exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 39 RSS Feed

Files Date: 2016-06-09

Wireshark Analyzer 2.0.4
Posted Jun 9, 2016
Authored by Gerald Combs | Site wireshark.org

Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers.

Changes: Various updates.
tags | tool, sniffer, protocol
systems | windows, unix
SHA-256 | 9ea9c82da9942194ebc8fc5c951a02e6d179afa7472cb6d96ca76154510de1a5
I2P 0.9.26
Posted Jun 9, 2016
Authored by welterde | Site i2p2.de

I2P is an anonymizing network, offering a simple layer that identity-sensitive applications can use to securely communicate. All data is wrapped with several layers of encryption, and the network is both distributed and dynamic, with no trusted parties. This is the source code release version.

Changes: Various updates and bug fixes.
tags | tool
systems | unix
SHA-256 | 49fbaea7f4d5ea0606de68ebb270fc3d4380631ecfd5c9ad82ed9356e29df937
Falco 0.2.0
Posted Jun 9, 2016
Authored by Sysdig | Site sysdig.org

Sysdig falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco will notify you when these rules are violated. You can think about falco as a mix between snort, ossec and strace.

Changes: Added TravisCI regression tests. Rework of ruleset. Improved JSON output.
tags | tool, intrusion detection
systems | unix
SHA-256 | 308d8e2009a2ec4f9c31b9772a31ffb05e187054a4ef63b7de1987a33b76ebba
Fwknop Port Knocking Utility 2.6.9
Posted Jun 9, 2016
Authored by Michael Rash | Site cipherdyne.org

fwknop implements an authorization scheme that requires only a single encrypted packet to communicate various pieces of information, including desired access through a Netfilter policy and/or specific commands to execute on the target system. The main application of this program is to protect services such as SSH with an additional layer of security in order to make the exploitation of vulnerabilities much more difficult. The authorization server works by passively monitoring authorization packets via libpcap.

Changes: Added support for the SHA3 "Keccak" algorithm. Added support for libnetfilter_queue so that fwknopd can acquire SPA packets via the NFQ target. Various other additions and fixes.
tags | tool, scanner, vulnerability
systems | unix
SHA-256 | 9022a0e1b3ee1dc9cd1323efcc0e5f8f24bc521e19e9779efd9d23a3aa3e5577
phpMyFAQ 2.9.0 Cross Site Scripting
Posted Jun 9, 2016
Authored by Kacper Szurek

phpMyFAQ version 2.9.0 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 689de19daf66f0242804f0df49c4ccacb8627d0a227c57d7faf13fa652c312e3
Apache CloudStack 4.5.0 Authentication Bypass
Posted Jun 9, 2016
Authored by John Kinsella

Apache CloudStack contains an authentication module providing "single sign-on" functionality via the SAML data format. Under certain conditions, a user could manage to access the user interface without providing proper credentials. As the SAML plugin is disabled by default, this issue only affects installations that have enabled and use SAML-based authentication.

tags | advisory
advisories | CVE-2016-3085
SHA-256 | a4b1186aed8d05b27ac281e1250d62a1a3033e39f9bb7e46c69a4ba4a43d9dd7
Poison Ivy 2.1.x C2 Buffer Overflow
Posted Jun 9, 2016
Authored by Jos Wetzels | Site metasploit.com

This Metasploit module exploits a stack buffer overflow in the Poison Ivy 2.1.x C&C server. The exploit does not need to know the password chosen for the bot/server communication.

tags | exploit, overflow
SHA-256 | 4f558f9b55f9f8cc84972af4fc3f4cdbdcf5968234547a9e4d1b6b5291586cf8
IPFire proxy.cgi Remote Command Execution
Posted Jun 9, 2016
Authored by h00die, Yann CAM | Site metasploit.com

IPFire, a free linux based open source firewall distribution, versions prior to 2.19 Update Core 101 contain a remote command execution vulnerability in the proxy.cgi page.

tags | exploit, remote, cgi
systems | linux
SHA-256 | 4455d8714ad0f2e393232ebc31503bf395db118a9964e731f57356a841e46f2a
IPFire Bash Environment Variable Injection (Shellshock)
Posted Jun 9, 2016
Authored by h00die, Claudio Viviani | Site metasploit.com

IPFire, a free linux based open source firewall distribution, versions 2.15 Update Core 82 and below contain an authenticated remote command execution vulnerability via shellshock in the request headers.

tags | exploit, remote
systems | linux
advisories | CVE-2014-6271
SHA-256 | 72f8b0873dc11b2d3d2949fc7e34c4a2aa14b2eba24cd506e1e1251f6aec3dd2
Apache Struts REST Plugin With Dynamic Method Invocation Remote Code Execution
Posted Jun 9, 2016
Authored by Nixawk | Site metasploit.com

