what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 8 of 8 RSS Feed

Files Date: 2015-08-23

Firefox PDF.js Privileged Javascript Injection
Posted Aug 23, 2015
Authored by temp66, joev, Marius Mlynski | Site metasploit.com

This Metasploit module gains remote code execution on Firefox 35-36 by abusing a privilege escalation bug in resource:// URIs. PDF.js is used to exploit the bug. This exploit requires the user to click anywhere on the page to trigger the vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2015-0816
SHA-256 | c7380b4bd424349eceddb0191b851de4ff91a0a5afb8b3430ceffce5b834c992
Faraday 1.0.13
Posted Aug 23, 2015
Authored by Francisco Amato

Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use the available tools in the community to take advantage of them in a multiuser way.

Changes: Exported CSV contains filters and columns from Status Report in WEB UI. Added quick vuln edit and delete in WEB UI. Expanded Unit Tests for WEB UI. Various other updates and additions.
tags | tool, rootkit
systems | unix
SHA-256 | 5d449b6f6c55b74d06b56b7435bc79236d2b0002e905211fd0c11d6d20b34d8c
Microsoft Security Bulletin Revision Increment For August, 2015
Posted Aug 23, 2015
Site microsoft.com

This bulletin summary lists one bulletin that has undergone a major revision increment for August, 2015.

tags | advisory
SHA-256 | dfd23be0dbefb8bb95dc5db6d5e39fb6fdd92d9ec2d58405d0f63d5abafff45f
Logstash 1.5.3 Man-In-The-Middle
Posted Aug 23, 2015
Authored by Markus Frosch

Logstash 1.5.3 and prior versions are vulnerable to a SSL/TLS security issue which allows an attacker to successfully implement a man in the middle attack. This vulnerability is not present in the initial installation of Logstash. This insecurity is exposed when users configure Lumberjack output to connect two Logstash instances. In such deployments, a Logstash instance is used to collect logs from a webserver and securely transmit them to a central Logstash instance to perform additional filtering and storing.

tags | advisory
advisories | CVE-2015-5619
SHA-256 | 8d94729ca78c886be74f1b17d603715f06729caa799a8b733cda4e486099eb9a
Apple Security Advisory 2015-08-20-1
Posted Aug 23, 2015
Authored by Apple | Site apple.com

Apple Security Advisory 2015-08-20-1 - QuickTime 7.7.8 is now available and addresses arbitrary code execution and memory corruption issues.

tags | advisory, arbitrary, code execution
systems | apple
advisories | CVE-2015-3788, CVE-2015-3789, CVE-2015-3790, CVE-2015-3791, CVE-2015-3792, CVE-2015-5751, CVE-2015-5779, CVE-2015-5785, CVE-2015-5786
SHA-256 | 31a4deb805a319fca7f77360e22ab19856e37387604603add15c19efbeaf3e5c
WordPress Googmonify 0.8.1 Cross Site Request Forgery / Cross Site Scripting
Posted Aug 23, 2015
Authored by Ehsan Hosseini

WordPress Googmonify plugin version 0.8.1 suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
SHA-256 | 06c403fcedb1a7fd5d3e040288ea006db2072b20c5136ce9aea6ead2c5f43109
VLC 2.2.1 Arbitrary Pointer Dereference
Posted Aug 23, 2015
Authored by Andrea Barisani, Open Source CERT, Loren Maggiore

VLC versions 2.2.1 and below suffer from an arbitrary pointer dereference vulnerability.

tags | advisory, arbitrary
advisories | CVE-2015-5949
SHA-256 | 5729beee45859fa6c90c4ec59513f7ad8f788728b656de7ca5a61d5fed77f09c
UBNT Script Insertion
Posted Aug 23, 2015
Authored by Hadji Samir, Vulnerability Laboratory | Site vulnerability-lab.com

Ubiquiti Networks Community online service web application allows for malicious script code to be inserted in the filename.

tags | exploit, web
SHA-256 | 002d12b4f423b45de91babce8e586c124de4cd418c0f8a59c5ba722de1cf4597
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close