what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 8 of 8 RSS Feed

Files Date: 2016-03-19 to 2016-03-20

Debian Security Advisory 3520-1
Posted Mar 19, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3520-1 - Multiple security issues have been found in Icedove, Debian's version of integer overflows, buffer overflows and other implementation errors may lead to the execution of arbitrary code or denial of service.

tags | advisory, denial of service, overflow, arbitrary
systems | linux, debian
advisories | CVE-2016-1950, CVE-2016-1954, CVE-2016-1957, CVE-2016-1960, CVE-2016-1961, CVE-2016-1962, CVE-2016-1964, CVE-2016-1966, CVE-2016-1974, CVE-2016-1977, CVE-2016-2790, CVE-2016-2791, CVE-2016-2792, CVE-2016-2793, CVE-2016-2794, CVE-2016-2795, CVE-2016-2796, CVE-2016-2797, CVE-2016-2798, CVE-2016-2799, CVE-2016-2800, CVE-2016-2801, CVE-2016-2802
SHA-256 | 53de96b333ff377c5997fb4d7b6d5264d5653d98b5c2d56677ffc75f61f65361
Fortinet FortiOS Open Redirect / Cross Site Scripting
Posted Mar 19, 2016
Authored by Javier Nieto

Fortinet FortiOS suffers from cross site scripting and open redirect vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | adf6965aa4e456c066a759abb27c019e435a69201a13504c049ad95581b7976b
Nmap Port Scanner 7.10
Posted Mar 19, 2016
Authored by Fyodor | Site insecure.org

Nmap is a utility for port scanning large networks, although it works fine for single hosts. Sometimes you need speed, other times you may need stealth. In some cases, bypassing firewalls may be required. Not to mention the fact that you may want to scan different protocols (UDP, TCP, ICMP, etc.). Nmap supports Vanilla TCP connect() scanning, TCP SYN (half open) scanning, TCP FIN, Xmas, or NULL (stealth) scanning, TCP ftp proxy (bounce attack) scanning, SYN/FIN scanning using IP fragments (bypasses some packet filters), TCP ACK and Window scanning, UDP raw ICMP port unreachable scanning, ICMP scanning (ping-sweep), TCP Ping scanning, Direct (non portmapper) RPC scanning, Remote OS Identification by TCP/IP Fingerprinting, and Reverse-ident scanning. Nmap also supports a number of performance and reliability features such as dynamic delay time calculations, packet timeout and retransmission, parallel port scanning, detection of down hosts via parallel pings.

Changes: Integrated 12 IPv6 OS fingerprint submissions. Integrated all service/version fingerprinted submitted. Various other updates and fixes.
tags | tool, remote, udp, tcp, protocol, nmap
systems | linux, unix
SHA-256 | 68ec401a2da77864ac0a598db6a82ad26a7156df1f5d576dafbe7aa1d720783d
Lynis Auditing Tool 2.2.0
Posted Mar 19, 2016
Authored by Michael Boelen | Site cisofy.com

Lynis is an auditing tool for Unix (specialists). It scans the system and available software to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated auditing, software patch management, vulnerability and malware scanning of Unix based systems.

Changes: This is a major upgrade, and the result of many months of work. This version includes new features and tests, and many small enhancements.
tags | tool, scanner
systems | unix
SHA-256 | 64fe15be52fa77bce14250867da87e8c262fb0e9229517c4e2d2d5a38223bea4
WebsiteBaker CMS 2.8.3-SP5 SQL Injection
Posted Mar 19, 2016
Authored by High-Tech Bridge SA | Site htbridge.com

WebsiteBaker CMS version 2.8.3-SP5 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | d8c88cbdb9744e1a26af7b80ce4fe6fe1b5c53888b9441fc5f1c76364d300b27
Dating Pro Genie 2015.7 Cross Site Request Forgery
Posted Mar 19, 2016
Authored by High-Tech Bridge SA | Site htbridge.com

High-Tech Bridge Security Research Lab discovered multiple cross site request forgery (CSRF) vulnerabilities in a popular dating social network Dating Pro. A remote unauthenticated attacker can perform CSRF attacks to change administrator's credentials and execute arbitrary system commands. Successful exploitation of the vulnerability may allow attacker to gain complete control over the vulnerable website, all its users and databases. suffers from a cross site request forgery vulnerability.

tags | exploit, remote, arbitrary, vulnerability, csrf
SHA-256 | 9b0685fd87ae9a98fe16f9d776280dfa8f697c3ea2872fce79f19f41bb912245
iTop 2.2.1 Cross Site Request Forgery
Posted Mar 19, 2016
Authored by High-Tech Bridge SA | Site htbridge.com

High-Tech Bridge Security Research Lab discovered a remote code execution vulnerability in iTop that is exploitable via cross site request forgery flaw that is also present in the application. The vulnerability exists due to absence of validation of HTTP request origin in "/env-production/itop-config/config.php" script, as well as lack of user-input sanitization received via "new_config" HTTP POST parameter.

tags | exploit, remote, web, php, code execution, csrf
SHA-256 | 2a57050bf2377c2df7b28c31e707efa2cf5ea74cb641059629604c7bdc0bd715
Avira PE Section Header Parsing Heap Underflow
Posted Mar 19, 2016
Authored by Tavis Ormandy, Google Security Research

Avira suffers from a heap underflow vulnerability when parsing PE section headers.

tags | exploit
systems | linux
SHA-256 | ea61070846baddcbb28d0f5d8e2027b479bd9eb7b9a66c93cc181a9f30a48ac3
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close