exploit the possibilities
Showing 1 - 25 of 46 RSS Feed

Files Date: 2009-05-24

IPT_PKD Iptables Port Knocking Detection
Posted May 24, 2009
Authored by eric

ipt_pkd is an iptables extension implementing port knock detection. This project provides 3 parts: the kernel module ipt_pkd, the iptables user space module libipt_pkd.so, and a user space client knock program. For the knock packet, it uses a UDP packet sent to a random port that contains a SHA-256 of a timestamp, small header, random bytes, and a shared key. ipt_pkd checks the time window of the packet and does the SHA-256 to verify the packet. The shared key is never sent.

Changes: This version adds support for libxtables, iptables 1.4.3.2, and Linux kernel 2.6.29. A port config option was added on the Python knock, so you don't have to have a bunch of UDP ports open on a firewall to pass a knock through to an internal client.
tags | tool, kernel, udp, firewall
systems | linux
MD5 | fd6b09b282210087285ef4630ab6746b
PDFResurrect PDF Analyzer 0.6
Posted May 24, 2009
Authored by enferex | Site 757labs.com

PDFResurrect is a tool aimed at analyzing PDF documents. The PDF format allows for previous document changes to be retained in a more recent version of the document, thereby creating a running history of changes for the document. This tool attempts to extract all previous versions while also producing a summary of changes between versions. It can also "scrub" or write data over the original instances of PDF objects that have been modified or deleted, in an effort to disguise information from previous versions that might not be intended for anyone else to read.

Changes: No bugs were fixed. Some additions were made to the build system and a man page was added, but no tool functionality additions were made. The AUTHORS file was added. The install, uninstall, distclean, and .phony targets in Makefile.in were added or modified.
tags | tool, forensics
MD5 | 4b9c5847319515b9e0fa9f655da633e4
Gentoo Linux Security Advisory 200905-3
Posted May 24, 2009
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200905-03 - Multiple errors in the IPSec Tools racoon daemon might allow remote attackers to cause a Denial of Service. Versions less than 0.7.2 are affected.

tags | advisory, remote, denial of service
systems | linux, gentoo
advisories | CVE-2009-1574, CVE-2009-1632
MD5 | dd2fee55b7ddf87f02ac6dd6a4971725
Gentoo Linux Security Advisory 200905-2
Posted May 24, 2009
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200905-02 - Multiple vulnerabilities in Cscope might allow for the remote execution of arbitrary code. James Peach of Apple discovered a stack-based buffer overflow in cscope's handling of long file system paths. Multiple stack-based buffer overflows were reported in the putstring function when processing an overly long function name or symbol in a source code file. Versions less than 15.7a are affected.

tags | advisory, remote, overflow, arbitrary, vulnerability
systems | linux, apple, gentoo
advisories | CVE-2009-0148, CVE-2009-1577
MD5 | b4605d9a7bc97fe481841fa1383f0499
Saman Portal SQL Injection
Posted May 24, 2009
Authored by Securitylab Security Research | Site securitylab.ir

Saman Portal suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | fcb1639cbde08afc33e767980b389f37
BASE Persistent / Reflective XSS
Posted May 24, 2009
Authored by Jabra

BASE, the Basic Analysis and Security Engine, suffers from persistent and reflective cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 203c1c096b58954a61d4cfec2c98f99c
Mandriva Linux Security Advisory 2009-122
Posted May 24, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-122 - The map_yp_alias function in functions/imap_general.php in SquirrelMail before 1.4.19 allows remote attackers to execute arbitrary commands via shell metacharacters in a username string that is used by the ypmatch program. The updated packages have been upgraded to the latest version of squirrelmail to prevent this.

tags | advisory, remote, arbitrary, shell, php
systems | linux, mandriva
advisories | CVE-2009-1381
MD5 | ddbc13dbfcda67745ca153e312f27a0c
phpWebFileManager 1.11 Bypass / Shell Upload
Posted May 24, 2009
Authored by Hakxer

phpWebFileManager version 1.11 suffers from bypass, cookie grabbing, and shell upload vulnerabilities.

tags | exploit, shell, vulnerability, bypass
MD5 | a0919860fe4bca2c23449ec55aacb9f7
Mole Group Restaurant Directory 3.0 Password Changer
Posted May 24, 2009
Authored by G4N0K

Mole Group Restaurant Directory Script version 3.0 remote administrative password changing exploit.

tags | exploit, remote
MD5 | 7a2f691248ffa34890b79df8b2e4f9e0
Mole Group Sky Hunter / Bus Ticket Scripts Password Changer
Posted May 24, 2009
Authored by G4N0K

Mole Group Sky Hunter / Bus Ticket Scripts administrative password changing exploit.

tags | exploit
MD5 | 4357cbb181b7d9f7f22602b23b379ce0
Cute Editor File Disclosure
Posted May 24, 2009
Authored by Securitylab Security Research | Site securitylab.ir

Cute Editor suffers from a remote file disclosure vulnerability.

tags | exploit, remote, info disclosure
MD5 | 7a48e00be3009c729f6e6dd930d3daa0
ZaoCMS Remote File Upload
Posted May 24, 2009
Authored by Qabandi

ZaoCMS suffers from an arbitrary remote file upload vulnerability.

