Exploit the possiblities
Showing 101 - 125 of 506 RSS Feed

Files Date: 2016-11-01 to 2016-11-30

Gentoo Linux Security Advisory 201611-16
Posted Nov 22, 2016
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201611-16 - Multiple vulnerabilities have been found in the Chromium web browser, the worst of which allows remote attackers to execute arbitrary code. Versions less than 54.0.2840.100 are affected.

tags | advisory, remote, web, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2016-5199, CVE-2016-5200, CVE-2016-5201, CVE-2016-5202
MD5 | 6524a0d98d5305d544035554bd859099
Gentoo Linux Security Advisory 201611-15
Posted Nov 22, 2016
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201611-15 - Multiple vulnerabilities have been found in Poppler, the worst of which allows remote attackers to execute arbitrary code. Versions less than 0.42.0 are affected.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2015-8868
MD5 | e4dafa71c09a02a5b1942d4719ffa69d
Microsoft Internet Explorer 8 MSHTML Ptls5::LsFindSpanVisualBoundaries Memory Corruption
Posted Nov 22, 2016
Authored by SkyLined

Microsoft Internet Explorer 8 suffers from an MSHTML Ptls5::LsFindSpanVisualBoundaries memory corruption vulnerability.

tags | exploit
MD5 | 2561677fa778ca5273f5c0c211c6b058
NodCMS Installer Client-Side Cross Site Scripting
Posted Nov 22, 2016
Authored by ZwX

NodCMS Installer suffers from a client-side cross site scripting vulnerability.

tags | exploit, xss
MD5 | f4144d79ddd1e8a9a55392b22dfcc621
SAP NetWeaver AS JAVA 7.4 XXE Injection
Posted Nov 21, 2016
Authored by Vahagn Vardanyan

SAP NetWeaver AS JAVA version 7.4 suffers from an XML external entity (XXE) injection vulnerability.

tags | exploit, java
MD5 | d3bbd6087e44746fe007017f05500490
SAP NetWeaver AS JAVA 7.4 Denial Of Service
Posted Nov 21, 2016
Authored by Vahagn Vardanyan

SAP NetWeaver AS JAVA version 7.4 suffers from a denial of service vulnerability.

tags | exploit, java, denial of service
MD5 | d5a1893b0d865d654574eb47b4b4c489
Proxmark Iceman Fork 1.6.6
Posted Nov 21, 2016
Authored by Christian Herrmann | Site github.com

This is a custom firmware written for the proxmark3. It extends the currently available firmware (revision 2.3.0) to support brute force attacks against proximity card access control systems. It also contains the new attack vector against newer Mifare Classic tags with the hardend prng.

Changes: Fixes, adjustments, and enhancements.
tags | tool
systems | unix
MD5 | 5638ab0a722be4db05a7b50523886659
Atlassian Confluence AppFusions Doxygen 1.3.x Cross Site Scripting
Posted Nov 21, 2016
Authored by Julien Ahrens | Site rcesecurity.com

Atlassian Confluence AppFusions Doxygen versions 1.3.0, 1.3.1, 1.3.2, and 1.3.3 suffer from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 40298284e37d5c11bfd9c7e6a26fe36f
Atlassian Confluence AppFusions Doxygen 1.3.x Information Disclosure
Posted Nov 21, 2016
Authored by Julien Ahrens | Site rcesecurity.com

Atlassian Confluence AppFusions Doxygen versions 1.3.0, 1.3.1, 1.3.2, and 1.3.3 suffer from an information disclosure vulnerability.

tags | exploit, info disclosure
MD5 | bc1d0ec9781d4efabfe8c2e3134f68fb
Atlassian Confluence AppFusions Doxygen 1.3.0 Path Traversal
Posted Nov 21, 2016
Authored by Julien Ahrens | Site rcesecurity.com

Atlassian Confluence AppFusions Doxygen version 1.3.0 suffers from a path traversal vulnerability.

tags | exploit
MD5 | 4e2b79e03f74cde41848df22952ee7ce
Ansvif 1.6.1
Posted Nov 21, 2016
Authored by Marshall Whittaker | Site oxagast.github.io

Ansvif is "A Not So Very Intelligent Fuzzer". It feeds garbage arguments and data into programs trying to induce a fault.

