exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 101 - 125 of 506 RSS Feed

Files Date: 2016-11-01 to 2016-11-30

Gentoo Linux Security Advisory 201611-16
Posted Nov 22, 2016
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201611-16 - Multiple vulnerabilities have been found in the Chromium web browser, the worst of which allows remote attackers to execute arbitrary code. Versions less than 54.0.2840.100 are affected.

tags | advisory, remote, web, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2016-5199, CVE-2016-5200, CVE-2016-5201, CVE-2016-5202
SHA-256 | a8397f1dead0b8746099dc52697372ef684258ab45498b92df26cd99cee4688b
Gentoo Linux Security Advisory 201611-15
Posted Nov 22, 2016
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201611-15 - Multiple vulnerabilities have been found in Poppler, the worst of which allows remote attackers to execute arbitrary code. Versions less than 0.42.0 are affected.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2015-8868
SHA-256 | 9e867017ee405f2ab3aa5e78c21182ba068554c3f7411e1496a5456c49780f29
Microsoft Internet Explorer 8 MSHTML Ptls5::LsFindSpanVisualBoundaries Memory Corruption
Posted Nov 22, 2016
Authored by SkyLined

Microsoft Internet Explorer 8 suffers from an MSHTML Ptls5::LsFindSpanVisualBoundaries memory corruption vulnerability.

tags | exploit
SHA-256 | 39193e6a0c7f58240b0b440fbf410393465f8e4e139f4ef637e931620333d816
NodCMS Installer Client-Side Cross Site Scripting
Posted Nov 22, 2016
Authored by ZwX

NodCMS Installer suffers from a client-side cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | b72247de0d6f1b4df2dbe1e8df61deb5ca0d4dd106a7e4a4d5933ab2e467339d
SAP NetWeaver AS JAVA 7.4 XXE Injection
Posted Nov 21, 2016
Authored by Vahagn Vardanyan

SAP NetWeaver AS JAVA version 7.4 suffers from an XML external entity (XXE) injection vulnerability.

tags | exploit, java, xxe
SHA-256 | efd99512a1f7388c7f876065269028bfcebd3facd45d7f9528eed91a41312084
SAP NetWeaver AS JAVA 7.4 Denial Of Service
Posted Nov 21, 2016
Authored by Vahagn Vardanyan

SAP NetWeaver AS JAVA version 7.4 suffers from a denial of service vulnerability.

tags | exploit, java, denial of service
SHA-256 | 867f8128690b89340fd1f3685572beeded84a79290e1e6dc540dcd297158cc35
Proxmark Iceman Fork 1.6.6
Posted Nov 21, 2016
Authored by Christian Herrmann | Site github.com

This is a custom firmware written for the proxmark3. It extends the currently available firmware (revision 2.3.0) to support brute force attacks against proximity card access control systems. It also contains the new attack vector against newer Mifare Classic tags with the hardend prng.

Changes: Fixes, adjustments, and enhancements.
tags | tool
systems | unix
SHA-256 | e28ff35e958e1665c04bd54ed740b57a2d54e5fd398f123aa42d1d90a32d93a5
Atlassian Confluence AppFusions Doxygen 1.3.x Cross Site Scripting
Posted Nov 21, 2016
Authored by Julien Ahrens | Site rcesecurity.com

Atlassian Confluence AppFusions Doxygen versions 1.3.0, 1.3.1, 1.3.2, and 1.3.3 suffer from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 58c57bd896a1b741f14676780ed0548bea2bc4824bf165be69c2d7dd293e7f52
Atlassian Confluence AppFusions Doxygen 1.3.x Information Disclosure
Posted Nov 21, 2016
Authored by Julien Ahrens | Site rcesecurity.com

Atlassian Confluence AppFusions Doxygen versions 1.3.0, 1.3.1, 1.3.2, and 1.3.3 suffer from an information disclosure vulnerability.

tags | exploit, info disclosure
SHA-256 | 8357c39588ad5506639d97020e1806800b3080757eee8fa79931e45eb66d5148
Atlassian Confluence AppFusions Doxygen 1.3.0 Path Traversal
Posted Nov 21, 2016
Authored by Julien Ahrens | Site rcesecurity.com

Atlassian Confluence AppFusions Doxygen version 1.3.0 suffers from a path traversal vulnerability.

tags | exploit
SHA-256 | 77aa28687a473275fa3261bb168ee38f7a5939fe9c9aa294dd42f3b61e038e76
Ansvif 1.6.1
Posted Nov 21, 2016
Authored by Marshall Whittaker | Site oxagast.github.io

Ansvif is "A Not So Very Intelligent Fuzzer". It feeds garbage arguments and data into programs trying to induce a fault.

