what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 26 - 50 of 82 RSS Feed

Files

S.S.T Javascript Keylogger
Posted Jan 4, 2012
Authored by Amir Masoud

S.S.T (Save Typed Text) javascript proof of concept keylogging code.

tags | tool, javascript, sniffer, proof of concept
SHA-256 | 3d93476f79d386daaf0081e819a0e2b9b68992bbd8af9ed271d5b909759e9021

Related Files

Red Hat Security Advisory 2016-1378-01
Posted Jul 5, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1378-01 - OpenStack Bare Metal is a tool used to provision bare metal machines. It leverages common technologies such as PXE boot and IPMI to cover a wide range of hardware. It also supports pluggable drivers to allow added, vendor-specific functionality. Security Fix: An authentication vulnerability was found in openstack-ironic. A client with network access to the ironic-api service could bypass OpenStack Identity authentication, and retrieve all information about any node registered with OpenStack Bare Metal. If an unprivileged attacker knew the MAC address of a network card belonging to a node, the flaw could be exploited by sending a crafted POST request to the node's /v1/drivers/$DRIVER_NAME/vendor_passthru resource. The response included the node's full details, including management passwords, even if the /etc/ironic/policy.json file was configured to hide passwords in API responses.

tags | advisory
systems | linux, redhat
advisories | CVE-2016-4985
SHA-256 | cf0653a60b67d585ed9588c8088bcba3f2e30c854c60789ef0985ca54cbb1db7
Red Hat Security Advisory 2016-1377-01
Posted Jul 5, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1377-01 - OpenStack Bare Metal is a tool used to provision bare metal machines. It leverages common technologies such as PXE boot and IPMI to cover a wide range of hardware. It also supports pluggable drivers to allow added, vendor-specific functionality. Security Fix: An authentication vulnerability was found in openstack-ironic. A client with network access to the ironic-api service could bypass OpenStack Identity authentication, and retrieve all information about any node registered with OpenStack Bare Metal. If an unprivileged attacker knew the MAC address of a network card belonging to a node, the flaw could be exploited by sending a crafted POST request to the node's /v1/drivers/$DRIVER_NAME/vendor_passthru resource. The response included the node's full details, including management passwords, even if the /etc/ironic/policy.json file was configured to hide passwords in API responses.

tags | advisory
systems | linux, redhat
advisories | CVE-2016-4985
SHA-256 | d0bf2032c8fc6f463979829d9f140ec32ab10ca2f36f474f914a721b83f2f3ac
HP Security Bulletin HPSBMU03377 2
Posted Mar 15, 2016
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU03377 2 - A potential security vulnerability has been identified with HP Release Control running RC4. A vulnerability in SST/TLS RC4 stream cipher known as Bar Mitzah was addressed by HPE Release Control. The vulnerability could be exploited to allow remote disclosure of information. Revision 2 of this advisory.

tags | advisory, remote
advisories | CVE-2015-2808
SHA-256 | 4a94ecae79f15bff50ee993b4a368bc87c1663772c14a553a0431dd5b25590cc
Apache Tomcat Limited Directory Traversal
Posted Feb 22, 2016
Authored by Mark Thomas | Site tomcat.apache.org

When accessing resources via the ServletContext methods getResource() getResourceAsStream() and getResourcePaths() the paths should be limited to the current web application. The validation was not correct and paths of the form "/.." were not rejected. Note that paths starting with "/../" were correctly rejected. Apache Tomcat versions 6.0.0 through 6.0.44, 7.0.0 through 7.0.64, and 8.0.0.RC1 through 8.0.26.

tags | advisory, web
advisories | CVE-2015-5174
SHA-256 | b1f753e54e5215e5b5e3807834777c09565ba6a20e0a2b3c9fb5433a181e671a
NASA Cross Site Scripting
Posted Dec 29, 2015
Authored by 4TT4CK3R

ghrc.nsstc.nasa.gov suffered from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 39c8465d756607f1fcd5544160fdda382abab5af697af9fa153ba65efff5fa84
Windows NtUserGetClipboardAccessToken Token Leak Redux
Posted Sep 18, 2015
Authored by Google Security Research, forshaw

The NtUserGetClipboardAccessToken win32k system call exposes the access token of the last user to lower-privileged users. It can also be used to open an anonymous impersonation thread token which normally OpenThreadToken shouldn't be able to do. This is a bypass of the fix for CVE-2015-0078.

tags | exploit
systems | linux
advisories | CVE-2015-2527
SHA-256 | 9bcf7274e363f1dc579d9ed68048a01019d56cc2f841f1a4a04c182389196296
Flash Boundless Tunes Universal SOP Bypass Through ActionSctipt's Sound Object
Posted Aug 20, 2015
Authored by Google Security Research, ojakigamon

