what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 17 of 17 RSS Feed

Files Date: 2014-10-23 to 2014-10-24

Tor-ramdisk i686 UClibc-based Linux Distribution x86_64 20141022
Posted Oct 23, 2014
Authored by Anthony G. Basile | Site opensource.dyc.edu

Tor-ramdisk is an i686 uClibc-based micro Linux distribution whose only purpose is to host a Tor server in an environment that maximizes security and privacy. Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. Security is enhanced by employing a monolithically compiled GRSEC/PAX patched kernel and hardened system tools. Privacy is enhanced by turning off logging at all levels so that even the Tor operator only has access to minimal information. Finally, since everything runs in ephemeral memory, no information survives a reboot, except for the Tor configuration file and the private RSA key which may be exported/imported by FTP. x86_64 version.

Changes: Tor updated to 0.2.4.25. OpenSSL updated to 1.0.1j. Kernel updated to 3.17.1 + Gentoo's hardened-patches-3.17.1-1.extras.
tags | tool, kernel, peer2peer
systems | linux
SHA-256 | 7afd946339ed0e240011d95097e63b4ee6e017fee06fdee676c784a96825b387
Tor-ramdisk i686 UClibc-based Linux Distribution x86 20141022
Posted Oct 23, 2014
Authored by Anthony G. Basile | Site opensource.dyc.edu

Tor-ramdisk is an i686 uClibc-based micro Linux distribution whose only purpose is to host a Tor server in an environment that maximizes security and privacy. Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. Security is enhanced by employing a monolithically compiled GRSEC/PAX patched kernel and hardened system tools. Privacy is enhanced by turning off logging at all levels so that even the Tor operator only has access to minimal information. Finally, since everything runs in ephemeral memory, no information survives a reboot, except for the Tor configuration file and the private RSA key which may be exported/imported by FTP. x86 version.

Changes: Tor updated to 0.2.4.25. OpenSSL updated to 1.0.1j. Kernel updated to 3.17.1 + Gentoo's hardened-patches-3.17.1-1.extras.
tags | tool, x86, kernel, peer2peer
systems | linux
SHA-256 | 3c787a0d097e5ef1ce64791ba329a9e6b847b00f6651626f9b8d1faa8db79cfb
Centreon SQL / Command Injection
Posted Oct 23, 2014
Authored by juan vazquez, MaZ | Site metasploit.com

This Metasploit module exploits several vulnerabilities on Centreon 2.5.1 and prior and Centreon Enterprise Server 2.2 and prior. Due to a combination of SQL injection and command injection in the displayServiceStatus.php component, it is possible to execute arbitrary commands as long as there is a valid session registered in the centreon.session table. In order to have a valid session, all it takes is a successful login from anybody. The exploit itself does not require any authentication. This Metasploit module has been tested successfully on Centreon Enterprise Server 2.2.

tags | exploit, arbitrary, php, vulnerability, sql injection
advisories | CVE-2014-3828, CVE-2014-3829
SHA-256 | 8809b442b4ed7e090f87d00c54c5b7bdd1ab5b1b01a8996dfc1c2404ff0bb501
TestLink 1.9.12 Path Disclosure
Posted Oct 23, 2014
Authored by EgiX

TestLink versions 1.9.12 and below suffer from a path disclosure weakness.

tags | advisory
advisories | CVE-2014-8082
SHA-256 | d4e121ab0a2d7487bb19bb362e04c56ee75b63e8fc27574280cfee78584f1aad
TestLink 1.9.12 PHP Object Injection
Posted Oct 23, 2014
Authored by EgiX

TestLink versions 1.9.12 and below suffer from a PHP object injection vulnerability in execSetResults.php.

tags | advisory, php
advisories | CVE-2014-8081
SHA-256 | 84140ec47ef7b41446e409364cc8ec283f65b120fa742ffdf380813e2bf74c75
OpenBSD 5.5 Local Kernel Panic
Posted Oct 23, 2014
Authored by nitr0us

OpenBSD versions 5.5 and below local kernel panic proof of concept exploit for i386.

tags | exploit, kernel, local, proof of concept
systems | openbsd
SHA-256 | 4c958cff42a397da0e7fd1de737c29e8578e3c3d90dd8e62623fb389e271ae47
Dell SonicWall GMS 7.2.x Script Insertion
Posted Oct 23, 2014
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

Dell SonicWall GMS version 7.2.x suffers from a script insertion vulnerability.

tags | exploit
SHA-256 | 6a90a0fa649d28212f442f6dc5fd9f9fed04975d70a1705e6583ea2632cd413e
WordPress CP Multi View Event Calendar 1.01 SQL Injection
Posted Oct 23, 2014
Authored by Claudio Viviani

