what you don't know can hurt you
Showing 1 - 25 of 32 RSS Feed

Files Date: 2008-09-09

Secunia Security Advisory 31734
Posted Sep 9, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in Dns2tcp, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.

tags | advisory, denial of service, vulnerability
MD5 | b49f12586def3289de48647c4eac0d05
Zero Day Initiative Advisory 08-056
Posted Sep 9, 2008
Authored by Tipping Point, Ivan Fratric | Site zerodayinitiative.com

A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows XP, Server and Vista. User interaction is required in that a user must open a malicious image file or browse to a malicious website. The specific flaws exist in the GDI+ subsystem when parsing maliciously crafted GIF files. By supplying a malformed graphic control extension an attacker can trigger an exploitable memory corruption condition. Successful exploitation can result in arbitrary code execution under the credentials of the currently logged in user.

tags | advisory, remote, arbitrary, code execution
systems | windows, xp
advisories | CVE-2008-3013
MD5 | d9127e57030f097ebdf5287a4ed4851c
Zero Day Initiative Advisory 08-055
Posted Sep 9, 2008
Authored by Tipping Point | Site zerodayinitiative.com

A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows XP, Server and Vista. User interaction is required in that a user must open a malicious image file. The specific flaws exist in the GDI+ subsystem when parsing maliciously crafted BMP files. Supplying a malformed BitMapInfoHeader can result in incorrect integer calculations further leading to an exploitable memory corruption. Successful exploitation can result in arbitrary code execution under the credentials of the currently logged in user.

tags | advisory, remote, arbitrary, code execution
systems | windows, xp
advisories | CVE-2008-3015
MD5 | 5a18b7eeb037b3f914806ac0bd15e9f4
Technical Cyber Security Alert 2008-253A
Posted Sep 9, 2008
Authored by US-CERT | Site us-cert.gov

Technical Cyber Security Alert TA08-253A - Microsoft has released updates to address vulnerabilities that affect Microsoft Windows, Windows Media Encoder, and Microsoft Office as part of the Microsoft Security Bulletin Summary for September 2008. The most severe vulnerabilities could allow a remote, unauthenticated attacker to execute arbitrary code.

tags | advisory, remote, arbitrary, vulnerability
systems | windows
MD5 | 6b77ff48d891f55ce65da862dbf8308c
playhack-client.pdf
Posted Sep 9, 2008
Authored by Nexus | Site playhack.net

Whitepaper called Client Side Security - More Severe Than It Seems. It touches on the darker side of cross site scripting and cross site request forgery along with information on how to protect against these attacks.

tags | paper, web, xss, csrf
MD5 | 049b46f47c7a4da1b48f9899c3ce91dd
proxyScan-0.3.tgz
Posted Sep 9, 2008
Authored by Ed Blanchfield | Site e-things.org

proxyScan.pl is a security penetration testing tool to scan for hosts and ports through a Web proxy server. Features include various HTTP methods such as GET, CONNECT, HEAD as well as host and port ranges.

tags | tool, web, scanner
systems | unix
MD5 | d188669d4f40454a187abe673f3e9b86
TOR Virtual Network Tunneling Tool 0.2.0.31
Posted Sep 9, 2008
Authored by Roger Dingledine | Site tor.eff.org

Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).

Changes: Multiple major and minor fixes and enhancements.
tags | tool, remote, local, peer2peer
MD5 | f3ab7d982ed295e7b25981c3910d5c2c
livetv-sql.txt
Posted Sep 9, 2008
Authored by Cyb3r-1sT

Live TV Script suffers from a remote SQL injection vulnerability in index.php.

tags | exploit, remote, php, sql injection
MD5 | e28594abdc3f487aa0c6a63aeda36431
sunmclass-dos.txt
Posted Sep 9, 2008
Authored by Theo de Raadt

Sun/Fujitsu M4000-M9000 machines are susceptible to a denial of service vulnerability.

tags | advisory, denial of service
MD5 | 5851d727a9d3e78bc6acfa63b3cbe6ec
cmsbuzz-sql.txt
Posted Sep 9, 2008
Authored by security fears team | Site alsonaa.com

CMS Buzz suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 289ad59a68b4798e950076b9d4be290d
google-saml.txt
Posted Sep 9, 2008
Authored by Project AVANTSSAR | Site avantssar.eu

The Google SAML Single Sign On service suffers from a vulnerability where the authentication response did not include the identifier of the authentication request nor the identity of the service provider.

tags | advisory
MD5 | e20af8179cbff753eef0faf787e01be9
Secunia Security Advisory 31726
Posted Sep 9, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Windows Media Player, which can be exploited by malicious people to compromise a user's system.

tags | advisory
systems | windows
MD5 | 55ba05cc9792e91a5736a528ef54ded8
microworld-password.txt
Posted Sep 9, 2008
Authored by SlaYeR | Site securitydevelopment.net

