Section: .. / Last 50 Files /
| /// File Name: | soulseek157-psexec.txt | Description:
| Soulseek versions 157 NS below 13e and all versions of 156 suffer from a remote peer search code execution vulnerability. | | Author: | laurent gaffie | | Related Exploit: | soulseek157-exec.txt | | File Size: | 3333 | | Last Modified: | Jul 3 11:48:53 2009 | | MD5 Checksum: | 3ba9a9d54e42e31df58673254f76bff3 |
|
| /// File Name: | shopcartdx430-sql.txt | Description:
| Remote SQL injection exploit for ShopCartDx version 4.30 that leverages product_detail.php. This particular vulnerability was priorly discovered but further research has been performed. | | Author: | Dante90 | | Homepage: | http://www.warwolfz.org/ | | Related Exploit: | shopcartdx-sql.txt | | File Size: | 3156 | | Last Modified: | Jul 3 11:43:33 2009 | | MD5 Checksum: | 3c5d3a6f3a4f12a24bedd195c9a6114c |
|
| /// File Name: | shopcartdx430-blindsql.txt | Description:
| Remote blind SQL injection exploit for ShopCartDx version 4.30 that leverages product_detail.php. | | Author: | Dante90 | | Homepage: | http://www.warwolfz.org/ | | File Size: | 4488 | | Last Modified: | Jul 3 11:43:03 2009 | | MD5 Checksum: | 733072f66217e4e979c2bd5dfb4b6ec7 |
|
| /// File Name: | axesstel-bypass.txt | Description:
| The Axesstel MV 410R protects from malicious input by leveraging javascript, allowing an attacker to bypass all of this easily. The device is also susceptible to permanent cross site scripting vulnerabilities. | | Author: | Filip Palian | | File Size: | 3879 | | Last Modified: | Jul 3 11:32:15 2009 | | MD5 Checksum: | 3b3cb74b779b5512da641e7061b101b6 |
|
| /// File Name: | glsa-200907-02.txt | Description:
| Gentoo Linux Security Advisory GLSA 200907-02 - Two vulnerabilities in ModSecurity might lead to a Denial of Service. Versions less than 2.5.9 are affected. | | Homepage: | http://security.gentoo.org | | File Size: | 2945 | | Related CVE(s): | CVE-2009-1902, CVE-2009-1903 | | Last Modified: | Jul 2 17:12:58 2009 | | MD5 Checksum: | a62d37b5997352d6767eeac6898dcb87 |
|
| /// File Name: | glsa-200907-01.txt | Description:
| Gentoo Linux Security Advisory GLSA 200907-01 - libwmf bundles an old GD version which contains a use-after-free vulnerability. The embedded fork of the GD library introduced a use-after-free vulnerability in a modification which is specific to libwmf. Versions less than 0.2.8.4-r3 are affected. | | Homepage: | http://security.gentoo.org | | File Size: | 2569 | | Related CVE(s): | CVE-2009-1364 | | Last Modified: | Jul 2 17:12:39 2009 | | MD5 Checksum: | 57d8b3bd8cbd1704c9440a933b1af358 |
|
| /// File Name: | rentventory-sql.txt | Description:
| Rentventory PHP suffers from multiple remote SQL injection vulnerabilities. | | Author: | Moudi | | File Size: | 2115 | | Last Modified: | Jul 2 17:11:31 2009 | | MD5 Checksum: | 06e3f0221489e14f449075b3d265dbfe |
|
| /// File Name: | petite-sql.txt | Description:
| This paper is a small SQL injection tutorial and is written in French. | | Author: | Moudi | | File Size: | 9971 | | Last Modified: | Jul 2 17:08:35 2009 | | MD5 Checksum: | bf3f1c6f7bdf4e4b8f22bcd694f4dc5e |
|
| /// File Name: | oCERT-2009-009.txt | Description:
| CamlImages versions 2.2 and below suffer from several integer overflows which may lead to a potentially exploitable heap overflow and result in arbitrary code execution. The vulnerability is triggered by PNG image parsing, the read_png_file and read_png_file_as_rgb24 functions do not properly validate the width and height of the image. Specific PNG images with large width and height can be crafted to trigger the vulnerability. | | Author: | Andrea Barisani | | Homepage: | http://www.ocert.org/ | | File Size: | 1607 | | Related CVE(s): | CVE-2009-2295 | | Last Modified: | Jul 2 15:01:23 2009 | | MD5 Checksum: | 4fa5917b93622cf557fa89435814a10b |
