exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 32 RSS Feed

Files Date: 2008-09-09

Secunia Security Advisory 31734
Posted Sep 9, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in Dns2tcp, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.

tags | advisory, denial of service, vulnerability
SHA-256 | e28605067b7935408f34d0ef7c9b5770f64d3724b8ee4487a455c974c7b996d6
Zero Day Initiative Advisory 08-056
Posted Sep 9, 2008
Authored by Tipping Point, Ivan Fratric | Site zerodayinitiative.com

A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows XP, Server and Vista. User interaction is required in that a user must open a malicious image file or browse to a malicious website. The specific flaws exist in the GDI+ subsystem when parsing maliciously crafted GIF files. By supplying a malformed graphic control extension an attacker can trigger an exploitable memory corruption condition. Successful exploitation can result in arbitrary code execution under the credentials of the currently logged in user.

tags | advisory, remote, arbitrary, code execution
systems | windows
advisories | CVE-2008-3013
SHA-256 | 784909feca5f4676ce81ef75d3597d094f3a2f00e9f073866ec59152c5f86d2c
Zero Day Initiative Advisory 08-055
Posted Sep 9, 2008
Authored by Tipping Point | Site zerodayinitiative.com

A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows XP, Server and Vista. User interaction is required in that a user must open a malicious image file. The specific flaws exist in the GDI+ subsystem when parsing maliciously crafted BMP files. Supplying a malformed BitMapInfoHeader can result in incorrect integer calculations further leading to an exploitable memory corruption. Successful exploitation can result in arbitrary code execution under the credentials of the currently logged in user.

tags | advisory, remote, arbitrary, code execution
systems | windows
advisories | CVE-2008-3015
SHA-256 | 3e124dfc5ddff85fc5e6a77125cbdd4eff71bc3c30ef143cdbce429dae1a4e31
Technical Cyber Security Alert 2008-253A
Posted Sep 9, 2008
Authored by US-CERT | Site us-cert.gov

Technical Cyber Security Alert TA08-253A - Microsoft has released updates to address vulnerabilities that affect Microsoft Windows, Windows Media Encoder, and Microsoft Office as part of the Microsoft Security Bulletin Summary for September 2008. The most severe vulnerabilities could allow a remote, unauthenticated attacker to execute arbitrary code.

tags | advisory, remote, arbitrary, vulnerability
systems | windows
SHA-256 | ffa7789e5c4aeaa39cba1d5325352e0bc9df4affd18477245a27b53a27c4dac4
playhack-client.pdf
Posted Sep 9, 2008
Authored by Nexus | Site playhack.net

Whitepaper called Client Side Security - More Severe Than It Seems. It touches on the darker side of cross site scripting and cross site request forgery along with information on how to protect against these attacks.

tags | paper, web, xss, csrf
SHA-256 | 2e2efc0a501c46dbd86a6b840919bc3a993394d75adcd695a5ee9268014b3edc
proxyScan-0.3.tgz
Posted Sep 9, 2008
Authored by Ed Blanchfield | Site e-things.org

proxyScan.pl is a security penetration testing tool to scan for hosts and ports through a Web proxy server. Features include various HTTP methods such as GET, CONNECT, HEAD as well as host and port ranges.

tags | tool, web, scanner
systems | unix
SHA-256 | 6eced49949c30e88205a4cd63d797c5592dcfaa4de30d29dbe99df9e6b80fa9a
TOR Virtual Network Tunneling Tool 0.2.0.31
Posted Sep 9, 2008
Authored by Roger Dingledine | Site tor.eff.org

Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).

Changes: Multiple major and minor fixes and enhancements.
tags | tool, remote, local, peer2peer
SHA-256 | 05894f5cfcb78ebab234f6e73350430e57f4c8bec4a4c3e60a41e1e9fb13c66c
livetv-sql.txt
Posted Sep 9, 2008
Authored by Cyb3r-1sT

Live TV Script suffers from a remote SQL injection vulnerability in index.php.

tags | exploit, remote, php, sql injection
SHA-256 | d45181a0c194a39e072be4503a910d3d22ee7df2795d42805e690eb8f7ad4c63
sunmclass-dos.txt
Posted Sep 9, 2008
Authored by Theo de Raadt

Sun/Fujitsu M4000-M9000 machines are susceptible to a denial of service vulnerability.

tags | advisory, denial of service
SHA-256 | 7111530d7543660553112d3e311e08a5e2ce28d5916ffa7a51054aa85fdae12a
cmsbuzz-sql.txt
Posted Sep 9, 2008
Authored by security fears team | Site alsonaa.com

CMS Buzz suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | f53ea49fbb7bf15dc1d65bf9bd44dfae57af53b822f516d57b39deab89bd224e
google-saml.txt
Posted Sep 9, 2008
Authored by Project AVANTSSAR | Site avantssar.eu

The Google SAML Single Sign On service suffers from a vulnerability where the authentication response did not include the identifier of the authentication request nor the identity of the service provider.

