what you don't know can hurt you
Showing 1 - 25 of 58 RSS Feed

Files Date: 2010-01-11

2^6 TCP Control Bit Fuzzer
Posted Jan 11, 2010
Authored by ShadowHatesYou

2^6 TCP control bit fuzzer (no ECN or CWR).

tags | tcp, fuzzer
MD5 | 59d4a04e97147571391b2f2ebfe8d7f8
Mandriva Linux Security Advisory 2009-241
Posted Jan 11, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-241 - The strListGetItem function in src/HttpHeaderTools.c in Squid 2.7 allows remote attackers to cause a denial of service via a crafted auth header with certain comma delimiters that trigger an infinite loop of calls to the strcspn function. This update provides a solution to this vulnerability. Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers.

tags | advisory, remote, denial of service
systems | linux, mandriva
advisories | CVE-2009-2855
MD5 | f4986b8ff810c1562933be0272c2e575
Active Calendar 1.2.0 Cross Site Scripting
Posted Jan 11, 2010
Authored by Martin Barbella

Active Calendar version 1.2.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 8ddb497f509cbe2d842bdb59c03f9944
Mandriva Linux Security Advisory 2009-293
Posted Jan 11, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-293 - Buffer overflow in sgLog.c in squidGuard 1.3 and 1.4 allows remote attackers to cause a denial of service (application hang or loss of blocking functionality) via a long URL with many / (slash) characters, related to emergency mode. Multiple buffer overflows in squidGuard 1.4 allow remote attackers to bypass intended URL blocking via a long URL, related to (1) the relationship between a certain buffer size in squidGuard and a certain buffer size in Squid and (2) a redirect URL that contains information about the originally requested URL. squidGuard was upgraded to 1.2.1 for MNF2/CS3/CS4 with additional upstream security and bug fixes patches applied. This update fixes these vulnerabilities. Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers.

tags | advisory, remote, denial of service, overflow, vulnerability
systems | linux, mandriva
advisories | CVE-2009-3700, CVE-2009-3826
MD5 | 293f7739421dfcd4f1fc2955c6437e73
Nginx, Varnish, Cherokee, etc Log Injection
Posted Jan 11, 2010
Authored by Francesco Ongaro, Alessandro Tanasi, Giovanni Pellerano | Site ush.it

Nginx, Varnish, Cherokee, thttpd, mini-httpd, WEBrick, Orion, AOLserver, Yaws and Boa are subject to log escape sequence injection vulnerabilities.

tags | exploit, vulnerability
advisories | CVE-2009-4487, CVE-2009-4488, CVE-2009-4489, CVE-2009-4490, CVE-2009-4491, CVE-2009-4492, CVE-2009-4493, CVE-2009-4494, CVE-2009-4495, CVE-2009-4496
MD5 | e961c5ac151346754ab8fe4a54fa6e8a
TCP Session Hijacking
Posted Jan 11, 2010
Authored by Cheese | Site mycheese.org

This is a brief whitepaper discussing TCP session hijacking.

tags | paper, tcp
MD5 | da64a73cefa644f0393a866d177317ee
Mozilla Firefox 3.5.7 Crash Exploit
Posted Jan 11, 2010
Authored by Securitylab Security Research | Site securitylab.ir

Mozilla Firefox version 3.5.7 remote crash exploit.

tags | exploit, remote, denial of service
MD5 | 4d85f7e1395d8f76b0314523ac3c5e76
Safari 4 Remote Crash Code
Posted Jan 11, 2010
Authored by Securitylab Security Research | Site securitylab.ir

Safari version 4 remote crash exploit.

tags | exploit, remote, denial of service
MD5 | 9270b948e223e9d49f3411d8d12a58ed
Mandriva Linux Security Advisory 2009-316
Posted Jan 11, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-316 - The big2_toUtf8 function in lib/xmltok.c in libexpat in Expat 2.0.1, as used in the XML-Twig module for Perl, allows context-dependent attackers to cause a denial of service (application crash) via an XML document with malformed UTF-8 sequences that trigger a buffer over-read, related to the doProlog function in lib/xmlparse.c, a different vulnerability than and CVE-2009-3720. Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers This update provides a solution to these vulnerabilities. Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. The previous (MDVSA-2009:316-2) updates provided packages for 2008.0/2009.0/2009.1/2010.0/mes5 that did not have an increased release number which prevented the packages from hitting the mirrors.

tags | advisory, denial of service, perl, vulnerability
systems | linux, mandriva
advisories | CVE-2009-3560
MD5 | 74ea6fb6b4ef05a533850c5b278004b5
HP StorageWork 1/8 G2 Tape Autoloader Privilege Escalation
Posted Jan 11, 2010
Authored by Sh2kerr, Elazar Broad | Site dsecrg.com

HP StorageWorks 1/8 G2 Tape Autoloader suffers from denial of service and privilege escalation vulnerabilities.

tags | exploit, denial of service, vulnerability
advisories | CVE-2009-2680
MD5 | 80db7cbe0231e9be01d2ae9920041bfb
SSL Sniffing
Posted Jan 11, 2010
Authored by Aokan | Site knyksl.com

Whitepaper called SSL Sniffing. It discusses the basic use of SSL and what types of attack tools and methodologies exist.

tags | paper
MD5 | ccc23804455e187b044d226ff6feca5a
HTMLDOC .html Buffer Overflow
Posted Jan 11, 2010
Authored by fl0 fl0w

