exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 9 of 9 RSS Feed

Files Date: 2010-02-06

Dradis Information Sharing Tool 2.5.0
Posted Feb 6, 2010
Authored by etd | Site dradis.nomejortu.com

dradis is a tool for sharing information during security testing. While plenty of tools exist to help in the different stages of the test, not so many exist to share interesting information captured. When a team of testers is working on the same set of targets, having a common repository of information is essential to avoid duplication of efforts.

Changes: The Note editor (Textile) was improved. An HTML export plugin was added for producing reports in HTML format. A Nikto Upload plugin was added. A Burp Upload plugin was added. The "First Time User Wizard" introduction was improved. You can keep track of all the activity with the built-in RSS feed. A new Rake task was added: dradis:backup. Rake dradis:reset now creates a backup of the project by default. Rake dradis:reset now clears the old log files. The structure of the Nmap Upload plugin data was improved. The ExtJS 3.0 and Rails 2.3.5 libraries were upgraded. Bugs were fixed.
tags | web
SHA-256 | 6aa5c7bee5feba563d7a4c7e7153dd36d919758b69278e3d235c5ed61adc7bbb
Netsniff-NG High Performance Sniffer 0.5.4.1
Posted Feb 6, 2010
Authored by Netsniff-NG Workgroup | Site netsniff-ng.org

netsniff-ng is a high performance linux network sniffer for packet inspection. Basically, it is similar to tcpdump, but it doesn't need syscalls for fetching packets. Instead, it uses an memory mapped area within kernelspace for accessing packets without the need of copying them to userspace ('zero-copy' mechanism). Therefore, netsniff-ng is libpcap independent. netsniff-ng can be used for protocol analysis and reverse engineering, network debugging, measurement of performance throughput or network statistics creation of incoming packets on central network nodes like routers or firewalls.

tags | tool, sniffer, protocol
systems | linux
SHA-256 | d31e8724e6e37c55352f57e32e959bb6bdd8a95aa3e3a9b63f1818e4b3a5fac9
Core Security Technologies Advisory 2010.0121
Posted Feb 6, 2010
Authored by Core Security Technologies, Dan Crowley | Site coresecurity.com

Core Security Technologies Advisory - This advisory describes multiple vulnerabilities based on quirks in how Windows handles file names. Nginx, Cherokee, Mongoose, and LightTPD webservers suffer from related vulnerabilities. Details are provided.

tags | exploit, vulnerability
systems | windows
SHA-256 | d14c8eb014b778de314270ccadfa10820be40c7e4cb58c2ae40cd08b564722b4
Flex MySQL Connector SQL Injection
Posted Feb 6, 2010
Authored by DungPQ

Flex MySQL Connector suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 7d5283010c579cc16c42092f05c8c7b76bdd3562d76363dc51e5fde0db0d15f6
Core Security Technologies Advisory 2010.0104
Posted Feb 6, 2010
Authored by Core Security Technologies, Adrian Manrique, Aureliano Calvo | Site coresecurity.com

Core Security Technologies Advisory - A security vulnerability was discovered in LANDesk Management Suite: a cross-site request forgery which allows an external remote attacker to make a command injection that can be used to execute arbitrary code using the webserver user. As a result, an attacker can remove the firewall and load a kernel module, allowing root access to the appliance. It also can be used as a non-persistent XSS.

tags | exploit, remote, arbitrary, kernel, root, csrf
advisories | CVE-2010-0368, CVE-2010-0369
SHA-256 | 503f2b9ce130e8c9fd7df36be1f7004846c5609f67a25cc3666a370cdbd97a49
Wippien Flawed Key Negotiation
Posted Feb 6, 2010
Authored by Michael Rossberg

Wippien suffers from a flawed key negotiation vulnerability.

tags | advisory
SHA-256 | 1fea0eab05d989b17d3a4de24b417422ef10def3d47b9dfcb7daba641c1851b8
MySQL yaSSL CertDecoder::GetName Buffer Overflow
Posted Feb 6, 2010
Authored by jduck | Site metasploit.com

This Metasploit module exploits a stack buffer overflow in the yaSSL (1.9.8 and earlier) implementation bundled with MySQL. By sending a specially crafted client certificate, an attacker can execute arbitrary code. This vulnerability is present within the CertDecoder::GetName function inside ./taocrypt/src/asn.cpp. However, the stack buffer that is written to exists within a parent function stack frame. NOTE: This vulnerability requires a non-default configuration. First, the attacker must be able to pass the host-based authentication. Next, the server must be configured to listen on an accessible network interface. Lastly, the server must have been manually configured to use SSL. The binary from version 5.5.0-m2 was built with /GS and /SafeSEH. During testing on Windows XP SP3, these protections successfully prevented exploitation. Testing was also done with mysql on Ubuntu 9.04. Although the vulnerable code is present, both version 5.5.0-m2 built from source and version 5.0.75 from a binary package were not exploitable due to the use of the compiler's FORTIFY feature. Although suse11 was mentioned in the original blog post, the binary package they provide does not contain yaSSL or support SSL.

tags | exploit, overflow, arbitrary
systems | linux, windows, ubuntu
SHA-256 | 868f484555ca4e2ef05eee6be5d7e2e2ec89c6ff75cf71a830c02560e0887213
Novell iPrint Client ActiveX Control Date/Time Buffer Overflow
Posted Feb 6, 2010
Authored by jduck | Site metasploit.com

This Metasploit module exploits a stack overflow in Novell iPrint Client 5.30. When passing a specially crafted date/time string via certain parameters to ienipp.ocx an attacker can execute arbitrary code. NOTE: The "operation" variable must be set to a valid command in order to reach this vulnerability.

tags | exploit, overflow, arbitrary
advisories | CVE-2009-1569
SHA-256 | d7a900baf7b2a1781f51cf39aaa60a9ff5c046184121c6bec715419a7d4484f4
Novell iPrint Client ActiveX Control target-frame Buffer Overflow
Posted Feb 6, 2010
Authored by jduck | Site metasploit.com

This Metasploit module exploits a stack overflow in Novell iPrint Client 5.30. When passing an overly long string via the "target-frame" parameter to ienipp.ocx an attacker can execute arbitrary code. NOTE: The "operation" variable must be set to a valid command in order to reach this vulnerability.

tags | exploit, overflow, arbitrary
advisories | CVE-2009-1568
SHA-256 | 2f8085ff43c3d34d0a072cc5968db8e5067ac13f456d0d219eb9a570a2f06338
Page 1 of 1
Back1Next

File Archive:

February 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    11 Files
  • 2
    Feb 2nd
    9 Files
  • 3
    Feb 3rd
    5 Files
  • 4
    Feb 4th
    0 Files
  • 5
    Feb 5th
    0 Files
  • 6
    Feb 6th
    9 Files
  • 7
    Feb 7th
    0 Files
  • 8
    Feb 8th
    0 Files
  • 9
    Feb 9th
    0 Files
  • 10
    Feb 10th
    0 Files
  • 11
    Feb 11th
    0 Files
  • 12
    Feb 12th
    0 Files
  • 13
    Feb 13th
    0 Files
  • 14
    Feb 14th
    0 Files
  • 15
    Feb 15th
    0 Files
  • 16
    Feb 16th
    0 Files
  • 17
    Feb 17th
    0 Files
  • 18
    Feb 18th
    0 Files
  • 19
    Feb 19th
    0 Files
  • 20
    Feb 20th
    0 Files
  • 21
    Feb 21st
    0 Files
  • 22
    Feb 22nd
    0 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close