Twenty Year Anniversary
Showing 76 - 100 of 1,355 RSS Feed

Perl Files

Debian Security Advisory 3173-1
Posted Feb 26, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3173-1 - It was discovered that libgtk2-perl, a Perl interface to the 2.x series of the Gimp Toolkit library, incorrectly frees memory which GTK+ still holds onto and might access later, leading to denial of service (application crash) or, potentially, to arbitrary code execution.

tags | advisory, denial of service, arbitrary, perl, code execution
systems | linux, debian
MD5 | af51051e534edef52f74835df9f5a0ff
Juli Man-In-The-Middle Script
Posted Feb 21, 2015
Authored by em616

This is a simple perl script for setting up man-in-the-middle attacks on Linux.

tags | tool, perl
systems | linux, unix
MD5 | a64484ef0e9bbad1e66c9c13412d4567
Mandriva Linux Security Advisory 2015-044
Posted Feb 12, 2015
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2015-044 - Incorrect memory management in Gtk2::Gdk::Display::list_devices in perl-Gtk2 before 1.2495, where, the code was freeing memory that gtk+ still holds onto and might access later. The updated packages have been patched to correct this issue.

tags | advisory, perl
systems | linux, mandriva
MD5 | 4494db134fc970f9caa713efd9f07f8b
Ubuntu Security Notice USN-2461-2
Posted Jan 13, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2461-2 - Stanislaw Pitucha and Jonathan Gray discovered that libyaml-libyaml-perl did not properly handle wrapped strings. An attacker could create specially crafted YAML data to trigger an assert, causing a denial of service.

tags | advisory, denial of service, perl
systems | linux, ubuntu
advisories | CVE-2014-9130
MD5 | 98cee7a4829c3edaa3a39fe7e418f7d1
Shodan Tool 0.6
Posted Jan 10, 2015
Authored by Doddy Hackman

Shodan Tool is a perl script that allows you to search for vulnerabilities in Shodan.

tags | tool, scanner, perl, vulnerability
systems | unix
MD5 | 4aaa0f871fbe478d38f4a70f76af26a8
WP-Bruteforce c0d3Lib WordPress Bruteforcing Tool
Posted Jan 8, 2015
Authored by Agha Nata

This is a perl script to bruteforce logins on WordPress.

tags | tool, cracker, perl
MD5 | ed394d86c2065524b5258e2632cf68dc
Mandriva Linux Security Advisory 2014-242
Posted Dec 15, 2014
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2014-242 - An assertion failure was found in the way the libyaml library parsed wrapped strings. An attacker able to load specially crafted YAML input into an application using libyaml could cause the application to crash. The perl-YAML-LibYAML package is also affected, as it was derived from the same code. Both have been patched to fix this issue.

tags | advisory, perl
systems | linux, mandriva
advisories | CVE-2014-9130
MD5 | a6827f64e5910be462be455ebdd112ef
Mandriva Linux Security Advisory 2014-199
Posted Oct 21, 2014
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2014-199 - Updated perl and perl-Data-Dumper packages fixes security The Dumper method in Data::Dumper before 2.154, allows context-dependent attackers to cause a denial of service (stack consumption and crash) via an Array-Reference with many nested Array-References, which triggers a large number of recursive calls to the DD_dump function. The Data::Dumper module bundled with perl and the perl-Data-Dumper packages has been updated to fix this issue.

tags | advisory, denial of service, perl
systems | linux, mandriva
advisories | CVE-2014-4330
MD5 | 7378f2ab1a911ae12fb18612b875a533
HP Data Protector EXEC_INTEGUTIL Remote Code Execution
Posted Oct 21, 2014
Authored by Aniway, juan vazquez | Site metasploit.com

This exploit abuses a vulnerability in the HP Data Protector. The vulnerability exists in the Backup client service, which listens by default on TCP/5555. The EXEC_INTEGUTIL request allows to execute arbitrary commands from a restricted directory. Since it includes a perl executable, it's possible to use an EXEC_INTEGUTIL packet to execute arbitrary code. On linux targets, the perl binary isn't on the restricted directory, but an EXEC_BAR packet can be used to access the perl binary, even in the last version of HP Data Protector for linux. This Metasploit module has been tested successfully on HP Data Protector 9 over Windows 2008 R2 64 bits and CentOS 6 64 bits.

tags | exploit, arbitrary, perl, tcp
systems | linux, windows, centos
MD5 | 97b7fba08bd2896683e6299d64a0465b
Gentoo Linux Security Advisory 201410-02
Posted Oct 13, 2014
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201410-2 - Multiple vulnerabilities have been found in Perl Locale-Maketext module, allowing remote attackers to inject and execute arbitrary Perl code. Versions prior to 1.230.0 are affected.

