what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 26 - 50 of 436 RSS Feed

Files Date: 2017-04-01 to 2017-04-30

Red Hat Security Advisory 2017-1162-01
Posted Apr 26, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-1162-01 - Python is an interpreted, interactive, object-oriented programming language that supports modules, classes, exceptions, high-level dynamic data types, and dynamic typing. The python27 packages provide a stable release of Python 2.7 with a number of additional utilities and database connectors for MySQL and PostgreSQL. The python27 Software Collection has been upgraded to version 2.7.13, which provides a number of bug fixes and enhancements over the previous version.

tags | advisory, python
systems | linux, redhat
advisories | CVE-2014-9365
SHA-256 | b074a1dc77a800a7bb251bd62b55be188b14ba2806e7964428a041350866d803
Red Hat Security Advisory 2017-1161-01
Posted Apr 26, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-1161-01 - The Apache HTTP Server is a powerful, efficient, and extensible web server. The httpd24 packages provide a recent stable release of version 2.4 of the Apache HTTP Server, along with the mod_auth_kerb module. The httpd24 Software Collection has been upgraded to version 2.4.25, which provides a number of bug fixes and enhancements over the previous version.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2016-0736, CVE-2016-1546, CVE-2016-2161, CVE-2016-8740, CVE-2016-8743
SHA-256 | 710ab5969c463a1c7526a5fa70f4c55c2c4077082b7622e31e2ba0c00acae88f
Debian Security Advisory 3834-1
Posted Apr 26, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3834-1 - Several issues have been discovered in the MySQL database server. The vulnerabilities are addressed by upgrading MySQL to the new upstream version 5.5.55, which includes additional changes, such as performance improvements, bug fixes, new features, and possibly incompatible changes.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2017-3302, CVE-2017-3305, CVE-2017-3308, CVE-2017-3309, CVE-2017-3329, CVE-2017-3453, CVE-2017-3456, CVE-2017-3461, CVE-2017-3462, CVE-2017-3463, CVE-2017-3464, CVE-2017-3600
SHA-256 | 59d5022065b13db104d76c6cf33448b7aeaad523f65291a09a7062fb8f89fd1a
LightDM (Ubuntu 16.04/16.10) Privilege Escalation
Posted Apr 26, 2017
Authored by G. Geshev

This advisory describes a local privilege escalation via guest-account in LightDM found in Ubuntu versions 16.10 / 16.04 LTS.

tags | exploit, local
systems | linux, ubuntu
advisories | CVE-2017-7358
SHA-256 | 7eb1528e323459cf945e526fa778e82b210bbab5581e8b3874acbbb6985be89b
Revive Ad Server 4.0.1 Cross Site Request Forgery / Cross Site Scripting
Posted Apr 26, 2017
Authored by Cyril Vallicari

Revive Ad Server version 4.0.1 suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
SHA-256 | 9b20861399242f421125d6cddee8358bb6037a5865345c3a5ebdec01677a1a12
WordPress KittyCatfish 2.2 SQL Injection
Posted Apr 26, 2017
Authored by TAD GROUP

WordPress KittyCatfish plugin version 2.2 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | a4877136efa694bcaee8945f73d5de695ee4183498b934dc7da953057347ce00
WordPress Car Rental System 2.5 SQL Injection
Posted Apr 26, 2017
Authored by TAD GROUP

WordPress Car Rental System plugin version 2.5 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 3034b15ff4a4dd951d6e2ebbbef527273be7831ab329280838e1bed1d54c133c
WordPress Wow Viral Signups 2.1 SQL Injection
Posted Apr 26, 2017
Authored by TAD GROUP

WordPress Wow Viral Signups plugin version 2.1 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 1e7973e041daae94cfd856d15e3742257fbbfd52d3cb5da6d9efd2b63a557daf
Joomla jDBexport 3.2.10 Cross Site Scripting / Path Disclosure
Posted Apr 26, 2017
Authored by Mojtaba MobhaM

Joomla jDBexport component version 3.2.10 suffers from cross site scripting and path disclosure vulnerabilities.

tags | exploit, vulnerability, xss, info disclosure
SHA-256 | 3ab8bfb5be2c4d68658ca37c0bf9e9bf28092a264d0f47d7eb35a36301253ad7
WordPress Wow Forms 2.1 SQL Injection
Posted Apr 26, 2017
Authored by TAD GROUP

WordPress Wow Forms plugin version 2.1 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 416ee10e980c32577e0d410f4aa3636a5a328b52e38a76eb9139197df9da9559
How FlexiSpy Was Hacked
Posted Apr 26, 2017
Authored by fleximinx

A write up by the hacker who hacked FlexiSpy.

tags | paper
SHA-256 | 210438ee4534c14e66292144d27d635e0535da4750c255a43ca819509ebce9a3
HackBack - A DIY Guide For Those Without The Patience To Wait For Whistleblowers
Posted Apr 26, 2017
Authored by Phineas Fisher

Whitepaper entitled HackBack - A DIY Guide for those without the patience to wait for whistleblowers.

tags | paper
SHA-256 | 8a4bf253d346e6edb5debbc3d0af1853e0c2c708d9b3c1a2b28a8685f580d674
HackBack - A DIY Guide, Spanish Version
Posted Apr 26, 2017
Authored by Phineas Fisher

Whitepaper entitled HackBack - A DIY Guide. Written in Spanish.