An instance of ActionScript's Sound class allows for loading and extracting for further processing any kind of external data, not only sound files. Same-origin policy doesn't apply here. Each input byte of raw data, loaded previously from given URL, is encoded by an unspecified function to the same 8 successive sample blocks of output. The sample block consists of 8 bytes (first 4 bytes for left channel and next 4 bytes for right channel). Only 2 bytes from 8 sound blocks (64 bytes) are crucial, the rest 52 bytes are useless. Each byte of input from range 0-255 has corresponding constant unsigned integer value (a result of encoding), so for decoding purposes you can use simply lookup table (cf. source code from BoundlessTunes.as).

tags | exploit
systems | linux
advisories | CVE-2015-5116
SHA-256 | fc4873a13244f4cbc031eca310103bf8bf2dd9f88a4c98659fde47aa2310d88d
PHP Exception Type Confusion / Heap Overflow
Posted Apr 29, 2015
Authored by Taoguang Chen

A type confusion vulnerability was discovered in exception object's __toString()/getTraceAsString() method that can be abused for leaking arbitrary memory blocks or heap overflow.

tags | exploit, overflow, arbitrary
SHA-256 | b3a8329c29d10dca9d7ddc4c0f46af58e29999c11da31e6009cf9c41975e1db6
Red Hat Security Advisory 2014-0423-01
Posted Apr 23, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-0423-01 - The openshift-origin-broker package provides the OpenShift Broker service that manages all user logins, DNS name resolution, application states, and general orchestration of the applications. The rubygem-openshift-origin-auth-remote-user package provides the remote user authentication plug-in. A flaw was found in the way openshift-origin-broker handled authentication requests via the remote user authentication plug-in. A remote attacker able to submit a request to openshift-origin-broker could set the X-Remote-User header, and send the request to a passthrough trigger, resulting in a bypass of the authentication checks to gain access to any OpenShift user account on the system.

tags | advisory, remote
systems | linux, redhat
advisories | CVE-2014-0188
SHA-256 | f598489c43378ab1d4e656502a914e058b9c591b74e6b3a5a7c8e9656ca0e1af
Red Hat Security Advisory 2014-0422-01
Posted Apr 23, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-0422-01 - The openshift-origin-broker package provides the OpenShift Broker service that manages all user logins, DNS name resolution, application states, and general orchestration of the applications. The rubygem-openshift-origin-auth-remote-user package provides the remote user authentication plug-in. A flaw was found in the way openshift-origin-broker handled authentication requests via the remote user authentication plug-in. A remote attacker able to submit a request to openshift-origin-broker could set the X-Remote-User header, and send the request to a passthrough trigger, resulting in a bypass of the authentication checks to gain access to any OpenShift user account on the system.

tags | advisory, remote
systems | linux, redhat
advisories | CVE-2014-0188
SHA-256 | 4bdc39e07f063683224e2c5b173c10db71b79172f5adf98767338f036c361d58
VICIdial Manager Send OS Command Injection
Posted Nov 8, 2013
Authored by sinn3r, juan vazquez, Adam Caudill, AverageSecurityGuy | Site metasploit.com

The file agc/manager_send.php in the VICIdial web application uses unsanitized user input as part of a command that is executed using the PHP passthru() function. A valid username, password and session are needed to access the injection point. Fortunately, VICIdial has two built-in accounts with default passwords and the manager_send.php file has a SQL injection vulnerability that can be used to bypass the session check as long as at least one session has been created at some point in time. In case there isn't any valid session, the user can provide astGUIcient credentials in order to create one. The results of the injected command are returned as part of the response from the web server. Affected versions include 2.7RC1, 2.7, and 2.8-403a. Other versions are likely affected as well. The default credentials used by Vicidial are VDCL/donotedit and VDAD/donotedit.

tags | exploit, web, php, sql injection
advisories | CVE-2013-4467, CVE-2013-4468, OSVDB-98903, OSVDB-98902
SHA-256 | fe43d040fa2032ae8b0f68df36ad62a56693b4bfc023c7d6761cb75f72c9869f
Mandriva Linux Security Advisory 2013-216
Posted Aug 23, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-216 - ProcessTable.pm in the Proc::ProcessTable module 0.45 for Perl, when TTY information caching is enabled, allows local users to overwrite arbitrary files via a symlink attack on /tmp/TTYDEVS.