This Metasploit module exploits a remote command execution vulnerability in Apache Struts version between 2.3.20 and 2.3.28 (except 2.3.20.2 and 2.3.24.2). Remote Code Execution can be performed when using REST Plugin with ! operator when Dynamic Method Invocation is enabled.

tags | exploit, remote, code execution
advisories | CVE-2016-3087
SHA-256 | 222463195053d60b430e6eb5f81be72703e72a3084a5e10459c90b86de104a1b
Debian Security Advisory 3598-1
Posted Jun 9, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3598-1 - Patrick Coleman discovered that missing input sanitising in the ADPCM decoder of the VLC media player may result in the execution of arbitrary code if a malformed media file is opened.

tags | advisory, arbitrary
systems | linux, debian
advisories | CVE-2016-5108
SHA-256 | ef6e9f7013612db842224145000258841e752a70d48a8576bf41b2598f2f91c5
HP Security Bulletin HPSBGN03623 1
Posted Jun 9, 2016
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN03623 1 - A potential security vulnerability has been identified in HPE Universal CMDB. The vulnerability could be exploited remotely to allow remote disclosure of sensitive information. Revision 1 of this advisory.

tags | advisory, remote
advisories | CVE-2016-4367
SHA-256 | bf0b9e29255730ffd5c04f56dbaba7e2b31bc907e20a67ba4ff34cdfea4e81a2
HP Security Bulletin HPSBGN03622 1
Posted Jun 9, 2016
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN03622 1 - A potential security vulnerability has been identified in the Apache Commons Collections (ACC) component in HPE Universal CMDB, HPE Universal Discovery, and HPE Universal CMDB Configuration Manager. The vulnerability could be exploited remotely to allow remote code execution. Revision 1 of this advisory.

tags | advisory, remote, code execution
advisories | CVE-2016-4368
SHA-256 | 0a5e7a76ae0e9dea6d218c8ae25b1839f0e9d03d09644f803c67b625efe83789
HP Security Bulletin HPSBGN03621 1
Posted Jun 9, 2016
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN03621 1 - Several potential security vulnerabilities have been identified in the OpenSSL library for HPE Universal CMDB. These vulnerabilities could be exploited remotely to allow disclosure of sensitive information. Revision 1 of this advisory.

tags | advisory, vulnerability
advisories | CVE-2016-0701
SHA-256 | 6aafc05f1d11b18f3329c8dbdfe48519893d60f5e7b228f2e00ceff72c673efd
Ubuntu Security Notice USN-2995-1
Posted Jun 9, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2995-1 - Yuriy M. Kaminskiy discovered that the Squid pinger utility incorrectly handled certain ICMPv6 packets. A remote attacker could use this issue to cause Squid to crash, resulting in a denial of service, or possibly cause Squid to leak information into log files. Yuriy M. Kaminskiy discovered that the Squid cachemgr.cgi tool incorrectly handled certain crafted data. A remote attacker could use this issue to cause Squid to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, cgi
systems | linux, ubuntu
advisories | CVE-2016-3947, CVE-2016-4051, CVE-2016-4052, CVE-2016-4053, CVE-2016-4054, CVE-2016-4553, CVE-2016-4554, CVE-2016-4555, CVE-2016-4556
SHA-256 | 19d45016c93c515ab0067629562c37bd5711e3322bb091870d52f61616af52a2
Debian Security Advisory 3599-1
Posted Jun 9, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3599-1 - Marcin 'Icewall' Noga of Cisco Talos discovered an out-of-bound read vulnerability in the CInArchive::ReadFileItem method in p7zip, a 7zr file archiver with high compression ratio. A remote attacker can take advantage of this flaw to cause a denial-of-service or, potentially the execution of arbitrary code with the privileges of the user running p7zip, if a specially crafted UDF file is processed.

tags | advisory, remote, arbitrary
systems | cisco, linux, debian
advisories | CVE-2016-2335
SHA-256 | 626862b4be5bb093f1b8e89560a9b2b2111ae29fb01ecc8b1898acc507183f76
Ubuntu Security Notice USN-2993-1
Posted Jun 9, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2993-1 - Christian Holler, Gary Kwong, Jesse Ruderman, Tyson Smith, Timothy Nikkel, Sylvestre Ledru, Julian Seward, Olli Pettay, Karl Tomlinson, Christoph Diehl, Julian Hector, Jan de Mooij, Mats Palmgren, and Tooru Fujisawa discovered multiple memory safety issues in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitrary code. A buffer overflow was discovered when parsing HTML5 fragments in some circumstances. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash, or execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, overflow, arbitrary
systems | linux, ubuntu
advisories | CVE-2016-2815, CVE-2016-2818, CVE-2016-2819, CVE-2016-2821, CVE-2016-2822, CVE-2016-2825, CVE-2016-2828, CVE-2016-2829, CVE-2016-2831, CVE-2016-2832, CVE-2016-2833, CVE-2016-2834
SHA-256 | 2ff696ca4a756aacf9ad21083349f0d417485c427aad64ef4152513c33030755
Red Hat Security Advisory 2016-1218-01
Posted Jun 9, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1218-01 - Red Hat JBoss BPM Suite is a business rules and processes management system for the management, storage, creation, modification, and deployment of JBoss rules and BPMN2-compliant business processes. Security Fix: A denial of service flaw was found in the way Spring processes inline DTD declarations. A remote attacker could submit a specially crafted XML file that would cause out-of-memory errors when parsed.

