exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 15 of 15 RSS Feed

Files Date: 2015-11-13

360-FAAR Firewall Analysis Audit And Repair 0.5.0
Posted Nov 13, 2015
Authored by Dan Martin | Site sourceforge.net

360-FAAR Firewall Analysis Audit and Repair is an offline command line perl policy manipulation tool to filter, compare to logs, merge, translate and output firewall commands for new policies, in checkpoint dbedit or screenos commands.

Changes: This release back ports the config parsers from the Enterprise Edition SuperFAAR. These parsers are greatly improved from the last release. This release only back ports the config parsers for the existing config parsers.
tags | tool, perl
systems | unix
SHA-256 | 2bc30c25d297336c3d2b383f599609fa2ba001b03cc737591a6fc4e4c09e185b
Idera Up.Time Monitoring Station 7.0 post2file.php Arbitrary File Upload Version 1
Posted Nov 13, 2015
Authored by Denis Andzakovic | Site metasploit.com

This Metasploit module exploits an arbitrary file upload vulnerability found within the Up.Time monitoring server 7.2 and below. A malicious entity can upload a PHP file into the webroot without authentication, leading to arbitrary code execution. Although the vendor fixed Up.Time to prevent this vulnerability, it was not properly mitigated. To exploit against a newer version of Up.Time (such as 7.4), please use exploits/multi/http/uptime_file_upload_2.

tags | exploit, web, arbitrary, php, code execution, file upload
SHA-256 | 3a747350c98cce69fa71e25b346c4de32b1a03a8ca5d876cf4c6dd0be8365fbc
Idera Up.Time Monitoring Station 7.4 post2file.php Arbitrary File Upload Version 2
Posted Nov 13, 2015
Authored by Denis Andzakovic | Site metasploit.com

This Metasploit module exploits a vulnerability found in Uptime version 7.4.0 and 7.5.0. The vulnerability began as a classic arbitrary file upload vulnerability in post2file.php, which can be exploited by exploits/multi/http/uptime_file_upload_1.rb, but it was mitigated by the vendor. Although the mitigation in place will prevent uptime_file_upload_1.rb from working, it can still be bypassed and gain privilege escalation, and allows the attacker to upload file again, and execute arbitrary commands.

tags | exploit, web, arbitrary, php, file upload
SHA-256 | e4c4f677632b91ee1052cfd06295ff58c8b4598033272f0dde8231ba8fb27720
vBulletin 5.1.2 Unserialize Code Execution
Posted Nov 13, 2015
Authored by Netanel Rubin, cutz, Julien (jvoisin) Voisin | Site metasploit.com

This Metasploit module exploits a PHP object injection vulnerability in vBulletin 5.1.2 to 5.1.9

tags | exploit, php
advisories | CVE-2015-7808
SHA-256 | 3d697e9884f896d99ec27c73b56469d04ac0450703c51290468ce41cd7c38ae0
Debian Security Advisory 3395-2
Posted Nov 13, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3395-2 - Marc Deslauriers reported that the update for krb5 issued as DSA-3395-1 did not contain the patch to address CVE-2015-2697 for the packages built for the oldstable distribution (wheezy). Updated packages are now available to address this issue.

tags | advisory
systems | linux, debian
advisories | CVE-2015-2697
SHA-256 | 6cbc0c63e8ebd0d23b43b85f63ec54c5b64643fa00f766a03f60b88af61652d5
Tails 1.6 Information Disclosure
Posted Nov 13, 2015
Authored by cenobyte

Tails versions 1.6 and below suffers from an information leak vulnerability via a symlink attack.

tags | exploit, info disclosure
SHA-256 | 4bc182b9191120b13aafd944de470614c5ad8a118056b97853287258da456e0f
b374k 3.2.3 2.8 CSRF / Command Injection
Posted Nov 13, 2015
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

b374k web shell versions 2.8 and 3.2.3 suffer from a cross site request forgery vulnerability that allows for remote command injection.

tags | exploit, remote, web, shell, csrf
SHA-256 | 7a3f5f494c2b27e756fd6b73c4b14796921e7612b045ce5d5b218e90626c8178
Microsoft Security Bulletin Revision Increment For November, 2015
Posted Nov 13, 2015
Site microsoft.com

This bulletin summary lists MS15-115 which has undergone a major revision increment.

tags | advisory
SHA-256 | d0ffd6187f0106f237ef91ecfd5e6539df275b7d3c1ff371c528a968dc5838a4
OpenBSD net-snmp Information Disclosure
Posted Nov 13, 2015
Authored by Pierre Kim

OpenBSD net-snmp suffers from a credential and information disclosure vulnerability.

tags | exploit, info disclosure
systems | openbsd
advisories | CVE-2015-8100
SHA-256 | a80d494deb52dc8a57e8c8f3a438e4dc2e1095c1a787fbcd33b9d4404d060cac
TUDU 0.82 Buffer Overflow
Posted Nov 13, 2015
Authored by Juan Sacco

TUDU versions 0.82 and below suffer from a buffer overflow vulnerability.

tags | exploit, overflow
SHA-256 | 83d68c94f65a0c6a83f7c6cea1eec4c53d6e68e59bdfdbb19fb361e7ece3a0d3
TACK 1.07 Buffer Overflow
Posted Nov 13, 2015
Authored by Juan Sacco

TACK versions 1.07 and below suffer from a buffer overflow vulnerability.

tags | exploit, overflow
SHA-256 | 7a22ef85875781a10dfe0095384f3a4b53d4b4596ef11747a0cf7e01b917b59a
WordPress i1.wp.com Functionality Abuse
Posted Nov 13, 2015
Authored by Andrea Menin

The WordPress i1.wp.com site can be abused to make arbitrary HTTP requests to other sites.

tags | exploit, web, arbitrary
SHA-256 | d25015a788fa798b28a2ffdfe2bbbcbd4e799a8d1d498442d16b1d02adf43af7
ESET Emulation Command Execution
Posted Nov 13, 2015
Authored by Tavis Ormandy, Google Security Research

A vulnerability exists managing a shadow stack in ESET Antivirus. It allows complete remote root/SYSTEM command execution on all ESET platforms and products.

tags | exploit, remote, root
systems | linux
SHA-256 | 54e383e693089b91935fe984c9f900208e8ba9545096a2ebbf8cb88081990c3b
Sam Spade 1.14 SEH Overflow
Posted Nov 13, 2015
Authored by Nipun Jaswal

Sam Spade version 1.14 S-Lang command field SEH overflow exploit.

tags | exploit, overflow
SHA-256 | 41df67192f57558444ffeab55b4679775fef44272a59521f731572d482a397d5
POLLSolved 1.5.2 SQL Injection / Authentication Bypass
Posted Nov 13, 2015
Authored by Persian Hack Team

POLLSolved version 1.5.2 suffers from a remote SQL injection vulnerability that allows for authentication bypass. Support for this script is deprecated.

tags | exploit, remote, sql injection
SHA-256 | 8d37108dc1944aac38df5b9bf07bc559d1b8b588512f97bfada3e2f3fe0ca082
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    0 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close