Microworld Mailscan version 5.6a password revealing exploit.

tags | exploit
MD5 | 1c39e77188da2acddd89362754a6fef8
creatorcms-sql.txt
Posted Sep 9, 2008
Authored by ThE X-HaCkEr

Creator CMS version 5.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 677104879971b3fc14ed09172306a6cb
YSTS-CFP2008.txt
Posted Sep 9, 2008
Site ysts.org

The 2nd edition of YSTS (You Shot The Sheriff) has announced its call for papers. It will be held in Sao Paulo, Brazil from November 17th through 18th, 2008.

tags | paper, conference
MD5 | 8c93830919dbb852f18f9753ae16b5c2
maxthon-dos.txt
Posted Sep 9, 2008
Authored by LiquidWorm | Site zeroscience.mk

Maxthon Browser version 2.1.4.443 UNICODE remote denial of service proof of concept exploit.

tags | exploit, remote, denial of service, proof of concept
MD5 | 6bb91f4980a33301ef1ede6f46ece8c6
stash-bypass.txt
Posted Sep 9, 2008
Authored by IRCRASH | Site ircrash.com

Stash version 1.0.3 suffers from administrative bypass and file disclosure vulnerabilities via SQL injection.

tags | exploit, vulnerability, sql injection, bypass
MD5 | 88cf8e15e59c0f2784fe598bab277560
stash-cookie.txt
Posted Sep 9, 2008
Authored by Stack | Site v4-team.com

Stash version 1.0.3 suffers from an insecure cookie handling vulnerability.

tags | exploit, insecure cookie handling
MD5 | 9e0878c80166e3a24bda8aab89778d9f
Ubuntu Security Notice 641-1
Posted Sep 9, 2008
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 641-1 - It was discovered that there were multiple ways to leak memory during the IKE negotiation when handling certain packets. If a remote attacker sent repeated malicious requests, the "racoon" key exchange server could allocate large amounts of memory, possibly leading to a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2008-3651, CVE-2008-3652
MD5 | b8369efe4669c533d23fbc5b32a33e45
hotlinks-sqlxss.txt
Posted Sep 9, 2008
Authored by sl4xUz

Hot Links SQL-PHP versions 3 and below suffer from cross site scripting and SQL injection vulnerabilities in report.php.

tags | exploit, php, vulnerability, xss, sql injection
MD5 | 471c2272711045f7189f5d0c2ee00249
availscript-sqlxss.txt
Posted Sep 9, 2008
Authored by sl4xUz

Availscript Article Script suffers from cross site scripting and SQL injection vulnerabilities in articles.php.

tags | exploit, php, vulnerability, xss, sql injection
MD5 | 9ceafb4155c884c53da4c08155e42db9
45byte-linux.txt
Posted Sep 9, 2008
Authored by Thomas Rinsma

45 byte system-beep shellcode for linux/x86.

tags | x86, shellcode
systems | linux
MD5 | f7b3e30402de142da9d6c64319826bc1
12byte-freebsd.txt
Posted Sep 9, 2008
Authored by suN8Hclf | Site dark-coders.pl

12 byte kill all processes shellcode for freebsd/x86.

tags | x86, shellcode
systems | freebsd
MD5 | 7bdc60d238d9f5ac73cd79d5cbdcc8c4
Secunia Security Advisory 31675
Posted Sep 9, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in various Microsoft products, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory, vulnerability
MD5 | b133f6cb6e48f01756246b1a7f635376
Secunia Security Advisory 31718
Posted Sep 9, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Stack has reported a vulnerability in Cosmetics Zone, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, sql injection
MD5 | 116e3ec594ebeee2428f21a07442c078
Page 1 of 2
Back12Next

File Archive:

April 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    21 Files
  • 2
    Apr 2nd
    35 Files
  • 3
    Apr 3rd
    21 Files
  • 4
    Apr 4th
    16 Files
  • 5
    Apr 5th
    15 Files
  • 6
    Apr 6th
    1 Files
  • 7
    Apr 7th
    2 Files
  • 8
    Apr 8th
    23 Files
  • 9
    Apr 9th
    19 Files
  • 10
    Apr 10th
    15 Files
  • 11
    Apr 11th
    14 Files
  • 12
    Apr 12th
    11 Files
  • 13
    Apr 13th
    2 Files
  • 14
    Apr 14th
    5 Files
  • 15
    Apr 15th
    14 Files
  • 16
    Apr 16th
    19 Files
  • 17
    Apr 17th
    19 Files
  • 18
    Apr 18th
    8 Files
  • 19
    Apr 19th
    4 Files
  • 20
    Apr 20th
    5 Files
  • 21
    Apr 21st
    1 Files
  • 22
    Apr 22nd
    10 Files
  • 23
    Apr 23rd
    22 Files
  • 24
    Apr 24th
    11 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close