|
| /// File Name: | USN-795-1.txt | Description:
| Ubuntu Security Notice USN-795-1 - It was discovered that Nagios did not properly parse certain commands submitted using the WAP web interface. An authenticated user could exploit this flaw and execute arbitrary programs on the server. | | Homepage: | http://security.ubuntu.com/ | | File Size: | 8778 | | Related CVE(s): | CVE-2009-2288 | | Last Modified: | Jul 2 15:01:00 2009 | | MD5 Checksum: | dc97f2b134cd141f48a912279e4bb62b |
|
| /// File Name: | USN-794-1.txt | Description:
| Ubuntu Security Notice USN-794-1 - It was discovered that the Compress::Raw::Zlib Perl module incorrectly handled certain zlib compressed streams. If a user or automated system were tricked into processing a specially crafted compressed stream or file, a remote attacker could crash the application, leading to a denial of service. | | Homepage: | http://security.ubuntu.com/ | | File Size: | 17283 | | Related CVE(s): | CVE-2009-1391 | | Last Modified: | Jul 2 15:00:43 2009 | | MD5 Checksum: | ca703b6ed4622d14c84d66fc189cf758 |
|
| /// File Name: | joomla1512-xss.txt | Description:
| Joomla! versions prior to 1.5.12 suffer from multiple cross site scripting vulnerabilities in relation to HTTP headers. | | Author: | Juan Galiana Lara | | File Size: | 6494 | | Last Modified: | Jul 2 14:59:39 2009 | | MD5 Checksum: | 8dba646a5a2152ce892b486167da5b54 |
|
| /// File Name: | HPSBUX02431-SSRT090085.txt | Description:
| HP Security Bulletin - Potential security vulnerabilities have been identified with HP-UX running Apache-based Web Server or Tomcat-based Servelet Engine. The vulnerabilities could be exploited remotely to cause a Denial of Service (DoS), or execution of arbitrary code. Apache-based Web Server and Tomcat-based Servelet Engine are contained in the Apache Web Server Suite. | | Homepage: | http://www.hp.com/ | | File Size: | 11260 | | Related CVE(s): | CVE-2007-4465, CVE-2008-0005, CVE-2008-0599, CVE-2008-2168, CVE-2008-2371, CVE-2008-2665, CVE-2008-2666, CVE-2008-2829, CVE-2008-3659, CVE-2008-3660, CVE-2008-5498, CVE-2008-5557, CVE-2008-5624, CVE-2008-5625, CVE-2008-5658 | | Last Modified: | Jul 2 14:53:57 2009 | | MD5 Checksum: | 8d217e44e2ffdb59535dddf13b4c5ce2 |
|
| /// File Name: | HPSBUX02440-SSRT090106.txt | Description:
| HP Security Bulletin - A potential security vulnerability has been identified with NFS/ONCplus running on HP-UX. The vulnerability could be exploited locally to create a Denial of Service (DoS). | | Homepage: | http://www.hp.com/ | | File Size: | 6540 | | Related CVE(s): | CVE-2009-1421 | | Last Modified: | Jul 2 14:52:48 2009 | | MD5 Checksum: | c9e6d9c2a146587c784d7b5dfa661e6b |
|
| /// File Name: | USN-793-1.txt | Description:
| Ubuntu Security Notice USN-793-1 - Multiple vulnerabilities associated with the Linux 2.6 kernel have been addressed. These issues range from arbitrary code execution to denial of service vulnerabilities. | | Homepage: | http://security.ubuntu.com/ | | File Size: | 123428 | | Related CVE(s): | CVE-2009-1072, CVE-2009-1184, CVE-2009-1192, CVE-2009-1242, CVE-2009-1265, CVE-2009-1336, CVE-2009-1337, CVE-2009-1338, CVE-2009-1360, CVE-2009-1385, CVE-2009-1439, CVE-2009-1630, CVE-2009-1633, CVE-2009-1914, CVE-2009-1961 | | Last Modified: | Jul 2 11:40:16 2009 | | MD5 Checksum: | 7f9722ad5f2b4194ed1dea71b4ea44e1 |
