what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 15 of 15 RSS Feed

Files Date: 2016-04-21 to 2016-04-22

libgd 2.1.1 Signedness
Posted Apr 21, 2016
Authored by Hans Jerry Illikainen

A signedness vulnerability exists in libgd version 2.1.1 which may result in a heap overflow when processing compressed gd2 data.

tags | exploit, overflow
advisories | CVE-2016-3074
SHA-256 | 3a2ce455a8601a1585ae58c370524696afc5c9cf036efab381d9622a8c9decf1
Symantec Brightmail 10.6.0-7 LDAP Credential Grabber
Posted Apr 21, 2016
Authored by Fakhir Karim Reda

Symantec Brightmail versions 10.6.0-7 and below save the AD password in a place where it can be retrieved.

tags | exploit
advisories | CVE-2016-2203
SHA-256 | 88d3d8221a33175dc392a1dde9b17ac2dce0186a796efa0efdcc5c79c77bb457
Exponent CMS 2.3.5 File Upload Cross Site Scripting
Posted Apr 21, 2016
Authored by Sachin Wagh

Exponent CMS version 2.3.5 suffers from a file upload vulnerability that allows for cross site scripting.

tags | exploit, xss, file upload
advisories | CVE-2015-8684
SHA-256 | c4ece7a07c3fa3b38dd0fb113aad54aacd042e613d452d326da6237d70179fcc
Exponent CMS 2.3.5 Cross Site Scripting
Posted Apr 21, 2016
Authored by Sachin Wagh

Exponent CMS version 2.3.5 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2015-8667
SHA-256 | 6a585b0745893b5ede86522555e556bf41c3aa59e50576817c204b6240bf2ae1
Ubuntu Security Notice USN-2952-1
Posted Apr 21, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2952-1 - It was discovered that the PHP Zip extension incorrectly handled directories when processing certain zip files. A remote attacker could possibly use this issue to create arbitrary directories. It was discovered that the PHP Soap client incorrectly validated data types. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, php
systems | linux, ubuntu
advisories | CVE-2014-9767, CVE-2015-8835, CVE-2015-8838, CVE-2016-1903, CVE-2016-2554, CVE-2016-3141, CVE-2016-3142, CVE-2016-3185
SHA-256 | 4d6db38bd4a4eeeff3a87c17afbc7413a7d3d1c3b63225f6e73d061b71d981c9
ImpressCMS 1.3.9 SQL Injection
Posted Apr 21, 2016
Authored by Manuel Garcia Cardenas

ImpressCMS versions 1.3.9 and below suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 61197cfbac59fcda7b4cf54107bb9e3be6d92521823d8c532388723addffcece
Red Hat Security Advisory 2016-0678-01
Posted Apr 21, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0678-01 - Oracle Java SE version 7 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update upgrades Oracle Java SE 7 to version 7 Update 101. Security Fix: This update fixes multiple vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2016-0686, CVE-2016-0687, CVE-2016-0695, CVE-2016-3422, CVE-2016-3425, CVE-2016-3427, CVE-2016-3443, CVE-2016-3449
SHA-256 | 63a203916e8946bb559b14bc46107ba6a1973b9155ec04c0330c9d74b5feb030
Red Hat Security Advisory 2016-0677-01
Posted Apr 21, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0677-01 - Oracle Java SE version 8 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update upgrades Oracle Java SE 8 to version 8 Update 91. Security Fix: This update fixes multiple vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2016-0686, CVE-2016-0687, CVE-2016-0695, CVE-2016-3422, CVE-2016-3425, CVE-2016-3426, CVE-2016-3427, CVE-2016-3443, CVE-2016-3449
SHA-256 | 998b4e01ddd98bf99e316038c9799396bb83ab95f8c668a5bfc4e7d7fb84c82b
Red Hat Security Advisory 2016-0676-01
Posted Apr 21, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0676-01 - The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. Security Fix: Multiple flaws were discovered in the Serialization and Hotspot components in OpenJDK. An untrusted Java application or applet could use these flaws to completely bypass Java sandbox restrictions. It was discovered that the RMI server implementation in the JMX component in OpenJDK did not restrict which classes can be deserialized when deserializing authentication credentials. A remote, unauthenticated attacker able to connect to a JMX port could possibly use this flaw to trigger deserialization flaws.

tags | advisory, java, remote
systems | linux, redhat
advisories | CVE-2016-0686, CVE-2016-0687, CVE-2016-0695, CVE-2016-3425, CVE-2016-3427
SHA-256 | 4957fba7cfab0271e2e2a1b7fecd59abf0cb0d1af97fb5c03cb515635a2e3346
Red Hat Security Advisory 2016-0675-01
Posted Apr 21, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0675-01 - The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. Security Fix: Multiple flaws were discovered in the Serialization and Hotspot components in OpenJDK. An untrusted Java application or applet could use these flaws to completely bypass Java sandbox restrictions. It was discovered that the RMI server implementation in the JMX component in OpenJDK did not restrict which classes can be deserialized when deserializing authentication credentials. A remote, unauthenticated attacker able to connect to a JMX port could possibly use this flaw to trigger deserialization flaws.

tags | advisory, java, remote
systems | linux, redhat
advisories | CVE-2016-0686, CVE-2016-0687, CVE-2016-0695, CVE-2016-3425, CVE-2016-3427
SHA-256 | 31475770043462674735810ea8ce72f5a339a55eb8567815e81b1270ae16e78e
OpenTSDB Remote Code Execution
Posted Apr 21, 2016
Authored by gsoc

OpenTSDB suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
SHA-256 | ef629a5afda4799864a0738de815ff969d73a1592c4e3b2c08cc18011241292a
Webutler CMS 3.2 Cross Site Request Forgery
Posted Apr 21, 2016
Authored by Keerati T.

Webutler CMS version 3.2 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | c60c42cc4336feb6ee9c83dcae2abc556f909850f348817fea74aa3881349b35
WordPress iThemes Security Insecure Backup / Logfile Generation
Posted Apr 21, 2016
Authored by Nicolas Chatelain

WordPress iThemes Security suffers from insecure backup and logfile generation vulnerabilities.

tags | exploit, vulnerability
SHA-256 | e3308d1fef8c8d026f085134a8bb431d3946592ebc3e93771257b503662abd8d
Linux/x86 Port 5600 Bindshell Shellcode
Posted Apr 21, 2016
Authored by Ajith KP

86 bytes small Linux/x86_64 bindshell shellcode that binds to port 5600.

tags | shellcode
systems | linux
SHA-256 | f415d1d03a37b33543e9ec01d985ee645f372c6796387430d18867f67f06632f
Shellsploit Framework Beta 0.2
Posted Apr 21, 2016
Authored by B3mB4m | Site github.com

Shellsploit lets you generate customized shellcodes, backdoors, and injectors for various operating systems. It also has obfuscation abilities.

tags | tool, shellcode
systems | unix
SHA-256 | 0d83b41f945d8f4cd97823b67e89a5980fd04776e6b7f23185f7d09ecd0d74ec
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    0 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close