what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 15 of 15 RSS Feed

Files Date: 2017-07-05

Mobius Forensic Toolkit 0.5.29
Posted Jul 5, 2017
Site savannah.nongnu.org

Mobius Forensic Toolkit is a forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files for easy integration with other tools.

Changes: Tons of changes to the C++ and python APIs. Various other changes.
tags | tool, python, forensics
SHA-256 | f9daa3938a428933d87d2f38eacb02277da3445ce8d514999769195bbafa2057
Virtuozzo Power Panel (VZPP) 6.1.2 Buffer Over-Read
Posted Jul 5, 2017
Authored by Securify B.V., Sipke Mellema

Virtuozzo Power Panel (VZPP) and Automator version 6.1.2 suffers from a buffer over-read vulnerability.

tags | advisory
SHA-256 | 7be26c32161b9c5bdd16002cd161843f760e5431f129b4470ea901ed6ebe8986
Lepide Auditor Suite Remote Code Execution
Posted Jul 5, 2017
Authored by mr_me

Lepide Auditor Suite suffers from a createdb() web console database injection remote code execution vulnerability.

tags | exploit, remote, web, code execution
SHA-256 | 462ffdb5d3af8b3ae934289941c334f34e94bc504a64e25a18c7caf15d6b2b24
GoAutoDial 3.3 Authentication Bypass / Command Injection
Posted Jul 5, 2017
Authored by Chris McCurley | Site metasploit.com

This Metasploit module exploits a SQL injection flaw in the login functionality for GoAutoDial version 3.3-1406088000 and below, and attempts to perform command injection. This also attempts to retrieve the admin user details, including the cleartext password stored in the underlying database. Command injection will be performed with root privileges. The default pre-packaged ISO builds are available from goautodial.org. Currently, the hardcoded command injection payload is an encoded reverse-tcp bash one-liner and the handler should be setup to receive it appropriately.

tags | exploit, root, tcp, sql injection, bash
advisories | CVE-2015-2843, CVE-2015-2845
SHA-256 | 94721ce87cbcec20c3b6fb430d3119351af84675d49a97004d25f1efe7edfa5d
PDNS Manager Remote Command Execution
Posted Jul 5, 2017
Site redteam-pentesting.de

PDNS Manager from Git master 3bf4e28 (2016-12-12) through 2bb00ea (2017-05-22) suffer from a remote command execution vulnerability.

tags | exploit, remote
SHA-256 | 4cb7a145d0b426916656de00ed970ff40d01438a3a5fda816ce6c6a34d716786
IoT mDNS/DNS-SD QM Amplification Distributed Denial Of Service
Posted Jul 5, 2017
Authored by Todor Donev

IoT mDNS/DNS-SD QM amplification distributed denial of service exploit.

tags | exploit, denial of service
SHA-256 | 829d5b4b9383437aaeac7661f98d63ab35d4e672ae7ecb5b1326d2ff6c60dbc1
rpcinfo Portmap DUMP Call Amplification Distributed Denial Of Service
Posted Jul 5, 2017
Authored by Todor Donev

rpcinfo portmap DUMP call amplification distributed denial of service exploit.

tags | exploit, denial of service
SHA-256 | f4c72483776e35cbdaa2e0c400929b80a1b74c705cb72a50c5e2b790ff8dd263
Red Hat Security Advisory 2017-1682-01
Posted Jul 5, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-1682-01 - KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. Security Fix: Quick Emulator built with Network Block Device Server support was vulnerable to a null-pointer dereference issue. The flaw could occur when releasing a client, which was not initialized due to failed negotiation. A remote user or process could exploit this flaw to crash the qemu-nbd server.

tags | advisory, remote
systems | linux, redhat
advisories | CVE-2017-9524
SHA-256 | 18a519924fa584c24f05625223d5a771d0270edaa219c73b508dc67762f9135b
Red Hat Security Advisory 2017-1681-01
Posted Jul 5, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-1681-01 - Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm package provides the user-space component for running virtual machines that use KVM. Security Fix: Quick Emulator built with Network Block Device Server support was vulnerable to a null-pointer dereference issue. The flaw could occur when releasing a client, which was not initialized due to failed negotiation. A remote user or process could exploit this flaw to crash the qemu-nbd server.

