what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 24 of 24 RSS Feed

Files Date: 2017-04-05 to 2017-04-06

Spiceworks 7.5 TFTP Improper Access Control File Overwrite / Upload
Posted Apr 5, 2017
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Spiceworks version 7.5 suffers from a TFTP improper access control file overwrite / upload vulnerability.

tags | exploit
advisories | CVE-2017-7237
SHA-256 | 8c21de358d40b3e4d696799d3baf6ffe71350af1c4dc357f59ab857c840181ef
Hashcat Advanced Password Recovery 3.5.0 Source Code
Posted Apr 5, 2017
Authored by Kartan | Site hashcat.net

Hashcat is an advanced GPU hash cracking utility that includes the World's fastest md5crypt, phpass, mscash2 and WPA / WPA2 cracker. It also has the first and only GPGPU-based rule engine, focuses on highly iterated modern hashes, single dictionary-based attacks, and more. This is the source code release.

Changes: WPA cracking updates. Added hash-mode 15100 for Juniper/NetBSD sha1crypt. Various other updates.
tags | tool, cracker
systems | unix
SHA-256 | ed56265d5f05320dadce1e5fda2abda3ea49709b4d11b435dd1fde777fa503b6
Hashcat Advanced Password Recovery 3.5.0 Binary Release
Posted Apr 5, 2017
Authored by Kartan | Site hashcat.net

Hashcat is an advanced GPU hash cracking utility that includes the World's fastest md5crypt, phpass, mscash2 and WPA / WPA2 cracker. It also has the first and only GPGPU-based rule engine, focuses on highly iterated modern hashes, single dictionary-based attacks, and more. This is the binary release.

Changes: WPA cracking updates. Added hash-mode 15100 for Juniper/NetBSD sha1crypt. Various other updates.
tags | tool, cracker
SHA-256 | 0f3f1338325e1f46c1a622b30e9b90c4b54216d89e00b74816562e2659b2fc2a
Ubuntu Security Notice USN-3256-2
Posted Apr 5, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3256-2 - USN-3256-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, and Ubuntu 16.10. This update provides the corresponding updates for the Linux Hardware Enablement kernel for each of the respective prior Ubuntu LTS releases. Andrey Konovalov discovered that the AF_PACKET implementation in the Linux kernel did not properly validate certain block-size data. A local attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2017-7308
SHA-256 | 0a024b3bf399c95b2aeecc68c98b80da26d74f0a716f244a4f7a58f6f4bc64cc
Ubuntu Security Notice USN-3256-1
Posted Apr 5, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3256-1 - Andrey Konovalov discovered that the AF_PACKET implementation in the Linux kernel did not properly validate certain block-size data. A local attacker could use this to cause a denial of service.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2017-7308
SHA-256 | f4ca15580e67fd9476cb039ae24645bb0ce52d4a6c1d4964893c2575f2d9aa18
Red Hat Security Advisory 2017-0882-01
Posted Apr 5, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0882-01 - V8 is Google's open source JavaScript engine. V8 is written in C++ and is used in Google Chrome, the open source browser from Google. V8 implements ECMAScript as specified in ECMA-262, 3rd edition. Security Fix: An integer-overflow flaw was found in V8's Zone class when allocating new memory and Zone::NewExpand()). An attacker with the ability to manipulate a large zone could crash the application or, potentially, execute arbitrary code with the application privileges.

tags | advisory, overflow, arbitrary, javascript
systems | linux, redhat
advisories | CVE-2016-1669
SHA-256 | b674a25c203085102059e046eef50d9ddd2935f8aeff93d3a82c1b92766c6b11
Red Hat Security Advisory 2017-0880-01
Posted Apr 5, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0880-01 - V8 is Google's open source JavaScript engine. V8 is written in C++ and is used in Google Chrome, the open source browser from Google. V8 implements ECMAScript as specified in ECMA-262, 3rd edition. Security Fix: An integer-overflow flaw was found in V8's Zone class when allocating new memory and Zone::NewExpand()). An attacker with the ability to manipulate a large zone could crash the application or, potentially, execute arbitrary code with the application privileges.

