what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 76 RSS Feed

Files Date: 2009-12-15

CarolinaCon 2010 Call For Papers
Posted Dec 15, 2009
Site carolinacon.org

The CarolinaCon 2010 Call For Papers is now open. It's an annual technology conference to enhance local and global awareness of current technology issues and developments, provide affordable technology education sessions to the unwashed masses, deliver varied/informative/interesting presentations on a wide variety of InfoSec/hacking/technology/science topics, and mix in enough entertainment and side contests/challenges to make for a truly fun event. It will be taking place March 19th through the 21st in Raleigh, NC, USA.

tags | paper, local, conference
SHA-256 | d37ce9a9a0e681a2495bd9a44186a96747fb28e3b6df4b42e705648c7ee0974a
Maketh Packet Generator 0.2.0
Posted Dec 15, 2009
Authored by Simpp | Site simpp-kode.tuxfamily.org

Maketh is a packet generator that supports forging ARP, IP, TCP, UDP, ICMP and the ethernet header as well.

tags | tool, udp, scanner, tcp
systems | unix
SHA-256 | 325da8538e0e34d2682f3a8fb2229a5d92ad2ad2e0e8e3a7c5f5441588e26dbf
SSHatter Brute Forcer 1.0
Posted Dec 15, 2009
Authored by Tim Brown | Site nth-dimension.org.uk

SSHatter is a remote brute force utility that attempts every password from a given list against a target.

Changes: This release adds dumb mode, where SSHatter will check password equals password, username, and blank. It adds sudo mode, where SSHatter will echo the password to STDIN. It adds rudimentry file transfer modes, which also work interactively via "put" and "get". It improves the usage message. There is a new command line interface based on Getops. There is a modular design to allow more code reuse, a new threading model, support for SSH private keys, mass mode for post brute force command execution, and interactive mode for post brute force command execution. Timing attack based username enumeration has been removed for now.
tags | remote
SHA-256 | 9c288bea73f302b726bbb13e21594df22b82f73f874f130fb60e626f3abd3b2a
Ez Blog 1.0 XSS / XSRF
Posted Dec 15, 2009
Authored by Milos Zivanovic

Ez Blog version 1.0 suffers from cross site scripting and cross site request forgery vulnerabilities.

tags | exploit, vulnerability, xss, csrf
SHA-256 | 3d9e37e3bdeb6770d78c3b68ed2d7f630982582b970bd980f31705e123d8eb6b
VMware Security Advisory 2009-0017
Posted Dec 15, 2009
Authored by VMware | Site vmware.com

VMware Security Advisory - VMware vCenter and ESX update releases address cross-site scripting issues in the Help functionality of WebAccess. A vCenter Lab Manager release addresses the same issues which are present in the online Help functionality of Lab Manager and Stage Manager.

tags | advisory, xss
advisories | CVE-2009-3731
SHA-256 | ad97ee3f858b24c20ef37b479f25daa1664aa5fbbf27474c52ab0f780f5a519b
Ez Cart Cross Site Request Forgery
Posted Dec 15, 2009
Authored by Milos Zivanovic

Ez Cart version 1.0 suffers from multiple cross site request forgery vulnerabilities.

tags | exploit, vulnerability, csrf
SHA-256 | 486f84047b0def23ef93831af538d10e14718af218ad1c58de9cfd9e95bddc18
SitioOnline SQL Injection
Posted Dec 15, 2009
Authored by 4lG3r14n0-t3r0

SitioOnline suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 645dd628d6fa339d16d045b6aec3f3cf815b686c6ec79e9f7ed93383d259d0e1
DesigNsbyjm CMS 1.0 SQL Injection
Posted Dec 15, 2009
Authored by R3d-D3v!L

