what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 30 RSS Feed

Files Date: 2009-04-02

Firewall Builder With GUI
Posted Apr 2, 2009
Site fwbuilder.org

Firewall Builder consists of a GUI and set of policy compilers for various firewall platforms. It helps users maintain a database of objects and allows policy editing using simple drag-and-drop operations. The GUI and policy compilers are completely independent, which provides for a consistent abstract model and the same GUI for different firewall platforms. It currently supports iptables, ipfilter, ipfw, OpenBSD pf, Cisco PIX and FWSM, and Cisco routers access lists.

Changes: This version includes numerous bugfixes as well as improvements in the built-in policy installer, SNMP discovery, support for IPv6 for all platforms, and policy compilers for iptables and PF. Generation of static routing commands for Cisco IOS and PIX has been implemented. This is a stable version to which all users are encouraged to upgrade.
tags | tool, firewall
systems | cisco, linux, openbsd
SHA-256 | 4cbfc786e2c69b36aa788fb55e19050b1b7e7119ae8178d6528475e1cc9b058c
Mandriva Linux Security Advisory 2009-085
Posted Apr 2, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-085 - Integer overflows in gstreamer0.10-plugins-base Base64 encoding and decoding functions may lead attackers to cause denial of service. Although vector attacks are not known yet. This update provides the fix for that security issue.

tags | advisory, denial of service, overflow
systems | linux, mandriva
advisories | CVE-2009-0586
SHA-256 | 891a03bb1aee1a11efbe9c7b8bbfa659fbd781b1b23999b817ef8e0d856f7e99
Gentoo Linux Security Advisory 200904-1
Posted Apr 2, 2009
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200904-01 - Multiple vulnerabilities were discovered in Openfire, the worst of which may allow remote execution of arbitrary code. Versions less than 3.6.3 are affected.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2008-6508, CVE-2008-6509, CVE-2008-6510, CVE-2008-6511, CVE-2009-0496, CVE-2009-0497
SHA-256 | f380d0bfe92436732548477d1098f7a56b2edb3e20c897bdd1bca009cfce64ea
Autodesk IDrop Active-X Control
Posted Apr 2, 2009
Authored by Elazar Broad

The Src, Background, PackageXml properties in the Autodesk IDrop Active-X control, IDrop.ocx version 17.1.51.160, can be manipulated to trigger a heap use after free condition resulting in arbitrary remote code execution.

tags | advisory, remote, arbitrary, code execution, activex
SHA-256 | 1fbcf13d54df0e114fd96ea3f5e09559387f9e25c424f2d139670a609329cc27
Asterisk Advisory - Information Leak
Posted Apr 2, 2009
Authored by Tilghman Lesher | Site asterisk.org

Asterisk Project Security Advisory - The Asterisk maintainers have made it so that a scan for valid SIP usernames always returns with the same response.

tags | advisory
advisories | CVE-2008-3903
SHA-256 | ee9968f99acb80ce4acfeaba744f770db13f2fda8eef9ea61b86c99b6e3eaa8f
Tessera 4CMS SQL Injection / Local File Inclusion
Posted Apr 2, 2009
Authored by k1ll3r_null

Tessera 4CMS suffers from remote SQL injection and local file inclusion vulnerabilities.

tags | exploit, remote, local, vulnerability, sql injection, file inclusion
SHA-256 | e6aae8d3dbbd74d2a6ab420235c945486296f9a7ae556015eebb25bb3b2e8e10
TinyPHPForum 3.61 Shell Upload
Posted Apr 2, 2009
Site securitylab.ru

TinyPHPForum version 3.61 suffers from a shell upload vulnerability.

tags | exploit, shell, file upload
SHA-256 | 9ccfd51971ba5c99d8c90fde7cc1f6c8790741116add13fde33c83ee4007292e
F-PROT ZIP Method Evasion
Posted Apr 2, 2009
Authored by Thierry Zoller

The parsing engine in F-PROT can be bypassed by manipulating the ZIP method field. It is as easy as opening a ZIP file in an editor and typing a number greater than 15 on your keyboard. This is a four year old vulnerability that they still have not patched.

tags | advisory
advisories | CVE-2005-3499
SHA-256 | 32f11246969d4155068655689ca4f9c6ab515a0c2d759dc6e70b8a523521f060
IBM / ISS Proventia Evasion
Posted Apr 2, 2009
Authored by Thierry Zoller

The parsing engine in IBM ISS Proventia can be bypassed by manipulating RAR archives in a certain way that the IBM engine cannot extract the content but the end user is able to.

tags | advisory
SHA-256 | 886d00514b2f82efe2ac88764af3dbf921d459eedb7677dd4ebbc80781b7f291
ClamAV Evasion
Posted Apr 2, 2009
Authored by Thierry Zoller

The parsing engine in Clam AntiVirus versions below 0.95 can be bypassed by manipulating RAR archives in a certain way that ClamAV cannot extract the content but the end user is able to.

tags | advisory
SHA-256 | 1ad9a4ac9d3a2014ada24abfdc78454052f88645c0a7e7f90b20fe8a14b687f4
IBM DB2 Denial Of Service
Posted Apr 2, 2009
Authored by Dennis Yurichev

IBM DB2 versions 9.5 prior to Fix Pack 3a denial of service exploit. Requires DB2TEST database present and GUEST account with QQ password to work.

tags | exploit, denial of service
SHA-256 | 06d35255f64ddc320db337ddffdfbc0a585de92a8fb494a9641eb2fed1a2cc7a
IBM DB2 9.5 Pre-Auth Denial Of Service
Posted Apr 2, 2009
Authored by Dennis Yurichev

IBM DB2 versions 9.5 prior to Fix Pack 3a pre-auth denial of service exploit.

