exploit the possibilities
Showing 1 - 25 of 30 RSS Feed

Files Date: 2009-04-02

Firewall Builder With GUI
Posted Apr 2, 2009
Site fwbuilder.org

Firewall Builder consists of a GUI and set of policy compilers for various firewall platforms. It helps users maintain a database of objects and allows policy editing using simple drag-and-drop operations. The GUI and policy compilers are completely independent, which provides for a consistent abstract model and the same GUI for different firewall platforms. It currently supports iptables, ipfilter, ipfw, OpenBSD pf, Cisco PIX and FWSM, and Cisco routers access lists.

Changes: This version includes numerous bugfixes as well as improvements in the built-in policy installer, SNMP discovery, support for IPv6 for all platforms, and policy compilers for iptables and PF. Generation of static routing commands for Cisco IOS and PIX has been implemented. This is a stable version to which all users are encouraged to upgrade.
tags | tool, firewall
systems | cisco, linux, openbsd
MD5 | a53ad035511e6a8a6b4b89e6eacf4485
Mandriva Linux Security Advisory 2009-085
Posted Apr 2, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-085 - Integer overflows in gstreamer0.10-plugins-base Base64 encoding and decoding functions may lead attackers to cause denial of service. Although vector attacks are not known yet. This update provides the fix for that security issue.

tags | advisory, denial of service, overflow
systems | linux, mandriva
advisories | CVE-2009-0586
MD5 | 97bcce888733c2894255e8e21ece1e65
Gentoo Linux Security Advisory 200904-1
Posted Apr 2, 2009
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200904-01 - Multiple vulnerabilities were discovered in Openfire, the worst of which may allow remote execution of arbitrary code. Versions less than 3.6.3 are affected.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2008-6508, CVE-2008-6509, CVE-2008-6510, CVE-2008-6511, CVE-2009-0496, CVE-2009-0497
MD5 | 4b8690a35234a71a9c1a345cf5106c45
Autodesk IDrop Active-X Control
Posted Apr 2, 2009
Authored by Elazar Broad

The Src, Background, PackageXml properties in the Autodesk IDrop Active-X control, IDrop.ocx version 17.1.51.160, can be manipulated to trigger a heap use after free condition resulting in arbitrary remote code execution.

tags | advisory, remote, arbitrary, code execution, activex
MD5 | 9f55a5b229984db40abe2aaef85d4fc6
Asterisk Advisory - Information Leak
Posted Apr 2, 2009
Authored by Tilghman Lesher | Site asterisk.org

Asterisk Project Security Advisory - The Asterisk maintainers have made it so that a scan for valid SIP usernames always returns with the same response.

tags | advisory
advisories | CVE-2008-3903
MD5 | be2252051a83bfcb8730414ae3a8ba49
Tessera 4CMS SQL Injection / Local File Inclusion
Posted Apr 2, 2009
Authored by k1ll3r_null

Tessera 4CMS suffers from remote SQL injection and local file inclusion vulnerabilities.

tags | exploit, remote, local, vulnerability, sql injection, file inclusion
MD5 | db70c054b9a59b887d7f26311ff37ea8
TinyPHPForum 3.61 Shell Upload
Posted Apr 2, 2009
Site securitylab.ru

TinyPHPForum version 3.61 suffers from a shell upload vulnerability.

tags | exploit, shell, file upload
MD5 | e03b37e5da468363e69f14f9c7ca4972
F-PROT ZIP Method Evasion
Posted Apr 2, 2009
Authored by Thierry Zoller

The parsing engine in F-PROT can be bypassed by manipulating the ZIP method field. It is as easy as opening a ZIP file in an editor and typing a number greater than 15 on your keyboard. This is a four year old vulnerability that they still have not patched.

tags | advisory
advisories | CVE-2005-3499
MD5 | d68175ece8ff0131c60bf8dc097a1b8d
IBM / ISS Proventia Evasion
Posted Apr 2, 2009
Authored by Thierry Zoller

The parsing engine in IBM ISS Proventia can be bypassed by manipulating RAR archives in a certain way that the IBM engine cannot extract the content but the end user is able to.

tags | advisory
MD5 | 499804ac3c33ecd28e2c60afdc56cbe9
ClamAV Evasion
Posted Apr 2, 2009
Authored by Thierry Zoller

The parsing engine in Clam AntiVirus versions below 0.95 can be bypassed by manipulating RAR archives in a certain way that ClamAV cannot extract the content but the end user is able to.

tags | advisory
MD5 | eabbfb24e93439c56164c36c85d9f1af
IBM DB2 Denial Of Service
Posted Apr 2, 2009
Authored by Dennis Yurichev

IBM DB2 versions 9.5 prior to Fix Pack 3a denial of service exploit. Requires DB2TEST database present and GUEST account with QQ password to work.

