Whitepaper entitled "Tactical Exploitation". This writing discusses a tactical approach to penetration testing that does not rely on exploiting known vulnerabilities. It stems from a talk given at Black Hat 2007 and Defcon 15.
63e1873af974293c0c059bd60ed3ba72e9172be14336b903d5d75a8313c75a04
Gentoo Linux Security Advisory GLSA 200708-05 - Xavier Roche discovered an infinite loop in the gdPngReadData() function when processing a truncated PNG file. An integer overflow has been discovered in the gdImageCreateTrueColor() function. An error has been discovered in the function gdImageCreateXbm() function. Unspecified vulnerabilities have been discovered in the GIF reader. An error has been discovered when processing a GIF image that has no global color map. An array index error has been discovered in the file gd_gif_in.c when processing images with an invalid color index. An error has been discovered in the imagearc() and imagefilledarc() functions when processing overly large angle values. A race condition has been discovered in the gdImageStringFTEx() function. Versions less than 2.0.35 are affected.
06d495eaea35eb5629fd2f5874dc7dfd0264041926be392389ec9ced057b04f5
Gentoo Linux Security Advisory GLSA 200708-04 - Metaeye Security Group reported a NULL pointer dereference in ClamAV when processing RAR archives. Versions less than 0.91 are affected.
9db0a622c9f7b207dfea1f4be390f0743acd58202d6fe5a44f4e751ed3294cb8
iDefense Security Advisory 08.09.07 - Remote exploitation of multiple stack-based buffer overflow vulnerabilities in Hewlett-Packard Development Co.'s OpenView Operations for Windows OVTrace service may allow an attacker to execute arbitrary code with SYSTEM privileges. iDefense has confirmed the existence of these vulnerabilities in HP OpenView version A.07.50 for Windows, with all patches applied as of Jun 27, 2007. Previous versions may also be affected.
477078ba6a55ed9255e74553841e40204ac6f0e4ff9f4798df56d1effdc9a25e
Due to a design flaw in ActionScript 3 socket handling, compiled Flash movies are able to scan for open TCP ports on any host reachable from the host running the SWF, bypassing the Flash Player Security Sandbox Model and without the need to rebind DNS.
16d0c77c4bee6fdc5783a4fe10cd99ae05377191116b62123215f326a9483e6b
PHP versions 5.2.3 and below snmpget() object id local buffer overflow exploit that binds a shell.
998cd71386f822f5995fcfd5099086de4b2ac60e3e274eb85e4175617d599081
Ncaster version 1.7.2 suffers from a remote file inclusion vulnerability in fc_example.php.
7c082e82271aa0972dda227e4e9df3fd075091fb5b39177492e35fb77550b8ea
PhpHostBot versions 1.06 and below suffer from a remote file inclusion vulnerability.
8d91c1ecef5b6debbb3a92ea0d212812e7d57ae1c51ac6fee73355ee55de75a5
Cisco IOS remote denial of service exploit that makes use of the NHRP vulnerability.
20d818e5621f71af37b3d6e358848c5b84aa973fdc1cdb1960b96bf797abc427
SAS Hotel Management System suffers from a SQL injection vulnerability in the username and password login fields.
02d6c40b877ebedc674c60b3608b07ac9fa4f74433227c21e65ec8f6eebe544d
Whitepaper discussing how to speed up the exploit development process as presented at VNSECON07.
ffe923e8398e85378151a0b921bace4d2172ba42ed6499ef888c1bdb1b15a5b4
Secunia Security Advisory - Secunia Research has discovered two vulnerabilities in various Symantec products, which can be exploited by malicious people to compromise a user's system.
7c1fa612b4ef03ae66efb8145c8c07c4353e95fad04d0dfd2d347400b652bbdc
Secunia Security Advisory - A vulnerability with an unknown impact has been reported in ASSP.
cf236ad2ed1b4c4616f35624cb6c107fbbc6708c427a6b7ebbfd0b594fadf51c
Secunia Security Advisory - A vulnerability has been reported in Atheros wireless drivers, which can be exploited by malicious people to cause a DoS (Denial of Service).
a574bfa9a34722c73316fc211637553b1f65fce577be064f1990839d7a5f439a
Secunia Security Advisory - Gentoo has issued an update for xvid. This fixes a vulnerability, which can be exploited by malicious people to compromise an application using the library.
c8352ed57257c9fe43e93940e556954762ccf04ac241b2e80fafdb5cb9b04983
Secunia Security Advisory - Gentoo has issued an update for libarchive (formerly bsdtar). This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system.
740582ff47534d030fb2b72f0355b235af7431c78413f6cbe34a4590f0d4682f
Secunia Security Advisory - M. Hasran Addahroni has reported a vulnerability in PhpHostBot, which can be exploited by malicious people to disclose sensitive information or to compromise a vulnerable system.
4ba87451c226f2a762c97724136ba7ca0834c640e65d8a711b71936c73559d1d
Secunia Security Advisory - Gentoo has issued an update for netscape-flash. This fixes some vulnerabilities, which can be exploited by malicious people to gain knowledge of sensitive information or compromise a user's system.
bc3f6f71a6f1ae019cbb5d8b3fae0941e54afcb23e20d707a01cd735aca5337b
Secunia Security Advisory - A vulnerability has been reported in Cisco IOS and IOS XR, which can be exploited by malicious people to potentially disclose sensitive information or to cause a DoS (Denial of Service).
819f17283035dc842da7be676419239c798cd648630d2bf7c54519f067e70543
Secunia Security Advisory - A vulnerability has been reported in Cisco IOS, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system.
588df3e77ef99ebac8e630023181c42d02bac6769d99e12b1a85d242b73e95ec
Secunia Security Advisory - A vulnerability has been reported in Cisco IOS, which can be exploited by malicious users to bypass certain security restrictions.
fc5c62a92d23759e7bd7c7fca048150dd7e532e4955c41cb10278f8b1fcb3189
Secunia Security Advisory - A vulnerability has been reported in Cisco Unified Communications Manager (CUCM), which can be exploited by malicious people to cause a DoS (Denial of Service ) or potentially compromise a vulnerable system.
f5488269e98a37c8b8efbe99f59ad2b0dc412c8912b80c174db5019512d2b23a
Secunia Security Advisory - Multiple vulnerabilities have been reported in Cisco IOS, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system.
44ee6ccea6fac8f569887f6d564ced194003a5e66d5f5e03975f585fe2640569
Secunia Security Advisory - A weakness has been reported in the Linux Kernel, which potentially can be exploited by malicious people to bypass certain security restrictions.
e7cd9208d1767c1e7b32e38ee0edee4ffd3a857bc4e3ffad342adcb65b317065
Secunia Security Advisory - Yollubunlar has discovered some vulnerabilities in Berthanas Ziyaretci Defteri, which can be exploited by malicious people to conduct SQL injection attacks.
12b9e3e2b6ed9d3b67db9faf614418e92abffdf32df37339c856fb24d949a41c