tags | advisory, remote, denial of service
systems | linux, redhat
advisories | CVE-2015-3192
SHA-256 | b78080d56977ee4d591eab05c983c3ead51bb79b4fccb0ec666c1fb31690f68a
Red Hat Security Advisory 2016-1219-01
Posted Jun 9, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1219-01 - Red Hat JBoss BRMS is a business rules management system for the management, storage, creation, modification, and deployment of JBoss Rules. Security Fix: A denial of service flaw was found in the way Spring processes inline DTD declarations. A remote attacker could submit a specially crafted XML file that would cause out-of-memory errors when parsed.

tags | advisory, remote, denial of service
systems | linux, redhat
advisories | CVE-2015-3192
SHA-256 | 8b1adbf5a207ac5f62d367e6403b5a19686f9644563d19bddebc341e6715ec62
HP Security Bulletin HPSBMU03614 1
Posted Jun 9, 2016
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU03614 1 - Security vulnerabilities in Samba could potentially impact HPE Systems Insight Manager. These vulnerabilities could be remotely exploited using man-in-the-middle (MITM) attacks resulting in unauthorized identification of valid users and unqualified configuration changes. Revision 1 of this advisory.

tags | advisory, vulnerability
advisories | CVE-2016-2118
SHA-256 | 57050fb741cc6cede64fb1fa941893f6e42b2ac7316781e959344e9cfc600e90
HP Security Bulletin HPSBMU03584 2
Posted Jun 9, 2016
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU03584 2 - Multiple potential vulnerabilities have been addressed by HPE Network Node Manager I (NNMi). These vulnerabilities could be remotely exploited resulting in authentication bypass, Cross-Site Scripting (XSS), disclosure of information, or unauthorized access. Revision 2 of this advisory.

tags | advisory, vulnerability, xss
advisories | CVE-2012-6153, CVE-2014-3577, CVE-2016-2010, CVE-2016-2011, CVE-2016-2012, CVE-2016-2013, CVE-2016-2014
SHA-256 | 9d3210e006b78fa1a4ade7191659ecf926e882ebc76b0210925fc869c3037392
HP Security Bulletin HPSBGN03618 1
Posted Jun 9, 2016
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN03618 1 - Potential vulnerabilities have been identified in HPE Service Manager. These vulnerabilities could be remotely exploited to allow disclosure of information, unauthorized read access to files and server side request forgery. Revision 1 of this advisory.

tags | advisory, vulnerability
advisories | CVE-2016-4371
SHA-256 | 770c838de2c7d6f981b3b4017d493a14868de6fedf78e5241c304a616bff3b3b
HP Security Bulletin HPSBGN03624 1
Posted Jun 9, 2016
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN03624 1 - A potential vulnerability has been identified in Project and Portfolio Management Center. This vulnerability could be exploited to remotely to allow execution of arbitrary commands and disclosure of sensitive information. Revision 1 of this advisory.

tags | advisory, arbitrary
advisories | CVE-2016-4370
SHA-256 | 7c23964f5f63275c5b37a59f3aad150ebb8f9d880b0803c58664dcbe8c32c862
Red Hat Security Advisory 2016-1217-01
Posted Jun 9, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1217-01 - Mozilla Firefox is an open source web browser. This update upgrades Firefox to version 45.2.0 ESR. Security Fix: Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox.

tags | advisory, web, arbitrary
systems | linux, redhat
advisories | CVE-2016-2818, CVE-2016-2819, CVE-2016-2821, CVE-2016-2822, CVE-2016-2828, CVE-2016-2831
SHA-256 | 159d9f0cb18466fcbe9a71e38343d0456b48e9086cca2a6fad686eec1bd9eaf1
Android /system/bin/sdcard Stack Buffer Overflow
Posted Jun 9, 2016
Authored by Google Security Research, markbrand

There's an integer overflow issue in get_node_path_locked in /system/bin/sdcard on Android, which results in a buffer overflow.

tags | exploit, overflow
systems | linux
advisories | CVE-2016-2494
SHA-256 | 03bc08380fba4bccc4dcff7acf038b1a908c760c3558b538af25c67c1f49b3aa
Page 1 of 2
Back12Next

File Archive:

December 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    0 Files
  • 2
    Dec 2nd
    41 Files
  • 3
    Dec 3rd
    25 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close