprint submissions from February to October. Added 10 NSE scripts from 5 authors. Various other additions and updates.
tags | tool, remote, udp, tcp, protocol, nmap
systems | linux, unix
SHA-256 | 39ee855b889b766abd408da29285dfb2414d959de62384a8076a9dcd406a8c59
pyClamd 0.3.16
Posted Nov 4, 2015
Authored by Alexandre Norman | Site xael.org

pyClamd is a python interface to Clamd (Clamav daemon). By using pyClamd, you can add virus detection capabilities to your python software in an efficient and easy way. Instead of pyClamav which uses libclamav, pyClamd may be used by a closed source product.

Changes: This version is compatible with python 3 (tested with 3.4.3) and python 2 (tested 2.7.3). The API for this new version is now object oriented. Useful classes are ClamdNetworkSocket and ClamdUnixSocket.
tags | tool, virus, python
systems | unix
SHA-256 | 75b14da0889ae1ac5b01caf8b302bd7818ea4819dce8a42f776d3190c4e57cfc
Piwik 2.14.3 PHP Object Injection
Posted Nov 4, 2015
Authored by EgiX

Piwik versions 2.14.3 and below suffer from a PHP object injection vulnerability that can lead to remote code execution.

tags | exploit, remote, php, code execution
advisories | CVE-2015-7816
SHA-256 | 84f13b541beeab5027a0a0d132f9bddd2aec51f57b18ea61539b18dec408924d
Piwik 2.14.3 Local File Inclusion
Posted Nov 4, 2015
Authored by EgiX

Piwik version 2.14.3 and below suffer from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
advisories | CVE-2015-7815
SHA-256 | eee59dc36374f91dced40b4ea48194596072b837658dfbeccc53d0849c0265bd
ATutor 2.2 PHP Code Injection
Posted Nov 4, 2015
Authored by EgiX

ATutor versions 2.2 and below suffer from a remote php code injection vulnerability.

tags | exploit, remote, php
advisories | CVE-2015-7712
SHA-256 | d68f51a39b755fe477331334371a85a9867f5564885f7740eefbf41a2c9a3341
ATutor 2.2 Cross Site Scripting
Posted Nov 4, 2015
Authored by EgiX

ATutor versions 2.2 and below suffer from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2015-7711
SHA-256 | 3f019a580730a65969fb1ee296eee1f664af50dc8c239571889044cbaa6c68b0
ATutor 2.2 Session Variable Overloading
Posted Nov 4, 2015
Authored by EgiX

ATutor versions 2.2 and below suffer from a session variable overloading vulnerability.

tags | advisory
advisories | CVE-2014-9753
SHA-256 | fbaac07ae5c801f3305296ae4796cdbada7788e75ace0989665efa6ffddd79c9
ATutor 2.2 File Upload
Posted Nov 4, 2015
Authored by EgiX

ATutor versions 2.2 and below suffer from a remote unrestricted file upload vulnerability.

tags | exploit, remote, file upload
advisories | CVE-2014-9752
SHA-256 | bfe91d27b6015c2947337a14fd42a2923a402b9ed2d98972883b08ff15515b82
Debian Security Advisory 3392-1
Posted Nov 4, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3392-1 - Pengsu Cheng discovered that FreeImage, a library for graphic image formats, contained multiple integer underflows that could lead to a supplying a specially crafted image.

tags | advisory
systems | linux, debian
advisories | CVE-2015-0852
SHA-256 | 328a24fc90ff18e57777051fb27679ae0846b8c78a04b247dbf46133e987ddaf
Red Hat Security Advisory 2015-1979-01
Posted Nov 4, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1979-01 - Libreswan is an implementation of IPsec & IKE for Linux. IPsec is the Internet Protocol Security and uses strong cryptography to provide both authentication and encryption services. These services allow you to build secure tunnels through untrusted networks such as virtual private network. A flaw was discovered in the way Libreswan's IKE daemon processed IKE KE payloads. A remote attacker could send specially crafted IKE payload with a KE payload of g^x=0 that, when processed, would lead to a denial of service.

