what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 43 RSS Feed

Files Date: 2010-03-08

Nessus XML-RPC Ruby Library 0.3
Posted Mar 8, 2010
Authored by Vlatko Kosturjak | Site rubyforge.org

nessus-xmlrpc is a Ruby library for the Nessus XML-RPC interface. It comes with an example command line program that shows how easy it is to interact with the Nessus scanner.

Changes: Mostly speed improvements (will use keepalive and nokogiri if available). Support for some new functions. Better documentation.
tags | tool, scanner, ruby
systems | unix
SHA-256 | 4f237befc1fd17197d282b0402cd578e29edc55eb97eb0fc7c973eeee6e1157f
Lenovo Privilege Escalation
Posted Mar 8, 2010
Authored by Chilik Tamir

Lenovo laptops running the Hotkey Driver and Access Connections software versions 5.33 and below suffer from a privilege escalation vulnerability. Full exploitation details provided.

tags | exploit
SHA-256 | d8dc187e0294d4dae1e803d9852012143ae25ce2df1e8b4274d155bb97154a81
OpenSSH 5.4p1
Posted Mar 8, 2010
Authored by Damien Miller | Site openssh.com

This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.

Changes: This is a major feature and bugfix release. Major changes include disabling SSH protocol 1 by default, removal of legacy OpenSC/libsectok smartcard support, addition of PKCS#11 support, introduction of a new certificate authentication method for users and hosts, revised session multiplexing code, many improvements to sftp from the Google Summer of Code 2009, and lots of bugfixes.
tags | encryption
systems | linux, openbsd
SHA-256 | ae96e70d04104824ab10f0d7aaef4584ac96b2a870adfcd8b457d836c8c5404e
Ubuntu Security Notice 907-1
Posted Mar 8, 2010
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 907-1 - It was discovered that gnome-screensaver did not correctly lock all screens when monitors get hotplugged. An attacker with physical access could use this flaw to gain access to a locked session. It was discovered that gnome-screensaver did not correctly handle keyboard grab when monitors get hotplugged. An attacker with physical access could use this flaw to gain access to a locked session. This issue only affected Ubuntu 9.10.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2010-0285, CVE-2010-0422
SHA-256 | 474f008855ca7ea10ad00cea2ab2639b40a6f9d2afb20ec01fb138953ff5bd4b
Tribisur 2.0 Local File Inclusion
Posted Mar 8, 2010
Authored by cr4wl3r

Tribisur versions 2.0 and below suffer from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
SHA-256 | 2b0bb138ee84f919c802a02154f8070073689e03284063521acc501abb291ccd
Spamassassin Milter Plugin Remote Root
Posted Mar 8, 2010
Authored by Kingcope

The Spamassassin Milter plugin suffers from a remote root command execution vulnerability. Full exploit details provided.

tags | exploit, remote, root
SHA-256 | 75cd6d52002b0122839ef452c78b2755836360ff899b51abde576bc341679eb7
BigForum 4.5 SQL Injection
Posted Mar 8, 2010
Authored by Ctacok

BigForum version 4.5 remote SQL injection exploit that dumps user table information.

tags | exploit, remote, sql injection
SHA-256 | f67da6aeef884f55b06974fbebace25be1a39c92352b30e501ad020b94aa9ce7
Known Host Cracker 0.2
Posted Mar 8, 2010
Authored by Rembrandt, Benkei

Known Host Cracker (khc) is a small tool designed to recover hashed known_host files back to their plain-text equivalents.

tags | tool
systems | unix
SHA-256 | a72983ee744d25dfc04d40a965a434d2113971925229e2050b24ca9d099830b0
GeoIPGen IP By Country Generator 0.4
Posted Mar 8, 2010
Authored by Andrew Horton | Site morningstarsecurity.com

GeoIPgen is a country-to-IPs generator. It's a geographic IP generator for IPv4 networks that uses the MaxMind GeoLite Country database. Geoipgen is the first published use of a geographic ip database in reverse to translate from country-to-IPs instead of the usual use of IP-to-country. Features: Random or sorted order, unique or repeating IPs, skips broadcast addresses, one, many or all countries.

Changes: Faster and smaller memory usage. It now uses the fast-random algorithm by default instead of the bit-field method, Re-wrote README file, Simplified usage instructions.
tags | tool, scanner
systems | unix
SHA-256 | b97d378c46c8d7eec969af1eeb0fc11ccda1e1c360df558e358cbf8969c9fbd7
DvBBS 8.2.x Cross Site Scripting
Posted Mar 8, 2010
Authored by Liscker

DvBBS versions 7.1.x through 8.2.x suffer from a cross site scripting vulnerability. This is a variation of the flaw that affected versions prior to 7.1.0.

tags | exploit, xss
SHA-256 | 9f37ed72f976da22a339f1e6361a6815b59198a6686c39e4ab2f066a7299cf6b
Croogo CMS 1.2 Cross Site Scripting
Posted Mar 8, 2010
Authored by Paulino Calderon

Croogo CMS versions 1.2 and below suffer from cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 054008374f67a42198fe905618f0d4efa6eff61cdcfebaf1673a45fc12275af7
Mandriva Linux Security Advisory 2010-057
Posted Mar 8, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-057 - The ap_read_request function in server/protocol.c in the Apache HTTP Server 2.2.x before 2.2.15, when a multithreaded MPM is used, does not properly handle headers in subrequests in certain circumstances involving a parent request that has a body, which might allow remote attackers to obtain sensitive information via a crafted request that triggers access to memory locations associated with an earlier request. Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. The updated packages have been patched to correct this issue.

