Exploit the possiblities
Showing 1 - 25 of 43 RSS Feed

Files Date: 2010-03-08

Nessus XML-RPC Ruby Library 0.3
Posted Mar 8, 2010
Authored by Vlatko Kosturjak | Site rubyforge.org

nessus-xmlrpc is a Ruby library for the Nessus XML-RPC interface. It comes with an example command line program that shows how easy it is to interact with the Nessus scanner.

Changes: Mostly speed improvements (will use keepalive and nokogiri if available). Support for some new functions. Better documentation.
tags | tool, scanner, ruby
systems | unix
MD5 | 23bdc28e21bcf552777d338a9f54b94e
Lenovo Privilege Escalation
Posted Mar 8, 2010
Authored by Chilik Tamir

Lenovo laptops running the Hotkey Driver and Access Connections software versions 5.33 and below suffer from a privilege escalation vulnerability. Full exploitation details provided.

tags | exploit
MD5 | 197dc1c38c9c66cd38cc4d3ffe457f76
OpenSSH 5.4p1
Posted Mar 8, 2010
Authored by Damien Miller | Site openssh.com

This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.

Changes: This is a major feature and bugfix release. Major changes include disabling SSH protocol 1 by default, removal of legacy OpenSC/libsectok smartcard support, addition of PKCS#11 support, introduction of a new certificate authentication method for users and hosts, revised session multiplexing code, many improvements to sftp from the Google Summer of Code 2009, and lots of bugfixes.
tags | encryption
systems | linux, openbsd
MD5 | da10af8a789fa2e83e3635f3a1b76f5e
Ubuntu Security Notice 907-1
Posted Mar 8, 2010
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 907-1 - It was discovered that gnome-screensaver did not correctly lock all screens when monitors get hotplugged. An attacker with physical access could use this flaw to gain access to a locked session. It was discovered that gnome-screensaver did not correctly handle keyboard grab when monitors get hotplugged. An attacker with physical access could use this flaw to gain access to a locked session. This issue only affected Ubuntu 9.10.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2010-0285, CVE-2010-0422
MD5 | 0779341d5cb6e3ff11a2489dcba18547
Tribisur 2.0 Local File Inclusion
Posted Mar 8, 2010
Authored by cr4wl3r

Tribisur versions 2.0 and below suffer from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
MD5 | b57f7e0fba10b70409a963b0229fc35a
Spamassassin Milter Plugin Remote Root
Posted Mar 8, 2010
Authored by Kingcope

The Spamassassin Milter plugin suffers from a remote root command execution vulnerability. Full exploit details provided.

tags | exploit, remote, root
MD5 | 65f987b29f0f557007bd95469466936d
BigForum 4.5 SQL Injection
Posted Mar 8, 2010
Authored by Ctacok

BigForum version 4.5 remote SQL injection exploit that dumps user table information.

tags | exploit, remote, sql injection
MD5 | 441885aaaffc20d9973a7ed18a3ca858
Known Host Cracker 0.2
Posted Mar 8, 2010
Authored by Rembrandt, Benkei

Known Host Cracker (khc) is a small tool designed to recover hashed known_host files back to their plain-text equivalents.

tags | tool
systems | unix
MD5 | 00cea61517d93313c4a73cca64c0238e
GeoIPGen IP By Country Generator 0.4
Posted Mar 8, 2010
Authored by Andrew Horton (urbanadventurer) | Site morningstarsecurity.com

GeoIPgen is a country-to-IPs generator. It's a geographic IP generator for IPv4 networks that uses the MaxMind GeoLite Country database. Geoipgen is the first published use of a geographic ip database in reverse to translate from country-to-IPs instead of the usual use of IP-to-country. Features: Random or sorted order, unique or repeating IPs, skips broadcast addresses, one, many or all countries.

Changes: Faster and smaller memory usage. It now uses the fast-random algorithm by default instead of the bit-field method, Re-wrote README file, Simplified usage instructions.
tags | tool, scanner
systems | unix
MD5 | edae9618c3413be8e380f1e10b5b91dd
DvBBS 8.2.x Cross Site Scripting
Posted Mar 8, 2010
Authored by Liscker

DvBBS versions 7.1.x through 8.2.x suffer from a cross site scripting vulnerability. This is a variation of the flaw that affected versions prior to 7.1.0.

tags | exploit, xss
MD5 | 3cd304f7bfac9d084dea5dd5ad646661
Croogo CMS 1.2 Cross Site Scripting
Posted Mar 8, 2010
Authored by Paulino Calderon

Croogo CMS versions 1.2 and below suffer from cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 66e088097bda0faa94a082415c6c2e38
Mandriva Linux Security Advisory 2010-057
Posted Mar 8, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-057 - The ap_read_request function in server/protocol.c in the Apache HTTP Server 2.2.x before 2.2.15, when a multithreaded MPM is used, does not properly handle headers in subrequests in certain circumstances involving a parent request that has a body, which might allow remote attackers to obtain sensitive information via a crafted request that triggers access to memory locations associated with an earlier request. Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. The updated packages have been patched to correct this issue.

