World Association of Newspapers remote SQL injection exploit that leverages articles.php.
5ad5aac0cf3897c1fa2e5d8d967aff981baaf46824b23ad92cdbbffa862d555eSnippet of code that will supposedly cause Apache 2.2.11 with PHP 5.2.8 to crash due to a possible buffer overflow in com_print_typeinfo.
257e1e5fc8b8be778287c1c7f88ce8ce5cc280c6e7411c54152e72db2532e40bMocha is a tool that monitors your network activity and keeps a record of IP / MAC address pairings and firewall logs. It will give a warning when it notices any suspicious activity, like any changes in MAC address or any connection attempt to the firewall. Written in Java.
8d18156a1211358604da4b057ee625f1f9d8b297903784087dcbe64e21a6955eMicrosoft Internet Explorer 7.0.5730.13 Javascript screen[] denial of service exploit.
1788556f864da691e29d281e9f29a58d6ca6b77ac8046ec570596cb6fb81f22eVUPlayer version 2.49 local buffer overflow exploit that creates a malicious .asx file.
8a8b6d22242f0673fbcd9c4e980b8e04251604b27582bdc85af3fe21b447fc53OpenStego is a tool implemented in Java for generic steganography, with support for password-based encryption of the data. It supports plugins for various steganographic algorithms (currently, only Least Significant Bit algorithm is supported for images). Both source and jar releases are in this tarball.
a79b5bb944b28cd3f435e475fb30ef328bf76147168a5710a1a63e0f849e210eShakacon II Call For Papers - Shakacon will offer local, national, and international participants a casual, social, learning environment designed to present a "holistic" security view and the opportunity to network with peers and fellow enthusiasts in a relaxed setting. This conference will be held June 11th and 12th, 2009 in Honolulu, HI.
cfccea6ebb30edbd84c9b9e2f663fd70165338c8e14679726c775c18014f762fFast FAQs System suffers from a remote SQL injection vulnerability that allows for authentication bypass.
5ef5d90a1af4064c35171657d2b81f54cbb8fad4b4e9dd86ce16946b1985e7d8Debian Security Advisory 1698-1 - It was discovered that GForge, a collaborative development tool, insufficiently sanitizes some input allowing a remote attacker to perform SQL injection.
a916cb1281407b15575a876148702ec9fb71984174d94370033d3e17160e01c5Mandriva Linux Security Advisory 2009-001 - A vulnerability was found by the Google Security Team with how OpenSSL checked the verification of certificates. An attacker in control of a malicious server or able to effect a man-in-the-middle attack, could present a malformed SSL/TLS signature from a certificate chain to a vulnerable client, which would then bypass the certificate validation. The updated packages have been patched to prevent this issue.
7cb36eb4be3d23af4e2bd6fb95b420edddd09b2ac6e865b634c41f2da5f0add4VUPlayer version 2.49 local buffer overflow exploit that creates a malicious .asx file.
b0c5560b1d98f7e9c7b00ae89c58c221e8947df9ad7608d5a834035d575d45a6MP3 TrackMaker version 1.5 local heap overflow proof of concept exploit that creates a malicious .mp3 file.
130ad6cabdb2840fe0d7fa9febfb11106b2d3efb60d7f1aba8ed2aecd416fb2fUbuntu Security Notice USN-706-1 - It was discovered that Bind did not properly perform certificate verification. When DNSSEC with DSA certificates are in use, a remote attacker could exploit this to bypass certificate validation to spoof DNS entries and poison DNS caches. Among other things, this could lead to misdirected email and web traffic.
b23a84a6d2c4fea39375286b937b3436f0ba4ad561bbfcbc61fbe197d2a045d6CUPP is the Common User Passwords Profiler. It takes in various user about a given human target and then generates a logical dictionary for password cracking.
d24f7c8ccdff89c52cbc6dabbf113fd3a7cd1c4d1d3090bf2e9fbedceae05a66Google Chrome appears to suffer from denial of service issues through misuse of the view-source URI.
5d990fc777e6b98148174480d63e8c8f7b2e1dc130def54d59a966677b34a49eThe IBM DataPower XS40 Security Gateway automatically reboots when fed random data to TCP port 443 over SSL allowing for a remote and unauthenticated denial of service.
17aa6440b579293ebfd9b3dce003053e7a25c6accb59329152a7322c87f061d8Samba versions below 3.0.20 heap overflow exploit. Written for older versions of Debian, Slackware, and Mandrake.
43b87d032641543dcbbc7602729efaa345048ff41a4495d0b750df770c23b850Asterisk Project Security Advisory - IAX2 provides a different response during authentication when a user does not exist, as compared to when the password is merely wrong. This allows an attacker to scan a host to find specific users on which to concentrate password cracking attempts.
76953e16708f452e52817ab659a4b7c085e7394015faca6b640857c346d8b1de
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed