exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 51 - 75 of 524 RSS Feed

Files Date: 2015-12-01 to 2015-12-31

Bugzilla Cross Site Scripting / Information Leak
Posted Dec 23, 2015
Authored by Mario Gomes, Holger Fuhrmannek | Site bugzilla.org

Bugzilla Security Advisory - Bugzilla versions 2.x through 5.x suffer from cross site scripting and information leak vulnerabilities.

tags | advisory, vulnerability, xss
advisories | CVE-2015-8508, CVE-2015-8509
SHA-256 | db307f7a48f357ccec4e2df7650d49504073c143e214926e2c2f8d2de6b1ae54
EMC Secure Remote Services Virtual Edition Path Traversal
Posted Dec 23, 2015
Site emc.com

EMC Secure Remote Services Virtual Edition is affected by a path traversal vulnerability. Attackers could potentially exploit this vulnerability to access unauthorized information by supplying specially crafted strings in input parameters of the application. Version 3.0x is affected.

tags | advisory, remote
advisories | CVE-2015-6852
SHA-256 | 8fdb353afde49d3288888cc3ee5c2a890947dbd3ba5aa6fc9be188b655ddf2f7
F-Secure F-SecureOnlineScanner.exe DLL Hijacking
Posted Dec 23, 2015
Authored by Stefan Kanthak

F-Secure's F-SecureOnlineScanner.exe suffers from a DLL hijacking vulnerability.

tags | advisory
systems | windows
SHA-256 | 08c100af279ae10d50cc0185837958fbe38a62b8c7acd43735db62efeb0c9ab5
Wireshark Infer_pkt_encap Out-Of-Bounds Read
Posted Dec 22, 2015
Authored by Google Security Research, mjurczyk

A crash can occur in Wireshark due to a heap-based out-of-bounds read in Infer_pkt_encap.

tags | exploit
systems | linux
SHA-256 | 90745af22598c1fb601c80c9804dde78906a32f0a793f19dd9a7d704da617e2d
Wireshark AirPDcapDecryptWPABroadcastKey Out-Of-Bounds Read
Posted Dec 22, 2015
Authored by Google Security Research, mjurczyk

A crash can occur in Wireshark due to a heap-based out-of-bounds read in AirPDcapDecryptWPABroadcastKey.

tags | exploit
systems | linux
SHA-256 | d8958e46997776a9af2eeb90fb122fc352fe22540f8ac88e0d82d1a1866ac014
EMC VPLEX Undocumented Account
Posted Dec 22, 2015
Site emc.com

EMC VPLEX GeoSynchrony code level 5.5 and earlier contains an undocumented account that may potentially be utilized by malicious VPLEX users to gain unauthorized access to the system.

tags | advisory
advisories | CVE-2015-6850
SHA-256 | 50bfb76922d4d30ee5c72d4c24b95090ef5578e1b5cac9b3aa9f356fb26b4e46
Symfony PHP Framework Session Fixation
Posted Dec 22, 2015
Site redteam-pentesting.de

Symfony PHP Framework versions 2.3.0 to 2.3.34, 2.6.0 to 2.6.11, and 2.7.0 to 2.7.6 suffers from a session fixation vulnerability.

tags | exploit, php
SHA-256 | 2a310b9c465d16a38204724f21d14c740130822075d76a0292958cab6f776282
giflib 5.1.1 Heap Overflow
Posted Dec 22, 2015
Authored by Hans Jerry Illikainen

A heap overflow may occur in the giffix utility included in giflib-5.1.1 when processing records of the type IMAGE_DESC_RECORD_TYPE due to the allocated size of LineBuffer equaling the value of the logical screen width, GifFileIn->SWidth, while subsequently having GifFileIn->Image.Width bytes of data written to it.

tags | advisory, overflow
advisories | CVE-2015-7555
SHA-256 | 14b8a675aca0e489675c477775d6737f0d432c6edb938c10feaa6a0bb0c1e016
Suricata IDPE 2.0.11
Posted Dec 22, 2015
Site openinfosecfoundation.org

Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and Barnyard2 tools.

