what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 37 RSS Feed

Files Date: 2009-01-23

Mandriva Linux Security Advisory 2009-026
Posted Jan 23, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-026 - phpMyAdmin has been updated to mitigate various cross site scripting and cross site request forgery vulnerabilities.

tags | advisory, vulnerability, xss, csrf
systems | linux, mandriva
advisories | CVE-2008-4775, CVE-2008-5621, CVE-2008-5622
SHA-256 | 8133881ab97608f592995b3f37b5dc7a0dce87a6f4a875a4915667794f46113e
IP-Array Linux IPTables Firewall Script
Posted Jan 23, 2009
Authored by AllKind | Site sourceforge.net

IP-Array is a Linux iptables Firewall script written in bash. It allows the creation of precise, stateful rules, while remaining easy to configure. IP-Array supports VPN, Traffic Shaping (creation of custom HTB and SFQ qdiscs, Classes, and Filters), multiple external interfaces, multiple LANs, multiple DMZs, NAT, logging, MAC address matching, packet marking, syslog logging, and various sysctl settings. It also includes some presets and autoconfig options for common needs like DNS, FTP, SMTP.

Changes: Three bug fixes.
tags | bash
systems | linux, unix
SHA-256 | 3dcfb60c6e8a9406cd0854fcce4c59cf3eaf59c17d20738cef9c5804f307cfbb
Iodine IPv4 DNS Tunneler
Posted Jan 23, 2009
Authored by Yarrick | Site code.kryo.se

iodine is a piece of software that lets you tunnel IPv4 data through a DNS server. This can be useful in situations where Internet access is firewalled, but DNS queries are allowed. It needs a TUN/TAP device to operate. The bandwidth is asymmetrical with limited upstream and up to 1 Mbit/s downstream.

Changes: Added capability to forward DNS queries outside tunnel domain to a nameserver on localhost. Fixed a segfault and an endless loop. Multiple other fixes and enhancements.
systems | unix
SHA-256 | ae4d9804fb69bef371e1d0565f7cbcff94e6ddd5e941afca742cbc753d25502d
PHP-Nuke Downloads Module SQL Injection
Posted Jan 23, 2009
Authored by IRCRASH | Site ircrash.com

The Downloads module in PHP-Nuke 8.0 suffers from a blind remote SQL injection vulnerability.

tags | exploit, remote, php, sql injection
SHA-256 | 3e14805b2ebdc64ac83971ae339408bbeb46dbe18e41a24ece9d0940babeed06
AXIS Camera Control Buffer Overflow
Posted Jan 23, 2009
Authored by Alin Rad Pop | Site secunia.com

Secunia Research has discovered a vulnerability in AXIS Camera Control, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error in the CamImage.CamImage.1 ActiveX control (AxisCamControl.ocx) and can be exploited to cause a heap-based buffer overflow by assigning an overly long string to the "image_pan_tilt" property. Successful exploitation allows execution of arbitrary code, but requires that the user is tricked into visiting and clicking a malicious web page. AXIS Camera Control version 2.40.0.0 is affected.

tags | advisory, web, overflow, arbitrary, activex
advisories | CVE-2008-5260
SHA-256 | f0b0180856e9a0262f48ee0884649b780536e52f07ec1f178af12b3043c2f323
BBSxp 5.13 Cross Site Scripting
Posted Jan 23, 2009
Authored by arashps0

BBSxp versions 5.13 and below suffer from a cross site scripting vulnerability in error.asp.

tags | exploit, xss, asp
SHA-256 | 0fab2353abfe6c2717da62168a95110e4308768a76412a3a7c3f9b6fc1466127
EPOLL System password.dat Disclosure
Posted Jan 23, 2009
Authored by Pouya Server

EPOLL System password.dat disclosure exploit.

tags | exploit, info disclosure
SHA-256 | 9c58560b93b1ac1393241e73c9b0cc3e6c62f2ad0b19cb3a82ae1129fd1cf7c2
ECOUNT System password.dat Disclosure
Posted Jan 23, 2009
Authored by Pouya Server