Changes: This release includes a -M option for maximum arguments in the fuzz, as well as algorithmic control of ansvif fuzz testing (so that if it has already tried a particular fuzz it will not try it again, this speeds things up quite a bit).
tags | tool, fuzzer
systems | unix
MD5 | a1a9d5a417b5bbb3a4def98bfad33802
Dlink DIR Routers Unauthenticated HNAP Login Stack Buffer Overflow
Posted Nov 21, 2016
Authored by Pedro Ribeiro | Site metasploit.com

Several Dlink routers contain a pre-authentication stack buffer overflow vulnerability, which is exposed on the LAN interface on port 80. This vulnerability affects the HNAP SOAP protocol, which accepts arbitrarily long strings into certain XML parameters and then copies them into the stack. This exploit has been tested on the real devices DIR-818LW and 868L (rev. B), and it was tested using emulation on the DIR-822, 823, 880, 885, 890 and 895. Others might be affected, and this vulnerability is present in both MIPS and ARM devices. The MIPS devices are powered by Lextra RLX processors, which are crippled MIPS cores lacking a few load and store instructions. Because of this the payloads have to be sent unencoded, which can cause them to fail, although the bind shell seems to work well. For the ARM devices, the inline reverse tcp seems to work best. Check the reference links to see the vulnerable firmware versions.

tags | exploit, overflow, shell, tcp, protocol
advisories | CVE-2016-6563
MD5 | dd3ba90a3c8d9aee1a73c5d68572d159
Multitech RightFax Faxfinder Credential Disclosure
Posted Nov 21, 2016
Authored by Joshua Platz

Multitech RightFax Faxfinder versions prior to 4.1.2 suffer from a clear-text credential disclosure vulnerability.

tags | exploit, info disclosure
advisories | CVE-2016-10512
MD5 | 0a8b01c601df546dae47c1bd0928acfc
Ubuntu Security Notice USN-3131-1
Posted Nov 21, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3131-1 - It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service or possibly execute code with the privileges of the user invoking the program.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2014-8354, CVE-2014-8355, CVE-2014-8562, CVE-2014-8716, CVE-2014-9805, CVE-2014-9806, CVE-2014-9807, CVE-2014-9808, CVE-2014-9809, CVE-2014-9810, CVE-2014-9811, CVE-2014-9812, CVE-2014-9813, CVE-2014-9814, CVE-2014-9815, CVE-2014-9816, CVE-2014-9817, CVE-2014-9818, CVE-2014-9819, CVE-2014-9820, CVE-2014-9821, CVE-2014-9822, CVE-2014-9823, CVE-2014-9826, CVE-2014-9828, CVE-2014-9829, CVE-2014-9830, CVE-2014-9831
MD5 | ec420c29d0eba004cc6f15242b4d4ba6
Red Hat Security Advisory 2016-2809-01
Posted Nov 21, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2809-01 - The ipsilon packages provide the Ipsilon identity provider service for federated single sign-on. Ipsilon links authentication providers and applications or utilities to allow for SSO. It includes a server and utilities to configure Apache-based service providers. Security Fix: A vulnerability was found in ipsilon in the SAML2 provider's handling of sessions. An attacker able to hit the logout URL could determine what service providers other users are logged in to and terminate their sessions.

tags | advisory
systems | linux, redhat
advisories | CVE-2016-8638
MD5 | 39cb9d17e1626d3ba270969da3bf00a9
Debian Security Advisory 3719-1
Posted Nov 21, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3719-1 - It was discovered that wireshark, a network protocol analyzer, contained several vulnerabilities in the dissectors for DCERPC, AllJoyn, DTN, and OpenFlow, that could lead to various crashes, denial-of-service, or execution of arbitrary code.

tags | advisory, arbitrary, vulnerability, protocol
systems | linux, debian
advisories | CVE-2016-9373, CVE-2016-9374, CVE-2016-9375, CVE-2016-9376
MD5 | 2cae2763705b25fc29e4a0ae7b57f87c
Gentoo Linux Security Advisory 201611-14
Posted Nov 21, 2016
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201611-14 - Multiple vulnerabilities have been discovered in MIT Kerberos 5, the worst of which may allow remote attackers to cause Denial of Service. Versions less than 1.13.2-r2 are affected.

