what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 21 of 21 RSS Feed

Files Date: 2016-03-01

ATutor 2.2.1 SQL Injection / Remote Code Execution
Posted Mar 1, 2016
Authored by mr_me | Site metasploit.com

This Metasploit module exploits a SQL Injection vulnerability and an authentication weakness vulnerability in ATutor. This essentially means an attacker can bypass authentication and reach the administrators interface where they can upload malicious code. You are required to login to the target to reach the SQL Injection, however this can be done as a student account and remote registration is enabled by default.

tags | exploit, remote, sql injection
advisories | CVE-2016-2555
SHA-256 | a6c389a060af6250a11b90dc368c3767a38101c233bf56de262525913aae7d39
Microsoft PowerPoint Viewer 12.0.6600.1000 DLL Hijacking
Posted Mar 1, 2016
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Microsoft PowerPoint Viewer version 12.0.6600.1000 suffers from a DLL hijacking vulnerability.

tags | exploit
systems | windows
SHA-256 | 4de11fe57539aa40ff35d2f2f48e5b73a1ede84b080a3ca9550804dd5433ffe9
Crouzet em4 soft 1.1.04 / M3 soft 3.1.2.0 Insecure File Permissions
Posted Mar 1, 2016
Authored by LiquidWorm | Site zeroscience.mk

em4 soft and M3 soft both suffer from a privilege escalation vulnerability. Executables can be changed by an authenticated user due to improper permissions.

tags | exploit
SHA-256 | 8486cbd36e94575449d27d839503870c0fd038f9e1b6b4bd2374d7c9f725f9ca
Crouzet em4 soft 1.1.04 Integer Division By Zero
Posted Mar 1, 2016
Authored by LiquidWorm | Site zeroscience.mk

em4 soft suffers from a division by zero attack when handling Crouzet Logic Software Document '.pm4' files, resulting in denial of service vulnerability and possibly loss of data.

tags | exploit, denial of service
systems | linux
SHA-256 | 8767d1ebfa91b86addb2e8a75883f8a08e2566868714e027e78fa519e7724a89
Sophos UTM 525 Full Guard Cross Site Scripting
Posted Mar 1, 2016
Authored by Dr. Adrian Vollmer | Site syss.de

Inserting an HTML 'script' tag into the URL of a web site protected by Sophos UTM 525 yields an error page which contains the 'script' tag unfiltered. Executing malicious JavaScript code in the victim's browser is therefore straightforward.

tags | exploit, web, javascript
SHA-256 | 1eceff53bf6b122d6139c8726d40ddfbec1d153d9f984494053dc00259fcd5f7
OpenSSL Toolkit 1.0.2g
Posted Mar 1, 2016
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.

Changes: Disabled weak ciphers in SSLv3 and up in default builds of OpenSSL. Disabled SSLv2 default build, default negotiation and weak ciphers. Fixed a double-free in DSA code. Various other security issues addressed.
tags | tool, encryption, protocol
systems | unix
advisories | CVE-2016-0702, CVE-2016-0705, CVE-2016-0797, CVE-2016-0798, CVE-2016-0799
SHA-256 | b784b1b3907ce39abf4098702dade6365522a253ad1552e267a9a0e89594aa33
WordPress GravityForms 1.9.15.11 Cross Site Scripting
Posted Mar 1, 2016
Authored by Henri Salo

WordPress GravityForms plugin version 1.9.15.11 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | b9b98a35deb580cb3991e6926dcdef9f356de1a842e73426ecff9e3790bac492
perfact::mpa Persistent Cross Site Scripting
Posted Mar 1, 2016
Authored by Matthias Deeg, Sven Freund | Site syss.de

The SySS GmbH found out that different functions of the web application perfact::mpa are prone to persistent cross-site scripting attacks due to insufficient user input validation.

tags | exploit, web, xss
SHA-256 | 3de9ebd0a6d7d71bc98db0dbfca47d2036e6cb55c8c5730f0710bc34b796c3d7
perfact::mpa Insecure Direct Object Reference
Posted Mar 1, 2016
Authored by Matthias Deeg, Sven Freund | Site syss.de