tags | advisory, remote, denial of service, protocol
systems | linux, redhat
advisories | CVE-2015-3240
SHA-256 | c4ef5d5e98ea05e4162dd1abca2ad94903c0693fb44a6e8659bf31040833f8ad
HP Security Bulletin HPSBGN03429 2
Posted Nov 4, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN03429 2 - A potential security vulnerability has been identified with HP ArcSight Logger. The vulnerability could be exploited remotely to disclose information. Revision 2 of this advisory.

tags | advisory
advisories | CVE-2015-6029
SHA-256 | 7e143916fd95a1f5f6f7a30683c940f5c3a75a13e4c891d03f3eb5c576b24421
HP Security Bulletin HPSBGN03425 1
Posted Nov 4, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN03425 1 - Potential security vulnerabilities have been identified with HP ArcSight SmartConnectors. The vulnerabilities could be exploited remotely to allow disclosure of information, and locally to allow escalation of privilege. Revision 1 of this advisory.

tags | advisory, vulnerability
advisories | CVE-2015-2902, CVE-2015-2903
SHA-256 | d185e1311a60d6b1efcf9fca11dc07b4f80b224e2e6dab2ae50a7dbebb2ba2b9
HP Security Bulletin HPSBGN03430 1
Posted Nov 4, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN03430 1 - A potential security vulnerability has been identified with ArcSight Management Center ArcSight Connector Appliance ArcSight Logger and ArcSight SmartConnectors. The vulnerability could be exploited locally to allow elevation of privilege. Revision 1 of this advisory.

tags | advisory
advisories | CVE-2015-6030
SHA-256 | 0c174547eba3a29394d9d77caf037b72cfce173b0f10f694a7038cf179a2107f
Debian Security Advisory 3391-1
Posted Nov 4, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3391-1 - It was discovered that the web-based administration interface in the Horde Application Framework did not guard against Cross-Site Request Forgery (CSRF) attacks. As a result, other, malicious web pages could cause Horde applications to perform actions as the Horde user.

tags | advisory, web, csrf
systems | linux, debian
SHA-256 | 7b0449aeb438d86ed9fb2eb9e25f03de6c12c9caea89e9f2f3c25c930fafc62c
HP Security Bulletin HPSBGN03386 2
Posted Nov 4, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN03386 2 - A potential security vulnerability has been identified with HP Central View Fraud Risk Management, Revenue Leakage Control, Dealer Performance Audit, Credit Risk Control, Roaming Fraud Control, and Subscription Fraud Prevention. The vulnerabilities could be exploited remotely and locally to allow disclosure of information. Revision 2 of this advisory.

tags | advisory, vulnerability
advisories | CVE-2015-5406, CVE-2015-5407, CVE-2015-5408
SHA-256 | 818616fc58299ce143b95a677295451675ec749d8a69e78f8215814226f33e66
Red Hat Security Advisory 2015-1981-01
Posted Nov 4, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1981-01 - Network Security Services is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Netscape Portable Runtime provides platform independence for non-GUI operating system facilities. A use-after-poison flaw and a heap-based buffer overflow flaw were found in the way NSS parsed certain ASN.1 structures. An attacker could use these flaws to cause NSS to crash or execute arbitrary code with the permissions of the user running an application compiled against the NSS library.

tags | advisory, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2015-7181, CVE-2015-7182, CVE-2015-7183
SHA-256 | f218558d94300f2eeece5fe28759616cde41313ce2bbebe7fd77469b034c87e4
Red Hat Security Advisory 2015-1980-01
Posted Nov 4, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1980-01 - Network Security Services is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Netscape Portable Runtime provides platform independence for non-GUI operating system facilities. A use-after-poison flaw and a heap-based buffer overflow flaw were found in the way NSS parsed certain ASN.1 structures. An attacker could use these flaws to cause NSS to crash or execute arbitrary code with the permissions of the user running an application compiled against the NSS library.

tags | advisory, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2015-7181, CVE-2015-7182, CVE-2015-7183
SHA-256 | 8cfcb360352e3c75f30ec51f7bbd0be2d86035b626fb9ea84115b65545e233f8
Red Hat Security Advisory 2015-1982-01
Posted Nov 4, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1982-01 - Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. A same-origin policy bypass flaw was found in the way Firefox handled certain cross-origin resource sharing requests. A web page containing malicious content could cause Firefox to disclose sensitive information.

tags | advisory, web, arbitrary
systems | linux, redhat
advisories | CVE-2015-4513, CVE-2015-7188, CVE-2015-7189, CVE-2015-7193, CVE-2015-7194, CVE-2015-7196, CVE-2015-7197, CVE-2015-7198
SHA-256 | 164cfc25fcbcb95177b28bd0255dd76614f43bca1107e6c9c88faf3ed9f9817a
FreeType 2.6.1 TrueType Parsing Heap-Based Out Of Bounds Read
Posted Nov 4, 2015
Authored by Google Security Research, mjurczyk

Heap-based out-of-bounds memory reads have been encountered in FreeType in the handling of the cmap (format 14) SFNT table.

tags | exploit
systems | linux
SHA-256 | 4cc28eefc46be2738c81144ca33a6055d4ab76ccdeceae4e05be56bbd4b23b5f
Ubuntu Security Notice USN-2789-1
Posted Nov 4, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2789-1 - It was discovered that XScreenSaver incorrectly handled unplugging an external monitor. An attacker with physical access could use this flaw to gain access to a locked session.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2015-8025
SHA-256 | 2eab6002cec84e83ce2e1c3b9bd663af9e266e68fe847bf26170404597ff9383
Red Hat Security Advisory 2015-1978-01
Posted Nov 4, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1978-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A flaw was found in the way the Linux kernel's VFS subsystem handled file system locks. A local, unprivileged user could use this flaw to trigger a deadlock in the kernel, causing a denial of service on the system. A buffer overflow flaw was found in the way the Linux kernel's virtio-net subsystem handled certain fraglists when the GRO functionality was enabled in a bridged network configuration. An attacker on the local network could potentially use this flaw to crash the system, or, although unlikely, elevate their privileges on the system.

tags | advisory, denial of service, overflow, kernel, local
systems | linux, redhat
advisories | CVE-2014-8559, CVE-2015-5156
SHA-256 | 95ba0b2540e545687ca7ffa0c2bd118350125ef3544bf11a30ae45e346981005
Red Hat Security Advisory 2015-1976-01
Posted Nov 4, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1976-01 - The kernel-rt packages contain the Linux kernel, the core of any Linux operating system. A flaw was found in the way the Linux kernel's VFS subsystem handled file system locks. A local, unprivileged user could use this flaw to trigger a deadlock in the kernel, causing a denial of service on the system.

tags | advisory, denial of service, kernel, local
systems | linux, redhat
advisories | CVE-2014-8559
SHA-256 | a655bd67f643a6c78e1d5311abeb8f803d4ece799c757b5b714ccddd829f73e2
Red Hat Security Advisory 2015-1977-01
Posted Nov 4, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1977-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A flaw was found in the way the Linux kernel's VFS subsystem handled file system locks. A local, unprivileged user could use this flaw to trigger a deadlock in the kernel, causing a denial of service on the system. A buffer overflow flaw was found in the way the Linux kernel's virtio-net subsystem handled certain fraglists when the GRO functionality was enabled in a bridged network configuration. An attacker on the local network could potentially use this flaw to crash the system, or, although unlikely, elevate their privileges on the system.

tags | advisory, denial of service, overflow, kernel, local
systems | linux, redhat
advisories | CVE-2014-8559, CVE-2015-5156
SHA-256 | 8e2c39b28aabf6afdf43ad9ade18b9ba283b85ecb5d756f6d46bdd9dfbe299c1
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close