seeing is believing
Showing 26 - 50 of 1,341 RSS Feed

Perl Files

Exim Local Privilege Escalation
Posted Mar 10, 2016
Authored by Dawid Golunski

Exim versions prior to 4.86.2 suffer from a local root privilege escalation vulnerability. When Exim installation has been compiled with Perl support and contains a perl_startup configuration variable it can be exploited by malicious local attackers to gain root privileges.

tags | exploit, local, root, perl
advisories | CVE-2016-1531
MD5 | dfa8bd2eefce417043294f1a91f32077
360-FAAR Firewall Analysis Audit And Repair 0.5.7
Posted Mar 3, 2016
Authored by Dan Martin | Site sourceforge.net

360-FAAR Firewall Analysis Audit and Repair is an offline command line perl policy manipulation tool to filter, compare to logs, merge, translate and output firewall commands for new policies, in checkpoint dbedit or screenos commands.

Changes: Various updates.
tags | tool, perl
systems | unix
MD5 | 53c3fed007d6fe8832181128c05510a5
Ubuntu Security Notice USN-2916-1
Posted Mar 3, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2916-1 - It was discovered that Perl incorrectly handled certain regular expressions with an invalid backreference. An attacker could use this issue to cause Perl to crash, resulting in a denial of service, or possibly execute arbitrary code. Markus Vervier discovered that Perl incorrectly handled nesting in the Data::Dumper module. An attacker could use this issue to cause Perl to consume memory and crash, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, perl
systems | linux, ubuntu
advisories | CVE-2013-7422, CVE-2014-4330, CVE-2016-2381
MD5 | b6c02ced38435c1dd8276aac1a9bac16
Debian Security Advisory 3501-1
Posted Mar 2, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3501-1 - Stephane Chazelas discovered a bug in the environment handling in Perl. Perl provides a Perl-space hash variable, %ENV, in which environment variables can be looked up. If a variable appears twice in envp, only the last value would appear in %ENV, but getenv would return the first. Perl's taint security mechanism would be applied to the value in %ENV, but not to the other rest of the environment. This could result in an ambiguous environment causing environment variables to be propagated to subprocesses, despite the protections supposedly offered by taint checking.

tags | advisory, perl
systems | linux, debian
advisories | CVE-2016-2381
MD5 | ed3599b7967b413eac72bd0ef1844d48
360-FAAR Firewall Analysis Audit And Repair 0.5.6
Posted Feb 10, 2016
Authored by Dan Martin | Site sourceforge.net

360-FAAR Firewall Analysis Audit and Repair is an offline command line perl policy manipulation tool to filter, compare to logs, merge, translate and output firewall commands for new policies, in checkpoint dbedit or screenos commands.

Changes: This release updates the bloobj mode to fix the bug introduced "for names with spaces".
tags | tool, perl
systems | unix
MD5 | d84bc7e15e0603a3d966adbd7178a4da
360-FAAR Firewall Analysis Audit And Repair 0.5.5
Posted Feb 1, 2016
Authored by Dan Martin | Site sourceforge.net

360-FAAR Firewall Analysis Audit and Repair is an offline command line perl policy manipulation tool to filter, compare to logs, merge, translate and output firewall commands for new policies, in checkpoint dbedit or screenos commands.

Changes: This release updates the internal logic to handle names with spaces correctly. Various other fixes added.
tags | tool, perl
systems | unix
MD5 | e7a2c427a13f77fdf26da3a375c6eddf
360-FAAR Firewall Analysis Audit And Repair 0.5.4
Posted Jan 31, 2016
Authored by Dan Martin | Site sourceforge.net

360-FAAR Firewall Analysis Audit and Repair is an offline command line perl policy manipulation tool to filter, compare to logs, merge, translate and output firewall commands for new policies, in checkpoint dbedit or screenos commands.

