the original cloud security
Showing 1 - 25 of 339 RSS Feed

Files Date: 2016-12-01 to 2016-12-31

Dell SonicWALL Secure Mobile Access SMA 8.1 CSRF / XSS
Posted Dec 30, 2016
Authored by LiquidWorm | Site zeroscience.mk

Dell SonicWALL Secure Mobile Access SMA version 8.1 suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
MD5 | 5c7358499d27722b3095956c0a8714ad
Dell SonicWALL Network Security Appliance NSA 6600 XSS
Posted Dec 30, 2016
Authored by LiquidWorm | Site zeroscience.mk

Dell SonicWALL Network Security Appliance NSA 6600 suffers from a reflective cross site scripting vulnerability. Versions affected include NSA 6600 running SonicOS Enhanced 6.2.4.3-31n, WXA 4000 running 1.3.2.0-07, and SafeMode 6.1.0.11.

tags | exploit, xss
MD5 | 83f8a5727ef2ed418c78d3daed6a4fd9
Dell SonicWALL Global Management System GMS 8.1 Adobe Flex SOP Bypass
Posted Dec 30, 2016
Authored by LiquidWorm | Site zeroscience.mk

Dell SonicWALL GMS versions 8.1 and below are compiled with a vulnerable version of Adobe Flex SDK allowing for same-origin request forgery and cross-site content hijacking.

tags | exploit
MD5 | e2ae401ca70813ec975322c262263f86
Dell SonicWALL Global Management System GMS 8.1 Cross Site Scripting
Posted Dec 30, 2016
Authored by LiquidWorm | Site zeroscience.mk

Dell SonicWALL Global Management System GMS version 8.1 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 6732088f4f82523c4f3021b63a0d0a53
Dell SonicWALL Global Management System GMS 8.1 Blind SQL Injection
Posted Dec 30, 2016
Authored by LiquidWorm | Site zeroscience.mk

Dell SonicWALL Global Management System GMS version 8.1 suffers from multiple blind SQL Injection vulnerabilities.

tags | exploit, vulnerability, sql injection
MD5 | 004a0a4ed5111381354f831f5c8a72f7
Gentoo Linux Security Advisory 201612-49
Posted Dec 30, 2016
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201612-49 - A vulnerability in mod_wsgi could lead to privilege escalation. Versions less than 4.3.0 are affected.

tags | advisory
systems | linux, gentoo
advisories | CVE-2014-8583
MD5 | a1b56359a7bc4185fabb3c1366e5f071
Red Hat Security Advisory 2016-2999-01
Posted Dec 30, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2999-01 - In accordance with the Red Hat OpenShift Enterprise Support Life Cycle Policy, support for OpenShift Enterprise 2.x will end on December 31, 2016. Red Hat will not provide extended support for this product. Customers are requested to migrate to a supported Red Hat OpenShift Enterprise product prior to the end of the life cycle for OpenShift Enterprise 2.x.

tags | advisory
systems | linux, redhat
MD5 | 2938b0a0daa7f30a3e09bd4abfd5d4f1
SoftMaker FreeOffice 2016 DLL Hijacking
Posted Dec 30, 2016
Authored by Stefan Kanthak

The executable installers for SoftMaker FreeOffice 2016 suffer from a dll hijacking vulnerability.

tags | advisory
systems | windows
MD5 | 23477524d519e420cec95f91987d0ace
WordPress Templatic 2.3.6 File Upload
Posted Dec 30, 2016
Authored by r3m1ck

WordPress Templatic plugin versions 2.3.6 and below suffer from a remote file upload vulnerability.

tags | exploit, remote, file upload
MD5 | e45b4f800f6995870bca7805f7df6a0f
GRIZZLY STEPPE - Russian Malicious Cyber Activity
Posted Dec 30, 2016
Site us-cert.gov

This Joint Analysis Report (JAR) is the result of analytic efforts between the Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI). This document provides technical details regarding the tools and infrastructure used by the Russian civilian and military intelligence Services (RIS) to compromise and exploit networks and endpoints associated with the U.S. election, as well as a range of U.S. Government, political, and private sector entities. The U.S. Government is referring to this malicious cyber activity by RIS as GRIZZLY STEPPE.

tags | paper
MD5 | 2ed6f1c47dd865d072a48b1ed97a4f98
Bettercap 1.6.0
Posted Dec 29, 2016
Authored by evilsocket | Site bettercap.org

BetterCAP is a powerful, flexible, and portable tool created to perform various types of MITM attacks against a network, manipulate HTTP, HTTPS and TCP traffic in realtime, sniff for credentials and much more.

Changes: Generated a new CA pem file with less descriptive fields, trying to clone GoDaddy CA as much as possible. New -R rainbow option! Updated mac vendors lookup file with latest version. Various other updates and improvements.
tags | tool, web, sniffer, tcp
systems | unix
MD5 | dd099a921c8955a15ce04804189bc77c
SwiftMailer Remote Code Execution
Posted Dec 29, 2016
Authored by Dawid Golunski

SwiftMailer versions prior to 5.4.5-DEV suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2016-10074
MD5 | 867421c2ab76adf20394234a4a466e45
Joomla aWeb Cart Watching System For Virtuemart 2.6.0 SQL Injection
Posted Dec 29, 2016
Authored by Javi Espejo

Joomla aWeb Cart Watching System for Virtuemart component version 2.6.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | aead8f37750de3b2307d18b731017bd7
Android tlc_server Heap Overflow
Posted Dec 29, 2016
Authored by Google Security Research, laginimaineb

Android suffers from a heap overflow vulnerability in the tlc_server via the LOAD_TUI_RESOURCE command.

tags | advisory, overflow
MD5 | eaa1fa22c33faa9c41779a49bc7c8169
ifchk 1.0.6
Posted Dec 29, 2016
Authored by noorg | Site noorg.org

Ifchk is a network interface promiscuous mode detection tool that reports on the operational state of all configured interfaces present on the system. In addition, it will disable those interfaces found to be promiscuous if told to do so. Per-interface statistics can also be displayed, allowing administrators to perform traffic trend analysis, which could be an aid in the identification of possible inconsistencies or spikes in network traffic volume that may warrant further investigation.