tags | advisory, remote, web, protocol
systems | linux, mandriva
advisories | CVE-2010-0434
MD5 | c235dd13d9ace6a2ca8327b6437ee2a6
JITed Exec Notepad Shellcode
Posted Mar 8, 2010
Authored by Alexey Sintsov

JITed exec notepad shellcode.

tags | shellcode
MD5 | b15fa36a2f9128b2f690400ae91f85a5
JITed Stage-0 Shellcode
Posted Mar 8, 2010
Authored by Alexey Sintsov

JITed Stage-0 Shellcode. This JIT shellcode finds VirtualProtect, restores the address of the shellcode, makes mem exec and jumps to it.

tags | shellcode
MD5 | 0d7fb99e6c6d84c075b2d24543bc6ae4
Writing JIT-Spray Shellcode For Fun And Profit
Posted Mar 8, 2010
Authored by Alexey Sintsov | Site dsecrg.com

Whitepaper called Writing JIT-Spray Shellcode For Fun And Profit.

tags | paper, shellcode
MD5 | 2b22c0c79fdfac6d6ec759fe2a2845be
Oracle Document Capture Buffer Overflow JIT-Spray
Posted Mar 8, 2010
Authored by Alexey Sintsov | Site dsecrg.com

Oracle Document Capture (EasyMail Objects EMSMTP.DLL version 6.0.1) Active-X control buffer overflow JIT-Spray exploit.

tags | exploit, overflow, activex
MD5 | 2deece0e4a04e5d2d2964754202e5dfa
SAP GUI 7.10 WebViewer 3D Active-X JIT-Spray
Posted Mar 8, 2010
Authored by Alexey Sintsov | Site dsecrg.com

SAP GUI version 7.10 WebViewer3D Active-X JIT-Spray exploit.

tags | exploit, activex
MD5 | ecdcfd44aa28996e595d1ad2416aaf39
BBSMAX 3.0 / 4.1 / 4.2 Cross Site Scripting
Posted Mar 8, 2010
Authored by Liscker

BBSMAX versions 3.0, 4.1, and 4.2 suffer from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 77cf5fd95efa29c6997e74768c398f23
E-Topbiz Link Ads Blind SQL Injection
Posted Mar 8, 2010
Authored by JosS | Site spanish-hackers.com

E-Topbiz Link Ads 1 PHP script suffers from a remote SQL injection vulnerability.

tags | exploit, remote, php, sql injection
MD5 | dbed7948c8c4df7ce440b1a068501805
TopDownloads MP3 Player 1.0 M3U Crash
Posted Mar 8, 2010
Authored by l3D

TopDownloads MP3 Player version 1.0 crash exploit that creates a malicious .m3u file.

tags | exploit, denial of service
MD5 | 147839fea06f877a9bc57766373c2860
Flare 0.6 Heap Overflow Denial Of Service
Posted Mar 8, 2010
Authored by l3D

Flare versions 0.6 and below local heap overflow denial of service exploit.

tags | exploit, denial of service, overflow, local
MD5 | 4c586f04d5fef027a275ae2524205921
Google Chrome 4.0.249 XML Denial Of Service
Posted Mar 8, 2010
Authored by Blade

Google Chrome version 4.0.249 XML denial of service proof of concept exploit.

tags | exploit, denial of service, proof of concept
MD5 | 5e8593679f05d8c119ca154a5749bb37
Secunia Security Advisory 38867
Posted Mar 8, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fedora has issued an update for drupal. This fixes some vulnerabilities, which can be exploited by malicious users to conduct script insertion attacks and bypass certain security restrictions.

tags | advisory, vulnerability
systems | linux, fedora
MD5 | 9d2dcd08bd1dca8b59fec2d643911edd
Secunia Security Advisory 38866
Posted Mar 8, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fedora has issued an update for fetchmail. This fixes a vulnerability, which can potentially be exploited by malicious people to compromise a vulnerable system.

tags | advisory
systems | linux, fedora
MD5 | effe9cfa81da8a4c935b49f1d92072fd
Secunia Security Advisory 38871
Posted Mar 8, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Mr.tro0oqy has discovered a vulnerability in Yahoo! Player, which can be exploited by malicious people to compromise a user's system.

tags | advisory
MD5 | f832d86f8b373b7988d101d295ae4540
Page 1 of 2
Back12Next

File Archive:

November 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    22 Files
  • 2
    Nov 2nd
    28 Files
  • 3
    Nov 3rd
    10 Files
  • 4
    Nov 4th
    1 Files
  • 5
    Nov 5th
    5 Files
  • 6
    Nov 6th
    15 Files
  • 7
    Nov 7th
    15 Files
  • 8
    Nov 8th
    13 Files
  • 9
    Nov 9th
    9 Files
  • 10
    Nov 10th
    9 Files
  • 11
    Nov 11th
    3 Files
  • 12
    Nov 12th
    2 Files
  • 13
    Nov 13th
    15 Files
  • 14
    Nov 14th
    17 Files
  • 15
    Nov 15th
    19 Files
  • 16
    Nov 16th
    15 Files
  • 17
    Nov 17th
    19 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close