tags | advisory, remote, kernel
systems | linux, redhat
advisories | CVE-2017-9524
SHA-256 | 6a0f0db85d0b3ab11f750d9cd2a542ddc3b81e51f32d439a7ae926d97d30b9a3
Red Hat Security Advisory 2017-1680-01
Posted Jul 5, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-1680-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Security Fix: A flaw was found in the way BIND handled TSIG authentication for dynamic updates. A remote attacker able to communicate with an authoritative BIND server could use this flaw to manipulate the contents of a zone, by forging a valid TSIG or SIG signature for a dynamic update request.

tags | advisory, remote, protocol
systems | linux, redhat
advisories | CVE-2017-3142, CVE-2017-3143
SHA-256 | ae6f1d26e065f8c55d963620aa808f7d613ede3c6c4756db295cb2df8c1ef7a0
Red Hat Security Advisory 2017-1679-01
Posted Jul 5, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-1679-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Security Fix: A flaw was found in the way BIND handled TSIG authentication for dynamic updates. A remote attacker able to communicate with an authoritative BIND server could use this flaw to manipulate the contents of a zone, by forging a valid TSIG or SIG signature for a dynamic update request.

tags | advisory, remote, protocol
systems | linux, redhat
advisories | CVE-2017-3142, CVE-2017-3143
SHA-256 | 3ebff34db87fde92646e5a398e546eebc9e1e0a93bcbd0c13de2e9b93373c4c0
Red Hat Security Advisory 2017-1678-01
Posted Jul 5, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-1678-01 - PostgreSQL is an advanced object-relational database management system. The following packages have been upgraded to a later upstream version: rh-postgresql94-postgresql. Security Fix: It was found that some selectivity estimation functions did not check user privileges before providing information from pg_statistic, possibly leaking information. A non-administrative database user could use this flaw to steal some information from tables they are otherwise not allowed to access.

tags | advisory
systems | linux, redhat
advisories | CVE-2017-7484, CVE-2017-7485, CVE-2017-7486
SHA-256 | 92dc2804c54c12caa0fcc7c0463d985618fd0263c14dbf07a2a9d646635de31c
Red Hat Security Advisory 2017-1677-01
Posted Jul 5, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-1677-01 - PostgreSQL is an advanced object-relational database management system. The following packages have been upgraded to a later upstream version: rh-postgresql95-postgresql. Security Fix: It was found that some selectivity estimation functions did not check user privileges before providing information from pg_statistic, possibly leaking information. A non-administrative database user could use this flaw to steal some information from tables they are otherwise not allowed to access.

tags | advisory
systems | linux, redhat
advisories | CVE-2017-7484, CVE-2017-7485, CVE-2017-7486
SHA-256 | 6a2a2bbb20f6e4a8d8c3e38008887bf59099e8071cb8e8af51234ac3b21fa488
Gentoo Linux Security Advisory 201707-01
Posted Jul 5, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201707-1 - Multiple vulnerabilities have been found in IcedTea, the worst of which may allow execution of arbitrary code. Versions less than 3.4.0 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2016-2183, CVE-2016-5546, CVE-2016-5547, CVE-2016-5548, CVE-2016-5549, CVE-2016-5552, CVE-2017-3231, CVE-2017-3241, CVE-2017-3252, CVE-2017-3253, CVE-2017-3260, CVE-2017-3261, CVE-2017-3272, CVE-2017-3289, CVE-2017-3509, CVE-2017-3511, CVE-2017-3512, CVE-2017-3514, CVE-2017-3526, CVE-2017-3533, CVE-2017-3539, CVE-2017-3544
SHA-256 | 0623e4d3abca09377537db725ce4ff922ab591a92df4341620aa94a4e2072b3c
Linux/x86 Reverse TCP Shellcode
Posted Jul 5, 2017
Authored by Geyslan G. Bem

67 bytes small Linux/x86 reverse TCP shellcode.

tags | x86, tcp, shellcode
systems | linux
SHA-256 | d6dc1cae7a2cc667976e1d4e52e97ec06499a822f1dcca007550bc4aef67c23b
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    17 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close