The SySS GmbH found out that different resources of the web application perfact::mpa can be directly accessed by the correct URL due to improper user authorization checks. That is, unauthorized users can access different functions of the perfact::mpa web application.

tags | exploit, web
SHA-256 | 9ddb061b9a0b9ab1cc362d42499ce13c2180721efde797ef3793f8df0246c9b2
perfact::mpa Open Redirect
Posted Mar 1, 2016
Authored by Matthias Deeg, Sven Freund | Site syss.de

The SySS GmbH found out that the web application perfact:mpa accepts user-controlled input via the URL parameter "redir" that can be used to redirect victims to an arbitrary site which simplifies so-called phishing attacks.

tags | exploit, web, arbitrary
SHA-256 | 1240006c91f037df38cbcd2cbcc641d8f0ac32f2445fa4d65f159730f692deb7
perfact::mpa Insecure Direct Object Reference
Posted Mar 1, 2016
Authored by Matthias Deeg, Sven Freund | Site syss.de

The SySS GmbH found out that any logged in user is able to download valid VPN configuration files of arbitrary existing remote sessions. All an intruder needs to know is the URL with the dynamic parameter "brsessid". Due to the modification of this incremental increasing integer value, it is possible to enumerate and download a valid VPN configuration file for every existing remote session.

tags | exploit, remote, arbitrary
SHA-256 | 0395cba8a67f491b8450abca96173ea16da49abe7cd6b3f2d88cf3e02d04710c
perfact::mpa Cross Site Request Forgery
Posted Mar 1, 2016
Authored by Matthias Deeg, Sven Freund | Site syss.de

The tested web application perfact::mpa offers no protection against cross-site request forgery (CSRF) attacks. This kind of attack forces end users respectively their web browsers to perform unwanted actions in a web application context in which they are currently authenticated.

tags | exploit, web, csrf
SHA-256 | 2b1425b7f0db4e14f7b33d9778f0a59b7e1c1b93b42771c51ac1b69ae8116af3
perfact::mpa Insecure Direct Object Reference
Posted Mar 1, 2016
Authored by Matthias Deeg, Sven Freund | Site syss.de

SySS GmbH found out that unauthorized users are able to download arbitrary files of other users that have been uploaded via the file upload functionality. As the file names of uploaded files are incremental integer values, it is possible to enumerate and download all uploaded files without any authorization.

tags | exploit, arbitrary, file upload
SHA-256 | b599bdab77ad574016e3a7c31c5ca968b8a2daac827a37f269eb26e143e5fe99
perfact::mpa Reflected Cross Site Scripting
Posted Mar 1, 2016
Authored by Matthias Deeg, Sven Freund | Site syss.de

SySS GmbH found out that the request new user and translation functionalities of the web application perfact::mpa are prone to reflected cross-site scripting attacks.

tags | exploit, web, xss
SHA-256 | c41cae5aadb2813a38940d61e582bbde74c6eac30c32083652ec5ccf789a03e0
Packet Storm New Exploits For February, 2016
Posted Mar 1, 2016
Authored by Todd J. | Site packetstormsecurity.com

This archive contains all of the 240 exploits added to Packet Storm in February, 2016.

tags | exploit
systems | linux
SHA-256 | ba7356729c37007d4d38ff69306484d89001c138aaa6d3c6695ded696090e042
Red Hat Security Advisory 2016-0328-01
Posted Mar 1, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0328-01 - OpenStack Object Storage provides object storage in virtual containers, which allows users to store and retrieve files. The service's distributed architecture supports horizontal scaling; redundancy as failure-proofing is provided through software-based data replication. Because Object Storage supports asynchronous eventual consistency replication, it is well suited to multiple data-center deployment. A memory-leak issue was found in OpenStack Object Storage, in the proxy-to-server connection. An OpenStack-authenticated attacker could remotely trigger this flaw to cause denial of service through excess memory consumption.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2016-0737, CVE-2016-0738
SHA-256 | 95aa420f792a3450a9feb7ef743b5ff2bbd8812bdff148aea3b1e2d82684cc89
Red Hat Security Advisory 2016-0329-01
Posted Mar 1, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0329-01 - OpenStack Object Storage provides object storage in virtual containers, which allows users to store and retrieve files. The service's distributed architecture supports horizontal scaling; redundancy as failure-proofing is provided through software-based data replication. Because Object Storage supports asynchronous eventual consistency replication, it is well suited to multiple data-center deployment. A memory-leak issue was found in OpenStack Object Storage, in the proxy-to-server connection. An OpenStack-authenticated attacker could remotely trigger this flaw to cause denial of service through excess memory consumption.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2016-0737, CVE-2016-0738
SHA-256 | 20b058035a4c55b339aeb0c9f06e39f47f0bee33ed7b6a0fc65b7781ab53865a
HPE Security Bulletin HPSBUX03552 SSRT102983 1
Posted Mar 1, 2016
Authored by Hewlett Packard Enterprise | Site hpe.com