tags | advisory, remote, arbitrary, perl, vulnerability
systems | linux, gentoo
advisories | CVE-2012-6329
MD5 | e65faf0ade818c9256ca3a7b56e696ad
Twiki Perl Code Execution
Posted Oct 10, 2014
Authored by Peter Thoeny

The debugenableplugins request parameter in Twiki versions 4.x, 5.x, and 6.0.0 allows arbitrary Perl code execution.

tags | exploit, arbitrary, perl, code execution
advisories | CVE-2014-7236
MD5 | f6bd86cf1ce91b013111856c03894bcf
Mandriva Linux Security Advisory 2014-192
Posted Oct 3, 2014
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2014-192 - The parse function in Email::Address module before 1.905 for Perl uses an inefficient regular expression, which allows remote attackers to cause a denial of service via an empty quoted string in an RFC 2822 address. The Email::Address module before 1.904 for Perl uses an inefficient regular expression, which allows remote attackers to cause a denial of service via vectors related to backtracking into the phrase.

tags | advisory, remote, denial of service, perl
systems | linux, mandriva
advisories | CVE-2014-0477, CVE-2014-4720
MD5 | a23dafdcbef4536016bec1dfd6dce173
Mandriva Linux Security Advisory 2014-191
Posted Sep 30, 2014
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2014-191 - The mkxmltype and mkdtskel scripts provided in perl-XML-DT allow local users to overwrite arbitrary files via a symlink attack on a /tmp/_xml_##### temporary file.

tags | advisory, arbitrary, local, perl
systems | linux, mandriva
advisories | CVE-2014-5260
MD5 | a5850a95649f975bb2d1424a648f5e5a
Gnu Bash 4.3 CGI REFERER Command Injection
Posted Sep 26, 2014
Authored by Simo Ben Youssef | Site morxploit.com

GNU Bash versions 4.3 and below remote command injection exploit that leverages the REFERER header on vulnerable CGI scripts. Launches a connect-back shell. Written in Perl.

tags | exploit, remote, shell, cgi, perl, bash
advisories | CVE-2014-6271, CVE-2014-7169
MD5 | 4531f89bff0df788f0425631f66f06b4
Perl 5.20.1 Deep Recursion Stack Overflow
Posted Sep 25, 2014
Authored by Markus Vervier | Site lsexperts.de

A stack overflow was discovered when serializing data via the Data::Dumper extension which is part of Perl-Core. By using the "Dumper" method on a large Array-Reference which recursively contains other Array-References, it is possible to cause many recursive calls to the DD_dump native function and ultimately exhaust all available stack memory.

tags | exploit, overflow, perl
advisories | CVE-2014-4330
MD5 | c8b48caeada762d8666434be872973f9
Project Kakilles 0.3
Posted Sep 17, 2014
Authored by Doddy Hackman

Kakilles is a perl script that spawns an HTTP proxy and lets you modify user-agent, content, and cookie headers.

tags | tool, web, perl
MD5 | 1cc1fded4992b35bce2153081612884b
ClapTrap IRC Bot
Posted Sep 9, 2014
Authored by Doddy Hackman

ClapTrap is an IRC bot written in perl that performs various attacks against web applications.

tags | web, perl
MD5 | dafb55d48f5c9bdcbdcb2f8fcea3d269
Paranoic Scan 1.7
Posted Aug 30, 2014
Authored by Doddy Hackman

Paranoic is a simple vulnerability scanner written in Perl.

tags | tool, scanner, perl
systems | unix
MD5 | 6490730a15625806288c8b231a836ba5
Ubuntu Security Notice USN-2292-1
Posted Jul 17, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2292-1 - It was discovered that the LWP::Protocol::https perl module incorrectly disabled peer certificate verification completely when only hostname verification was requested to be disabled. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could possibly be exploited in certain scenarios to alter or compromise confidential information in applications that used the LWP::Protocol::https module.

tags | advisory, remote, web, perl, protocol
systems | linux, ubuntu
advisories | CVE-2014-3230
MD5 | b61d2123f38c984d4e741cd9f7ace0e7
Debian Security Advisory 2969-1
Posted Jun 27, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2969-1 - Bastian Blank reported a denial of service vulnerability in Email::Address, a Perl module for RFC 2822 address parsing and creation. Email::Address::parse used significant time on parsing empty quoted strings. A remote attacker able to supply specifically crafted input to an application using Email::Address for parsing, could use this flaw to mount a denial of service attack against the application.

tags | advisory, remote, denial of service, perl
systems | linux, debian
advisories | CVE-2014-0477
MD5 | d110df66b6bc321523c36bba21c87229
AlienVault OSSIM av-centerd Command Injection
Posted Jun 19, 2014
Authored by juan vazquez, temp66 | Site metasploit.com