tags | paper
SHA-256 | cd9224d9caca3f6b88269980123d5374486f1353fbc9efb50253557b2a53a6c0
HackBack - A DIY Guide
Posted Apr 26, 2017
Authored by Phineas Fisher

Whitepaper entitled HackBack - A DIY Guide.

tags | paper
SHA-256 | 13106443a0101118a7a673f7eab1962e92e195d9d493092b209fc627e5dc9db6
Microsoft Windows 2003 SP2 ERRATICGOPHER SMB Remote Code Execution
Posted Apr 26, 2017
Authored by Victor Portal Gonzalez

Microsoft Windows 2003 SP2 ERRATICGOPHER SMB remote code execution exploit.

tags | exploit, remote, code execution
systems | windows
SHA-256 | e09a6f487b36b8b0d05b9379162b5a10008814385417197a29eda6a60fac1a6b
Portrait Display SDK Service Privilege Escalation
Posted Apr 26, 2017
Authored by W. Schober | Site sec-consult.com

Portrait Display SDK Service suffers from a privilege escalation vulnerability due to an insecure service configuration.

tags | exploit
advisories | CVE-2017-3210
SHA-256 | bb0d1b7787b6ec46caf94bb51f129ccffd1be7a7a0ce6cb68b3a93e46de94b3a
Joomla MyPortfolio 3.0.2 SQL Injection
Posted Apr 26, 2017
Authored by Mojtaba MobhaM

Joomla MyPortfolio component version 3.0.2 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | d9871a4cd77cf348eaa86ab4fb9b5655b8b0451c772ee4e36b81774fbf4687b0
Flyspray 1.0-rc4 Cross Site Scripting
Posted Apr 26, 2017
Authored by Cyril Vallicari

Flyspray version 1.0-rc4 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 468a85a47c02db85d70f6d872139aec25745c6e534d90f93bbacc4175cd94a6b
Samsung Smart TV Wi-Fi Direction Improper Authentication
Posted Apr 26, 2017
Authored by Neseso Research Team

Samsung Smart TV Wi-Fi allows for unfettered access to rogue devices by strictly whitelisting access via a mac address.

tags | advisory
SHA-256 | 5484d0c90115f29a703f9d405c97f1fdb64081d6cfc7a7919eec183b94a06f03
Private Tunnel Client 2.8 Buffer Overflow
Posted Apr 26, 2017
Authored by Muhann4d

Private Tunnel Client version 2.8 local buffer overflow SEH exploit.

tags | exploit, overflow, local
SHA-256 | 07babd3d9523494c03dae1c1130f656b9f713d8830379d358cc37ba047d611c4
Uberscan Brute Forcing Tool
Posted Apr 26, 2017
Authored by Batch McNulty

Uberscan is an IP scanner and brute forcing tool all in one. Written in perl.

tags | tool, scanner, perl
systems | unix
SHA-256 | 03c619eb7a6756875cfd4de5de3f9b6bbc71cdbe72137814c254f2a9116ad397
Remote Exploitation Of An Unaltered Passenger Vehicle
Posted Apr 26, 2017
Authored by Chris Valasek, Charlie Miller

This paper outlines the research into performing a remote attack against an unaltered 2014 Jeep Cherokee and similar vehicles that results in physical control of some aspects of the vehicle. Hopefully this additional remote attack research can pave the road for more secure connected cars in our future by providing this detailed information to security researchers, automotive manufacturers, automotive suppliers, and consumers.

tags | paper, remote
SHA-256 | d7f534a978ca4d25721f39404f7aad67339b186a0025047f6293bf98556c1d36
CAN Message Injection - OG Dynamite Edition
Posted Apr 26, 2017
Authored by Chris Valasek, Charlie Miller

This paper investigates why physical control inconsistencies exist and present techniques that can be leveraged to more fully obtain control of the physical systems of the car while only injecting CAN bus messages. It also discusses ways to makes these systems more robust to CAN message injection.

tags | paper
SHA-256 | 383c15500ebb9e6fd0e34bf42e9e070b737657eb4bcf9930fb34491defdb4078
A Survey Of Remote Automotive Attack Surfaces
Posted Apr 26, 2017
Authored by Chris Valasek, Charlie Miller

Whitepaper called A Survey of Remote Automotive Attack Surfaces. This paper attempts to analyze numerous automobiles varying in production year to show how remote attack surfaces have evolved with time and to try to quantify the difficulty of a remote attack for a variety of different automobiles. This analysis will include how large the remote attack surface is, how segmented the ECUs which have physical control of the automobile are from those accepting external input, and the features present in the automobile which allow computers to physically control it. Additionally, this paper recommends defensive strategies including an IDS-type system to detect and prevent these types of attacks.

tags | paper, remote
SHA-256 | 371d87d27666d1f97678cbf4eec03704f4c1e85029009ee2439690303f7dde28
Car Hacking: For Poories A.K.A. Car Hacking Too: Electric Boogaloo
Posted Apr 26, 2017
Authored by Chris Valasek, Charlie Miller

This whitepaper is a follow-up on car hacking that was an attempt to reduce this barrier to entry so more researchers could get involved.

tags | paper
SHA-256 | 9249c9c2c9ccfb49896bf3953a0b5ca6d1f19ab6a4f67bc032d488183dad0773
Page 2 of 18
Back12345Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close