Changes: This release updates the 'loose' and 'loosen' filters so that 'include' filters work the same as 'exclude' filters did. This release also updates the Netscreen Parser so that it reads lines with spaces at the beginning.
tags | tool, perl
systems | unix
MD5 | 48ab1aa1a9e494e65f7cb495cbb10bfe
VBScan Vulnerability Scanner 0.1.4
Posted Jan 31, 2016
Authored by Mohammad Reza Espargham

VBScan is a black box vBulletin vulnerability scanner written in perl.

Changes: New engine, default timeout, 5.x RCE exploit, and text report output. Various bug fixes.
tags | tool, scanner, perl
systems | unix
MD5 | 9afe6fb6ccdb68889f4857aa8ffd6d0a
Ubuntu Security Notice USN-2878-1
Posted Jan 21, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2878-1 - David Golden discovered that the canonpath function in the Perl File::Spec module did not properly preserve the taint attribute. An attacker could possibly use this issue to bypass the taint protection mechanism.

tags | advisory, perl
systems | linux, ubuntu
advisories | CVE-2015-8607
MD5 | 2b434ec6295509ca278fb39405053259
The Metabrik Platform
Posted Jan 16, 2016
Authored by GomoR | Site metabrik.org

The Metabrik Platform bind together a classic Shell with a Perl interpreter as a REPL (Read-Eval-Print-Loop) and a ton of small Briks. Briks are reusable components each performing a specific task. You chain Briks together using Perl variables, they are used to pass output of a Brik Command as input for another Brik Command.

tags | tool, shell, perl
systems | linux, unix
MD5 | 7dc93522bc7bb3e2c13301f03754dfea
360-FAAR Firewall Analysis Audit And Repair 0.5.3
Posted Jan 15, 2016
Authored by Dan Martin | Site sourceforge.net

360-FAAR Firewall Analysis Audit and Repair is an offline command line perl policy manipulation tool to filter, compare to logs, merge, translate and output firewall commands for new policies, in checkpoint dbedit or screenos commands.

Changes: This release adds the Cisco ASA default service 'ntp'.
tags | tool, perl
systems | unix
MD5 | 02c5d731b677b7113417c1d55988fab2
360-FAAR Firewall Analysis Audit And Repair 0.5.2
Posted Jan 11, 2016
Authored by Dan Martin | Site sourceforge.net

360-FAAR Firewall Analysis Audit and Repair is an offline command line perl policy manipulation tool to filter, compare to logs, merge, translate and output firewall commands for new policies, in checkpoint dbedit or screenos commands.

Changes: This release adds a vital omission from the last release where it now reads Cisco ASA configs with spaces at the start of lines. This release also backports Cisco ASA log parser snippets from SuperFAAR. Various other updates.
tags | tool, perl
systems | unix
MD5 | 332f5463356d02fb949201e670ace503
Debian Security Advisory 3441-1
Posted Jan 11, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3441-1 - David Golden of MongoDB discovered that File::Spec::canonpath() in Perl returned untainted strings even if passed tainted input. This defect undermines taint propagation, which is sometimes used to ensure that unvalidated user input does not reach sensitive code.

tags | advisory, perl
systems | linux, debian
advisories | CVE-2015-8607
MD5 | 460e34d4e28b918ef614612d5da1ced2
360-FAAR Firewall Analysis Audit And Repair 0.5.1
Posted Dec 11, 2015
Authored by Dan Martin | Site sourceforge.net

360-FAAR Firewall Analysis Audit and Repair is an offline command line perl policy manipulation tool to filter, compare to logs, merge, translate and output firewall commands for new policies, in checkpoint dbedit or screenos commands.