tags | advisory, remote, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2015-2695, CVE-2015-2696, CVE-2015-2697
MD5 | 57ad5acf1e4c98598337de2205dbc272
Gentoo Linux Security Advisory 201611-13
Posted Nov 21, 2016
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201611-13 - A vulnerability in MongoDB can lead to a Denial of Service condition. Versions less than 2.4.13 are affected.

tags | advisory, denial of service
systems | linux, gentoo
advisories | CVE-2015-1609
MD5 | 8619f712c6488437cc23788158e83c3b
Gentoo Linux Security Advisory 201611-12
Posted Nov 21, 2016
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201611-12 - Multiple vulnerabilities have been found in imlib2, the worst of which allows for the remote execution of arbitrary code. Versions less than 1.4.9 are affected.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2014-9762, CVE-2014-9763, CVE-2014-9764, CVE-2016-4024
MD5 | b250096c15e6fc422a1dc37560994bd1
Putty 0.67 Cleartext Password Storage
Posted Nov 20, 2016
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Putty version 0.67 suffers from a cleartext password storage vulnerability.

tags | exploit
MD5 | 3ef307b21a6fc467cf09f4f4bd2be17b
ScriptCase CSRF / XSS / SQL Injection
Posted Nov 20, 2016
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

ScriptCase versions 8.1.053, 8.1.051, and 8.1.43.0 suffer from token bypass, user enumeration, local privilege escalation, cross site request forgery, cross site scripting, and remote SQL injection vulnerabilities.

tags | exploit, remote, local, vulnerability, xss, sql injection, csrf
MD5 | a6fbbdc4a947492b19e206f5795a8031
HP Security Bulletin HPSBHF03675 1
Posted Nov 20, 2016
Authored by HP | Site hp.com

HP Security Bulletin HPSBHF03675 1 - A potential security vulnerability was addressed by HPE Integrated Lights-Out 3 and 4. The vulnerability could be remotely exploited to allow Cross-Site Scripting (XSS). Revision 1 of this advisory.

tags | advisory, xss
advisories | CVE-2016-4406
MD5 | 59599f22b090c7eb84991a6c1fafb85b
OpManager 12100 / 12200 Cross Site Scripting / Denial Of Service
Posted Nov 20, 2016
Authored by Michael Heydon

OpManager versions 12100 and 12200 suffer from multiple cross site scripting and denial of service vulnerabilities.

tags | exploit, denial of service, vulnerability, xss
MD5 | 56398be6479d78e35d7b7c7971819ad8
Joomla K2 2.7.1 Shell Upload / Cross Site Request Forgery
Posted Nov 20, 2016
Authored by Anti Rais

Joomla K2 extension versions 2.5.0 through 2.7.1 suffer from cross site request forgery and remote shell upload vulnerabilities.

tags | exploit, remote, shell, vulnerability, csrf
MD5 | 9d7f77f187bfa6b87e774aacdf424006
Slackware Security Advisory - mozilla-firefox Updates
Posted Nov 20, 2016
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New mozilla-firefox packages are available for Slackware 14.1, 14.2, and -current to fix security issues.

tags | advisory
systems | linux, slackware
MD5 | c9205574d510c0a6582c97b072050312
Page 5 of 21
Back34567Next

File Archive:

December 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    15 Files
  • 2
    Dec 2nd
    2 Files
  • 3
    Dec 3rd
    1 Files
  • 4
    Dec 4th
    15 Files
  • 5
    Dec 5th
    15 Files
  • 6
    Dec 6th
    18 Files
  • 7
    Dec 7th
    17 Files
  • 8
    Dec 8th
    15 Files
  • 9
    Dec 9th
    13 Files
  • 10
    Dec 10th
    4 Files
  • 11
    Dec 11th
    41 Files
  • 12
    Dec 12th
    44 Files
  • 13
    Dec 13th
    25 Files
  • 14
    Dec 14th
    15 Files
  • 15
    Dec 15th
    28 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close