Hack Tools/Exploits


Packetstorm Last 10 Files

  1. Ubuntu Security Notice USN-2961-1 - Ubuntu Security Notice 2961-1 - It was discovered that a double free() could occur when the intent handling code in the Little CMS library detected an error. An attacker could use this to specially craft a file that caused an application using the Little CMS library to crash or possibly execute arbitrary code.
  2. Ubuntu Security Notice USN-2950-3 - Ubuntu Security Notice 2950-3 - USN-2950-1 fixed vulnerabilities in Samba. The fixes introduced in Samba 4.3.8 caused certain regressions and interoperability issues. This update resolves some of these issues by updating to Samba 4.3.9 in Ubuntu 14.04 LTS, Ubuntu 15.10 and Ubuntu 16.04 LTS. Backported regression fixes were added to Samba 3.6.25 in Ubuntu 12.04 LTS. This advisory was inadvertently published as USN-2950-2 originally. Various other issues were also addressed.
  3. Cisco Security Advisory 20160504-fpkern - Cisco Security Advisory - A vulnerability in the kernel logging configuration for Firepower System Software for the Adaptive Security Appliance (ASA) 5585-X FirePOWER Security Services Processor (SSP) module could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to high consumption of system resources. The vulnerability is due to the logging of certain IP packets. An attacker could exploit this vulnerability by sending a flood of specially crafted IP packets to the affected device. An exploit could allow the attacker to cause the Cisco FirePOWER module to cease inspecting traffic or go offline. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
  4. Cisco Security Advisory 20160504-tpxml - Cisco Security Advisory - A vulnerability in the XML application programming interface (API) of Cisco TelePresence Codec (TC) and Collaboration Endpoint (CE) Software could allow an unauthenticated, remote attacker to bypass authentication and access a targeted system through the API. The vulnerability is due to improper implementation of authentication mechanisms for the XML API of the affected software. An attacker could exploit this vulnerability by sending a crafted HTTP request to the XML API. A successful exploit could allow the attacker to perform unauthorized configuration changes or issue control commands to the affected system by using the API. Cisco has released software updates that address this vulnerability. There is a workaround that addresses this vulnerability.
  5. Cisco Security Advisory 20160504-firepower - Cisco Security Advisory - A vulnerability in the packet processing functions of Cisco FirePOWER System Software could allow an unauthenticated, remote attacker to cause an affected system to stop inspecting and processing packets, resulting in a denial of service (DoS) condition. The vulnerability is due to improper packet handling by the affected software when packets are passed through the sensing interfaces of an affected system. An attacker could exploit this vulnerability by sending crafted packets through a targeted system. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
  6. Ubuntu Security Notice USN-2950-2 - Ubuntu Security Notice 2950-2 - USN-2950-1 fixed vulnerabilities in Samba. The fixes introduced in Samba 4.3.8 caused certain regressions and interoperability issues. This update resolves some of these issues by updating to Samba 4.3.9 in Ubuntu 14.04 LTS, Ubuntu 15.10 and Ubuntu 16.04 LTS. Backported regression fixes were added to Samba 3.6.25 in Ubuntu 12.04 LTS. Various other issues were also addressed.
  7. Debian Security Advisory 3569-1 - Debian Linux Security Advisory 3569-1 - Two vulnerabilities were discovered in openafs, an implementation of the distributed filesystem AFS.
  8. Debian Security Advisory 3568-1 - Debian Linux Security Advisory 3568-1 - Pascal Cuoq and Miod Vallat discovered that Libtasn1, a library to manage ASN.1 structures, does not correctly handle certain malformed DER certificates. A remote attacker can take advantage of this flaw to cause an application using the Libtasn1 library to hang, resulting in a denial of service.
  9. FreeBSD Security Advisory - FreeBSD-SA-16:17.openssl - FreeBSD Security Advisory - The padding check in AES-NI CBC MAC was rewritten to be in constant time by making sure that always the same bytes are read and compared against either the MAC or padding bytes. But it no longer checked that there was enough data to have both the MAC and padding bytes. [CVE-2016-2107] An overflow can occur in the EVP_EncodeUpdate() function which is used for Base64 encoding of binary data. [CVE-2016-2105] An overflow can occur in the EVP_EncryptUpdate() function, however it is believed that there can be no overflows in internal code due to this problem. [CVE-2016-2106] When ASN.1 data is read from a BIO using functions such as d2i_CMS_bio() a short invalid encoding can casuse allocation of large amounts of memory potentially consuming excessive resources or exhausting memory. [CVE-2016-2109] ASN1 Strings that are over 1024 bytes can cause an overread in applications using the X509_NAME_oneline() function on EBCDIC systems. [CVE-2016-2176] FreeBSD does not run on any EBCDIC systems and therefore is not affected. A MITM attacker can use a padding oracle attack to decrypt traffic when the connection uses an AES CBC cipher and the server support AES-NI. [CVE-2016-2107] If an attacker is able to supply very large amounts of input data then a length check can overflow resulting in a heap corruption. [CVE-2016-2105] Any application parsing untrusted data through d2i BIO functions are vulnerable to memory exhaustion attack. [CVE-2016-2109] TLS applications are not affected.
  10. Cisco Security Advisory 20160504-openssl - Cisco Security Advisory - On May 3, 2016, the OpenSSL Software Foundation released a security advisory that included six vulnerabilities. Out of the six vulnerabilities disclosed, four of them may cause a memory corruption or excessive memory usage, one could allow a padding oracle attack to decrypt traffic when the connection uses an AES CBC cipher and the server supports AES-NI, and, lastly, one is specific to a product performing an operation with Extended Binary Coded Decimal Interchange Code (EBCDIC) encoding. Multiple Cisco products incorporate a version of the OpenSSL package affected by one or more vulnerabilities. This advisory will be updated as additional information becomes available.