ECOUNT System version 2.1 password.dat disclosure exploit.

tags | exploit, info disclosure
SHA-256 | faf5f40f6a0c4c315c86d1c5b62dc6c43e4981dc909fae0509d85325af41d68d
Bharat Sanchar Nigam Ltd. SQL Injection
Posted Jan 23, 2009
Authored by Rohit Bansal

Bharat Sanchar Nigam Ltd., a large telecommunications company in India, suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 0bbb6f52b14cee8ffdf1703e8953128f828aed46d8ddd27acb29e2f72edf36af
Picviz Plotting Tool
Posted Jan 23, 2009
Site wallinfire.net

Picviz is a parallel coordinates plotter which enables easy scripting from various types of input (such as tcpdump, syslog, iptables logs, or Apache logs) to visualize your data and discover interesting results quickly. Its primary goal is to graph data in order to be able to quickly analyze problems and find correlations among variables. With security analysis in mind, the program has been designed to be very flexible, able to graph millions of events.

tags | tool
systems | unix
SHA-256 | ac7a691c36d6340aecf105f0d8204f3ca504e00de96ec61855e5b6646ebdfb26
Secunia Security Advisory 33444
Posted Jan 23, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Secunia Research has discovered a vulnerability in AXIS Camera Control, which can be exploited by malicious people to compromise a user's system.

tags | advisory
SHA-256 | da0bf0b95bcb0a86d33582cd035661ec0a7c30f9127079b00ff5591bdca7da76
Secunia Security Advisory 33592
Posted Jan 23, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Ralink Technology Wireless Drivers, which can be exploited to cause a DoS (Denial of Service) or compromise a vulnerable system.

tags | advisory, denial of service
SHA-256 | fd1d255c3566d41a8699388dbf00e5b5a01237981dcb75be798897597e21ce64
Secunia Security Advisory 33650
Posted Jan 23, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Tobias Klein has reported some vulnerabilities in GStreamer Good Plug-ins, which can potentially be exploited by malicious people to compromise a vulnerable system.

tags | advisory, vulnerability
SHA-256 | 2934f9b3e8dbe0a5737cd4af2978539c5b0f79735d4188b09eeeb8c24b3aa3ed
Secunia Security Advisory 33643
Posted Jan 23, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Futomi's CGI Cafe Search CGI, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory, cgi
SHA-256 | 05411d3bf3559504b499607311bff4eff9539dcf210927a344add99477ddb6b5
Secunia Security Advisory 33627
Posted Jan 23, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in mod-auth-mysql, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, sql injection
SHA-256 | cdfeb0af53db708703324769f8b5859fae827504dbf3f8c141ffa51eb91fc01f
Secunia Security Advisory 33597
Posted Jan 23, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Gjoko 'LiquidWorm' Krstic has discovered a vulnerability in FTPShell Server, which can be exploited by malicious people to compromise a user's system.

tags | advisory
SHA-256 | aff7f15ed0730268cd967c60d5fe5f47d055574ed7f94f82d5fda6640622a7b6
Secunia Security Advisory 33068
Posted Jan 23, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Sun has acknowledged a vulnerability in Sun Solaris, which can potentially be exploited by malicious people to compromise a user's system.

tags | advisory
systems | solaris
SHA-256 | 275e804e873d4dba418bab96c34335ffce492ffca53de78593edd280b1dd93f7
Technical Cyber Security Alert 2009-22A
Posted Jan 23, 2009
Authored by US-CERT | Site us-cert.gov

Technical Cyber Security Alert TA09-022A - Apple has released QuickTime 7.6 to correct multiple vulnerabilities affecting QuickTime for Mac OS X and Windows. Attackers may be able to exploit these vulnerabilities to execute arbitrary code or cause a denial of service.

tags | advisory, denial of service, arbitrary, vulnerability
systems | windows, apple, osx
SHA-256 | 500fb41903e843e7705b6fa66a58d47cecf01285e9ee54072b5d4e5fb5f2889f
GStreamer Heap Overflow And Out Of Bounds
Posted Jan 23, 2009
Authored by Tobias Klein | Site trapkit.de