Changes: This release includes a -M option for maximum arguments in the fuzz, as well as algorithmic control of ansvif fuzz testing (so that if it has already tried a particular fuzz it will not try it again, this speeds things up quite a bit).
tags | tool, fuzzer
systems | unix
SHA-256 | 859f9e504580cf957ec756c239cf58ea4940fa4416cab0fa7e4d1ea6024c0f4c
Dlink DIR Routers Unauthenticated HNAP Login Stack Buffer Overflow
Posted Nov 21, 2016
Authored by Pedro Ribeiro | Site metasploit.com

Several Dlink routers contain a pre-authentication stack buffer overflow vulnerability, which is exposed on the LAN interface on port 80. This vulnerability affects the HNAP SOAP protocol, which accepts arbitrarily long strings into certain XML parameters and then copies them into the stack. This exploit has been tested on the real devices DIR-818LW and 868L (rev. B), and it was tested using emulation on the DIR-822, 823, 880, 885, 890 and 895. Others might be affected, and this vulnerability is present in both MIPS and ARM devices. The MIPS devices are powered by Lextra RLX processors, which are crippled MIPS cores lacking a few load and store instructions. Because of this the payloads have to be sent unencoded, which can cause them to fail, although the bind shell seems to work well. For the ARM devices, the inline reverse tcp seems to work best. Check the reference links to see the vulnerable firmware versions.

tags | exploit, overflow, shell, tcp, protocol
advisories | CVE-2016-6563
SHA-256 | f09dc3e03a56a9a9441af1cc6229aa3bd868aca364888ba73e07ec9a07559e11
Multitech RightFax Faxfinder Credential Disclosure
Posted Nov 21, 2016
Authored by Joshua Platz

Multitech RightFax Faxfinder versions prior to 4.1.2 suffer from a clear-text credential disclosure vulnerability.

tags | exploit, info disclosure
advisories | CVE-2016-10512
SHA-256 | 4cba9fb5d18c9d4697ebdd1ee70bdbba03e52490e9c35b8c78903bbc2933d69e
Ubuntu Security Notice USN-3131-1
Posted Nov 21, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3131-1 - It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service or possibly execute code with the privileges of the user invoking the program.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2014-8354, CVE-2014-8355, CVE-2014-8562, CVE-2014-8716, CVE-2014-9805, CVE-2014-9806, CVE-2014-9807, CVE-2014-9808, CVE-2014-9809, CVE-2014-9810, CVE-2014-9811, CVE-2014-9812, CVE-2014-9813, CVE-2014-9814, CVE-2014-9815, CVE-2014-9816, CVE-2014-9817, CVE-2014-9818, CVE-2014-9819, CVE-2014-9820, CVE-2014-9821, CVE-2014-9822, CVE-2014-9823, CVE-2014-9826, CVE-2014-9828, CVE-2014-9829, CVE-2014-9830, CVE-2014-9831
SHA-256 | 97f74f2887273aaf548965ae782a0d45d4345f1afed77295fdf4004d81751ca0
Red Hat Security Advisory 2016-2809-01
Posted Nov 21, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2809-01 - The ipsilon packages provide the Ipsilon identity provider service for federated single sign-on. Ipsilon links authentication providers and applications or utilities to allow for SSO. It includes a server and utilities to configure Apache-based service providers. Security Fix: A vulnerability was found in ipsilon in the SAML2 provider's handling of sessions. An attacker able to hit the logout URL could determine what service providers other users are logged in to and terminate their sessions.

tags | advisory
systems | linux, redhat
advisories | CVE-2016-8638
SHA-256 | 62ebd6d5c44aa0b4baaa3685abab5cbb76b339806e15c8c48e96b76428ab30f4
Debian Security Advisory 3719-1
Posted Nov 21, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3719-1 - It was discovered that wireshark, a network protocol analyzer, contained several vulnerabilities in the dissectors for DCERPC, AllJoyn, DTN, and OpenFlow, that could lead to various crashes, denial-of-service, or execution of arbitrary code.

