what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 26 - 50 of 333 RSS Feed

Files Date: 2016-04-01 to 2016-04-30

GreHack 2016 Call For Papers
Posted Apr 27, 2016
Site grehack.fr

The GreHack 2016 Call For Papers has been announced. GreHack is an international security conference which takes place in Grenoble (France). It aims to bring together academics, industry, governments, students and hackers to discuss new advances in computer and information security research. This year will be the fourth edition. As always, conferences will take place during the day, and you will be able to test your hacking skills with the Capture The Flag contest that will hold during the night. It will take place on November 18th, 2016.

tags | paper, conference
SHA-256 | 1ae8900f2944a88bcdd90f3159a78863cd84ae21a5f8d3315ba6b37f8d9f4f74
RomPager 4.34 Authentication Bypass
Posted Apr 27, 2016
Authored by Milad Doorbash

RomPager versions 4.34 and below router authentication remover exploit.

tags | exploit, bypass
advisories | CVE-2015-9222
SHA-256 | 38645aa2c86dfa0cb64d4619e5778ca2411cb0f863d9768a0f6f53af705c2c8e
Logwatch 7.4.3
Posted Apr 27, 2016
Site sourceforge.net

Logwatch analyzes and reports on unix system logs. It is a customizable and pluggable log monitoring system which will go through the logs for a given period of time and make a customizable report. It should work right out of the package on most systems.

Changes: Fixed bugs.
tags | tool, intrusion detection
systems | unix
SHA-256 | 1dbdc48d65e150f2dbb43f1e4f4700d94166e053b1c7bbbdedf4ad670283720e
Sophos XG Firewall (SF01V) Cross Site Scripting
Posted Apr 27, 2016
Authored by Vulnerability Laboratory, Lawrence Amer | Site vulnerability-lab.com

Sophos XG Firewall (SF01V) suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | d40c538cdcd71b7e182b19515a9c3cc792fcb182d52b84a21cdcea81b967c2ba
Trend Micro Email Spoofing
Posted Apr 27, 2016
Authored by Hadji Samir, Vulnerability Laboratory | Site vulnerability-lab.com

Trend Micro's website suffered from an email spoofing vulnerability.

tags | exploit, spoof
SHA-256 | e036a8a755636cc38be306245627af052b92cd4305af973b466af3b9e30bb747
Oracle Discoverer Viewer BI Open Redirect
Posted Apr 27, 2016
Authored by Vulnerability Laboratory, Tommy DeVoss | Site vulnerability-lab.com

Oracle Discoverer Viewer BI suffered from an open redirection vulnerability.

tags | exploit
SHA-256 | e23c0a5e2dc5af6727a12408ff49391c3f3651447979dec521f61fe2e285dff3
Slackware Security Advisory - mozilla-firefox Updates
Posted Apr 26, 2016
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New mozilla-firefox packages are available for Slackware 14.1 and -current to fix security issues.

tags | advisory
systems | linux, slackware
SHA-256 | 0fb2a78a07300d6178cc2e68ad5715edb8d213245d8509245b45509940185e53
Gentoo Linux Security Advisory 201604-05
Posted Apr 26, 2016
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201604-5 - Multiple vulnerabilities have been found in Wireshark, allowing local attackers to escalate privileges and remote attackers to cause Denial of Service. Versions less than 2.0.2 are affected.

tags | advisory, remote, denial of service, local, vulnerability
systems | linux, gentoo
advisories | CVE-2015-8711, CVE-2015-8712, CVE-2015-8713, CVE-2015-8714, CVE-2015-8715, CVE-2015-8716, CVE-2015-8717, CVE-2015-8718, CVE-2015-8719, CVE-2015-8720, CVE-2015-8721, CVE-2015-8722, CVE-2015-8723, CVE-2015-8724, CVE-2015-8725, CVE-2015-8726, CVE-2015-8727, CVE-2015-8728, CVE-2015-8729, CVE-2015-8730, CVE-2015-8731, CVE-2015-8732, CVE-2015-8733, CVE-2015-8734, CVE-2015-8735, CVE-2015-8736, CVE-2015-8737, CVE-2015-8738
SHA-256 | 47c27f7b141d8adbd823f87858b411cdfffec11eca51c078a83801330b01f327
Gentoo Linux Security Advisory 201604-04
Posted Apr 26, 2016
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201604-4 - Multiple vulnerabilities have been found in libksba, allowing a possible Denial of Service and unspecified other vectors through integer overflows. Versions less than 1.3.3 are affected.

tags | advisory, denial of service, overflow, vulnerability
systems | linux, gentoo
SHA-256 | 587f8290d7f59a6381f09f79c51e4030da53894406450164050f164167b8ec2a
Debian Security Advisory 3558-1
Posted Apr 26, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3558-1 - Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in breakouts of the Java sandbox, denial of service or information disclosure.