tags | advisory, arbitrary, local, perl
systems | linux, mandriva
advisories | CVE-2011-4363
SHA-256 | e270d97c7c30cd1dfa32136b75cbfb5d2f2f8687db2bbac9746b8e5e5f17ef6a
Mandriva Linux Security Advisory 2013-194
Posted Jul 11, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-194 - Multiple vulnerabilities has been found and corrected in the Linux kernel. net/ceph/auth_none.c in the Linux kernel through 3.10 allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via an auth_reply message that triggers an attempted build_request operation. The HP Smart Array controller disk-array driver and Compaq SMART2 controller disk-array driver in the Linux kernel through 3.9.4 do not initialize certain data structures, which allows local users to obtain sensitive information from kernel memory via a crafted IDAGETPCIINFO command for a /dev/ida device, related to the ida_locked_ioctl function in drivers/block/cpqarray.c or a crafted CCISS_PASSTHRU32 command for a /dev/cciss device, related to the cciss_ioctl32_passthru function in drivers/block/cciss.c. Various other issues have also been addressed. The updated packages provides a solution for these security issues.

tags | advisory, remote, denial of service, kernel, local, vulnerability
systems | linux, mandriva
advisories | CVE-2012-5517, CVE-2013-0231, CVE-2013-1059, CVE-2013-1774, CVE-2013-2147, CVE-2013-2148, CVE-2013-2164, CVE-2013-2232, CVE-2013-2234, CVE-2013-2237, CVE-2013-2850, CVE-2013-2851, CVE-2013-2852, CVE-2013-3301
SHA-256 | 222e6a9b6c229fb8760fbf864b56dd9ad305b2f5b2210ae92ec97c2c2809405b
Narcissus Image Configuration Passthru
Posted Nov 21, 2012
Authored by dun, sinn3r | Site metasploit.com

This Metasploit module exploits a vulnerability found in Narcissus image configuration function. This is due to the backend.php file not handling the $release parameter properly, and then passes it on to the configure_image() function. In this function, the $release parameter can be used to inject system commands for passthru (a PHP function that's meant to be used to run a bash script by the vulnerable application), which allows remote code execution under the context of the web server.

tags | exploit, remote, web, php, code execution, bash
SHA-256 | e4e301239f9dd9233d1f53f7eeec494854791ab17cbfc496d7ff9fc4c9b4e501
Red Hat Security Advisory 2012-0358-01
Posted Mar 6, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0358-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Using PCI passthrough without interrupt remapping support allowed Xen hypervisor guests to generate MSI interrupts and thus potentially inject traps. A privileged guest user could use this flaw to crash the host or possibly escalate their privileges on the host. The fix for this issue can prevent PCI passthrough working and guests starting.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2011-1898, CVE-2011-2699, CVE-2011-4127, CVE-2011-4330, CVE-2012-0028
SHA-256 | 98902c733d28dde86a19c4de285d3fdd02cc5ae6d870d00196d370a40c1b38bf
Red Hat Security Advisory 2011-1801-01
Posted Dec 8, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-1801-01 - KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. qemu-kvm is the user-space component for running virtual machines using KVM. A flaw was found in the way qemu-kvm handled VSC_ATR messages when a guest was configured for a CCID USB smart card reader in passthrough mode. An attacker able to connect to the port on the host being used for such a device could use this flaw to crash the qemu-kvm process on the host or, possibly, escalate their privileges on the host.

tags | advisory
systems | linux, redhat
advisories | CVE-2011-4111
SHA-256 | f08148ae167c0768b601225b0105f767e9cb21cde5993cc3bc42b1cd64876d00
Red Hat Security Advisory 2011-1777-01
Posted Dec 7, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-1777-01 - KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. qemu-kvm is the user-space component for running virtual machines using KVM. A flaw was found in the way qemu-kvm handled VSC_ATR messages when a guest was configured for a CCID USB smart card reader in passthrough mode. An attacker able to connect to the port on the host being used for such a device could use this flaw to crash the qemu-kvm process on the host or, possibly, escalate their privileges on the host.

tags | advisory
systems | linux, redhat
advisories | CVE-2011-4111
SHA-256 | f437ff73654ec441c37ee0a258656d8a2c9469e20690c2704d525a4c711b0de4
Secunia Security Advisory 47015
Posted Dec 1, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue has been discovered in the Proc::ProcessTable module for Perl, which can be exploited by malicious, local users to perform certain actions with escalated privileges.