Changes: Multiple bug fixes have been implemented.
tags | tool, intrusion detection
systems | unix
SHA-256 | c607f1e18e5636830f42a83f7c67e1466f07db82853f3a9dba4ab8c6c3bc656e
WordPress Content Text Slider On Post 6.8 Cross Site Scripting
Posted Dec 22, 2015
Authored by Vulnerability Laboratory, Alireza Promis | Site vulnerability-lab.com

WordPress Content Text Slider on Post plugin version 6.8 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | dee2b148c75594c583b58e3312e4f2d132308f9bd4040b2d92312e01399c5434
Western Union Cross Site Scripting
Posted Dec 22, 2015
Authored by Vulnerability Laboratory, Milan A Solanki | Site vulnerability-lab.com

The Vulnerability Laboratory Core Research Team discovered a client side cross site scripting web vulnerability in the official Western Union China web application.

tags | exploit, web, xss
SHA-256 | fa620ca37dc2f6c6837ce5da404bfa5e648280e8544058e2a100fb5356c8fa42
DELL Scrutinizer 12.0.3 Cross Site Scripting
Posted Dec 22, 2015
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

DELL Scrutinizer version 12.0.3 suffers from a persistent script insertion vulnerability.

tags | exploit
SHA-256 | 90ecd7a57fd5dd1c8a16a15c21ddf77a0a61b4c26758289c9db26bda4b158d93
Microsoft Windows win32k Local Privilege Escalation
Posted Dec 22, 2015
Authored by Jean-Jamil Khalife

Microsoft Windows win32k local privilege escalation exploit that leverages the vulnerability detailed in MS15-010.

tags | exploit, local
systems | windows
advisories | CVE-2015-0057
SHA-256 | 4f24264b386fc93f4e7321fea7aa41a1b8a93d94de1ffd60457886fa2cb4772d
POP Peeper 4.0.1 Code Execution
Posted Dec 22, 2015
Authored by Vulnerability Laboratory, ZwX | Site vulnerability-lab.com

POP Peeper version 4.0.1 suffers from a code execution vulnerability.

tags | exploit, code execution
SHA-256 | 71c7cbb42289fe16b17e4ad550f00bd11875ed823d0e7b1abc5453fddecc6013
Red Hat Security Advisory 2015-2696-01
Posted Dec 22, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-2696-01 - KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm-rhev package provides the user-space component for running virtual machines using KVM. A heap-based buffer overflow flaw was discovered in the way QEMU's AMD PC-Net II Ethernet Controller emulation received certain packets in loopback mode. A privileged user inside a guest could use this flaw to crash the host QEMU process or, potentially, execute arbitrary code with privileges of the host QEMU process.

tags | advisory, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2015-7504, CVE-2015-7512
SHA-256 | 503cbc45cdc2f967fddc97f42c3cbcc07b370f89a3a3665b58d860c38d262596
Red Hat Security Advisory 2015-2695-01
Posted Dec 22, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-2695-01 - KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm-rhev package provides the user-space component for running virtual machines using KVM. A heap-based buffer overflow flaw was discovered in the way QEMU's AMD PC-Net II Ethernet Controller emulation received certain packets in loopback mode. A privileged user inside a guest could use this flaw to crash the host QEMU process or, potentially, execute arbitrary code with privileges of the host QEMU process.

tags | advisory, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2015-7504, CVE-2015-7512
SHA-256 | 634b5c5d6653bee90c43413700903f911828f921ca8203b0d45a775a1c4ef7b4
Red Hat Security Advisory 2015-2694-01
Posted Dec 22, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-2694-01 - KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm package provides the user-space component for running virtual machines using KVM. A heap-based buffer overflow flaw was discovered in the way QEMU's AMD PC-Net II Ethernet Controller emulation received certain packets in loopback mode. A privileged user inside a guest could use this flaw to crash the host QEMU process or, potentially, execute arbitrary code with privileges of the host QEMU process.