GStreamer gst-plugins-good versions below 0.10.12 suffer from heap overflow and array index out of bounds vulnerabilities.

tags | advisory, overflow, vulnerability
SHA-256 | ae5d5f7a93915193f6bbfe67a4de2d6d96a10f53637af659ba372970130ceede
VUPlayer 2.49 .ASX Buffer Overflow
Posted Jan 23, 2009
Authored by SimO-s0fT

VUPlayer version 2.49 .ASX file local universal buffer overflow exploit.

tags | exploit, overflow, local
SHA-256 | 4fd0b6ead9b12f134d30c401560ea560b492dd0af43e799d5419e14fbdcb798a
Whitepaper - Applied Binary Code Obfuscation
Posted Jan 23, 2009
Authored by Glafkos Charalambous, George Nicolaou | Site astalavista.com

Whitepaper called Applied Binary Code Obfuscation.

tags | paper
SHA-256 | 1fac0b61951550b9bd51e0cdcc293f106b49750db201c4f5aa35e1b626540339
SUSE Security Announcement SUSE-SA:2009:005
Posted Jan 23, 2009
Site suse.com

SUSE Security Announcement - Some months ago a vulnerability in the DNS protocol was published that allowed easy spoofing of DNS entries. The only way to protect against spoofing is to use DNSSEC. Unfortunately the bind code that verifies the certification chain of a DNSSEC zone transfer does not properly check the return value of function DSA_do_verify(). This allows the spoofing of records signed with DSA or NSEC3DSA.

tags | advisory, spoof, protocol
systems | linux, suse
advisories | CVE-2009-0025
SHA-256 | d74f87bbc2b59d50b480b14aef11ea8b5953c91c5ba250a23200d96840fc5172
Sad Raven Guetbook 1.1 passwd.dat Disclosure
Posted Jan 23, 2009
Authored by Pouya Server

Sad Raven's Guestbook version 1.1 passwd.dat disclosure exploit.

tags | exploit, info disclosure
SHA-256 | 78f2995ef2fb665ccd03d53422e9063d9a99a924ceaf680af30131ff3abf62ce
Whitepaper - Modifying An Application's Memory
Posted Jan 23, 2009
Authored by Aodrulez | Site aodrulez.blogspot.com

Whitepaper discussing Mem-Jacking, or modifying the memory of an application.

tags | paper
SHA-256 | 8ea360fe544a5d1b8495473b654e72610edc784f1ddb16944c3c65d10928b54f
Whitepaper - Exploit Buffer Overflows
Posted Jan 23, 2009
Authored by Kalgecin | Site maestro-sec.com

Whitepaper called Exploiting Buffer Overflows.

tags | paper, overflow
SHA-256 | 9a69e9e81f452ff8ccc1d496d9bcffb176cb16e0b883233d9300060573f2f4e3
Page 1 of 2
Back12Next

File Archive:

June 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    19 Files
  • 2
    Jun 2nd
    16 Files
  • 3
    Jun 3rd
    28 Files
  • 4
    Jun 4th
    0 Files
  • 5
    Jun 5th
    0 Files
  • 6
    Jun 6th
    19 Files
  • 7
    Jun 7th
    23 Files
  • 8
    Jun 8th
    11 Files
  • 9
    Jun 9th
    10 Files
  • 10
    Jun 10th
    4 Files
  • 11
    Jun 11th
    0 Files
  • 12
    Jun 12th
    0 Files
  • 13
    Jun 13th
    0 Files
  • 14
    Jun 14th
    0 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    0 Files
  • 18
    Jun 18th
    0 Files
  • 19
    Jun 19th
    27 Files
  • 20
    Jun 20th
    65 Files
  • 21
    Jun 21st
    10 Files
  • 22
    Jun 22nd
    8 Files
  • 23
    Jun 23rd
    6 Files
  • 24
    Jun 24th
    6 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close