tags | advisory, overflow, arbitrary, javascript
systems | linux, redhat
advisories | CVE-2016-1669
SHA-256 | b9bd3d751642aa95bc54de0d855132f51ca43ead478fb94dd12a4bd0281fe752
Red Hat Security Advisory 2017-0881-01
Posted Apr 5, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0881-01 - V8 is Google's open source JavaScript engine. V8 is written in C++ and is used in Google Chrome, the open source browser from Google. V8 implements ECMAScript as specified in ECMA-262, 3rd edition. Security Fix: An integer-overflow flaw was found in V8's Zone class when allocating new memory and Zone::NewExpand()). An attacker with the ability to manipulate a large zone could crash the application or, potentially, execute arbitrary code with the application privileges.

tags | advisory, overflow, arbitrary, javascript
systems | linux, redhat
advisories | CVE-2016-1669
SHA-256 | bea0b64f2a4443e4c40404ed6aad20164128fc2a0cfcfd3afbadce45566f9ffb
Red Hat Security Advisory 2017-0879-01
Posted Apr 5, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0879-01 - V8 is Google's open source JavaScript engine. V8 is written in C++ and is used in Google Chrome, the open source browser from Google. V8 implements ECMAScript as specified in ECMA-262, 3rd edition. Security Fix: An integer-overflow flaw was found in V8's Zone class when allocating new memory and Zone::NewExpand()). An attacker with the ability to manipulate a large zone could crash the application or, potentially, execute arbitrary code with the application privileges.

tags | advisory, overflow, arbitrary, javascript
systems | linux, redhat
advisories | CVE-2016-1669
SHA-256 | 9cf7b3d5d5e9c44892f94ab840b31ca88fb08221f05cbfb0fa79ca231c9666f2
Ubuntu Security Notice USN-3255-1
Posted Apr 5, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3255-1 - It was discovered that LightDM incorrectly handled home directory creation for guest users. A local attacker could use this issue to gain ownership of arbitrary directory paths and possibly gain administrative privileges.

tags | advisory, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2017-7358
SHA-256 | e3c530aa3a6c8b4341919d114315f695cce907d048180f01f6fa591ffdad7621
HPE Security Bulletin HPESBGN03727 1
Posted Apr 5, 2017
Authored by Hewlett Packard Enterprise | Site hpe.com

HPE Security Bulletin HPESBGN03727 1 - A potential security vulnerability has been identified in the HPE Business Process Monitor. This vulnerability could be remotely exploited to allow Unauthorized Access to Data. Revision 1 of this advisory.

tags | advisory
advisories | CVE-2017-5801
SHA-256 | c670895b0e4a5912df150993dd947d94b91f87d7d21a889866a5c8a80da960fe
Ubuntu Security Notice USN-3254-1
Posted Apr 5, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3254-1 - It was discovered that Django incorrectly handled numeric redirect URLs. A remote attacker could possibly use this issue to perform XSS attacks, and to use a Django server as an open redirect. Phithon Gong discovered that Django incorrectly handled certain URLs when the jango.views.static.serve view is being used. A remote attacker could possibly use a Django server as an open redirect.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2017-7233, CVE-2017-7234
SHA-256 | 801ae2bcbebfea2c9051c6832ae1dc3ea158685668ddfea06d6087a5c8b1837a
Debian Security Advisory 3826-1
Posted Apr 5, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3826-1 - It was discovered that the original patch to address CVE-2016-1242 did not cover all cases, which may result in information disclosure of file contents.

