Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).
c1706f46a96cc7491ff48e41be3c3d0aCall For Papers for the DA (Drone Armies) Workshop. This workshop is for the purpose of bringing together members of the DA and MWP operational communities to share information, as well as plan future operations. It will be held August 10, 2006 in San Jose, California.
9c7958a35524795e010e55cc056ac11dRW::Download is susceptible to a remote file inclusion flaw via stats.php.
28221f8975f7bed2c8e1a043352a260dATutor version 1.5.3 is susceptible to cross site scripting and SQL injection attacks.
f4a1d60aa725494e7968cab7c0d7d672AjaxPortal version 3.0 is susceptible to a SQL injection flaw.
16f85693d2f33c14973fb134ce5c9facPAPOO versions 3_RC3 and below remote SQL injection and administrative credential disclosure exploit.
b4e86032b3aaaee9a99f853ef75cc72aMandriva Linux Security Advisory MDKSA-2006-118 - OpenOffice.org versions 1.1.x up to 1.1.5 and 2.0.x before 2.0.3 allows user-complicit attackers to conduct unauthorized activities via an OpenOffice document with a malicious BASIC macro, which is executed without prompting the user. An unspecified vulnerability in Java Applets in OpenOffice.org versions 1.1.x up to 1.1.5 and 2.0.x before 2.0.3 allows user-complicit attackers to escape the Java sandbox and conduct unauthorized activities via certain applets in OpenOffice documents. Heap-based buffer overflow in OpenOffice.org versions 1.1.x up to 1.1.5 and 2.0.x before 2.0.3 allows user-complicit attackers to execute arbitrary code via a crafted OpenOffice XML document that is not properly handled by (1) Calc, (2) Draw, (3) Impress, (4) Math, or (5) Writer, aka "File Format / Buffer Overflow Vulnerability."
c7d36c141e756d0ce80549bf0f5188b6Microsoft Word exploit that produces a .doc file that demonstrates a memory access violation. Affected are versions 2003, 2002, 2000.
b66bde4a8cef907874cc011abd712850ExtCalendar versions 2 and below suffer from a remote file inclusion vulnerability.
5d6b2937c140e76be19f390a2f6f3e60rPath Security Advisory: 2006-0122-1 - Multiple kernel vulnerabilities have been address in rPath Linux.
7a4b5ddb74df294bf08d5dc2a05b86dfPBL Guestbook versions 1.32 and below suffer from cross site scripting and SQL injection vulnerabilities.
3c91c793f0a79a024e910ddaffe0899fPivot versions 1.30 RC2 and below privilege escalation and remote command execution exploit.
d95cfa7d604b7c850bf356f26b8ec7b8Hosting Controller version 6.1 Hotfix (versions 3.2 and below) suffer from flaws that allow an attacker the ability to gain reseller privileges and administrative privileges.
211368bf13f6d3ee51d523e2203c598cExtCalendar versions 2.0 and below suffer from a remote file inclusion vulnerability.
353906d4fa3b0d22aae2ec571b36e395Trustix Secure Linux Security Advisory #2006-0040: SCTP conntrack (ip_conntrack_proto_sctp.c) in netfilter allows remote attackers to cause a denial of service (crash) via a packet without any chunks, which causes a variable to contain an invalid value that is later used to dereference a pointer.
031b70073304c561aab8b4b83e2d9e99FreeWebShop version 2.1 is susceptible to cross site scripting and SQL injection vulnerabilities.
38782dc92237ff58b8561f0d89ca7befATutor version 1.5.3RC2 is susceptible to cross site scripting flaws.
361bf70f20ee01165137486aba58517eDebian Security Advisory 1105-1 - Federico L. Bossi Bonin discovered a buffer overflow in the HTTP Plugin in xine-lib, the xine video/media player library, that could allow a remote attacker to cause a denial of service.
62b2ab8347abf79b44050e61e860a55dPHP-Blogger version 2.2.5 is susceptible to cross site scripting flaws.
8d7aa11f408b19758b1fabc968047364McAfee VirusScan Enterprise version 8.0.0 suffers from a denial of service condition.
2f940c17c55298161e6dc10fa555e384Mandriva Linux Security Advisory MDKSA-2006-117 - Stack-based buffer overflow in MiMMS 0.0.9 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via the (1) send_command, (2) string_utf16, (3) get_data, and (4) get_media_packet functions, and possibly other functions. Libmms uses the same vulnerable code.
8ec33294d6cf6850a0299d78a84e5a94The WebEx Downloader Plug-in suffers from a flaw that exists due to the lack of input validation on various ActiveX/Java control parameters and configuration directives. The "GpcUrlRoot" and "GpcIniFileName" ActiveX/Java control parameters allow an attacker to specify the location of a configuration file containing further control directives. This allows an attacker to transfer arbitrary files and executables to the target. The attacker can then leverage available configuration directives to execute the newly created executables thereby compromising the underlying system.
a07490c7968278e740d27117f65e63d4Advanced Guestbook version 1.0 suffers from a cross site scripting flaw.
8e9088ca1324533cc2112a42f2aa4ac4MICO versions 2.3.12 and 2.3.12RC3 crash when contacted with wrong object key resulting in a denial of service condition.
9fac82e34ef6c3c690802e52b750ec0eProof of concept test exploit for AdPlug versions 2.0 and below (and CVS version 04 and below) which suffer from multiple heap and buffer overflows.
f09a7c940bd14eecdae78cfe2a639e17
© 2016 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed