what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 59 RSS Feed

Files Date: 2008-11-24

mp3nema-v0_2.tar.gz
Posted Nov 24, 2008
Authored by enferex | Site 757labs.com

MP3nema is a tool aimed at analyzing and capturing data that is hidden between frames in an MP3 file or stream, otherwise noted as "out of band" data. This utility also supports adding data between frames and capturing streaming audio.

Changes: Added wording to usage statement. Flushes out of band data file pointer when saving out of band data. Various other improvements.
tags | tool, forensics
SHA-256 | a4507d1404d7468df71c01e42cd42ee5594311ab6160300c3894c420dd2741e1
squid-nufw-helper-1.1.3.tar.gz
Posted Nov 24, 2008
Authored by Vincent Deffontaines

squid-nufw-helper is an external ACL helper for Squid that provides Single Sign On capabilities. It uses the NuFW firewall suite and supports the NuFW users SQL logging scheme. The module allows for strict SSO identification and authentication of users on any Squid proxy, including transparent proxies.

Changes: -a switch now useless. Handles automatic reconnection to MySQL sever.
tags | web
SHA-256 | 6984d7dad2acd7450b71ddbbf835596ee118502ab5eca1dd473c04e3701cc2e3
tcpip_lib51.zip
Posted Nov 24, 2008
Authored by Barak Weichselbaum | Site komodia.com

This is an open source TCP/IP library with asynchronous BlowFish and SSL support.

tags | tcp, library
SHA-256 | 3d497288df7767c4cd1711c5c2345a4875ab6b89fb73fc41d6d9b5f109e0a26f
googlechrome-obfuscate.tgz
Posted Nov 24, 2008
Authored by Aditya K Sood | Site secniche.org

Google Chrome versions 0.2.149.30, 0.2.149.29, and 0.2.149.27 all suffer from a metacharacter URI obfuscation vulnerability. Proof of concept html included.

tags | exploit, proof of concept
SHA-256 | d38d8e01b2b606eaedfeba68c9279763a7a153407e69461fa9d5161bd52eb4f0
w3camayaid-overflow.txt
Posted Nov 24, 2008
Authored by r0ut3r

The W3C Amaya web browser version 10.1 remote stack overflow exploit that relates to the id tag.

tags | exploit, remote, web, overflow
SHA-256 | ccce518a71ec7d7a4e756e21ba7d17b184d3fefd2d8e063b6a1734e723eecd38
w3camayaurl-overflow.txt
Posted Nov 24, 2008
Authored by r0ut3r

The W3C Amaya web browser version 10.1 remote stack overflow exploit that relates to the URL bar.

tags | exploit, remote, web, overflow
SHA-256 | 24f12692210fe9aca972c4318769913b52180b33780ee805929548a1a7edfe7b
Ubuntu Security Notice 676-1
Posted Nov 24, 2008
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice USN-676-1 - It was discovered that WebKit did not properly handle Cascading Style Sheets (CSS) import statements. If a user were tricked into opening a malicious website, an attacker could cause a browser crash and possibly execute arbitrary code with user privileges.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2008-3632
SHA-256 | dc8a315aecca9c511679aa165dfdcdf03f4cab359761487989fef9e640835ed1
Ubuntu Security Notice 675-2
Posted Nov 24, 2008
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice USN-675-2 - It was discovered that Gaim did not properly handle certain malformed messages in the MSN protocol handler. A remote attacker could send a specially crafted message and possibly execute arbitrary code with user privileges.

tags | advisory, remote, arbitrary, protocol
systems | linux, ubuntu
advisories | CVE-2008-2927
SHA-256 | 7e9520c885b1e6091c3f2f1be79d8a8bb9debda71e26bf44b22d2c8e526f5f26
Ubuntu Security Notice 675-1
Posted Nov 24, 2008
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice USN-675-1 - It was discovered that Pidgin did not properly handle certain malformed messages in the MSN protocol handler. A remote attacker could send a specially crafted message and possibly execute arbitrary code with user privileges. It was discovered that Pidgin did not properly handle file transfers containing a long filename and special characters in the MSN protocol handler. A remote attacker could send a specially crafted filename in a file transfer request and cause Pidgin to crash, leading to a denial of service. It was discovered that Pidgin did not impose resource limitations in the UPnP service. A remote attacker could cause Pidgin to download arbitrary files and cause a denial of service from memory or disk space exhaustion. It was discovered that Pidgin did not validate SSL certificates when using a secure connection. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could be exploited to view sensitive information. This update alters Pidgin behaviour by asking users to confirm the validity of a certificate upon initial login.