Changes: Default log directory location has changed. PID file has been relocated.
tags | tool
systems | unix
MD5 | 3f8900050525c6a2d9b0145d74b35f00
PHPMailer Remote Code Execution
Posted Dec 29, 2016
Authored by anarc0der

PHPMailer versions prior to 5.2.18 remote code execution exploit. Written in python.

tags | exploit, remote, code execution, python
advisories | CVE-2016-10033
MD5 | 1071a3999c4f3f2e365fb7bb03a8bb35
WordPress Simply Poll 1.4.1 SQL Injection
Posted Dec 28, 2016
Authored by TAD GROUP

WordPress Simply Poll plugin version 1.4.1 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | d19cc32d5cc4bb9208b7bf3623b29b63
Apache Qpid Broker For Java 6.1.0 Information Leak
Posted Dec 28, 2016
Authored by Oleksandr Rudyy

The Apache Qpid Broker for Java can be configured to use different so called AuthenticationProviders to handle user authentication. Among the choices are the SCRAM-SHA-1 and SCRAM-SHA-256 AuthenticationProvider types. It was discovered that these AuthenticationProviders prematurely terminate the SCRAM SASL negotiation if the provided user name does not exist thus allowing remote attacker to determine the existence of user accounts. Versions affected include 6.0.1, 6.0.2, 6.0.3, 6.0.4, 6.0.5, and 6.1.0.

tags | advisory, java, remote
advisories | CVE-2016-8741
MD5 | 751c507cc41275d09f2241adcf5c8304
PHPMailer Remote Code Execution
Posted Dec 28, 2016
Authored by Dawid Golunski

PHPMailer versions prior to 5.2.20 zero day remote code execution exploit. This bypasses the CVE-2016-10033 patch.

tags | exploit, remote, code execution
advisories | CVE-2016-10033, CVE-2016-10045
MD5 | 866aa935950ebe6d9acfd7e53a16846c
Popcorn Time 5.6 DLL Hijacking
Posted Dec 28, 2016
Authored by ZwX

Popcorn Time version 5.6 suffers from a dll hijacking vulnerability.

tags | exploit
systems | windows
MD5 | 498e4f8db0379f2cefd4f711989df828
WordPress Image Slider 1.1.41 / 1.1.89 Arbitrary File Deletion
Posted Dec 27, 2016
Authored by Tom Adams

WordPress Image Slider plugin versions 1.1.41 and 1.1.89 suffer from an arbitrary file deletion vulnerability.

tags | exploit, arbitrary
MD5 | 5109c25926e1824051415b8e15c0bb8e
PHPMailer 5.2.17 Remote Code Execution
Posted Dec 27, 2016
Authored by Dawid Golunski

PHPMailer versions prior to 5.2.18 suffer from a remote code execution vulnerability. This archive consists of the full advisory and also the proof of concept code.

tags | exploit, remote, code execution, proof of concept
advisories | CVE-2016-10033
MD5 | fd1e17cbce43e18c7ccf541988b20ac8
Gentoo Linux Security Advisory 201612-48
Posted Dec 27, 2016
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201612-48 - Multiple vulnerabilities have been discovered in Firejail, the worst of which may allow bypassing of sandbox protection. Versions less than 0.9.44.2 are affected.

tags | advisory, vulnerability
systems | linux, gentoo
MD5 | 0b0478f2575f68dc733a5426ce0d32b1
PHPMailer 5.2.17 Remote Code Execution
Posted Dec 26, 2016
Authored by Dawid Golunski

PHPMailer version 5.2.17 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2016-10033
MD5 | e93465ebb2db8952d96d4915153e3e69
Wampserver 3.0.6 Privilege Escalation
Posted Dec 26, 2016
Authored by Heliand Dema

Wampserver version 3.0.6 suffers from an insecure file permissions privilege escalation vulnerability.

tags | exploit
MD5 | 5706d2f1bcd9a9c57340694723d5d1af
Page 1 of 14
Back12345Next

File Archive:

October 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    15 Files
  • 2
    Oct 2nd
    16 Files
  • 3
    Oct 3rd
    15 Files
  • 4
    Oct 4th
    15 Files
  • 5
    Oct 5th
    11 Files
  • 6
    Oct 6th
    6 Files
  • 7
    Oct 7th
    2 Files
  • 8
    Oct 8th
    1 Files
  • 9
    Oct 9th
    13 Files
  • 10
    Oct 10th
    16 Files
  • 11
    Oct 11th
    15 Files
  • 12
    Oct 12th
    23 Files
  • 13
    Oct 13th
    13 Files
  • 14
    Oct 14th
    12 Files
  • 15
    Oct 15th
    2 Files
  • 16
    Oct 16th
    16 Files
  • 17
    Oct 17th
    16 Files
  • 18
    Oct 18th
    15 Files
  • 19
    Oct 19th
    10 Files
  • 20
    Oct 20th
    7 Files
  • 21
    Oct 21st
    4 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close