DesigNsbyjm CMS versions 1.0 and below suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 3b177d14ab9abda4ac27844655b68d31929cc8f51fbfa70d664b0080757618c4
Mandriva Linux Security Advisory 2009-333
Posted Dec 15, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-333 - NULL Bytes in SSL Certificates can be used to falsify client or server authentication. This only affects users who have SSL enabled, perform certificate name validation or client certificate authentication, and where the Certificate Authority (CA) has been tricked into issuing invalid certificates. The use of a CA that can be trusted to always issue valid certificates is recommended to ensure you are not vulnerable to this issue. Privilege escalation via changing session state in an index function. This closes a corner case related to vulnerabilities and CVE-2007-6600. Packages for 2008.0 are being provided due to extended support for Corporate products. This update provides a solution to these vulnerabilities.

tags | advisory, vulnerability
systems | linux, mandriva
advisories | CVE-2009-4034, CVE-2009-4136
SHA-256 | b0183b27a8fc7627f3bd44ab708862e840411e39f26ee2fa2b5bfe9cb3094727
Ez Faq Maker 1.0 XSS / XSRF
Posted Dec 15, 2009
Authored by Milos Zivanovic

Ez Faq Maker version 1.0 suffers from cross site scripting and cross site request forgery vulnerabilities.

tags | exploit, vulnerability, xss, csrf
SHA-256 | e979b9e9de3a4c6d4bdfedf7f9823e62f169374179b0d89faefa81109155ebb8
Orkut Cross Site Scripting
Posted Dec 15, 2009
Authored by Sanjay Kumar

Orkut suffered from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | db1549deb503e0b9be8f7cda798c073812d06cd25c35097adc9392f8943a4b0f
Ez News Manager / Pro XSRF
Posted Dec 15, 2009
Authored by Milos Zivanovic

Ez News Manager version 1.0 and Ez News Manager Pro version 1.0 suffer from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | 6f5257f1e963893c7c5c2b25a8b3b7c6e7f12d22d06386e129509ef4cfb369a9
Daloradius Cross Site Scripting
Posted Dec 15, 2009
Authored by Hadi Kiamarsi

Daloradius suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 7ed9b3d402b2f1b18f0d9188b3bdc0b2f0feaf14554e47819d2db1f82dd06f27
Debian Linux Security Advisory 1952-2
Posted Dec 15, 2009
Authored by Debian | Site debian.org

Debian Linux Security Advisory 1952-2 - Security support for asterisk, an Open Source PBX and telephony toolkit, has been discontinued for the oldstable distribution (etch). The current version in oldstable is not supported by upstream anymore and is affected by several security issues. Backporting fixes for these and any future issues has become unfeasible and therefore we need to drop our security support for the version in oldstable. We recommend that all asterisk users upgrade to the stable distribution (lenny).

tags | advisory
systems | linux, debian
SHA-256 | 021275fdf9e51fcec29ac84ce415ca00deeda476db1897193b4a0a11f4097b57
Debian Linux Security Advisory 1952-1
Posted Dec 15, 2009
Authored by Debian | Site debian.org

Debian Linux Security Advisory 1952-1 - Several vulnerabilities have been discovered in asterisk, an Open Source PBX and telephony toolkit.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2009-0041, CVE-2008-3903, CVE-2009-3727, CVE-2008-7220, CVE-2009-4055, CVE-2007-2383
SHA-256 | faf28e0f95aa626b6c760797521d9fa403127fec95339438e518b3884089b3b6
ClickTrackerASP SQL Injection
Posted Dec 15, 2009
Authored by R3d-D3v!L

ClickTrackerASP suffers from a remote SQL injection vulnerability in sitedetails.asp.

tags | exploit, remote, sql injection, asp
SHA-256 | d2d418a68891c16750e95f7ddb92bfb20159995c37d45fdb8415dc9587b09f1c
LinkPal 1.0 SQL Injection
Posted Dec 15, 2009
Authored by R3d-D3v!L

