exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 126 - 150 of 339 RSS Feed

Files Date: 2016-12-01 to 2016-12-31

Edge SkateShop Blind SQL Injection
Posted Dec 16, 2016
Authored by Andrea Bocchetti

Edge SkateShop suffers from a remote blind SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | ee2c1526cff0099f5303c5f9e194609acfc6e866ac6146fba7d5b3fea2bf3ea0
Linux/x86 /bin/bash -c Shellcode
Posted Dec 16, 2016
Authored by Filippo Bersani

72 bytes small Linux/x86 /bin/bash -c arbitrary command execution shellcode.

tags | arbitrary, x86, shellcode, bash
systems | linux
SHA-256 | 87b4f2e3d7784905c0908109eae7e0e225a61919c41832c25c2c6c9182d0ac77
Wireshark Analyzer 2.2.3
Posted Dec 15, 2016
Authored by Gerald Combs | Site wireshark.org

Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers.

Changes: Various updates.
tags | tool, sniffer, protocol
systems | windows, unix
SHA-256 | 97bac89e88892054a5848a9f7e0c36aa399a2008900829b078e29cab0ddd593b
I2P 0.9.28
Posted Dec 15, 2016
Authored by welterde | Site i2p2.de

I2P is an anonymizing network, offering a simple layer that identity-sensitive applications can use to securely communicate. All data is wrapped with several layers of encryption, and the network is both distributed and dynamic, with no trusted parties. This is the source code release version.

Changes: Various updates and bug fixes.
tags | tool
systems | unix
SHA-256 | 7bb27444bd1074a0f670276ad07e0b5b2a7a29ed6d25d93e6f95646981cd0aaf
Bettercap 1.5.9
Posted Dec 15, 2016
Authored by evilsocket | Site bettercap.org

BetterCAP is a powerful, flexible, and portable tool created to perform various types of MITM attacks against a network, manipulate HTTP, HTTPS and TCP traffic in realtime, sniff for credentials and much more.

Changes: New --no-http-logs proxy option. New Response#redirect! helper method. Various other features and bug fixes.
tags | tool, web, sniffer, tcp
systems | unix
SHA-256 | ee2a941b493858347cd08e568148a5c5a2434db1712cb6669fef3520caeac699
Microsoft Windows Type 1 Font Processing Privilege Escalation
Posted Dec 15, 2016
Authored by Behzad Najjarpour Jabbari | Site secunia.com

Secunia Research has discovered a vulnerability in Microsoft Windows, which can be exploited by malicious, local users to gain escalated privileges and by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an error within the win32k.sys when processing Type 1 fonts, which can be exploited to trigger a NULL pointer dereference and subsequently cause a kernel crash or gain elevated privileges via a specially crafted PFB font. The vulnerability is confirmed on a fully patched Windows 7 Professional (win32k.sys version 6.1.7601.23545).

tags | advisory, denial of service, kernel, local
systems | windows
advisories | CVE-2016-7259
SHA-256 | b6b7d487b13f5974b1d680b4b3cd014162b94a54fd298adb9eb15a3d0cdaa57b
XNU Kernel set_dp_control_port Use-After-Free
Posted Dec 15, 2016
Authored by Google Security Research, Ian Beer

The XNU kernel suffers from a use-after-free vulnerability due to a lack of locking in set_dp_control_port.

tags | exploit, kernel
advisories | CVE-2016-7644
SHA-256 | 70fb5d71ad7edf4688efba8a24e70c1786a30e2f5bd97f65e9e036050daf0c32
Nagios Core Curl Command Injection / Code Execution
Posted Dec 15, 2016
Authored by Dawid Golunski

Nagios Core versions prior to 4.2.2 suffer from a curl command injection vulnerability that can lead to remote code execution.

tags | exploit, remote, code execution
advisories | CVE-2016-9565
SHA-256 | c3b5ce14fa314de6954bd04ce7bfdf56d1d7a73489b184889179a25362cc9a20
Microsoft Internet Explorer 9 IEFRAME CMarkupPointer::MoveToGap Use-After-Free
Posted Dec 15, 2016
Authored by SkyLined

Microsoft Internet Explorer 9 suffers from an IEFRAME CMarkupPointer::MoveToGap use-after-free vulnerability.

tags | exploit
SHA-256 | f949ec22b0e789c30417cfd64057af1e6fd219810c56f6b85cbf6a2d22bdb59f
VMPanel 2.7.4 SQL Injection
Posted Dec 15, 2016
Authored by ZwX

VMPanel version 2.7.4 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | a8c108779bed2941a3311216fb2e330d23b5db5a58d7ee6fb026aaeae96f372e
Microsoft Internet Explorer 9 IEFRAME CMarkup..RemovePointerPos Use-After-Free
Posted Dec 15, 2016
Authored by SkyLined

Microsoft Internet Explorer 9 suffers from an IEFRAME CMarkup..RemovePointerPos use-after-free vulnerability.

tags | exploit
advisories | CVE-2013-3143
SHA-256 | 634d8d94a12d60ded007a6b665b6c620bb8e0b39af116a7c06ea2a618e27cd38
Microsoft Internet Explorer 9 MSHTML CMarkup::ReloadInCompatView Use-After-Free
Posted Dec 15, 2016
Authored by SkyLined