tags | advisory, local, perl
SHA-256 | 8feeef65e17ae75af2f21b5a0368354a65090937c5722ad7e8ff75e502b4ae45
Red Hat Security Advisory 2011-1479-01
Posted Nov 30, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-1479-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Using PCI passthrough without interrupt remapping support allowed Xen hypervisor guests to generate MSI interrupts and thus potentially inject traps. A privileged guest user could use this flaw to crash the host or possibly escalate their privileges on the host. The fix for this issue can prevent PCI passthrough working and guests starting. Various other issues were also addressed.

tags | advisory, kernel
systems | linux, redhat
advisories | CVE-2011-1162, CVE-2011-1898, CVE-2011-2203, CVE-2011-2494, CVE-2011-3363, CVE-2011-4110
SHA-256 | ed68520a6ee2920e3e52edf771936c03f68718a31b6a9055d5cb9d1c38a033e1
PHP SST Sheller 1.0
Posted Oct 16, 2011
Authored by Amir Masoud

This is simply a PHP shell with a bunch of features like spoofing mail, file uploads, and more.

tags | tool, shell, spoof, php, rootkit, file upload
systems | unix
SHA-256 | 4b62d88653f707028740984998a846bce54234865cd62cec045e7c6dffb125ed
Red Hat Security Advisory 2011-1189-01
Posted Aug 24, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-1189-01 - Updated kernel packages that fix several security issues, various bugs, and add two enhancements are now available for Red Hat Enterprise Linux 6. Using PCI passthrough without interrupt remapping support allowed KVM guests to generate MSI interrupts and thus potentially inject traps. A privileged guest user could use this flaw to crash the host or possibly escalate their privileges on the host. The fix for this issue can prevent PCI passthrough working and guests starting. Flaw in the client-side NLM implementation could allow a local, unprivileged user to cause a denial of service.

tags | advisory, denial of service, kernel, local
systems | linux, redhat
advisories | CVE-2011-1182, CVE-2011-1576, CVE-2011-1593, CVE-2011-1776, CVE-2011-1898, CVE-2011-2183, CVE-2011-2213, CVE-2011-2491, CVE-2011-2492, CVE-2011-2495, CVE-2011-2497, CVE-2011-2517, CVE-2011-2689, CVE-2011-2695
SHA-256 | d97ef6720ae8e063983b3824218d93b24db61be0bd9859deee9eb835fea7f6a9
Red Hat Security Advisory 2011-1005-01
Posted Jul 21, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-1005-01 - The sysstat package contains a set of utilities which enable system monitoring of disks, network, and other I/O activity. It was found that the sysstat initscript created a temporary file in an insecure way. A local attacker could use this flaw to create arbitrary files via a symbolic link attack.

tags | advisory, arbitrary, local
systems | linux, redhat
advisories | CVE-2007-3852
SHA-256 | 67b1dcce5be13e37cd2984523d1ddf937e78182e6e8cb6deeab1273daf93197d
Secunia Security Advisory 45335
Posted Jul 21, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for sysstat. This fixes a vulnerability, which can be exploited by malicious, local users to perform certain actions with escalated privileges.

tags | advisory, local
systems | linux, redhat
SHA-256 | 69be46da54e2c65b8ed1247ae62e28fac5bd67ca29550d95cfdc9c402241d4d5
Secunia Security Advisory 40515
Posted Jul 12, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in CSSTidy, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
SHA-256 | 95189c7fcd2409b41e6daf3eedf7e55c5df6b6bd911ed5354acbf99c049dfbca
Rsstatic SQL Injection
Posted Mar 9, 2010
Authored by ItSecTeam

Rsstatic suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 40e5ad5b8ab22b136411b1d6305a2131e5e2bebd4eb01ba990c79c42b34b60f0
Page 2 of 4
Back1234Next

File Archive:

February 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    11 Files
  • 2
    Feb 2nd
    9 Files
  • 3
    Feb 3rd
    5 Files
  • 4
    Feb 4th
    0 Files
  • 5
    Feb 5th
    0 Files
  • 6
    Feb 6th
    9 Files
  • 7
    Feb 7th
    0 Files
  • 8
    Feb 8th
    0 Files
  • 9
    Feb 9th
    0 Files
  • 10
    Feb 10th
    0 Files
  • 11
    Feb 11th
    0 Files
  • 12
    Feb 12th
    0 Files
  • 13
    Feb 13th
    0 Files
  • 14
    Feb 14th
    0 Files
  • 15
    Feb 15th
    0 Files
  • 16
    Feb 16th
    0 Files
  • 17
    Feb 17th
    0 Files
  • 18
    Feb 18th
    0 Files
  • 19
    Feb 19th
    0 Files
  • 20
    Feb 20th
    0 Files
  • 21
    Feb 21st
    0 Files
  • 22
    Feb 22nd
    0 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close