tags | advisory, remote, web, protocol
systems | linux, mandriva
advisories | CVE-2010-0434
SHA-256 | 562ddf2d69f98ce6039ace5fef36d80678472ed664d7d5d0c3eb8ea20773c0f0
JITed Exec Notepad Shellcode
Posted Mar 8, 2010
Authored by Alexey Sintsov

JITed exec notepad shellcode.

tags | shellcode
SHA-256 | f7f52c6ee5c1adab75dc974e6e122cb739c4d989ca728d781c188a5c2f6343b6
JITed Stage-0 Shellcode
Posted Mar 8, 2010
Authored by Alexey Sintsov

JITed Stage-0 Shellcode. This JIT shellcode finds VirtualProtect, restores the address of the shellcode, makes mem exec and jumps to it.

tags | shellcode
SHA-256 | e071a7ace3c781d63436ad1adf0cb96594c718c351445f8b3b1b2b3f572d530a
Writing JIT-Spray Shellcode For Fun And Profit
Posted Mar 8, 2010
Authored by Alexey Sintsov | Site dsecrg.com

Whitepaper called Writing JIT-Spray Shellcode For Fun And Profit.

tags | paper, shellcode
SHA-256 | c63788300beae3066d70ac6a350d32e8cc1e68446bc632aafb68473e7976af03
Oracle Document Capture Buffer Overflow JIT-Spray
Posted Mar 8, 2010
Authored by Alexey Sintsov | Site dsecrg.com

Oracle Document Capture (EasyMail Objects EMSMTP.DLL version 6.0.1) Active-X control buffer overflow JIT-Spray exploit.

tags | exploit, overflow, activex
SHA-256 | 7a9746300d26475c500c06ecf062e068b9a0e28fd2cf07f465696ee404fd0138
SAP GUI 7.10 WebViewer 3D Active-X JIT-Spray
Posted Mar 8, 2010
Authored by Alexey Sintsov | Site dsecrg.com

SAP GUI version 7.10 WebViewer3D Active-X JIT-Spray exploit.

tags | exploit, activex
SHA-256 | 458ba63f5ff5d557f1a79fc440cbb8e1068f816122c1a6f06f6408d9b76078f0
BBSMAX 3.0 / 4.1 / 4.2 Cross Site Scripting
Posted Mar 8, 2010
Authored by Liscker

BBSMAX versions 3.0, 4.1, and 4.2 suffer from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | e9150514fecb68412d5d2e3fbd59c8c6ab1220a6d61ae6f4c9ee8bbb9c992835
E-Topbiz Link Ads Blind SQL Injection
Posted Mar 8, 2010
Authored by JosS | Site spanish-hackers.com

E-Topbiz Link Ads 1 PHP script suffers from a remote SQL injection vulnerability.

tags | exploit, remote, php, sql injection
SHA-256 | f50a97f705d7d4db462b3f69d05d76e5985ca1a522d45750cd8aad38ec8575ea
TopDownloads MP3 Player 1.0 M3U Crash
Posted Mar 8, 2010
Authored by l3D

TopDownloads MP3 Player version 1.0 crash exploit that creates a malicious .m3u file.

tags | exploit, denial of service
SHA-256 | 748828612c1ccb1e08ebc066a4aaf7c7506639292f65913ef9aae5d9e6acec73
Flare 0.6 Heap Overflow Denial Of Service
Posted Mar 8, 2010
Authored by l3D

Flare versions 0.6 and below local heap overflow denial of service exploit.

tags | exploit, denial of service, overflow, local
SHA-256 | b3d27bcc33b449e871fbb238c6b946edd4a80b55a3871f001fd92a5356dcfbff
Google Chrome 4.0.249 XML Denial Of Service
Posted Mar 8, 2010
Authored by Blade

Google Chrome version 4.0.249 XML denial of service proof of concept exploit.

tags | exploit, denial of service, proof of concept
SHA-256 | df6038505ed4e7b09b5fec8cc3105f88bb88348c6721cafbce284e6fbb0e0dd0
Secunia Security Advisory 38867
Posted Mar 8, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fedora has issued an update for drupal. This fixes some vulnerabilities, which can be exploited by malicious users to conduct script insertion attacks and bypass certain security restrictions.

tags | advisory, vulnerability
systems | linux, fedora
SHA-256 | 58fcb956905707e43ee5b9366423796dbf181aca346a42f8d0ce803e894a1a3e
Secunia Security Advisory 38866
Posted Mar 8, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fedora has issued an update for fetchmail. This fixes a vulnerability, which can potentially be exploited by malicious people to compromise a vulnerable system.

tags | advisory
systems | linux, fedora
SHA-256 | b8c824fc597a86557d15a1a444765edff7bcf60d3469394ea895f02aecf3e0d8
Secunia Security Advisory 38871
Posted Mar 8, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Mr.tro0oqy has discovered a vulnerability in Yahoo! Player, which can be exploited by malicious people to compromise a user's system.

tags | advisory
SHA-256 | f0e276e4c75a5d2650fdc9c62de47555ad6392503bd81dc7ff5edc035e18242b
Page 1 of 2
Back12Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close