|
| /// File Name: | opial-sql.txt | Description:
| Opial version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass. | | Author: | Moudi | | File Size: | 1912 | | Last Modified: | Jul 2 14:47:52 2009 | | MD5 Checksum: | ea820250938483468f091c07e2e45b9d |
|
| /// File Name: | sourcefire-escalate.txt | Description:
| Sourcefire 3D Sensor and Defense Center versions 4.8.1 and below suffer from a privilege escalation vulnerability. | | Author: | Gregory Duchemin | | File Size: | 2338 | | Last Modified: | Jul 2 14:45:39 2009 | | MD5 Checksum: | 673e189b242ff903170ca646801915dd |
|
| /// File Name: | adminlog-bypass.txt | Description:
| AdminLog version 0.5 suffers from an authentication bypass vulnerability. | | Author: | SirGod | | Homepage: | http://www.mortal-team.com/ | | File Size: | 573 | | Last Modified: | Jul 2 14:44:44 2009 | | MD5 Checksum: | e7fbd69958aea2a1713b709b6dc7bf32 |
|
| /// File Name: | almnzm-blindsql.txt | Description:
| Almnzm version 2.0 remote blind SQL injection exploit. | | Author: | Qabandi | | File Size: | 6513 | | Last Modified: | Jul 2 14:43:29 2009 | | MD5 Checksum: | 50a65f3cc3b05bdcbaa5b222b9a5be06 |
|
| /// File Name: | conpresso-sql.txt | Description:
| conpresso version 3.4.8 suffers from a blind SQL injection vulnerability in detail.php. | | Author: | tmh | | File Size: | 1264 | | Last Modified: | Jul 2 14:22:18 2009 | | MD5 Checksum: | 3a7831e828890fd28c8be6c11a2c1cbb |
|
| /// File Name: | yourtube-disclose.txt | Description:
| YourTube versions 2.0 and below suffer from a remote SQL database disclosure vulnerability. | | Author: | Security Code Team | | Homepage: | http://www.sec-code.com/ | | File Size: | 3194 | | Last Modified: | Jul 2 11:34:59 2009 | | MD5 Checksum: | 93e48796b9f5314db5d3d2c05e02f5c2 |
|
| /// File Name: | safari-crash.txt | Description:
| Apple Safari version 4.x javascript reload denial of service exploit. | | Author: | SkyOut | | File Size: | 2642 | | Last Modified: | Jul 2 11:33:45 2009 | | MD5 Checksum: | 38ccf19a62e18f057e00f068bfaf0c20 |
|
| /// File Name: | httpry-0.1.5.tar.gz | Description:
| httpry is a specialized packet sniffer designed for displaying and logging HTTP traffic. It is not intended to perform analysis itself, but instead to capture, parse, and log the traffic for later analysis. It can be run in real-time displaying the live traffic on the wire, or as a daemon process that logs to an output file. It is written to be as lightweight and flexible as possible, so that it can be easily adaptable to different applications. It does not display the raw HTTP data transferred, but instead focuses on parsing and displaying the request/response line along with associated header fields. | | Author: | Dumpster Keeper | | Homepage: | http://dumpsterventures.com/jason/httpry/ | | Changes: | This release adds SIGHUP handling for gracefully reopening output files and defaults output files to line buffering. Various other changes and improvements have been made. | | File Size: | 44995 | | Last Modified: | Jul 2 11:30:42 2009 | | MD5 Checksum: | 7fbba29eaeec1fd6b25e6fa3a12be25d |
|
| /// File Name: | cmschainuk-lfixssshell.txt | Description:
| CMS Chainuk versions 1.2 and below suffer from local file inclusion, cross site scripting, and remote shell vulnerabilities. | | Author: | eLwaux | | File Size: | 3780 | | Last Modified: | Jul 2 01:40:39 2009 | | MD5 Checksum: | 72b5ee8295a970413fd9061e2200cc20 |