Microsoft Internet Explorer 9 suffers from an MSHTML CMarkup::ReloadInCompatView use-after-free vulnerability.

tags | exploit
SHA-256 | 85cb5f19ffcd1562e5f3a0a4493985c462ccbaa11c50ec45b0b92b3398331868
Nidesoft MP3 Converter 2.6.18 Buffer Overflow
Posted Dec 15, 2016
Authored by malwrforensics

Nidesoft MP3 Converter version 2.6.18 SEH local buffer overflow exploit.

tags | exploit, overflow, local
SHA-256 | 2164c70401c709b5fbd7c143416b717e7590a407049accd64bce1d081321ec8b
Adobe Animate 15.2.1.95 Buffer Overflow
Posted Dec 15, 2016
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Adobe Animate versions 15.2.1.95 and below suffer from a buffer overflow vulnerability.

tags | exploit, overflow
advisories | CVE-2016-7866
SHA-256 | deefce1ffd423d6fa926e51b041c856564c9488d18f7afd4320d96725b9f2438
Red Hat Security Advisory 2016-2947-01
Posted Dec 15, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2947-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update upgrades Flash Player to version 24.0.0.186. Security Fix: This update fixes multiple vulnerabilities in Adobe Flash Player. These vulnerabilities, detailed in the Adobe Security Bulletin listed in the References section, could allow an attacker to create a specially crafted SWF file that would cause flash-plugin to crash, execute arbitrary code, or disclose sensitive information when the victim loaded a page containing the malicious SWF content.

tags | advisory, web, arbitrary, vulnerability
systems | linux, redhat
advisories | CVE-2016-7867, CVE-2016-7868, CVE-2016-7869, CVE-2016-7870, CVE-2016-7871, CVE-2016-7872, CVE-2016-7873, CVE-2016-7874, CVE-2016-7875, CVE-2016-7876, CVE-2016-7877, CVE-2016-7878, CVE-2016-7879, CVE-2016-7880, CVE-2016-7881, CVE-2016-7890, CVE-2016-7892
SHA-256 | 765e02f69a22614cfe6c1db7a564eceac91ddaea0e1e48d6b0cd4801bab8b049
Red Hat Security Advisory 2016-2946-01
Posted Dec 15, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2946-01 - Mozilla Firefox is an open source web browser. This update upgrades Firefox to version 45.6.0 ESR. Security Fix: Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox.

tags | advisory, web, arbitrary
systems | linux, redhat
advisories | CVE-2016-9893, CVE-2016-9895, CVE-2016-9897, CVE-2016-9898, CVE-2016-9899, CVE-2016-9900, CVE-2016-9901, CVE-2016-9902, CVE-2016-9904, CVE-2016-9905
SHA-256 | 84564515b5f9d776044d365d809f99f157eb14f3275091f7c8501626652858c4
Slackware Security Advisory - mozilla-firefox Updates
Posted Dec 15, 2016
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New mozilla-firefox packages are available for Slackware 14.1, 14.2, and -current to fix security issues.

tags | advisory
systems | linux, slackware
SHA-256 | 451a308e892803e82049bb6bb16dcbbd6e04a3ce93d7ae62bb47904915c48897
Ubuntu Security Notice USN-3157-1
Posted Dec 15, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3157-1 - Donncha O Cearbhaill discovered that the crash file parser in Apport improperly treated the CrashDB field as python code. An attacker could use this to convince a user to open a maliciously crafted crash file and execute arbitrary code with the privileges of that user. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. Donncha O Cearbhaill discovered that Apport did not properly sanitize the Package and SourcePackage fields in crash files before processing package specific hooks. An attacker could use this to convince a user to open a maliciously crafted crash file and execute arbitrary code with the privileges of that user. Various other issues were also addressed.

tags | advisory, arbitrary, python
systems | linux, ubuntu
advisories | CVE-2016-9949, CVE-2016-9950, CVE-2016-9951
SHA-256 | a6a736e2e12ac1c6250ab44dd7b1b96530916ecd5f2b440dec573008e9c757d8
WordPress MailChimp 3.1.5 / 4.0.10 Cross Site Scripting
Posted Dec 15, 2016
Authored by Tom Adams

WordPress MailChimp versions 3.1.5 and 4.0.10 suffer from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | ff179074357ac7336249ba032d5f12b0766d960a4f96041e3a66d6151fb4c1a0
Gstreamer 0.10.x Logic Error
Posted Dec 15, 2016
Authored by Chris Evans | Site scarybeastsecurity.blogspot.com

A vulnerability and a separate logic error exist in the gstreamer 0.10.x player for NSF music files. Combined, they allow for very reliable exploitation and the bypass of 64-bit ASLR, DEP, etc. The reliability is provided by the presence of a turing complete "scripting" inside a music player. Read the homepage link for full analysis. Proof of concept exploit included in this archive.