tags | exploit, denial of service
SHA-256 | e2b71aaeb3132897022d4933939b2a31ccdca19a2e3ab004859d20495f0a1367
ContentKeeper Command Execution
Posted Apr 2, 2009
Authored by Patrick Webster | Site aushack.com

ContentKeeper versions 125.09 and below suffer from remote command execution and privilege escalation vulnerabilities.

tags | advisory, remote, vulnerability
SHA-256 | 7b0e6a68dec445f1b9b8ea919e24acdff1c5f7fa8262df16f7e2bff2161cb2c6
ConnX SQL Injection
Posted Apr 2, 2009
Authored by Patrick Webster | Site aushack.com

ConnX version 4.0.20080606 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | a6fbf4350f943105c85f2528b5b3bb0e393500377b3bdb74b5113fc48e753300
Webunit Calendar 1.2 Cross Site Scripting
Posted Apr 2, 2009
Authored by r0ot

Webunit Calendar version 1.2 suffers from a cross site scripting vulnerability in date.php.

tags | exploit, php, xss
SHA-256 | 4a57a39649d93561e8729030f73245747b6f0803a2dc3aabf9ededce2815945c
Debian Linux Security Advisory 1762-1
Posted Apr 2, 2009
Authored by Debian | Site debian.org

Debian Security Advisory 1762-1 - It was discovered that icu, the internal components for Unicode, did not properly sanitise invalid encoded data, which could lead to cross site scripting attacks.

tags | advisory, xss
systems | linux, debian
advisories | CVE-2008-1036
SHA-256 | 394edea748c82370feee9e6c67fcfc3ee1cc25518848f11aee385f9ca573e1ce
Crystal Reports Cross Site Scripting
Posted Apr 2, 2009
Authored by BugsNotHugs

SAP BusinessObjects Crystal Reports suffers from multiple cross site scripting vulnerabilities in viewreport.asp.

tags | exploit, vulnerability, xss, asp
SHA-256 | fce3185bc71a241e9920ff0d2d40f556e07582a6a9c248380cf2b345f436b30e
File Thingie 2.5.4 Shell Upload
Posted Apr 2, 2009
Authored by Xia Shing Zee

File Thingie version 2.5.4 suffers from an arbitrary shell upload vulnerability.

tags | advisory, arbitrary, shell, file upload
SHA-256 | 3db61bf8d3ee9ee5f70452630bb6d2c2bd22e197df09e726a0ca373dd2d6be4e
FortiClient Format String
Posted Apr 2, 2009
Authored by Deral Heiland | Site layereddefense.com

Layered Defense Research Advisory - FortiClient version 3.0.614 suffers from a format string vulnerability.

tags | advisory
SHA-256 | 03c7157f2662b4ea6613ac679d2324fc6483c5a47915efcd34f14575cddd1f83
Amaya 11.1 XHTML Buffer Overflow
Posted Apr 2, 2009
Authored by C1c4Tr1Z

Amaya version 11.1 suffers from a XHTML parser buffer overflow vulnerability.

tags | exploit, overflow
SHA-256 | e06481c2ac84dec30573ee6880da02eb452e1c86152df403ce833bbfe51fc186
OSCommerce Session Fixation
Posted Apr 2, 2009
Authored by TeaM Random | Site etsmtl.ca

OSCommerce suffers from a session fixation vulnerability.

tags | exploit
SHA-256 | 24e5402d991c1aa68ccabcb222c4a29a553a4674afec08bd8604a11913605245
Secunia Security Advisory 34211
Posted Apr 2, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - HP has issued an update for OpenSSL. This fixes a vulnerability, which can be exploited by malicious people to conduct spoofing attacks.

tags | advisory, spoof
SHA-256 | 5a12cdb3f3ccbd2435134ccddaa08bf2fd0dd83deaefb48677e89a1a265d00b0
Secunia Security Advisory 34556
Posted Apr 2, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in Atlassian JIRA, which can be exploited by malicious people to conduct HTTP header injection and cross-site scripting attacks.

tags | advisory, web, vulnerability, xss
SHA-256 | e01f548bdd33afffb714df225812c3d14dfe1e270da0f590e27da08d5c078ae0
Secunia Security Advisory 34535
Posted Apr 2, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - TaMBarUS has reported a vulnerability in Nokia Siemens Flexi ISN, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory
SHA-256 | 17c21bd2a9b7597cb730e482c933fd03191361b5b580eb1f52688d47ab42dbd4
Secunia Security Advisory 34565
Posted Apr 2, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in XOOPS Cube Legacy, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss
SHA-256 | a50a919f632bf5727132fb77d5a79618b97046a9045d1e60559eea7a3e9b21cf
Page 1 of 2
Back12Next

File Archive:

February 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    11 Files
  • 2
    Feb 2nd
    9 Files
  • 3
    Feb 3rd
    5 Files
  • 4
    Feb 4th
    0 Files
  • 5
    Feb 5th
    0 Files
  • 6
    Feb 6th
    0 Files
  • 7
    Feb 7th
    0 Files
  • 8
    Feb 8th
    0 Files
  • 9
    Feb 9th
    0 Files
  • 10
    Feb 10th
    0 Files
  • 11
    Feb 11th
    0 Files
  • 12
    Feb 12th
    0 Files
  • 13
    Feb 13th
    0 Files
  • 14
    Feb 14th
    0 Files
  • 15
    Feb 15th
    0 Files
  • 16
    Feb 16th
    0 Files
  • 17
    Feb 17th
    0 Files
  • 18
    Feb 18th
    0 Files
  • 19
    Feb 19th
    0 Files
  • 20
    Feb 20th
    0 Files
  • 21
    Feb 21st
    0 Files
  • 22
    Feb 22nd
    0 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close