exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 10 of 10 RSS Feed

Files Date: 2009-10-19

Finding sysent On OS X 10.6.1
Posted Oct 19, 2009
Authored by boecke

Small write up called finding sysent on OS X 10.6.1. Good information for Mac OS X rootkit writers.

tags | paper
systems | apple, osx
SHA-256 | 1a5b60643b2f08891db208c8e184461731b58a2d29562a6b083d3c69964404f4
Piwik Build 1357 2009-08-02 Remote File Upload
Posted Oct 19, 2009
Authored by boecke

Piwik Build versions 1357 2009-08-02 and below suffer from a remote file upload vulnerability in ofc_upload_image.php that allows for remote command execution.

tags | exploit, remote, php, file upload
SHA-256 | 1a4ced885e76951f022838dffefc439bad5037fa81f9fc25fb73385a257445ed
TBmnetCMS 1.0 Cross Site Scripting
Posted Oct 19, 2009
Authored by drunken danish rednecks

TBmnetCMS version 1.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | e0494629c07b60e4e8d7fcc0fc581b41b020b3bc80071aa41901560ac35c3d03
Barcode Generator 1D 2.0.1 XSS
Posted Oct 19, 2009
Authored by drunken danish rednecks

Barcode Generator 1D version 2.0.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | e6733c1f11efe13c1a3f76718096c9981bc1983d69fdbf8e6c102f55428101fc
3Com OfficeConnect Command Execution
Posted Oct 19, 2009
Authored by Andrea Fabrizi | Site andreafabrizi.it

3Com OfficeConnect routers appear to suffer from password disclosure and remote command execution vulnerabilities.

tags | exploit, remote, vulnerability, info disclosure
SHA-256 | f4915ebc296bd3603c9e336e18437ac196860ed9675bddab482982e82f9ed5a8
Nikto Web Scanner 2.1.0
Posted Oct 19, 2009
Authored by Sullo | Site cirt.net

Nikto is an Open Source web server scanner which performs comprehensive tests against web servers for multiple items, including over 3500 potentially dangerous files/CGIs, versions on over 900 servers, and version specific problems on over 250 servers.

Changes: This version has gone through significant rewrites under the hood to how Nikto works, to make it more expandable and usable.
tags | web, cgi
systems | unix
SHA-256 | d4a405d3376d100335ac5485840386bffae3b7206c1fe2d6df07c5b9b3885430
Finding Remote Command Execution Vulnerabilities
Posted Oct 19, 2009
Authored by SirGod

Whitepaper called How to find RCE in scripts. This write up provides various examples and discusses remote command execution methods used against poorly written PHP code.

tags | paper, remote, php
SHA-256 | 2f2fde57f7982151153355aa3ee97d4515c9dd2fff3b9dada9ae0554cc3a4ea6
Finding Vulnerabilities In PHP Scripts
Posted Oct 19, 2009
Authored by SirGod

Whitepaper called Finding Vulnerabilities in PHP Scripts. This write up comes filled with a large amount of useful examples and even provides fix information.

tags | paper, php, vulnerability
SHA-256 | b66897db584121d2691f15a502d48781c34e1c4bea1a3fe041b00097b17c8307
McKesson HCI Hardcoded Passwords
Posted Oct 19, 2009

McKesson Horizon Clinical Infrastructure, also know as McKesson HCI, utilizes hardcoded passwords for Oracle database access. This is very disturbing considering they claim to be installed in 70% of all hospitals in the United States. Versions 7.6, 7.8, 10.0, and 10.1 are all affected.

tags | exploit
SHA-256 | 338f59674a13cc531fcb34045e62ba3a8b370fcd37fd40240002d1a12b51465c
Debian Linux Security Advisory 1913-1
Posted Oct 19, 2009
Authored by Debian | Site debian.org

Debian Linux Security Advisory 1913-1 - Max Kanat-Alexander, Bradley Baetz, and Frederic Buclin discovered an SQL injection vulnerability in the Bug.create WebService function in Bugzilla, a web-based bug tracking system, which allows remote attackers to execute arbitrary SQL commands.

tags | advisory, remote, web, arbitrary, sql injection
systems | linux, debian
advisories | CVE-2009-3165
SHA-256 | c5d137ab50a744411d6e2e95999268eb1d61eeb1d94d9061a8c3862af477653b
Page 1 of 1
Back1Next

File Archive:

September 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    261 Files
  • 2
    Sep 2nd
    17 Files
  • 3
    Sep 3rd
    38 Files
  • 4
    Sep 4th
    52 Files
  • 5
    Sep 5th
    23 Files
  • 6
    Sep 6th
    27 Files
  • 7
    Sep 7th
    0 Files
  • 8
    Sep 8th
    1 Files
  • 9
    Sep 9th
    16 Files
  • 10
    Sep 10th
    38 Files
  • 11
    Sep 11th
    21 Files
  • 12
    Sep 12th
    40 Files
  • 13
    Sep 13th
    18 Files
  • 14
    Sep 14th
    0 Files
  • 15
    Sep 15th
    0 Files
  • 16
    Sep 16th
    21 Files
  • 17
    Sep 17th
    51 Files
  • 18
    Sep 18th
    23 Files
  • 19
    Sep 19th
    0 Files
  • 20
    Sep 20th
    0 Files
  • 21
    Sep 21st
    0 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close