tags | exploit, denial of service
MD5 | b63b08c8a8484eb3b97c6b3b5d63a3fc
IBM DB2 9.5 Pre-Auth Denial Of Service
Posted Apr 2, 2009
Authored by Dennis Yurichev

IBM DB2 versions 9.5 prior to Fix Pack 3a pre-auth denial of service exploit.

tags | exploit, denial of service
MD5 | 55e4db3f6f1aa0d77321ccbed43756e6
ContentKeeper Command Execution
Posted Apr 2, 2009
Authored by Patrick Webster | Site aushack.com

ContentKeeper versions 125.09 and below suffer from remote command execution and privilege escalation vulnerabilities.

tags | advisory, remote, vulnerability
MD5 | 2179cc4777471f9744db2c64488f88d8
ConnX SQL Injection
Posted Apr 2, 2009
Authored by Patrick Webster | Site aushack.com

ConnX version 4.0.20080606 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 3bf4adb9e3265ec9bb49961a8474ece3
Webunit Calendar 1.2 Cross Site Scripting
Posted Apr 2, 2009
Authored by r0ot

Webunit Calendar version 1.2 suffers from a cross site scripting vulnerability in date.php.

tags | exploit, php, xss
MD5 | 2376391505de622fa85e3b768c8b39ae
Debian Linux Security Advisory 1762-1
Posted Apr 2, 2009
Authored by Debian | Site debian.org

Debian Security Advisory 1762-1 - It was discovered that icu, the internal components for Unicode, did not properly sanitise invalid encoded data, which could lead to cross site scripting attacks.

tags | advisory, xss
systems | linux, debian
advisories | CVE-2008-1036
MD5 | 7eb639c9e9f5bba54b7477206034beaf
Crystal Reports Cross Site Scripting
Posted Apr 2, 2009
Authored by BugsNotHugs

SAP BusinessObjects Crystal Reports suffers from multiple cross site scripting vulnerabilities in viewreport.asp.

tags | exploit, vulnerability, xss, asp
MD5 | f391f8998c2e04fe3a91d544d4a595de
File Thingie 2.5.4 Shell Upload
Posted Apr 2, 2009
Authored by Xia Shing Zee

File Thingie version 2.5.4 suffers from an arbitrary shell upload vulnerability.

tags | advisory, arbitrary, shell, file upload
MD5 | 98a27b9e5a0844cf5bed5dc6ebf37582
FortiClient Format String
Posted Apr 2, 2009
Authored by Deral Heiland | Site layereddefense.com

Layered Defense Research Advisory - FortiClient version 3.0.614 suffers from a format string vulnerability.

tags | advisory
MD5 | ca788b063c2555da7d1d6a396e8171ab
Amaya 11.1 XHTML Buffer Overflow
Posted Apr 2, 2009
Authored by C1c4Tr1Z

Amaya version 11.1 suffers from a XHTML parser buffer overflow vulnerability.

tags | exploit, overflow
MD5 | 8d8b43b485d01b4398704c9b1740be9c
OSCommerce Session Fixation
Posted Apr 2, 2009
Authored by TeaM Random | Site etsmtl.ca

OSCommerce suffers from a session fixation vulnerability.

tags | exploit
MD5 | bde4077f75740911242388ec74ddc819
Secunia Security Advisory 34211
Posted Apr 2, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - HP has issued an update for OpenSSL. This fixes a vulnerability, which can be exploited by malicious people to conduct spoofing attacks.

tags | advisory, spoof
MD5 | c140894abdf6b14b09b85624e85c504b
Secunia Security Advisory 34556
Posted Apr 2, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in Atlassian JIRA, which can be exploited by malicious people to conduct HTTP header injection and cross-site scripting attacks.

tags | advisory, web, vulnerability, xss
MD5 | 9a8c479ba2844b6436405d5ebcbd0473
Secunia Security Advisory 34535
Posted Apr 2, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - TaMBarUS has reported a vulnerability in Nokia Siemens Flexi ISN, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory
MD5 | 562684f2f7d8bbb79ff292ea7663354a
Secunia Security Advisory 34565
Posted Apr 2, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in XOOPS Cube Legacy, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss
MD5 | 247928731ab2436ba380dead61b7ab43
Page 1 of 2
Back12Next

File Archive:

April 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    60 Files
  • 2
    Apr 2nd
    20 Files
  • 3
    Apr 3rd
    15 Files
  • 4
    Apr 4th
    5 Files
  • 5
    Apr 5th
    5 Files
  • 6
    Apr 6th
    27 Files
  • 7
    Apr 7th
    31 Files
  • 8
    Apr 8th
    18 Files
  • 9
    Apr 9th
    0 Files
  • 10
    Apr 10th
    0 Files
  • 11
    Apr 11th
    0 Files
  • 12
    Apr 12th
    0 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    0 Files
  • 16
    Apr 16th
    0 Files
  • 17
    Apr 17th
    0 Files
  • 18
    Apr 18th
    0 Files
  • 19
    Apr 19th
    0 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close