|
| /// File Name: | kervinet-sqlxss.txt | Description:
| KerviNet Forum versions 1.1 and below suffer from SQL injection, cross site scripting, and a couple of other vulnerabilities. | | Author: | eLwaux | | File Size: | 3584 | | Last Modified: | Jul 2 01:38:56 2009 | | MD5 Checksum: | 80219adb833f98a0cc2ab73e37754f17 |
|
| /// File Name: | audiopluspls-overflow.txt | Description:
| AudioPLUS version 2.00.215 local buffer overflow exploit that creates a malicious .pls file. | | Author: | Stack | | Homepage: | http://v4-team.com/ | | File Size: | 1889 | | Last Modified: | Jul 2 01:37:46 2009 | | MD5 Checksum: | 1d692d9221ce1f45936a45443c3afe65 |
|
| /// File Name: | fipscms-disclose.txt | Description:
| fipsCMS Light version 2.1 arbitrary database disclosure exploit. | | Author: | d3b4g | | Related Exploit: | fipscmslight-disclose.txt | | File Size: | 1220 | | Last Modified: | Jul 1 13:37:27 2009 | | MD5 Checksum: | f22296d401d167a16ab37100cb75b6d9 |
|
| /// File Name: | peamp-overflow.txt | Description:
| PEamp version 1.02b local buffer overflow proof of concept exploit that creates a malicious .m3u file. | | Author: | ThE g0bL!N | | Homepage: | http://h4ckf0ru.com/ | | File Size: | 557 | | Last Modified: | Jul 1 13:35:55 2009 | | MD5 Checksum: | 2444169cb1d46b74d87b0b21e72f6842 |
|
| /// File Name: | linux-hardening.txt | Description:
| Whitepaper called Linux Hardening and Security. | | Author: | Krun!x | | File Size: | 21673 | | Last Modified: | Jul 1 13:32:44 2009 | | MD5 Checksum: | 154f5a7cfb0066fd327a771c9570322c |
|
| /// File Name: | mp3nator-overflow.txt | Description:
| MP3-Nator version 2.0 universal buffer overflow exploit that creates a malicious .plf file. | | Author: | ThE g0bL!N | | Homepage: | http://h4ckf0ru.com/ | | File Size: | 2131 | | Last Modified: | Jul 1 13:30:41 2009 | | MD5 Checksum: | e6665cd4232fd61a160d64d48f9294ce |
|
| /// File Name: | winxp-sp3_beep_shellcode.txt | Description:
| Microsoft Windows XP SP3 beep and exitprocess shellcode. | | Author: | Teo Manojlovic | | File Size: | 1555 | | Last Modified: | Jul 1 13:28:52 2009 | | MD5 Checksum: | 2de453920dd4d6e085393d9ccb021acb |
|
| /// File Name: | greendam-time.txt | Description:
| Green Dam remote change system time exploit that leverages the fact that UDP port 1234 listens and accepts time updates unauthenticated. | | Author: | testgreendam@gmail.com | | File Size: | 1470 | | Last Modified: | Jul 1 13:26:59 2009 | | MD5 Checksum: | dbfc69174103aa97f8db3bf790805052 |
|
| /// File Name: | radware-disclose.txt | Description:
| The radware AppWall Web Application Firewall suffers from a source code disclosure vulnerability on the management interface. Gateway version 4.6.0.2 and AppWall version 1.0.2.6 are affected. | | Author: | Lukas Nothdurfter,Michael Kirchner,Wolfgang Neudorfer | | File Size: | 2797 | | Last Modified: | Jul 1 13:25:11 2009 | | MD5 Checksum: | 2d1c662cef9fe00d1ebd2aa646685ee0 |
|
| /// File Name: | phion-dosexec.txt | Description:
| The phion airlock Web Application Firewall version 4.1-10.41 suffers denial of service and arbitrary command execution vulnerabilities. | | Author: | Lukas Nothdurfter,Michael Kirchner,Wolfgang Neudorfer | | File Size: | 3290 | | Last Modified: | Jul 1 13:22:12 2009 | | MD5 Checksum: | 5d2df505f1a34245963200a45e128795 |
|
| /// File Name: | artofdefence-dos.txt | Description:
| The Artofdefence Hyperguard Web Application Firewall versions 3.1.1-11637 and below, 3.0.3-11636 and below, and 2.5.5-11635 and below suffer from a remote denial of service vulnerability. | | Author: | Lukas Nothdurfter,Michael Kirchner,Wolfgang Neudorfer | | File Size: | 2700 | | Last Modified: | Jul 1 13:06:07 2009 | | MD5 Checksum: | c82e403831376dc400bcb51f15e21199 |
|
| /// File Name: | 0906-exploits.tgz | Description:
| This archive contains all of the 246 exploits added to Packet Storm in June, 2009. | | Homepage: | http://packetstormsecurity.org/ | | File Size: | 1915792 | | Last Modified: | Jul 1 12:59:09 2009 | | MD5 Checksum: | b94e02e23105dc8be33d6215a6049e03 |
|
| /// File Name: | VMSA-2009-0008.txt | Description:
| VMware Security Advisory - An input validation flaw in the asn1_decode_generaltime function in MIT Kerberos 5 before 1.6.4 allows remote attackers to cause a denial of service or possibly execute arbitrary code via vectors involving an invalid DER encoding that triggers a free of an uninitialized pointer. | | Homepage: | http://www.vmware.com/ | | File Size: | 4219 | | Related CVE(s): | CVE-2009-0846 | | Last Modified: | Jul 1 12:53:40 2009 | | MD5 Checksum: | 4f0734141a168fd7c0c58057eb4527e3 |
|
| /// File Name: | messageslib-database.txt | Description:
| Messages Library version 2.0 suffers from an insecure cookie handling and database download vulnerability. | | Author: | Stack | | Homepage: | http://v4-team.com/ | | File Size: | 440 | | Last Modified: | Jul 1 12:52:07 2009 | | MD5 Checksum: | 3dfabd936e70830bace84b52ecefcdb8 |
|
| /// File Name: | messageslib-delete.txt | Description:
| Messages Library version 2.0 suffers from an arbitrary delete message vulnerability. | | Author: | Stack | | Homepage: | http://v4-team.com/ | | File Size: | 983 | | Last Modified: | Jul 1 12:51:12 2009 | | MD5 Checksum: | 600063df98f9367d580260cc70e897b2 |
|
| /// File Name: | audioplus-overflow.txt | Description:
| AudioPLUS version 2.00.215 local buffer overflow exploit that creates a malicious .m3u file. | | Author: | HACK4LOVE | | File Size: | 2058 | | Last Modified: | Jul 1 12:49:42 2009 | | MD5 Checksum: | 75e242955815f146d9e1cda68fa47037 |
|
| /// File Name: | web-security.pdf | Description:
| Whitepaper called Web Vulnerabilities and Security. Written in Romanian. | | Author: | Nytro | | File Size: | 568224 | | Last Modified: | Jun 30 20:15:08 2009 | | MD5 Checksum: | 1b80aea5472d25649ffdb138059dcaeb |
|
| /// File Name: | cracking-air.pdf | Description:
| Whitepaper called Cracking The Air, The Other Way. | | Author: | HitThemHard | | File Size: | 106788 | | Last Modified: | Jun 30 20:11:50 2009 | | MD5 Checksum: | f5beb7422ca01613c25dd7adf19514a5 |
|
| /// File Name: | messageslibrary-admin.txt | Description:
| Messages Library version 2.0 suffers from an arbitrary add administrator vulnerability. | | Author: | ThE g0bL!N | | Homepage: | http://h4ckf0ru.com/ | | File Size: | 830 | | Last Modified: | Jun 30 17:44:01 2009 | | MD5 Checksum: | 6770d8af781843e1c4fd2ab894008789 |
|
| /// File Name: | tsep-sqlxssdisclose.txt | Description:
| TSEP versions 0.942.02 and below suffer from cross site scripting, remote SQL injection, and information disclosure vulnerabilities. | | Author: | eLwaux | | File Size: | 5925 | | Last Modified: | Jun 30 17:40:10 2009 | | MD5 Checksum: | 8995d6f21c2db72c53708230332b7658 |
|
| /// File Name: | myegy-sql.txt | Description:
| MyEgy Script suffers from a remote SQL injection vulnerability. | | Author: | Karar alShaMi,Sheko | | File Size: | 1328 | | Last Modified: | Jun 30 17:38:26 2009 | | MD5 Checksum: | cb05ef1450971c849c99db2f30136c31 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