This Metasploit module exploits a code execution flaw in AlienVault 4.6.1 and prior. The vulnerability exists in the av-centerd SOAP web service, where the update_system_info_debian_package method uses perl backticks in an insecure way, allowing command injection. This Metasploit module has been tested successfully on AlienVault 4.6.0.

tags | exploit, web, perl, code execution
advisories | CVE-2014-3804
MD5 | 1c11a63dae03a49e38608820c02a45e6
Mandriva Linux Security Advisory 2014-069
Posted Apr 9, 2014
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2014-069 - Florian Weimer of the Red Hat Product Security Team discovered a heap-based buffer overflow flaw in LibYAML, a fast YAML 1.1 parser and emitter library. A remote attacker could provide a YAML document with a specially-crafted tag that, when parsed by an application using libyaml, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. Ivan Fratric of the Google Security Team discovered a heap-based buffer overflow vulnerability in LibYAML, a fast YAML 1.1 parser and emitter library. A remote attacker could provide a specially-crafted YAML document that, when parsed by an application using libyaml, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application. The perl-YAML-LibYAML package is being updated as it contains an embedded copy of LibYAML.

tags | advisory, remote, overflow, arbitrary, perl
systems | linux, redhat, mandriva
advisories | CVE-2013-6393, CVE-2014-2525
MD5 | 3b3ef2b8dc99c854135c54e00277d9a9
Heartbleed Honeypot Script
Posted Apr 9, 2014
Authored by glitch | Site glitchwrks.com

This Perl script listens on TCP port 443 and responds with completely bogus SSL heartbeat responses, unless it detects the start of a byte pattern similar to that used in Jared Stafford's (jspenguin@jspenguin.org) demo for CVE-2014-0160 'Heartbleed'. Run as root for the privileged port. Outputs IPs of suspected heartbleed scan to the console. Rickrolls scanner in the hex dump.

tags | tool, root, perl, tcp, intrusion detection
systems | unix
advisories | CVE-2014-0160
MD5 | aa6604b077be236dfe5f5f3f8c9a84cd
Ubuntu Security Notice USN-2161-1
Posted Apr 3, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2161-1 - Florian Weimer discovered that libyaml-libyaml-perl incorrectly handled certain large YAML documents. An attacker could use this issue to cause libyaml-libyaml-perl to crash, resulting in a denial of service, or possibly execute arbitrary code. Ivan Fratric discovered that libyaml-libyaml-perl incorrectly handled certain malformed YAML documents. An attacker could use this issue to cause libyaml-libyaml-perl to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, perl
systems | linux, ubuntu
advisories | CVE-2013-6393, CVE-2014-2525
MD5 | 09442a8a9385a2d62d158801e2ef9c8b
Red Hat Security Advisory 2014-0322-01
Posted Mar 24, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-0322-01 - The net-snmp packages provide various libraries and tools for the Simple Network Management Protocol, including an SNMP library, an extensible agent, tools for requesting or setting information from SNMP agents, tools for generating and handling SNMP traps, a version of the netstat command which uses SNMP, and a Tk/Perl Management Information Base browser. A denial of service flaw was found in the way snmpd, the Net-SNMP daemon, handled subagent timeouts. A remote attacker able to trigger a subagent timeout could use this flaw to cause snmpd to loop infinitely or crash.

tags | advisory, remote, denial of service, perl, protocol
systems | linux, redhat
advisories | CVE-2012-6151, CVE-2014-2285
MD5 | d6da9316c756c232e64f58c538f056d6
Page 4 of 55
Back23456Next

File Archive:

September 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    1 Files
  • 2
    Sep 2nd
    3 Files
  • 3
    Sep 3rd
    15 Files
  • 4
    Sep 4th
    15 Files
  • 5
    Sep 5th
    18 Files
  • 6
    Sep 6th
    18 Files
  • 7
    Sep 7th
    15 Files
  • 8
    Sep 8th
    2 Files
  • 9
    Sep 9th
    2 Files
  • 10
    Sep 10th
    16 Files
  • 11
    Sep 11th
    17 Files
  • 12
    Sep 12th
    15 Files
  • 13
    Sep 13th
    29 Files
  • 14
    Sep 14th
    21 Files
  • 15
    Sep 15th
    3 Files
  • 16
    Sep 16th
    1 Files
  • 17
    Sep 17th
    15 Files
  • 18
    Sep 18th
    16 Files
  • 19
    Sep 19th
    29 Files
  • 20
    Sep 20th
    0 Files
  • 21
    Sep 21st
    0 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close