tags | advisory, remote, denial of service, arbitrary, protocol
systems | linux, ubuntu
advisories | CVE-2008-2927, CVE-2008-2955, CVE-2008-2957, CVE-2008-3532
SHA-256 | e5e3001e6d6476f98054192d0fafe30602a1312ac464eec120826a1864a9cd0f
Ubuntu Security Notice 674-2
Posted Nov 24, 2008
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice USN-674-2 - USN-674-1 provided packages to fix vulnerabilities in HPLIP. Due to an internal archive problem, the updates for Ubuntu 7.10 would not install properly. This update provides fixed packages for Ubuntu 7.10. We apologize for the inconvenience. Original advisory details: It was discovered that the hpssd tool of hplip did not validate privileges in the alert-mailing function. A local attacker could exploit this to gain privileges and send e-mail messages from the account of the hplip user. This update alters hplip behaviour by preventing users from setting alerts and by moving alert configuration to a root-controlled /etc/hp/alerts.conf file. It was discovered that the hpssd tool of hplip did not correctly handle certain commands. A local attacker could use a specially crafted packet to crash hpssd, leading to a denial of service.

tags | advisory, denial of service, local, root, vulnerability
systems | linux, ubuntu
advisories | CVE-2008-2940, CVE-2008-2941
SHA-256 | b2784440b0a617c94be32e180385f06c05cd97154f28d2d286492551ec4fe1b2
SVRT-05-08.txt
Posted Nov 24, 2008
Authored by SVRT | Site security.bkis.vn

SVRT-Bkis has detected a serious buffer overflow vulnerability in ffdshow which affects all available internet browsers. Taking advantage of the flaw, hackers can perform remote attack, inject viruses, steal sensitive information and even take control of the victim's system. Versions below rev2347 20081123 are affected.

tags | advisory, remote, overflow
SHA-256 | d5b01d681ab02ae46e8fa752529dd5a7d9d3b36adee4ff615ffda3aa5d2227f5
videoscript-unofficialshell.txt
Posted Nov 24, 2008
Authored by G4N0K

VideoScript versions 3.0 through 4.1.5.55 unofficial shell injection exploit.

tags | exploit, shell
SHA-256 | edee051850c042bf4ea7230997e961f048e1aa0dcf5f74de791c47989335fde3
videoscript-officialshell.txt
Posted Nov 24, 2008
Authored by G4N0K

VideoScript versions 3.0 through 4.0.1.50 official shell injection exploit.

tags | exploit, shell
SHA-256 | 4c47f7fb94bdf562cd12ec4bde9d2f03df2dffc031b448e2923a3ff4c79386f0
gooplecms-upload.txt
Posted Nov 24, 2008
Authored by X0r

Goople CMS version 1.7 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell, file upload
SHA-256 | 6c3742383924bac79d92392e58781fb0c695f91513ef093dad76b90c307d3dd7
pgjobsite-sql.txt
Posted Nov 24, 2008
Authored by ZoRLu

PG Job Site suffers a blind SQL injection vulnerability.

tags | exploit, sql injection
SHA-256 | f133505abdb916286cb45dae2f84c26dc7003b66005040a5c4f2511acfa85d6b
pgroommate-sql.txt
Posted Nov 24, 2008
Authored by ZoRLu

PG Roomate Finder Solution suffers a SQL injection vulnerability that allows for authentication bypass.

tags | exploit, sql injection
SHA-256 | c3f918c06c12db4860f0b6b54595bdd1336130b24d0b0bc3e6e208721c0fbe1b
pgrealestate-sql.txt
Posted Nov 24, 2008
Authored by ZoRLu

PG Real Estate suffers a SQL injection vulnerability that allows for authentication bypass.