Changes: Various updates.
tags | tool, perl
systems | unix
MD5 | 2c40ee5d2ddfe62753e868a5f54bf9a0
Legend Perl IRC Bot Remote Code Execution
Posted Dec 11, 2015
Authored by Jay Turla | Site metasploit.com

This Metasploit module exploits a remote command execution on the Legend Perl IRC Bot . This bot has been used as a payload in the Shellshock spam last October 2014. This particular bot has functionalities like NMAP scanning, TCP, HTTP, SQL, and UDP flooding, the ability to remove system logs, and ability to gain root, and VNC scanning. Kevin Stevens, a Senior Threat Researcher at Damballa has uploaded this script to VirusTotal with a md5 of 11a9f1589472efa719827079c3d13f76.

tags | exploit, remote, web, root, udp, perl, tcp
MD5 | 1d45434e3435a7b498a03833cf1d9027
Xdh / LinuxNet Perlbot / fBot IRC Bot Remote Code Execution
Posted Dec 11, 2015
Authored by Jay Turla, Matt Thayer, Conor Patrick | Site metasploit.com

This Metasploit module allows remote command execution on an IRC Bot developed by xdh. This perl bot was caught by Conor Patrick with his shellshock honeypot server and is categorized by Markus Zanke as an fBot (Fire & Forget - DDoS Bot). Matt Thayer also found this script which has a description of LinuxNet perlbot. The bot answers only based on the servername and nickname in the IRC message which is configured on the perl script thus you need to be an operator on the IRC network to spoof it and in order to exploit this bot or have at least the same ip to the config.

tags | exploit, remote, perl, spoof
MD5 | 76760e94b9460abe182c2c2992e2e8fb
Red Hat Security Advisory 2015-2101-01
Posted Nov 20, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-2101-01 - Python is an interpreted, interactive, object-oriented programming language often compared to Tcl, Perl, Scheme, or Java. Python includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. It was discovered that the Python xmlrpclib module did not restrict the size of gzip-compressed HTTP responses. A malicious XMLRPC server could cause an XMLRPC client using xmlrpclib to consume an excessive amount of memory.

tags | advisory, java, web, perl, python
systems | linux, redhat
advisories | CVE-2013-1752, CVE-2013-1753, CVE-2014-4616, CVE-2014-4650, CVE-2014-7185
MD5 | 99108e5900b8880c9df7cc48354f7344
Red Hat Security Advisory 2015-2345-01
Posted Nov 20, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-2345-01 - The net-snmp packages provide various libraries and tools for the Simple Network Management Protocol, including an SNMP library, an extensible agent, tools for requesting or setting information from SNMP agents, tools for generating and handling SNMP traps, a version of the netstat command which uses SNMP, and a Tk/Perl Management Information Base browser. A denial of service flaw was found in the way snmptrapd handled certain SNMP traps when started with the "-OQ" option. If an attacker sent an SNMP trap containing a variable with a NULL type where an integer variable type was expected, it would cause snmptrapd to crash.

tags | advisory, denial of service, perl, protocol
systems | linux, redhat
advisories | CVE-2014-3565
MD5 | 3620b6b2424f7f71f0cc887cf788336f
360-FAAR Firewall Analysis Audit And Repair 0.5.0
Posted Nov 13, 2015
Authored by Dan Martin | Site sourceforge.net

360-FAAR Firewall Analysis Audit and Repair is an offline command line perl policy manipulation tool to filter, compare to logs, merge, translate and output firewall commands for new policies, in checkpoint dbedit or screenos commands.

Changes: This release back ports the config parsers from the Enterprise Edition SuperFAAR. These parsers are greatly improved from the last release. This release only back ports the config parsers for the existing config parsers.
tags | tool, perl
systems | unix
MD5 | 875684aab52f4e61b50e845b3ac2449d
WU-5QLi-5C4NN3R SQL Injection Scanner
Posted Sep 8, 2015
Authored by c0d3Lib

This is a perl script for performing SQL injection scans against a target site.

