what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 15 of 15 RSS Feed

Files Date: 2016-08-09 to 2016-08-10

Raptor WAF 0.2
Posted Aug 9, 2016
Authored by coolervoid

Raptor is a web application firewall written in C that uses DFA to block SQL injection, cross site scripting, and path traversals.

Changes: Various updates.
tags | tool, web, firewall, xss, sql injection
systems | unix
SHA-256 | 923cdb6e5ca88b6f0ebaca62f650819c0d9b6ac5c4bdc58835f40a6a364af04c
Lynis Auditing Tool 2.3.2
Posted Aug 9, 2016
Authored by Michael Boelen | Site cisofy.com

Lynis is an auditing tool for Unix (specialists). It scans the system and available software to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated auditing, software patch management, vulnerability and malware scanning of Unix based systems.

Changes: Tests are now grouped by their focus area and named groups accordingly. Besides groups, each test will belong to a category (performance, privacy, or security). Various other updates.
tags | tool, scanner
systems | unix
SHA-256 | ccc77cc66c14526824fd39dfb2539bb601249e9b70c87d1d0f2f917e23db0975
Facebook User ID Bypass Issue
Posted Aug 9, 2016
Authored by Vulnerability Laboratory, SaifAllah benMassaoud, Zahid Mehmood | Site vulnerability-lab.com

A vulnerability allowed remote attackers to determine which specific Facebook user ID is linked with a mobile phone number without secure approval. The vulnerability is located in the ctx and recover lwv parameters and /login/identify modules.

tags | exploit, remote
SHA-256 | 1f368fb681cb0f83b994a4f076b47f93bf100cc10af4af529935449d736dd571
AirSnort 0.2.7 Stack Corruption Denial Of Service
Posted Aug 9, 2016
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

AirSnort version 0.2.7 suffers from a stack corruption denial of service vulnerability.

tags | exploit, denial of service
SHA-256 | a000566860577c46a2f8b303aee53f745d53565262b95a3b55c3cd0d5b308737
Any Video Converter 5.9.5 DLL Hijacking
Posted Aug 9, 2016
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Any Video Converter version 5.9.5 suffers from a dll hijacking vulnerability.

tags | exploit
SHA-256 | 1536ebf1c3162761ab646ef4b5b94b2153d3b5d816712287cdae8f5d18ede71c
Microsoft GDI+ Out-Of-Bounds Read
Posted Aug 9, 2016
Authored by Google Security Research, mjurczyk

Microsoft GDI+ suffers from an out-of-bounds read in DIB palette handling in ValidateBitmapInfo.

tags | exploit
SHA-256 | b131f5d54b222bb102eab5eb641504aa9eed19d929668be9eeb7bff8111fa709
Red Hat Security Advisory 2016-1583-01
Posted Aug 9, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1583-01 - Minimatch is a minimal matching utility that works by converting glob expressions into JavaScript RegExp objects. Security Fix: A regular expression denial of service flaw was found in Minimatch. An attacker able to make an application using Minimatch to perform matching using a specially crafted glob pattern could cause the application to consume an excessive amount of CPU.

tags | advisory, denial of service, javascript
systems | linux, redhat
advisories | CVE-2016-1000023
SHA-256 | 0d1ff99ec8bd5a633a95dd3a341a48cab2ede978442c7c8a329dda3701f1a07e
Red Hat Security Advisory 2016-1582-01
Posted Aug 9, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1582-01 - Minimatch is a minimal matching utility that works by converting glob expressions into JavaScript RegExp objects. Security Fix: A regular expression denial of service flaw was found in Minimatch. An attacker able to make an application using Minimatch to perform matching using a specially crafted glob pattern could cause the application to consume an excessive amount of CPU.

tags | advisory, denial of service, javascript
systems | linux, redhat
advisories | CVE-2016-1000023
SHA-256 | 6b65a7593b94ad58f8c977b277674a50ec585646831d3d522a915559d5c87647
Red Hat Security Advisory 2016-1581-01
Posted Aug 9, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1581-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A flaw was found in the way certain interfaces of the Linux kernel's Infiniband subsystem used write() as bi-directional ioctl() replacement, which could lead to insufficient memory security checks when being invoked using the splice() system call. A local unprivileged user on a system with either Infiniband hardware present or RDMA Userspace Connection Manager Access module explicitly loaded, could use this flaw to escalate their privileges on the system.

tags | advisory, kernel, local
systems | linux, redhat
advisories | CVE-2016-4565
SHA-256 | a289a3f31cb45085d0521e74a9fb29cad805dc630b75e4207f766fbc4397ad81
Red Hat Security Advisory 2016-1580-01
Posted Aug 9, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1580-01 - Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 52.0.2743.116. Security Fix: Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Chromium to crash, execute arbitrary code, or disclose sensitive information when visited by the victim.

tags | advisory, web, arbitrary
systems | linux, redhat
advisories | CVE-2016-5139, CVE-2016-5140, CVE-2016-5141, CVE-2016-5142, CVE-2016-5143, CVE-2016-5144, CVE-2016-5145, CVE-2016-5146
SHA-256 | 0a90745c288adf50a8d3642d8c254da41e1c6c70fa80533eb5590ebc6596400f
Samhain File Integrity Checker 4.1.5
Posted Aug 9, 2016
Authored by Rainer Wichmann | Site samhain.sourceforge.net

Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.

Changes: Various updates.
tags | tool, tcp, intrusion detection
systems | linux, unix, solaris, aix, hpux, unixware
SHA-256 | 921a4d32c511ba5b757fa4342ddbbd83dc250134c8d5562ce4500ce5b60fd456
Microsoft Security Bulletin Revision Increment For August, 2016
Posted Aug 9, 2016
Site microsoft.com

This bulletin summary lists two bulletins that have undergone a major revision increment.

tags | advisory
SHA-256 | 5af2a7b92432a69b2efb1ec8e3925a7d28682f8fdff6a1292623648e37ce952e
Microsoft Internet Explorer Local File Name Disclosure
Posted Aug 9, 2016
Authored by Yorick Koster, Securify B.V.

Microsoft Internet Explorer suffers from an iframe sandbox local file name disclosure vulnerability.

tags | advisory, local, info disclosure
advisories | CVE-2016-3321
SHA-256 | c9e6501898d6e4e506e28508a7c9fcb53f7ac24f8c867ab0e2dad6adc79d96b5
Nuke Evolution 2.0.9d Cross Site Scripting
Posted Aug 9, 2016
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

Nuke Evolution version 2.0.9d suffers from multiple client-side cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 6fc690aae1c715676970cd01c9404154f8bc9cedadde9654fdadd242ccc22750
FortiVoice 5.0 Cross Site Scripting
Posted Aug 9, 2016
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

FortiVoice version 5.0 suffers from filter bypass and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 6fba6b0a5841a1bab3c4d0bf9cbfe12235ac20c23e2a2b40363216d1dd1d5b32
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close