tags | advisory, java, denial of service, vulnerability, info disclosure
systems | linux, debian
advisories | CVE-2016-0636, CVE-2016-0686, CVE-2016-0687, CVE-2016-0695, CVE-2016-3425, CVE-2016-3426, CVE-2016-3427
SHA-256 | 3a563a5fef3ea78c6851cadc6b390e4903b99b2a6842fde118c05fd922d5b727
Red Hat Security Advisory 2016-0695-01
Posted Apr 26, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0695-01 - Mozilla Firefox is an open source web browser. This update upgrades Firefox to version 45.1.0 ESR. Security Fix: Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox.

tags | advisory, web, arbitrary
systems | linux, redhat
advisories | CVE-2016-2805, CVE-2016-2806, CVE-2016-2807, CVE-2016-2808, CVE-2016-2814
SHA-256 | 438add94dab646ed2426c1c033bfeaf4fdc37d12f17ae6c15284a7848e3231d7
Debian Security Advisory 3557-1
Posted Apr 26, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3557-1 - Several issues have been discovered in the MySQL database server. The vulnerabilities are addressed by upgrading MySQL to the new upstream version 5.5.49.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2016-0640, CVE-2016-0641, CVE-2016-0642, CVE-2016-0643, CVE-2016-0644, CVE-2016-0646, CVE-2016-0647, CVE-2016-0648, CVE-2016-0649, CVE-2016-0650, CVE-2016-0666, CVE-2016-2047
SHA-256 | 46eba16e731a5ce8cd707967340d95e67db7cdd513b9f1bb48a259a6ef3f14e5
VoipNow 4.0.1 Script Insertion
Posted Apr 26, 2016
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

VoipNow version 4.0.1 suffers from script insertion vulnerabilities.

tags | exploit, vulnerability
SHA-256 | 03f60bcbb2e812664fd02e7f5aad5865f9811f053e4ea7cae9e0ac16d08eb954
Pcapteller 1.1
Posted Apr 26, 2016
Authored by Juan J. Guelfo | Site encripto.no

Pcapteller is a tool designed for simple traffic manipulation and replay. The tool allows you to recreate a recorded network traffic scenario that occurred in a foreign network, as it really happened in yours. Basically, the tool reads network packets from a PCAP file, and it replaces a given IP address with one that fits your needs. Afterwards, the manipulated packets are injected into the network. The tool is useful if you want to recreate scenarios where computer attacks or malware infections occurred. Using such scenarios as a base, Pcapteller will make it look like everything is really happening in your network. Pcapteller can help you improving your blue team's network security monitoring skills, or creating network decoys during red team operations.

Changes: Support for packet inter-arrival delays has been added. Minor adjustments and bug fixes.
tags | tool
systems | unix
SHA-256 | ad183da73d3b2f41bd48ee1ce37d4b720a4026ff343ba052681d5c12e810a62b
Ansvif 1.4.1
Posted Apr 26, 2016
Authored by Marshall Whittaker | Site oxagast.github.io

Ansvif is "A Not So Very Intelligent Fuzzer". It feeds garbage arguments and data into programs trying to induce a fault.

Changes: This release includes XML output support, the crash detection under Windows has been fixed, and is tested and working in Ubuntu, Windows, and OpenBSD.
tags | tool, fuzzer
systems | unix
SHA-256 | 9d07e5503f96d0d3de861f3ec9ee443ac994d001041bc322b99a98cdf16c1d48
Gemtek CPE7000 WLTCS-106 sysconf.cgi Remote Command Execution
Posted Apr 26, 2016
Authored by Federico Scalco | Site metasploit.com

A vulnerability exists for Gemtek CPE7000 model ID WLTCS-106 exposing Iperf tool to unauthenticated users. Injecting a command in the perf_measure_server_ip parameter, an attacker can execute arbitrary commands. Since the service runs as root, the remote command execution has the same administrative privileges. The remote shell is obtained uploading the payload and executing it. A reverse shell is preferred rather then a bind one, since firewall won't allow (by default) incoming connections. Tested on Hardware version V02A and Firmware version 01.01.02.082.

tags | exploit, remote, arbitrary, shell, root
SHA-256 | 46cb65000b542aa82162870f00d5dc85d65f04b83be0846b89ed193e6c3a6c0b
Gemtek CPE7000 WLTCS-106 Administrator SID Retriever
Posted Apr 26, 2016
Authored by Federico Scalco | Site metasploit.com

A vulnerability exists for Gemtek CPE7000 model ID WLTCS-106 which allows unauthenticated remote attackers to retrieve a valid Administrative SID.

tags | exploit, remote
SHA-256 | b4280a001436ff85b0ae7737bade7383e9b0bd2426d3bfe6ca6176ba8464b94f
HP Security Bulletin HPSBGN03582 1
Posted Apr 26, 2016
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN03582 1 - HPE Helion CloudSystem addressed stack based buffer overflows in glibc's implementation of getaddrinfo(). These vulnerabilities could be remotely exploited to cause a Denial of Service (DoS) or allow execution of arbitrary code on the host with the permissions of a user running glibc library. Revision 1 of this advisory.