tags | advisory, info disclosure
systems | linux, debian
advisories | CVE-2017-0360
SHA-256 | 3423ca8a87e8fac614d9a76b1e45fc9a2696b78b085f209930549e16ff84f355
Red Hat Security Advisory 2017-0876-01
Posted Apr 5, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0876-01 - Red Hat Single Sign-On is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.1 serves as a replacement for Red Hat Single Sign-On 7.0, and includes several bug fixes and enhancements. For further information, refer to the Release Notes linked to in the References section. Multiple security issues have been addressed.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2016-8629, CVE-2016-9589, CVE-2017-2585
SHA-256 | f605f848eac3677359c0cfd5d8b3c785c49225521772e40e2c87158fa837fac5
Red Hat Security Advisory 2017-0873-01
Posted Apr 5, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0873-01 - Red Hat Single Sign-On is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.1 serves as a replacement for Red Hat Single Sign-On 7.0, and includes several bug fixes and enhancements. For further information regarding those, refer to the Release Notes linked to in the References section. Multiple security issues have been addressed.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2016-8629, CVE-2016-9589, CVE-2017-2585
SHA-256 | 79f1397e335da631c141ff1aceaea694a1d27061d7e149de62d949b51682f823
Red Hat Security Advisory 2017-0872-01
Posted Apr 5, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0872-01 - Red Hat Single Sign-On is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.1 serves as a replacement for Red Hat Single Sign-On 7.0, and includes several bug fixes and enhancements. For further information regarding those, refer to the Release Notes linked to in the References section. Multiple security issues have been addressed.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2016-8629, CVE-2016-9589, CVE-2017-2585
SHA-256 | 9de64a6dc1ddaa346174423bdb74d8cb932ac63f63ad4c39ef144f0000c6d486
Airbnb Crashpadder Clone Script SQL Injection
Posted Apr 5, 2017
Authored by Ihsan Sencan

Airbnb Crashpadder Clone Script suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | fe2c3fe7e764c02eb8226140c88dbf68a71fabb3b6c38420bdade7a1ca9c3ea5
D-Link DIR-615 Cross Site Request Forgery
Posted Apr 5, 2017
Authored by Pratik S. Shah

D-Link DIR-615 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
advisories | CVE-2017-7398
SHA-256 | f8915e5c7bacae0a5be94bb50488b379357c6226cc1624ae73cd16c7b3373923
Faveo Helpdesk Community 1.9.3 Cross Site Request Forgery
Posted Apr 5, 2017
Authored by yokoacc, rungga_reksya, AdyWikradinata, dvnrcy, dickysofficial

Faveo Helpdesk Community version 1.9.3 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
advisories | CVE-2017-7571
SHA-256 | cd0d8d4fed589c32ca2b88da91232f66bb2ac0d6aab89fa7ac60b139e8b44512
Premium Penny Auction Script SQL Injection
Posted Apr 5, 2017
Authored by Ihsan Sencan

Premium Penny Auction Script suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | e8b250848ca1d4865933522756f0c53ff994a1b6e38c487920a1276ed06c86c6
HelpDEZK 1.1.1 CSRF / Code Execution
Posted Apr 5, 2017
Authored by yokoacc, rungga_reksya, AdyWikradinata, dvnrcy, dickysofficial

HelpDEZK version 1.1.1 suffers from code execution and cross site request forgery vulnerabilities.

tags | exploit, vulnerability, code execution, csrf
advisories | CVE-2017-7446, CVE-2017-7447
SHA-256 | b1be2cf4dbd16239836335203cb6fa1fc408c6ddb11cbc022ff7903940e323cf
ImagePro Lazygirls Clone Script SQL Injection
Posted Apr 5, 2017
Authored by Ihsan Sencan

ImagePro Lazygirls Clone Script suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 6661dc89a2e493242015e4e0a5fd62cdd85c3785c2310a8938181f828edb36ef
Sweepstakes Pro Software SQL Injection
Posted Apr 5, 2017
Authored by Ihsan Sencan

Sweepstakes Pro Software suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | b7bdc69ead45ae5a330592dc4f52a3a0ce0cc81a7333515ca23eda53279f4a3a
Doctors Appointment Script SQL Injection
Posted Apr 5, 2017
Authored by Ihsan Sencan

Doctors Appointment Script suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | e2d1d5a7f21499e643b55aa979f867872fceadcc15ff9ed12c7bcd0f4222dc2d
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    69 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    0 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close