LinkPal version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 0bf6e3d01af58b012f999de5ca498262b2c73a89758ecbc5ac0a30a1a176254d
DubSite CMS 1.0 Cross Site Request Forgery
Posted Dec 15, 2009
Authored by Connection

DubSite CMS version 1.0 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | 37dfa00e0df1ed684660b0f815d142220760ab688b11387a59c89a1cff04496e
Debian Linux Security Advisory 1951-1
Posted Dec 15, 2009
Authored by Debian | Site debian.org

Debian Linux Security Advisory 1951-1 - It was discovered that firefox-sage, a lightweight RSS and Atom feed reader for Firefox, does not sanitize the RSS feed information correctly, which makes it prone to a cross-site scripting and a cross-domain scripting attack.

tags | advisory, xss
systems | linux, debian
advisories | CVE-2009-4102
SHA-256 | c80f82a7197eb6d7e81f60bc024f5721e4cab0e085e58e6e4fe6d74ada0b6bc1
Trango Broadband Wireless Interception
Posted Dec 15, 2009
Authored by Blair

Trango Broadband Wireless suffers from an authentication vulnerability that allows for interception of ethernet packets.

tags | exploit
SHA-256 | 23cbf9b6894731923d58fd80f00fae75f0581ee7446c33e24eea70f97e735b1c
Imageshack.us Cross Site Scripting
Posted Dec 15, 2009
Authored by Nishant Soni | Site secworm.net

Imageshack.us suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | f8fd72b551947dc94d879b61782c579ae459c53e15878345ad260da2c77f2b00
PasswordManager Pro 6.1 Script Injection
Posted Dec 15, 2009
Authored by Stefan Friedli | Site scip.ch

PasswordManager Pro version 6.1 suffers from a script injection vulnerability.

tags | advisory
SHA-256 | 97a0692fe921ee6828b4f509b527f663ac5568530560b276cdbfd024d50bca26
WSCreator 1.1 Blind SQL Injection
Posted Dec 15, 2009
Authored by Salvatore Fresta

WSCreator version 1.1 suffers from a remote blind SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 4fd851f098147fa6c93f94ef2c84f7f5ba5e8d31b889d3255c53d187662a8418
pyForum 1.0.3 XSS / XSRF
Posted Dec 15, 2009
Authored by Nam Nguyen | Site bluemoon.com.vn

pyForum version 1.0.3 suffers from cross site scripting and cross site request forgery vulnerabilities.

tags | advisory, vulnerability, xss, csrf
SHA-256 | 73b24a6183e043a15a27f30db6601bc79574df6fd6831a1c33404044a920c174
Generic Random Remote Fuzzer
Posted Dec 15, 2009
Authored by Jeremy Brown

This small perl script is a generic random remote fuzzer.

tags | remote, perl, fuzzer
SHA-256 | f4bddba1bc5967ea0646d047d5e4b798651d79d68b89137957542fd3a0fcb94b
Page 1 of 4
Back1234Next

File Archive:

February 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    11 Files
  • 2
    Feb 2nd
    9 Files
  • 3
    Feb 3rd
    5 Files
  • 4
    Feb 4th
    0 Files
  • 5
    Feb 5th
    0 Files
  • 6
    Feb 6th
    9 Files
  • 7
    Feb 7th
    0 Files
  • 8
    Feb 8th
    0 Files
  • 9
    Feb 9th
    0 Files
  • 10
    Feb 10th
    0 Files
  • 11
    Feb 11th
    0 Files
  • 12
    Feb 12th
    0 Files
  • 13
    Feb 13th
    0 Files
  • 14
    Feb 14th
    0 Files
  • 15
    Feb 15th
    0 Files
  • 16
    Feb 16th
    0 Files
  • 17
    Feb 17th
    0 Files
  • 18
    Feb 18th
    0 Files
  • 19
    Feb 19th
    0 Files
  • 20
    Feb 20th
    0 Files
  • 21
    Feb 21st
    0 Files
  • 22
    Feb 22nd
    0 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close