HTMLDOC version 1.9.x-r1629 local .html buffer overflow exploit for Win32.

tags | exploit, overflow, local
systems | windows
MD5 | 9baf734bdf96474f4f1ad797a4bd10b5
Tincan LTD SQL Injection
Posted Jan 11, 2010
Authored by altbta

Tincan LTD suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 7145e5da520a71fe515d7e6e408e6612
Terminal Server License Bypass
Posted Jan 11, 2010
Authored by Zorzan Urban Pawel | Site pawelzorzan.eu

This registry code allows any terminal client access to a Terminal Server. It bypasses the Microsoft "Terminal Server License" and allows the client to create a session on the server without a CAL (Client Access License) or MS Open License. It works on WinNT, Win2000, Win2003 server and Win2008 server.

tags | registry, bypass
systems | windows, nt
MD5 | 41053a7e4a261472d04cdc1eea0cae07
Joomla Dashboard Directory Traversal
Posted Jan 11, 2010
Authored by Fl0riX

The Joomla Dashboard component suffers from a directory traversal vulnerability.

tags | exploit, file inclusion
MD5 | a038361d9a984438c4d2cc351dbea490
Mandriva Linux Security Advisory 2009-227
Posted Jan 11, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-227 - The rad_decode function in FreeRADIUS before 1.1.8 allows remote attackers to cause a denial of service (radiusd crash) via zero-length Tunnel-Password attributes. NOTE: this is a regression error related to CVE-2003-0967. This update provides a solution to this vulnerability. Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers.

tags | advisory, remote, denial of service
systems | linux, mandriva
advisories | CVE-2009-3111
MD5 | 031906b09da3301302b1320b7fd45d99
Image Hosting Script Shell Upload
Posted Jan 11, 2010
Authored by R3d-D3v!L

Image Hosting Script suffers from a shell upload vulnerability.

tags | exploit, shell
MD5 | c0bd3edec7ab1e5e4ffe52a484e74af4
ALPHA3 Shellcode Encoder
Posted Jan 11, 2010
Authored by SkyLined | Site code.google.com

ALPHA3 is an alphanumeric shellcode encoder.

tags | shellcode
MD5 | 403031de84c35d6a3ef104a5f496aa4f
CMScontrol 7.x Shell Upload
Posted Jan 11, 2010
Authored by Cyber_945

CMScontrol version 7.x suffers from an arbitrary file upload vulnerability.

tags | exploit, arbitrary, file upload
MD5 | 236013547d8887a0b462f8c46618c0df
tagcloud.swf Cross Site Scripting
Posted Jan 11, 2010
Authored by MustLive

Approximately 34 million tagcloud.swf files on the Internet suffer from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 26329c4cc36ad86116c549258d2b5ad1
vBulletin adminCP Cross Site Scripting
Posted Jan 11, 2010
Authored by Ashiyane Digital Security Members

vBulletin adminCP version 3.8.4 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 7ce3d0a27ab81cae5590449f7582ddca
Surge-FTP Cross Site Scripting
Posted Jan 11, 2010
Authored by FB1H2S

Surge-FTP suffers from an administrative web interface cross site scripting vulnerability.

tags | exploit, web, xss
MD5 | ba015d145bdddb933c11a03ef9abe48b
JunOS Malformed TCP Options Denial Of Service
Posted Jan 11, 2010
Authored by Jeremy L. Gaddis | Site evilrouters.net

JunOS malformed TCP options remote denial of service exploit.

tags | exploit, remote, denial of service, tcp
MD5 | 97b0eae1f156f772bfe2086c33fbdc50
easyAdmin2Pro Cross Site Scripting
Posted Jan 11, 2010
Authored by lossless | Site secworm.net

easyAdmin2Pro suffers from a cross site scripting vulnerability.

tags | advisory, xss
MD5 | 7fd3e29bcc625413f394182973e478e6
Mandriva Linux Security Advisory 2010-000
Posted Jan 11, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-000 - The nsObserverList::FillObserverArray function in xpcom/ds/nsObserverList.cpp in Mozilla Firefox before 3.5.7 allows remote attackers to cause a denial of service (application crash) via a crafted web site that triggers memory consumption and an accompanying Low Memory alert dialog, and also triggers attempted removal of an observer from an empty observers array. Additionally, some packages which require so, have been rebuilt and are being provided as updates.

tags | advisory, remote, web, denial of service
systems | linux, mandriva
MD5 | b123fa0e1eedf97f96d0694447fc8bb4
Page 1 of 3
Back123Next

File Archive:

August 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    10 Files
  • 2
    Aug 2nd
    8 Files
  • 3
    Aug 3rd
    2 Files
  • 4
    Aug 4th
    1 Files
  • 5
    Aug 5th
    15 Files
  • 6
    Aug 6th
    79 Files
  • 7
    Aug 7th
    16 Files
  • 8
    Aug 8th
    10 Files
  • 9
    Aug 9th
    10 Files
  • 10
    Aug 10th
    0 Files
  • 11
    Aug 11th
    6 Files
  • 12
    Aug 12th
    26 Files
  • 13
    Aug 13th
    15 Files
  • 14
    Aug 14th
    19 Files
  • 15
    Aug 15th
    52 Files
  • 16
    Aug 16th
    11 Files
  • 17
    Aug 17th
    1 Files
  • 18
    Aug 18th
    1 Files
  • 19
    Aug 19th
    18 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close