Packetstorm Tools

  1. Clam AntiVirus Toolkit 0.99.2 - Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a commandline scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.
  2. OpenSSL Toolkit 1.0.2h - OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.
  3. Mobile Security Framework MobSF 0.9.2 Beta - Mobile Security Framework (MobSF) is an all-in-one open source mobile application (Android/iOS) automated pen-testing framework capable of performing static and dynamic analysis. It can be used for effective and fast security analysis of Android and iOS Applications and supports both binaries (APK & IPA) and zipped source code. MobSF can also do Web API Security testing with it's API Fuzzer that performs Information Gathering, analyze Security Headers, identify Mobile API specific vulnerabilities like XXE, SSRF, Path Traversal, IDOR, and other logical issues related to Session Management and API Rate Limiting.
  4. Ansvif 1.4.2 - Ansvif is "A Not So Very Intelligent Fuzzer". It feeds garbage arguments and data into programs trying to induce a fault.
  5. VBScan Vulnerability Scanner 0.1.6 - VBScan is a black box vBulletin vulnerability scanner written in perl.
  6. Packet Fence 6.0.1 - PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
  7. Packet Fence 6.0.0 - PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
  8. Logwatch 7.4.3 - Logwatch analyzes and reports on unix system logs. It is a customizable and pluggable log monitoring system which will go through the logs for a given period of time and make a customizable report. It should work right out of the package on most systems.
  9. Pcapteller 1.1 - Pcapteller is a tool designed for simple traffic manipulation and replay. The tool allows you to recreate a recorded network traffic scenario that occurred in a foreign network, as it really happened in yours. Basically, the tool reads network packets from a PCAP file, and it replaces a given IP address with one that fits your needs. Afterwards, the manipulated packets are injected into the network. The tool is useful if you want to recreate scenarios where computer attacks or malware infections occurred. Using such scenarios as a base, Pcapteller will make it look like everything is really happening in your network. Pcapteller can help you improving your blue team's network security monitoring skills, or creating network decoys during red team operations.
  10. Ansvif 1.4.1 - Ansvif is "A Not So Very Intelligent Fuzzer". It feeds garbage arguments and data into programs trying to induce a fault.

Packetstorm Exploits

  1. IPFire XSS / CSRF / Command Execution - IPFire versions prior to 2.19 Update Core 101 suffer from cross site request forgery, cross site scripting, and remote command execution vulnerabilities.
  2. TRN Threaded Reader 3.6-23 Stack Buffer Overflow - Threaded USENET news reader version 3.6-23 suffers from a stack buffer overflow vulnerability.
  3. DynaTrace UEM 6.3.x / 6.2.x / 6.1.x Cookie Manipulation - DynaTrace UEM versions 6.3.x, 6.2.x, and 6.1.x suffer from a cookie manipulation vulnerability that can cause a server-side crash.
  4. OXID eShop CE 4.9.7 Path Traversal / Privilege Escalation - OXID eShop Community Edition version 4.9.7 suffers from path traversal and privilege escalation vulnerabilities.
  5. Swagger Editor 2.9.9 Cross Site Scripting - Swagger Editor version 2.9.9 suffers from a cross site scripting vulnerability.
  6. NetCommWireless HSPA 3G10WVE Authentication Bypass / Code Execution - NetCommWireless HSPA 3G10WVE suffers from authentication bypass and remote code execution vulnerabilities.
  7. libxml 2.9.2 Stack Overflow - libxml versions prior to 2.9.3 suffer from a stack overflow vulnerability when parsing a malicious file.
  8. Zabbix Agent 3.0.1 mysql.size Shell Command Injection - Zabbix Agent version 3.0.1 suffers from a remote shell command injection vulnerability via mysql.size.
  9. Linux double-fdput() Use-After-Free - Linux 4.4 suffers from a use-after-free vulnerability in double-fdput().
  10. McAfee Relocation Processing Memory Corruption - Fuzzing packed executables with McAfee's LiveSafe version 14.0 on Windows found a signedness error parsing sections and relocations.

Securiteam Exploits

  1. Oracle Enterprise Manager Grid Control Test Directory Traversal Vulnerability - Oracle Application Testing Suite component in Oracle Enterprise Manager Grid Control 12.4.0.2 and 12.5.0.2 allows remote attackers to affect confidentiality via unknown vectors related to Test Manager for Web Apps.
  2. Oracle JD Edwards EnterpriseOne Infrastructure SEC Remote Security Vulnerabilities - the JD Edwards EnterpriseOne Tools component in Oracle JD Edwards Products 9.1 and 9.2 allows remote attackers to affect availability via unknown vectors related to Monitoring and Diagnostics.
  3. Oracle PeopleSoft Enterprise SCM EProcurement Remote Security Vulnerabilities - the PeopleSoft Enterprise SCM eProcurement component in Oracle PeopleSoft Products 9.1 and 9.2 allows remote authenticated users to affect integrity via unknown vectors related to Manage Requisition Status.
  4. Oracle Retail Mobile POS Security Vulnerabilities - Oracle Retail Point-of-Service component in Oracle Retail Applications 13.4, 14.0, and 14.1 allows local users to affect confidentiality via vectors related to Mobile POS.
  5. CAREL PlantVisorEnhanced Security Bypass Vulnerabilities - CAREL PlantVisorEnhanced allows remote attackers to bypass intended access restrictions via a direct file request.