what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 84 RSS Feed

Files Date: 2010-03-16

Digital Forensics Framework 0.5.0
Posted Mar 16, 2010
Authored by Christophe M., Solal J. | Site digital-forensic.org

DFF (Digital Forensics Framework) is a simple but powerful tool with a flexible module system which will help you in your digital forensics works, including file recovery due to error or crash, evidence research and analysis, etc. DFF provides a robust architecture and some handy modules.

Changes: This release includes several bugfixes and a new API and graphical features: file carving with an enhanced algorithm, a complete rewrite of the hexadecimal viewer, research functions in the API, a new gallery viewer with speed improvements, a partition mapper that allows extended partitions to be added, and automation capabilities based on MIME type for improved GUI navigation.
tags | tool, forensics
SHA-256 | b565474ab8ec094185c3cc0d027467bfdad87f3e9c5a2bd44f332997fdeb0b6e
Core Security Technologies Advisory 2009.0803
Posted Mar 16, 2010
Authored by Core Security Technologies, Diego Juarez, Nicolas A. Economou | Site coresecurity.com

Core Security Technologies Advisory - A vulnerability found in the memory management of the Virtual Machine Monitor makes memory pages mapped above the 2GB available with read or read/write access to user-space programs running in a Guest operating system.

tags | advisory
SHA-256 | 06e57ed0863415c369e25cbef95b7d726f955222074ae28cf5b2b20d11fdfe9d
Windisc 1.3 Stack Buffer Overflow
Posted Mar 16, 2010
Authored by Rick | Site corelan.be

Windisc version 1.3 suffers from a stack buffer overflow vulnerability. Full exploit code included.

tags | exploit, overflow
SHA-256 | 35273ce169912292844042a3d97dfc0662b96dd9a08ae743128e33f0a8217a9f
FCKEditor 2.0 RC3 Shell Upload
Posted Mar 16, 2010
Authored by Aodrulez

FCKEditor version 2.0 RC3 suffers from a shell upload vulnerability.

tags | exploit, shell
SHA-256 | 0f67b325a6baa3b5929976a83d14a7b16e3645f4feab2aaaa8e8ba925828c49a
Ubuntu Security Notice 912-1
Posted Mar 16, 2010
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 912-1 - It was discovered that Audio File Library contained a heap-based buffer overflow. If a user or automated system processed a crafted WAV file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program. The default compiler options for Ubuntu should reduce this vulnerability to a denial of service.

tags | advisory, denial of service, overflow, arbitrary
systems | linux, ubuntu
advisories | CVE-2008-5824
SHA-256 | 0b502f97154d452f8f94769ee6f50b5b80ad64e219e3e560f7486c91be5717dd
Zero Day Initiative Advisory 10-032
Posted Mar 16, 2010
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 10-032 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of SAP MaxDB. Authentication is not required to exploit this vulnerability. The specific flaw exists within the serv.exe process which listens by default on TCP port 7210. The process trusts a value from a handshake packet and uses it as a length when copying data to the stack. If provided a malicious value and packet data, this can be leveraged to execute arbitrary code under the context of the SYSTEM user.

tags | advisory, remote, arbitrary, tcp
SHA-256 | cb40e39471d9ad0f5a69bb519489ffab8ee630fc8167d30b87e8067c788e5c6d
Clan Tiger Cross Site Request Forgery
Posted Mar 16, 2010
Authored by Pratul Agrawal

Clan Tiger CMS suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | 00413d460a37c56be02b348ca47a2a8e1eaccf73ae0f2b3b8f5607377eb6581b
Chilly CMS Cross Site Scripting
Posted Mar 16, 2010
Authored by Pratul Agrawal

Chilly CMS suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 11456c3f691066f83e616c7e988e2151af0a9c2080155df90dba3da4b68c8219
Chilly CMS Cross Site Request Forgery
Posted Mar 16, 2010
Authored by Pratul Agrawal

Chilly CMS suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | 18882fe7f03d793e245d10395a0509c4fe3f749e2ac9ca591eaff91581b53241
WFTPD 3.3 Remote Denial Of Service
Posted Mar 16, 2010
Authored by dmnt

WFTPD version 3.3 remote unhandled exception denial of service exploit.

tags | exploit, remote, denial of service
SHA-256 | a2d0bc4b9fd783e5d528072b32ee00867bd6a96116ad439abba46b44a34ce958
SugarCRM Cross Site Scripting
Posted Mar 16, 2010
Authored by Jeromie Jackson

SugarCRM versions prior to 5.5.0a and 5.2.0l suffer from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2010-0465
SHA-256 | 589558f8272dbb655838d522cc9d7e45795796d7c1686e097ad7fc2d61680e34
Zero Day Initiative Advisory 10-031
Posted Mar 16, 2010
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 10-031 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable software utilizing Apple's WebKit library. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists due to a failure to unregister a callback pointer during the destruction of a particular type of element when embedded inside a 'blink' container. The application dereferences the original resource which can can be leveraged by an attacker to execute arbitrary code under the context of the current user.

tags | advisory, remote, arbitrary
systems | apple
SHA-256 | 978aa1696e69705e418a2ef7e1040dfaa95eb83cc7989e4529645bc9b19e7138
EGroupware Remote Command Execution
Posted Mar 16, 2010
Authored by Nahuel Grisolia | Site cybsec.com