tags | exploit, proof of concept
SHA-256 | efc0146838d9c8d7a192a4e776050cdf88ee6e0ad5ec639d2c832f8efc66e28b
Apple Security Advisory 2016-12-13-8
Posted Dec 14, 2016
Authored by Apple | Site apple.com

Apple Security Advisory 2016-12-13-8 - Transporter 1.9.2 is now available and addresses an information disclosure vulnerability.

tags | advisory, info disclosure
systems | apple
advisories | CVE-2016-7666
SHA-256 | a15c7b8671a1b605dfb13cba0b47053d45b9312355517a08c8952b2087599eda
Apple Security Advisory 2016-12-13-7
Posted Dec 14, 2016
Authored by Apple | Site apple.com

Apple Security Advisory 2016-12-13-7 - This advisory provides additional information in regards to watchOS 3.1.1 fixes as originally documented in APPLE-SA-2016-12-12-2.

tags | advisory
systems | apple
advisories | CVE-2016-4688, CVE-2016-4691, CVE-2016-4693, CVE-2016-7588, CVE-2016-7589, CVE-2016-7591, CVE-2016-7594, CVE-2016-7595, CVE-2016-7606, CVE-2016-7607, CVE-2016-7612, CVE-2016-7615, CVE-2016-7616, CVE-2016-7619, CVE-2016-7621, CVE-2016-7626, CVE-2016-7627, CVE-2016-7636, CVE-2016-7637, CVE-2016-7643, CVE-2016-7644, CVE-2016-7651, CVE-2016-7657, CVE-2016-7658, CVE-2016-7659, CVE-2016-7660, CVE-2016-7662, CVE-2016-7663
SHA-256 | 1e75ac1d7e84337d43fda5523d2559c90e0014064b306b2c2c06c43e2fb37d94
Apple Security Advisory 2016-12-13-4
Posted Dec 14, 2016
Authored by Apple | Site apple.com

Apple Security Advisory 2016-12-13-4 - iCloud for Windows v6.1 is now available and addresses memory corruption, arbitrary code execution, and various other vulnerabilities.

tags | advisory, arbitrary, vulnerability, code execution
systems | windows, apple
advisories | CVE-2016-4692, CVE-2016-4743, CVE-2016-7586, CVE-2016-7587, CVE-2016-7589, CVE-2016-7592, CVE-2016-7598, CVE-2016-7599, CVE-2016-7610, CVE-2016-7611, CVE-2016-7614, CVE-2016-7632, CVE-2016-7635, CVE-2016-7639, CVE-2016-7640, CVE-2016-7641, CVE-2016-7642, CVE-2016-7645, CVE-2016-7646, CVE-2016-7648, CVE-2016-7649, CVE-2016-7652, CVE-2016-7654, CVE-2016-7656
SHA-256 | f9f2e0e3cd17cfbd20fb428973c02abebf6c74592c089a643061a74e1f8412a4
Apple Security Advisory 2016-12-13-5
Posted Dec 14, 2016
Authored by Apple | Site apple.com

Apple Security Advisory 2016-12-13-5 - This advisory provides additional information in regards to iOS 10.2 fixes as originally documented in APPLE-SA-2016-12-12-1.

tags | advisory
systems | cisco, apple, ios
advisories | CVE-2016-4688, CVE-2016-4689, CVE-2016-4690, CVE-2016-4691, CVE-2016-4692, CVE-2016-4693, CVE-2016-4743, CVE-2016-4781, CVE-2016-7586, CVE-2016-7587, CVE-2016-7588, CVE-2016-7589, CVE-2016-7591, CVE-2016-7592, CVE-2016-7594, CVE-2016-7595, CVE-2016-7597, CVE-2016-7598, CVE-2016-7599, CVE-2016-7601, CVE-2016-7606, CVE-2016-7607, CVE-2016-7610, CVE-2016-7611, CVE-2016-7612, CVE-2016-7615, CVE-2016-7616, CVE-2016-7619
SHA-256 | c76b2facaf88977456f7443e4116d5d542dddbae7939376c8c47ecf19fcff957
Apple Security Advisory 2016-12-13-6
Posted Dec 14, 2016
Authored by Apple | Site apple.com

Apple Security Advisory 2016-12-13-6 - This advisory provides additional information in regards to tvOS 10.1 fixes as originally documented in APPLE-SA-2016-12-12-3.

tags | advisory
systems | apple
advisories | CVE-2016-4688, CVE-2016-4691, CVE-2016-4692, CVE-2016-4693, CVE-2016-4743, CVE-2016-7586, CVE-2016-7587, CVE-2016-7588, CVE-2016-7589, CVE-2016-7591, CVE-2016-7594, CVE-2016-7595, CVE-2016-7598, CVE-2016-7599, CVE-2016-7606, CVE-2016-7607, CVE-2016-7610, CVE-2016-7611, CVE-2016-7612, CVE-2016-7615, CVE-2016-7616, CVE-2016-7619, CVE-2016-7621, CVE-2016-7626, CVE-2016-7627, CVE-2016-7632, CVE-2016-7635, CVE-2016-7636
SHA-256 | 29a768aaf01478b8d97cab781144a949c5f45c52011168e14464b7f343949ef0
Page 6 of 14
Back45678Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close