tags | exploit, remote, arbitrary, file upload
MD5 | d897148237fcd110054393e5199d2cb4
ZaoCMS Remote Password Changer
Posted May 24, 2009
Authored by ThE g0bL!N | Site h4ckf0ru.com

ZaoCMS remote password changing exploit that leverages user_updated.php.

tags | exploit, remote, php
MD5 | f51cffa7a4e081788d5682a365aba1b8
ZaoCMS SQL Injection
Posted May 24, 2009
Authored by Qabandi

ZaoCMS suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 69c0db3dd8ba90c07b50d1c2b3779d93
Debian Linux Security Advisory 1806-1
Posted May 24, 2009
Authored by Debian | Site debian.org

Debian Security Advisory 1806-1 - Matt Murphy discovered that cscope, a source code browsing tool, does not verify the length of file names sourced in include statements, which may potentially lead to the execution of arbitrary code through specially crafted source code files.

tags | advisory, arbitrary
systems | linux, debian
advisories | CVE-2009-0148
MD5 | cbceefb51df9932f2ab9fbba927e301d
Debian Linux Security Advisory 1805-1
Posted May 24, 2009
Authored by Debian | Site debian.org

Debian Security Advisory 1805-1 - Several vulnerabilities have been discovered in Pidgin, a graphical multi-protocol instant messaging client.

tags | advisory, vulnerability, protocol
systems | linux, debian
advisories | CVE-2009-1373, CVE-2009-1375, CVE-2009-1376
MD5 | 099ac930c7f745cca80f9f2ef9a38fb7
IPFilter 4.1.31 Buffer Overflow
Posted May 24, 2009
Authored by Maksymilian Arciemowicz | Site securityreason.com

IPFilter (ippool) version 4.1.31 suffers from a buffer overflow vulnerability in lib/load_http.c.

tags | advisory, overflow
advisories | CVE-2009-1476
MD5 | 5a9488d764e62682621feab816e864e8
Panda Generic Evasion
Posted May 24, 2009
Authored by Thierry Zoller

The Panda parsing engine can be bypassed by a specially crafted RAR archive.

tags | advisory
MD5 | 67c98014c48cd1d4c3e2aac59ee5de70
Panda Generic Evasion
Posted May 24, 2009
Authored by Thierry Zoller

The Panda parsing engine can be bypassed by a specially crafted CAB archive.

tags | advisory
MD5 | f916a141a012033a697222301e289494
LxBlog XSS / SQL Injection
Posted May 24, 2009
Authored by Securitylab Security Research | Site securitylab.ir

LxBlog suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
MD5 | 3dadfedd48b6f5a209bc965a8dc8532e
Debian Linux Security Advisory 1802-2
Posted May 24, 2009
Authored by Debian | Site debian.org

Debian Security Advisory 1802-2 - Michal Hlavinka discovered that the fix for code execution in the map_yp_alias function, known as CVE-2009-1579 and released in DSA 1802-1, was incomplete. This update corrects the fix for that function.

tags | advisory, code execution
systems | linux, debian
advisories | CVE-2009-1578, CVE-2009-1579, CVE-2009-1580, CVE-2009-1581, CVE-2009-1381
MD5 | 2cc05e605e5e4b13344d7fd95bb0546a
Tutorial Share 3.5.0 Insecure Cookie
Posted May 24, 2009
Authored by Evil-Cod3r | Site creativexploit.com

Tutorial Share versions 3.5.0 and below suffer from an insecure cookie handling vulnerability.

tags | exploit, insecure cookie handling
MD5 | 101f6e9ed14abdaa8c8035ef24209926
WinAMP 5.551 MAKI Integer Overflow
Posted May 24, 2009
Authored by n00b

WinAMP version 5.551 MAKI parsing integer overflow proof of concept exploit.

tags | exploit, overflow, proof of concept
MD5 | 4047efabe9944f36c973125a82c2c209
WinAMP 5.55 Integer Overflow
Posted May 24, 2009
Authored by Encrypt3d.M!nd

WinAMP versions 5.55 and below MAKI script universal integer overflow exploit.

tags | exploit, overflow
MD5 | fe8ab3257744d524527ee9fe18362af8
WinAMP 5.55 SEH Overwrite
Posted May 24, 2009
Authored by His0k4

WinAMP versions 5.55 and below MAKI script universal SEH overwrite exploit.

tags | exploit
MD5 | a0430ef157f9f7537821ddba4dabc5b4
Page 1 of 2
Back12Next

File Archive:

November 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    28 Files
  • 2
    Nov 2nd
    1 Files
  • 3
    Nov 3rd
    1 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    19 Files
  • 6
    Nov 6th
    65 Files
  • 7
    Nov 7th
    22 Files
  • 8
    Nov 8th
    18 Files
  • 9
    Nov 9th
    1 Files
  • 10
    Nov 10th
    1 Files
  • 11
    Nov 11th
    11 Files
  • 12
    Nov 12th
    65 Files
  • 13
    Nov 13th
    27 Files
  • 14
    Nov 14th
    22 Files
  • 15
    Nov 15th
    18 Files
  • 16
    Nov 16th
    1 Files
  • 17
    Nov 17th
    3 Files
  • 18
    Nov 18th
    22 Files
  • 19
    Nov 19th
    16 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close