HPE Security Bulletin HPSBUX03552 SSRT102983 1 - A potential security vulnerability has been identified in the HP-UX BIND service running named. This vulnerability could be exploited remotely to create a Denial of Service (DoS). Revision 1 of this advisory.

tags | advisory, denial of service
systems | hpux
advisories | CVE-2015-8000, CVE-2015-8704
SHA-256 | 7cabe3343bf21619013021f50133dc63be6a2b2667215bea42b7afa0d0a56847
Red Hat Security Advisory 2016-0321-01
Posted Mar 1, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0321-01 - Red Hat JBoss Fuse, based on Apache ServiceMix, provides a small-footprint, flexible, open source enterprise service bus and integration platform. This patch is an update to Red Hat JBoss Fuse 6.2.1. It includes several bug fixes, which are documented in the readme.txt file included with the patch files. The following security issue is addressed in this release: It was found that Apache CXF permitted wrapping attacks in its support for SAML SSO. A malicious user could construct a SAML response that would bypass the login screen and possibly gain access to restricted information or resources.

tags | advisory
systems | linux, redhat
advisories | CVE-2015-5253
SHA-256 | b5fc605564334067d2106af7ea52468e2c4d0b24068695c26353d85bbf548c01
Mandos Encrypted File System Unattended Reboot Utility 1.7.3
Posted Mar 1, 2016
Authored by Teddy | Site fukt.bsnet.se

The Mandos system allows computers to have encrypted root file systems and at the same time be capable of remote or unattended reboots. The computers run a small client program in the initial RAM disk environment which will communicate with a server over a network. All network communication is encrypted using TLS. The clients are identified by the server using an OpenPGP key that is unique to each client. The server sends the clients an encrypted password. The encrypted password is decrypted by the clients using the same OpenPGP key, and the password is then used to unlock the root file system.

Changes: Multiple bug fixes.
tags | tool, remote, root
systems | linux, unix
SHA-256 | 598f58950f0cbc9ab0b09a7b2beab864f6b0fa4ba8048584f0cb721dc274ee2b
OpenSSL Security Advisory 20160301
Posted Mar 1, 2016
Site openssl.org

OpenSSL Security Advisory 20160301 - A cross-protocol attack was discovered that could lead to decryption of TLS sessions by using a server supporting SSLv2 and EXPORT cipher suites as a Bleichenbacher RSA padding oracle. Note that traffic between clients and non-vulnerable servers can be decrypted provided another server supporting SSLv2 and EXPORT ciphers (even with a different protocol such as SMTP, IMAP or POP) shares the RSA keys of the non-vulnerable server. This vulnerability is known as DROWN (CVE-2016-0800). Other issues were also addressed.

tags | advisory, imap, protocol
advisories | CVE-2015-0293, CVE-2015-3197, CVE-2016-0702, CVE-2016-0703, CVE-2016-0704, CVE-2016-0705, CVE-2016-0797, CVE-2016-0798, CVE-2016-0799, CVE-2016-0800
SHA-256 | 01a1884d87908b83b7d1ea8457725884e3808b62f9b3c4b5d54e2a07a55e9dd8
Page 1 of 1
Back1Next

File Archive:

December 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    0 Files
  • 2
    Dec 2nd
    41 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close