tags | tool, scanner, perl, sql injection
systems | unix
MD5 | 2a3e8191bc569d741c6aaecc0462ed76
Red Hat Security Advisory 2015-1636-01
Posted Aug 18, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1636-01 - The net-snmp packages provide various libraries and tools for the Simple Network Management Protocol, including an SNMP library, an extensible agent, tools for requesting or setting information from SNMP agents, tools for generating and handling SNMP traps, a version of the netstat command which uses SNMP, and a Tk/Perl Management Information Base browser. It was discovered that the snmp_pdu_parse() function could leave incompletely parsed varBind variables in the list of variables. A remote, unauthenticated attacker could use this flaw to crash snmpd or, potentially, execute arbitrary code on the system with the privileges of the user running snmpd.

tags | advisory, remote, arbitrary, perl, protocol
systems | linux, redhat
advisories | CVE-2015-5621
MD5 | cfeacfd0577d0cd2222fbdd62be496f2
Red Hat Security Advisory 2015-1385-01
Posted Jul 22, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1385-01 - The net-snmp packages provide various libraries and tools for the Simple Network Management Protocol, including an SNMP library, an extensible agent, tools for requesting or setting information from SNMP agents, tools for generating and handling SNMP traps, a version of the netstat command which uses SNMP, and a Tk/Perl Management Information Base browser. A denial of service flaw was found in the way snmptrapd handled certain SNMP traps when started with the "-OQ" option. If an attacker sent an SNMP trap containing a variable with a NULL type where an integer variable type was expected, it would cause snmptrapd to crash.

tags | advisory, denial of service, perl, protocol
systems | linux, redhat
advisories | CVE-2014-3565
MD5 | 0084b4ac2ab29670ada2d2d3f89c7ae2
Red Hat Security Advisory 2015-1330-01
Posted Jul 22, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1330-01 - Python is an interpreted, interactive, object-oriented programming language often compared to Tcl, Perl, Scheme, or Java. Python includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. It was discovered that the socket.recvfrom_into() function failed to check the size of the supplied buffer. This could lead to a buffer overflow when the function was called with an insufficiently sized buffer.

tags | advisory, java, overflow, perl, python
systems | linux, redhat
advisories | CVE-2013-1752, CVE-2014-1912, CVE-2014-4650, CVE-2014-7185
MD5 | 1ffec5edccbcafcc2360b4711c941b35
Gentoo Linux Security Advisory 201507-11
Posted Jul 10, 2015
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201507-11 - A vulnerability in Perl allows a remote attacker to cause Denial of Service. Versions less than 5.20.1-r4 are affected.

tags | advisory, remote, denial of service, perl
systems | linux, gentoo
advisories | CVE-2013-7422
MD5 | 272a3a299e7cca1848d6179601eea258
VBScan Vulnerability Scanner
Posted Jun 15, 2015
Authored by Mohammad Reza Espargham

VBScan is a black box vBulletin vulnerability scanner written in perl.

tags | tool, scanner, perl
systems | unix
MD5 | fb0e09bdb7737e46cefb9bacc92fb561
Page 2 of 54
Back12345Next

File Archive:

October 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    15 Files
  • 2
    Oct 2nd
    16 Files
  • 3
    Oct 3rd
    15 Files
  • 4
    Oct 4th
    15 Files
  • 5
    Oct 5th
    11 Files
  • 6
    Oct 6th
    6 Files
  • 7
    Oct 7th
    2 Files
  • 8
    Oct 8th
    1 Files
  • 9
    Oct 9th
    13 Files
  • 10
    Oct 10th
    16 Files
  • 11
    Oct 11th
    15 Files
  • 12
    Oct 12th
    23 Files
  • 13
    Oct 13th
    13 Files
  • 14
    Oct 14th
    12 Files
  • 15
    Oct 15th
    2 Files
  • 16
    Oct 16th
    16 Files
  • 17
    Oct 17th
    16 Files
  • 18
    Oct 18th
    15 Files
  • 19
    Oct 19th
    10 Files
  • 20
    Oct 20th
    7 Files
  • 21
    Oct 21st
    4 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close