exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 11 of 11 RSS Feed

Files Date: 2016-04-15 to 2016-04-16

SAP NetWeaver J2EE Engine 7.40 Cryptographic Issue
Posted Apr 15, 2016
Authored by Vahagn Vardanyan

SAP NetWeaver J2EE Engine version 7.40 suffers from a cryptographic issue that can lead to information disclosure.

tags | advisory, info disclosure
SHA-256 | 4a8752f48a5fa73baa980c9abecb1d2a2c71088e4ae41dc5af67c4faa1a59f5b
SAP HANA 1.00.095.00.1429086950 Log Injection
Posted Apr 15, 2016
Authored by Mathieu Geli

Anonymous attackers can use a special HTTP request to inject logs in the xsengine trace file without size restriction. The vulnerability is triggered when the username sent to the /sap/hana/xs/debugger/grantAccess.xscfunc page is longer than 256 characters.

tags | advisory, web
SHA-256 | c8c5dd5a2c2a55cdafe1f8d473df9812f164b0f46f07d0a934fb5fc0b3a066f0
SAP NetWeaver J2EE Engine 7.40 Cross Site Scripting
Posted Apr 15, 2016
Authored by Vahagn Vardanyan

SAP NetWeaver J2EE engine version 7.40 suffers from a cross site scripting vulnerability.

tags | advisory, xss
SHA-256 | 4d45bc8c91a6d3d36af7f90ad4341ee0314fc7fffe6fbc4ec7d2cfe5c83dab9f
Debian Security Advisory 3550-1
Posted Apr 15, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3550-1 - enabled and the sshd PAM configuration is configured to read user- specified environment variables and the "UseLogin" option is enabled, a local user may escalate her privileges to root.

tags | advisory, local, root
systems | linux, debian
advisories | CVE-2015-8325
SHA-256 | 374089592e1cd2eb80c2dec50b28b14a5c1a6f12066de2e2c148453d945875cf
Debian Security Advisory 3549-1
Posted Apr 15, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3549-1 - Several vulnerabilities have been discovered in the chromium web browser.

tags | advisory, web, vulnerability
systems | linux, debian
advisories | CVE-2016-1651, CVE-2016-1652, CVE-2016-1653, CVE-2016-1654, CVE-2016-1655, CVE-2016-1657, CVE-2016-1658, CVE-2016-1659
SHA-256 | 78be013d33903d3148ba3f1b8de4567e0e7e3695de26eaeb437da123767a9de4
PfSense Community Edition 2.2.6 CSRF / XSS / Command Injection
Posted Apr 15, 2016
Authored by Francesco Oddo | Site security-assessment.com

PfSense Community Edition versions 2.2.6 and below suffer from cross site scripting, code injection, and cross site request forgery vulnerabilities.

tags | exploit, vulnerability, xss, csrf
SHA-256 | a1cea41cda47aaf708576b8f7af2aa6b3c4f8bef37be1b6afc196e909188eabc
VMware Security Advisory 2016-0004
Posted Apr 15, 2016
Authored by VMware | Site vmware.com

VMware Security Advisory 2016-0004 - VMware vCenter Server, vCloud Director (vCD), vRealize Automation (vRA) Identity Appliance, and the Client Integration Plugin (CIP) updates address a critical security issue.

tags | advisory
advisories | CVE-2016-2076
SHA-256 | bd56155a16a9898620437b43f01ad1f323acba62d3f1fc3b322b4be0caad980b
EMC Unisphere For VMAX Virtual Appliance File Upload
Posted Apr 15, 2016
Site emc.com

EMC Unisphere for VMAX Virtual Appliance contains a fix for an arbitrary file upload vulnerability. This vulnerability could expose the VMAX Virtual Appliance to be potentially compromised by malicious users. EMC Unisphere for VMAX Virtual Appliance version prior to 8.2.0 are affected.

tags | advisory, arbitrary, file upload
advisories | CVE-2016-0889
SHA-256 | 54c97e2325e2b7e67297fc3d7d82dccdb3972cb5aa3005957194aba7f8158f07
AirOS 6.x Arbitrary File Upload
Posted Apr 15, 2016
Authored by Vincent Yiu

AirOS version 6.x suffers from an arbitrary file upload vulnerability.

tags | exploit, arbitrary, file upload
SHA-256 | a2045ad92aa7807fb104f6e5684803d581ae09e9d5bbb906da255625550214c5
Linux/x86_64 Read /etc/password Shellcode
Posted Apr 15, 2016
Authored by Ajith KP

65 bytes small Linux/x86_64 read /etc/passwd shellcode.

tags | shellcode
systems | linux
SHA-256 | 838910ad5738b8e6f0bc31928b09825e68de325dc1fb4bedad490fb9acc99c7a
Microsoft Internet Explorer 11 DLL Hijacking
Posted Apr 15, 2016
Authored by Sandro Poppi

Microsoft Internet Explorer 11 ships with MSHTML.DLL referencing various DLLs which are not present on a Windows 7 SP1 installation, Windows 10 is not affected, other Windows versions have not been tested. According to "MSHTML.DLL is at the heart of Internet Explorer and takes care of its HTML and Cascading Style Sheets (CSS) parsing and rendering functionality." Every application using MSHTML.DLL directly or another DLL which incorporates MSHTML.DLL (like SHELL32.dll) is prone to binary planting.

tags | exploit
systems | windows
advisories | CVE-2016-0160
SHA-256 | 6527d84b2e81cbfa11caebc6caad25537bf4ae7b3243d2620fd57dda899352a3
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close