tags | advisory
SHA-256 | afd4d0a0a4488e33b685bde8037994e45d14ff01299b9bada666d4c67d3216b4
Secunia Security Advisory 31726
Posted Sep 9, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Windows Media Player, which can be exploited by malicious people to compromise a user's system.

tags | advisory
systems | windows
SHA-256 | 2da453250b2e9eb303a7ebee52648d7d9d07f054171128044550945e234f4c2b
microworld-password.txt
Posted Sep 9, 2008
Authored by SlaYeR | Site securitydevelopment.net

Microworld Mailscan version 5.6a password revealing exploit.

tags | exploit
SHA-256 | 9d4edb32072e2341271b4ee4e6a19c9135a552d9c02b7c0734d3d797180d81f8
creatorcms-sql.txt
Posted Sep 9, 2008
Authored by ThE X-HaCkEr

Creator CMS version 5.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 8db43c2d6f200b7c8a009df340a25c50f3ce015c858bd4390a506dcea8363b49
YSTS-CFP2008.txt
Posted Sep 9, 2008
Site ysts.org

The 2nd edition of YSTS (You Shot The Sheriff) has announced its call for papers. It will be held in Sao Paulo, Brazil from November 17th through 18th, 2008.

tags | paper, conference
SHA-256 | 99bd50c3f4c3ae36dbf5767d23f87f097e0dd4bf937f926801d702d772047674
maxthon-dos.txt
Posted Sep 9, 2008
Authored by LiquidWorm | Site zeroscience.mk

Maxthon Browser version 2.1.4.443 UNICODE remote denial of service proof of concept exploit.

tags | exploit, remote, denial of service, proof of concept
SHA-256 | 46c2b2074dfef4b1fb42648e9b48ca6dd24411495fbc2b6f1654e579b4e4e534
stash-bypass.txt
Posted Sep 9, 2008
Authored by IRCRASH | Site ircrash.com

Stash version 1.0.3 suffers from administrative bypass and file disclosure vulnerabilities via SQL injection.

tags | exploit, vulnerability, sql injection, bypass
SHA-256 | e1b631087737b6bdcf69f0df3cc53f995dc66a6949dd7b9edda622d004607a6d
stash-cookie.txt
Posted Sep 9, 2008
Authored by Stack | Site v4-team.com

Stash version 1.0.3 suffers from an insecure cookie handling vulnerability.

tags | exploit, insecure cookie handling
SHA-256 | 9a084b36ea8f8c659111dcaee66d6c7741a9931101b7f7cf1282eea9c5382337
Ubuntu Security Notice 641-1
Posted Sep 9, 2008
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 641-1 - It was discovered that there were multiple ways to leak memory during the IKE negotiation when handling certain packets. If a remote attacker sent repeated malicious requests, the "racoon" key exchange server could allocate large amounts of memory, possibly leading to a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2008-3651, CVE-2008-3652
SHA-256 | 96fda55aafbbc383e04934a764ba15609b46d095b5ba34afbc870e320f5834a0
hotlinks-sqlxss.txt
Posted Sep 9, 2008
Authored by sl4xUz

Hot Links SQL-PHP versions 3 and below suffer from cross site scripting and SQL injection vulnerabilities in report.php.

tags | exploit, php, vulnerability, xss, sql injection
SHA-256 | ec55f7f2771c9218c299830cb82dbbfbd4beafab38ab912611081d7c6ac0848c
availscript-sqlxss.txt
Posted Sep 9, 2008
Authored by sl4xUz

Availscript Article Script suffers from cross site scripting and SQL injection vulnerabilities in articles.php.

tags | exploit, php, vulnerability, xss, sql injection
SHA-256 | b97cc13a4ff38215a615c5d2fbfd3b29a841729f42501fa83f0dcd8745b178a8
45byte-linux.txt
Posted Sep 9, 2008
Authored by Thomas Rinsma

45 byte system-beep shellcode for linux/x86.

tags | x86, shellcode
systems | linux
SHA-256 | 0f9cc5e6c0f59939e9e3e86781de1c9a8fe4ef79b3c07e8a2798fad1864ae0ad
12byte-freebsd.txt
Posted Sep 9, 2008
Authored by suN8Hclf | Site dark-coders.pl

12 byte kill all processes shellcode for freebsd/x86.

tags | x86, shellcode
systems | freebsd
SHA-256 | cfa82bdacc2f3c7fd83862d29be21d579166f90ad246ca9f611b652596f38e85
Secunia Security Advisory 31675
Posted Sep 9, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in various Microsoft products, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory, vulnerability
SHA-256 | 98e4481e71a64cfc03dffb3415120955964cb4515273da9613d2ec24f514150b
Secunia Security Advisory 31718
Posted Sep 9, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Stack has reported a vulnerability in Cosmetics Zone, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, sql injection
SHA-256 | bbeb3e315a0276d6d5fb769df54399a5dfab833261c7c98f683c23cc68fca377
Page 1 of 2
Back12Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close