tags | advisory, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2015-7504, CVE-2015-7512
SHA-256 | 4e3e67c3d61bed804fd025dc4f5c0bcec19041a73d8307392711fe4ac6eb7d3c
HP Security Bulletin HPSBHF03419 1
Posted Dec 22, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBHF03419 1 - A potential security vulnerability has been identified in HP Network Products including some H3C routers and switches. This is a Virtual routing and forwarding (VRF) hopping vulnerability that could be exploited remotely resulting in Denial of Service (DoS) or unauthorized access. Revision 1 of this advisory.

tags | advisory, denial of service
advisories | CVE-2015-5434
SHA-256 | dcc0e1a3e099534ebf24070ce9c632603f722085f42b8aafc6bf90d02bbccdf6
Aeris Calendar 2.1 Buffer Overflow
Posted Dec 22, 2015
Authored by Vulnerability Laboratory, ZwX | Site vulnerability-lab.com

Aeris Calendar version 2.1 suffers from a buffer overflow vulnerability.

tags | exploit, overflow
SHA-256 | ee88744992009693088a81aa36d421a2f0159f8b9a163ba53c47431583245395
Switch 4.68 Code Execution
Posted Dec 22, 2015
Authored by Vulnerability Laboratory, ZwX | Site vulnerability-lab.com

Switch version 4.68 suffers from a code execution vulnerability.

tags | exploit, code execution
SHA-256 | 42399ad607779457d47d91b3dba85edcd375f44151c2051a3fc60e94b1215643
Bluto 1.1.14
Posted Dec 22, 2015
Authored by Darryl Lane | Site github.com

Bluto is a dns reconnaissance, vulnerability checking, and enumeration tool.

Changes: Multiple features have been added.
tags | tool
systems | unix
SHA-256 | bed81a9d938f165962f78177c1778fe52fe3b22af828e94995f68833b3d605a3
Lithium Forum Cross Site Scripting
Posted Dec 22, 2015
Authored by Hadji Samir, Vulnerability Laboratory | Site vulnerability-lab.com

Lithium Forum suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 2a4e89eea799134265826ac71520aa0a085ecfd4ea28eb44bcc6d2fb9511269c
Faraday 1.0.16
Posted Dec 21, 2015
Authored by Francisco Amato

Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use the available tools in the community to take advantage of them in a multiuser way.

Changes: Immunity Canvas plugin added. Added Dig plugin. Added Traceroute plugin. Various other updates and fixes.
tags | tool, rootkit
systems | unix
SHA-256 | 53da89d5c48f26c0de9020e49b3846f04e034b5b376537463c65565ab2d9503f
Gentoo Linux Security Advisory 201512-04
Posted Dec 21, 2015
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201512-4 - Multiple vulnerabilities have been found in OpenSSH, the worst of which could lead to arbitrary code execution, or cause a Denial of Service condition. Versions less than 7.1_p1-r2 are affected.

tags | advisory, denial of service, arbitrary, vulnerability, code execution
systems | linux, gentoo
advisories | CVE-2015-5352, CVE-2015-5600, CVE-2015-6563, CVE-2015-6564, CVE-2015-6565
SHA-256 | 38035e26bd7635f4b3c4c04b5e7c5b82008cd054c3eea0114d71032d4c0e665b
Red Hat Security Advisory 2015-2673-01
Posted Dec 21, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-2673-01 - OpenStack Compute launches and schedules large networks of virtual machines, creating a redundant and scalable cloud computing platform. Compute provides the software, control panels, and APIs required to orchestrate a cloud, including running virtual machine instances and controlling access through users and projects. A vulnerability was discovered in the way OpenStack Compute networking handled security group updates; changes were not applied to already running VM instances. A remote attacker could use this flaw to access running VM instances.

tags | advisory, remote
systems | linux, redhat
advisories | CVE-2015-7713
SHA-256 | 969f35c86c24c7d1b1f9d33a4492eaeb80195425deabb40fc950705f06c4fcc6
Page 3 of 21
Back12345Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close