CYBSEC Security Advisory - EGroupware suffers from a remote command execution vulnerability. Versions 1.4.001 / 1.4.002 / 1.6.001 / 1.6.002 and Premium Line versions 9.1 and 9.2 are affected.

tags | exploit, remote
SHA-256 | 3466397f295950b24bff97a0cee044361200ce29c5b7a1d91b43a2823cc8cb53
EGroupware Cross Site Scripting
Posted Mar 16, 2010
Authored by Nahuel Grisolia | Site cybsec.com

CYBSEC Security Advisory - EGroupware suffers from a reflected cross site scripting vulnerability. Versions 1.4.001 / 1.4.002 / 1.6.001 / 1.6.002 and Premium Line versions 9.1 and 9.2 are affected.

tags | exploit, xss
SHA-256 | 3975fad1bb46eca4d0023c780cf0920dfc6fb20955039a232c347c8e6f871d8b
OSSIM 2.2 Remote Command Execution
Posted Mar 16, 2010
Authored by Nahuel Grisolia | Site cybsec.com

CYBSEC Security Advisory - OSSIM version 2.2 suffers from a remote command execution vulnerability.

tags | exploit, remote
SHA-256 | fa7bc7dccfc1eea54e33881d98d9b73763826b24c23c03bff189b25b91634c35
OSSIM 2.2 Shell Upload
Posted Mar 16, 2010
Authored by Nahuel Grisolia | Site cybsec.com

CYBSEC Security Advisory - OSSIM version 2.2 suffers from an arbitrary file upload vulnerability.

tags | exploit, arbitrary, file upload
SHA-256 | d10ef69aff7ea865577efe7a578f5fb3c7ed3de34bb0c20f737359d8187ea269
OSSIM 2.2 File Download
Posted Mar 16, 2010
Authored by Nahuel Grisolia | Site cybsec.com

CYBSEC Security Advisory - OSSIM version 2.2 suffers from an arbitrary file download vulnerability.

tags | exploit, arbitrary
SHA-256 | e29b9aeb2eeb3a569fddcaf311d34f8de151300ac2c2e8f59d863fcafe44dd56
Online Community CMS By I-net SQL Injection
Posted Mar 16, 2010
Authored by Th3 RDX

Online Community CMS By I-net suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 6330833ea35dc810e682231316831c43611616f09c9c61c10d7055dad6b86e86
Zigurrat CMS SQL Injection
Posted Mar 16, 2010
Authored by Isfahan University of Technology

Zigurrat CMS suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 4602bb8a71d06414362c67aa19b2ba5d67ec0ce081f3a223d032c63f71572d47
Pars CMS SQL Injection
Posted Mar 16, 2010
Authored by Isfahan University of Technology

Pars CMS suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 6cfeb2c754f8d6e0e2e1b7e990d3e94fc26e2c9b16a374aca316f3af635593bf
Debian Linux Security Advisory 2017-1
Posted Mar 16, 2010
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2017-1 - Dan Rosenberg discovered that the PulseAudio sound server creates a temporary directory with a predictable name. This allows a local attacker to create a Denial of Service condition or possibly disclose sensitive information to unprivileged users.

tags | advisory, denial of service, local
systems | linux, debian
advisories | CVE-2009-1299
SHA-256 | 68d7df806fbd3422841194b7a54354db4bd82c01fbed403c2b50d62a7f202770
CuteNews 1.4.6 Insecure Cookie Handling
Posted Mar 16, 2010
Authored by indoushka

CuteNews version 1.4.6 suffers from an insecure cookie handling vulnerability.

tags | exploit, insecure cookie handling
SHA-256 | 2b696924860993e8b7a3b9a6023db148df92340d5a146e4bd8444ace1360c613
Family Connections 2.2 SQL Injection
Posted Mar 16, 2010
Authored by Blake

Family Connections version 2.2 suffers from multiple remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
SHA-256 | 932e4fe173014b2cdd8cb18dcf76db76665998ad415fe10ccb70b1436c237db3
Zero Day Initiative Advisory 10-030
Posted Mar 16, 2010
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 10-030 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari and other WebKit based browsers. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists in the handling of the run-in value for display CSS styles. A specially crafted web page can cause a use after free() condition in WebKit's WebCore::RenderBlock() method. This can be further leveraged by attackers to execute arbitrary code under the context of the current user.

tags | advisory, remote, web, arbitrary
systems | apple
SHA-256 | 68798d11271c59d7e7bfaf837933f005ae3ce6bf51e24d41c6fa3dd2c11cb90b
Free Real Estate Contact Form 1.09 Local File Inclusion
Posted Mar 16, 2010
Authored by Pouya Daneshmand

Free Real Estate Contact Form version 1.09 suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
SHA-256 | 9704856e0f082a62d5fa1de0e04b91c328256fa892fd19f381864f764e2835ea
Page 1 of 4
Back1234Next

File Archive:

July 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    52 Files
  • 2
    Jul 2nd
    0 Files
  • 3
    Jul 3rd
    0 Files
  • 4
    Jul 4th
    11 Files
  • 5
    Jul 5th
    8 Files
  • 6
    Jul 6th
    8 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    0 Files
  • 9
    Jul 9th
    0 Files
  • 10
    Jul 10th
    0 Files
  • 11
    Jul 11th
    0 Files
  • 12
    Jul 12th
    0 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    0 Files
  • 16
    Jul 16th
    0 Files
  • 17
    Jul 17th
    0 Files
  • 18
    Jul 18th
    0 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close