tags | advisory, denial of service, overflow, arbitrary, vulnerability
advisories | CVE-2015-7547
SHA-256 | 26439f2e50832858fd5b35b5b17ec68209e8fbe1597c3cfba78e2bd761d45067
Ubuntu Security Notice USN-2954-1
Posted Apr 26, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2954-1 - Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2016-0639, CVE-2016-0642, CVE-2016-0643, CVE-2016-0647, CVE-2016-0648, CVE-2016-0655, CVE-2016-0657, CVE-2016-0659, CVE-2016-0662, CVE-2016-0666, CVE-2016-0667, CVE-2016-2047
SHA-256 | 05f40994744779c4bf1ed946ccd0cc1e06d25f601405ee6115dddf0e2db83a9f
Stegano 0.5.1
Posted Apr 26, 2016
Authored by Cedric Bonhomme | Site github.com

Stegano is a basic Python Steganography module. Stegano implements two methods of hiding: using the red portion of a pixel to hide ASCII messages, and using the Least Significant Bit (LSB) technique. It is possible to use a more advanced LSB method based on integers sets. The sets (Sieve of Eratosthenes, Fermat, Carmichael numbers, etc.) are used to select the pixels used to hide the information.

Changes: Bug fix release.
tags | tool, encryption, steganography, python
systems | unix
SHA-256 | efd7e78a3c124b89cbd1557b38690de19b7b67311abc40ecd096950a00200a33
Yasr 0.6.9-5 Buffer Overflow
Posted Apr 26, 2016
Authored by Juan Sacco

Yasr console screen reader version 0.6.9-5 proof of concept buffer overflow exploit.

tags | exploit, overflow, proof of concept
SHA-256 | b13efe4490faed9031907233af99ea83b8ee18e36470b5ebdb9b4e3e3de1c43e
NationBuilder Cross Site Scripting
Posted Apr 25, 2016
Authored by LiquidWorm | Site zeroscience.mk

NationBuilder suffers from multiple persistent cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 605c2c3c1032d340f16cd0038f39dd85e6364f17892b876b71724d47ac764bf9
Red Hat Security Advisory 2016-0684-01
Posted Apr 25, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0684-01 - Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime provides platform independence for non-GUI operating system facilities. The following packages have been upgraded to a newer upstream version: nss 3.21.0, nspr 4.11.0. Security Fix: A use-after-free flaw was found in the way NSS handled DHE and ECDHE handshake messages. A remote attacker could send a specially crafted handshake message that, when parsed by an application linked against NSS, would cause that application to crash or, under certain special conditions, execute arbitrary code using the permissions of the user running the application.

tags | advisory, remote, arbitrary
systems | linux, redhat
advisories | CVE-2016-1978, CVE-2016-1979
SHA-256 | 5a2666975f30ed4ef9d32a6c94c6c7ee9af784cd8b1cb74c9e6c0bbd94cde00e
Debian Security Advisory 3556-1
Posted Apr 25, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3556-1 - Hans Jerry Illikainen discovered that libgd2, a library for programmatic graphics creation and manipulation, suffers of a signedness vulnerability which may result in a heap overflow when processing specially crafted compressed gd2 data. A remote attacker can take advantage of this flaw to cause an application using the libgd2 library to crash, or potentially, to execute arbitrary code with the privileges of the user running the application.

tags | advisory, remote, overflow, arbitrary
systems | linux, debian
advisories | CVE-2016-3074
SHA-256 | 4fb5df9dace3303fe13802ffbddb4d7d85114c9f5c087fdb4b2bd8891d489403
Debian Security Advisory 3555-1
Posted Apr 25, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3555-1 - Several vulnerabilities were discovered in imlib2, an image manipulation library.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2011-5326, CVE-2014-9771, CVE-2016-3993, CVE-2016-3994, CVE-2016-4024
SHA-256 | 1ee5e61be52ed3b6800246af5250019695e3d62af4fd4f0bf75056031c465e3c
Page 2 of 14
Back12345Next

File Archive:

September 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    261 Files
  • 2
    Sep 2nd
    17 Files
  • 3
    Sep 3rd
    38 Files
  • 4
    Sep 4th
    52 Files
  • 5
    Sep 5th
    23 Files
  • 6
    Sep 6th
    27 Files
  • 7
    Sep 7th
    0 Files
  • 8
    Sep 8th
    1 Files
  • 9
    Sep 9th
    16 Files
  • 10
    Sep 10th
    38 Files
  • 11
    Sep 11th
    21 Files
  • 12
    Sep 12th
    40 Files
  • 13
    Sep 13th
    18 Files
  • 14
    Sep 14th
    0 Files
  • 15
    Sep 15th
    0 Files
  • 16
    Sep 16th
    21 Files
  • 17
    Sep 17th
    51 Files
  • 18
    Sep 18th
    23 Files
  • 19
    Sep 19th
    0 Files
  • 20
    Sep 20th
    0 Files
  • 21
    Sep 21st
    0 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close