tags | exploit, sql injection
SHA-256 | da4f895d7960cbecf421d72addc3f971b236f4e154fd4407dcb9caeff61dcf48
ms08-069.txt
Posted Nov 24, 2008
Authored by Jerome Athias

Microsoft XML Core Services DTD cross-domain scripting proof of concept exploit that makes use of the vulnerability noted in MS08-069.

tags | exploit, proof of concept
SHA-256 | 9c41a205f45e8e6c54228661f76071d9b7c78bfe03fea9f194e637bee0017cd3
linuxrsa-shellcode.txt
Posted Nov 24, 2008
Authored by XenoMuta | Site xenomuta.tuxfamily.org

295 bytes of Linux/x86 shellcode that appends a RSA key to /root/.ssh/authorized_keys2.

tags | x86, root, shellcode
systems | linux
SHA-256 | daf38163f2ce60d4025acdcf4ed49f89ec6009e7d69abc71e6bb166cc0fc0d36
linuxcb-shellcode.txt
Posted Nov 24, 2008
Authored by XenoMuta | Site xenomuta.tuxfamily.org

151 bytes of Linux/x86 connect-back shellcode that uses UDP port 54321 and executes tcpdump.

tags | x86, udp, shellcode
systems | linux
SHA-256 | 43697f2423432246a3de3022253c59fbb3331f2b592eabd562c28e4a731f5a8e
openssh-cbc-adv.txt
Posted Nov 24, 2008
Site openssh.com

The OpenSSH team has been made aware of an attack against the SSH protocol version 2 by researchers at the University of London. Unfortunately, due to the report lacking any detailed technical description of the attack and CPNI's unwillingness to share necessary information, they are unable to properly assess its impact.

tags | advisory, protocol
SHA-256 | 49c82d9678c78a73d9b145364ac4e30148c38b923dedd1f5411f0ea41c53919d
coms-xss.txt
Posted Nov 24, 2008
Authored by Pouya Server

COMS, or Contents and Object Management System, suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 691e899c19b10b1fb46404e841ec9c490ee703080377fca0dbbc208be0f8351e
prozillahi-sql.txt
Posted Nov 24, 2008
Authored by Snakespc | Site snakespc.com

Prozilla Hosting Index suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | c6c400f15b994d3723a4e49b38737a2a24d3ee4f829670d2d2acb5869ab8f85b
netartblog-sql.txt
Posted Nov 24, 2008
Authored by Snakespc | Site snakespc.com

NetArtMedia Blog System suffers from a remote SQL injection vulnerability in image.php.

tags | exploit, remote, php, sql injection
SHA-256 | 6cfea4ee18824fe5e7becd107caa41aaac174af5869d6d405439532292d491b3
netartcars-sql.txt
Posted Nov 24, 2008
Authored by Snakespc | Site snakespc.com

NetArtMedia Cars Portal suffers from a remote SQL injection vulnerability in image.php.

tags | exploit, remote, php, sql injection
SHA-256 | afb795f4a79591161f68da836405d745a30033f6835a69edd8c1b990f7520201
Page 1 of 3
Back123Next

File Archive:

February 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    16 Files
  • 2
    Feb 2nd
    19 Files
  • 3
    Feb 3rd
    0 Files
  • 4
    Feb 4th
    0 Files
  • 5
    Feb 5th
    24 Files
  • 6
    Feb 6th
    2 Files
  • 7
    Feb 7th
    10 Files
  • 8
    Feb 8th
    25 Files
  • 9
    Feb 9th
    37 Files
  • 10
    Feb 10th
    0 Files
  • 11
    Feb 11th
    0 Files
  • 12
    Feb 12th
    17 Files
  • 13
    Feb 13th
    20 Files
  • 14
    Feb 14th
    25 Files
  • 15
    Feb 15th
    15 Files
  • 16
    Feb 16th
    6 Files
  • 17
    Feb 17th
    0 Files
  • 18
    Feb 18th
    0 Files
  • 19
    Feb 19th
    35 Files
  • 20
    Feb 20th
    25 Files
  • 21
    Feb 21st
    18 Files
  • 22
    Feb 22nd
    0 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files
  • 29
    Feb 29th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close