WordPress CP Multi View Event Calendar plugin version 1.01 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | be7e5bf24575ee60d27163c3c49d5279f14d9efe7157d6083058b2ad90103294
WordPress / Joomla Creative Contact Form 0.9.7 Shell Upload
Posted Oct 23, 2014
Authored by Claudio Viviani, Gianni Angelozzi

WordPress / Joomla Creative Contact Form plugin versions 0.9.7 and below suffer from a remote shell upload vulnerability.

tags | exploit, remote, shell
SHA-256 | eb391ebca6e21e3d261e2f17e0d89b07a0bac8b6bed6861a21109d25042e3a13
Free WMA MP3 Converter 1.8 SEH Buffer Overflow
Posted Oct 23, 2014
Authored by metacom

Free WMA MP3 Converter version 1.8 SEH buffer overflow exploit.

tags | exploit, overflow
SHA-256 | 940c936bc69b5d2f2af7abf580fd022a89fa76a9996179dc5c7093942e2b7131
Ubuntu Security Notice USN-2388-1
Posted Oct 23, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2388-1 - A vulnerability was discovered in the OpenJDK JRE related to information disclosure and data integrity. An attacker could exploit this to expose sensitive data over the network. Several vulnerabilities were discovered in the OpenJDK JRE related to data integrity. Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure. An attacker could exploit these to expose sensitive data over the network. Various other issues were also addressed.

tags | advisory, vulnerability, info disclosure
systems | linux, ubuntu
advisories | CVE-2014-6457, CVE-2014-6502, CVE-2014-6504, CVE-2014-6506, CVE-2014-6511, CVE-2014-6512, CVE-2014-6517, CVE-2014-6519, CVE-2014-6527, CVE-2014-6531, CVE-2014-6558
SHA-256 | e0eb566de7e39ffdb026c018c7a44ee54cef451df75e5535fcaeed0492f8515e
Ubuntu Security Notice USN-2388-2
Posted Oct 23, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2388-2 - USN-2388-1 fixed vulnerabilities in OpenJDK 7 for Ubuntu 14.04 LTS. This update provides the corresponding updates for Ubuntu 14.10. A vulnerability was discovered in the OpenJDK JRE related to information disclosure and data integrity. An attacker could exploit this to expose sensitive data over the network. Various other issues were also addressed.

tags | advisory, vulnerability, info disclosure
systems | linux, ubuntu
advisories | CVE-2014-6457, CVE-2014-6502, CVE-2014-6504, CVE-2014-6506, CVE-2014-6511, CVE-2014-6512, CVE-2014-6513, CVE-2014-6517, CVE-2014-6519, CVE-2014-6531, CVE-2014-6558
SHA-256 | 4693a6bd44cd1e3723cd23fa1afcd9712920e3f66c3e4cc92286cfc16b6dacfe
Red Hat Security Advisory 2014-1668-01
Posted Oct 23, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-1668-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. A NULL pointer dereference flaw was found in the way the Linux kernel's Stream Control Transmission Protocol implementation handled simultaneous connections between the same hosts. A remote attacker could use this flaw to crash the system. This update also fixes several bugs and adds one enhancement.

tags | advisory, remote, kernel, protocol
systems | linux, redhat
advisories | CVE-2014-5077
SHA-256 | 01a170866c4a0d40ca22a3813281625f83ff86f1c137a71121dc4af73fcba5ee
Free WMA MP3 Converter 1.8 Buffer Overflow
Posted Oct 23, 2014
Authored by metacom

Free WMA MP3 Converter version 1.8 buffer overflow exploit.

tags | exploit, overflow
SHA-256 | 349244591b06fbf45c6c3bedbd84816ba5dcbd0c7d2698f07d5d8377c0189e32
ElectricCommander 4.2.4.71224 Privilege Escalation
Posted Oct 23, 2014
Authored by Sean Wright

ElectricCommander version 4.2.4.71224 suffers from a local privilege escalation vulnerability.

tags | advisory, local
advisories | CVE-2014-7180
SHA-256 | 139302eb4b0999cd770c756251480454ce0ddd8d7d7211bca12f6045642487b9
OpenSSL 6.7p1 bl0wsshd00r67p1 Backdoor
Posted Oct 23, 2014
Authored by Bl0w

bl0wsshd00r backdoors OpenSSH 6.7p1 with a magic password for any user, sniffs and records traffic, and mitigates logging to lastlog/wtmp/utmp.

tags | tool, rootkit
systems | unix
SHA-256 | 17bb28d0c4a3e2058cf728936b45586915c671f6cadd0920f2e695332adabeb7
Wonderful World-Wide CMS SQL Injection / Default Credentials
Posted Oct 23, 2014
Authored by eX-Sh1Ne

Wonderful World-Wide CMS suffers from having default administrative credentials and a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | f8f1bd8511a3df393b1fdfd3d84a7f1a3b129ef78ffbc88ee33f78ee48fcd0e6
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close