tags | advisory, arbitrary, vulnerability, protocol
systems | linux, debian
advisories | CVE-2016-9373, CVE-2016-9374, CVE-2016-9375, CVE-2016-9376
SHA-256 | ff0042f1d46181ecb6688120175f8f37efc1368dea2b32c7c87d609b9ba1c690
Gentoo Linux Security Advisory 201611-14
Posted Nov 21, 2016
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201611-14 - Multiple vulnerabilities have been discovered in MIT Kerberos 5, the worst of which may allow remote attackers to cause Denial of Service. Versions less than 1.13.2-r2 are affected.

tags | advisory, remote, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2015-2695, CVE-2015-2696, CVE-2015-2697
SHA-256 | 9cc870d75fec5b3e5e72b5410b010b6e2964e4ac02c65b63650fe6ad75245d4c
Gentoo Linux Security Advisory 201611-13
Posted Nov 21, 2016
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201611-13 - A vulnerability in MongoDB can lead to a Denial of Service condition. Versions less than 2.4.13 are affected.

tags | advisory, denial of service
systems | linux, gentoo
advisories | CVE-2015-1609
SHA-256 | b4839033da00a62a97688eab707eedcf52ab5e81048779f078e4fd71ee2a2362
Gentoo Linux Security Advisory 201611-12
Posted Nov 21, 2016
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201611-12 - Multiple vulnerabilities have been found in imlib2, the worst of which allows for the remote execution of arbitrary code. Versions less than 1.4.9 are affected.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2014-9762, CVE-2014-9763, CVE-2014-9764, CVE-2016-4024
SHA-256 | c0bc2da01fe92dabf8269a7cfb2e656e04ea91d148acd072356abd67d733f945
Putty 0.67 Cleartext Password Storage
Posted Nov 20, 2016
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Putty version 0.67 suffers from a cleartext password storage vulnerability.

tags | exploit
SHA-256 | a4b558cb058d373d64fd9a962f8e99c45d1bc763e1fd110e0f9da5a1fe8e8b50
ScriptCase CSRF / XSS / SQL Injection
Posted Nov 20, 2016
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

ScriptCase versions 8.1.053, 8.1.051, and 8.1.43.0 suffer from token bypass, user enumeration, local privilege escalation, cross site request forgery, cross site scripting, and remote SQL injection vulnerabilities.

tags | exploit, remote, local, vulnerability, xss, sql injection, csrf
SHA-256 | 3dd91417c35a2395120e10aebe1a0a827b0be6fcbcf30d2e8ce92bbf1deef81a
HP Security Bulletin HPSBHF03675 1
Posted Nov 20, 2016
Authored by HP | Site hp.com

HP Security Bulletin HPSBHF03675 1 - A potential security vulnerability was addressed by HPE Integrated Lights-Out 3 and 4. The vulnerability could be remotely exploited to allow Cross-Site Scripting (XSS). Revision 1 of this advisory.

tags | advisory, xss
advisories | CVE-2016-4406
SHA-256 | 68e2e4afbbd1b669825b4e3ffe15b30c78592fb5f0402619943504d5f5a85d1f
OpManager 12100 / 12200 Cross Site Scripting / Denial Of Service
Posted Nov 20, 2016
Authored by Michael Heydon

OpManager versions 12100 and 12200 suffer from multiple cross site scripting and denial of service vulnerabilities.

tags | exploit, denial of service, vulnerability, xss
SHA-256 | 99984d22fa49da1ec9dac4681534c19f8f0e001513097de58ac9cc8947841833
Joomla K2 2.7.1 Shell Upload / Cross Site Request Forgery
Posted Nov 20, 2016
Authored by Anti Rais

Joomla K2 extension versions 2.5.0 through 2.7.1 suffer from cross site request forgery and remote shell upload vulnerabilities.

tags | exploit, remote, shell, vulnerability, csrf
SHA-256 | 51360de63be1747db41906a1d00213fd070daf72507686e977bfdec5cc249b1b
Slackware Security Advisory - mozilla-firefox Updates
Posted Nov 20, 2016
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New mozilla-firefox packages are available for Slackware 14.1, 14.2, and -current to fix security issues.

tags | advisory
systems | linux, slackware
SHA-256 | 9fbe184d699b0008e8385d88f418c5f0209ffd94b643de6961426707c80db8f4
Page 5 of 21
Back34567Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close