exploit the possibilities
Showing 1 - 25 of 90 RSS Feed

Files Date: 2010-08-13

Adobe Font Parsing Integer Overflow
Posted Aug 13, 2010
Authored by Ramz Afzar | Site rafzar.com

This is a detailed write up along with proof of concept code for the Adobe Acrobat font parsing integer overflow vulnerability.

tags | exploit, overflow, proof of concept
MD5 | 4909f0cbcbf11cd7fe575cea411c27ff
eazyCMS Cross Site Scripting
Posted Aug 13, 2010
Authored by High-Tech Bridge SA | Site htbridge.com

eazyCMS suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | a79767f2e3711d515aa73a9a601238cc
CMS Source SQL Injection / Cross Site Scripting / Local File Inclusion
Posted Aug 13, 2010
Authored by High-Tech Bridge SA | Site htbridge.com

CMS Source suffers from cross site scripting, local file inclusion and remote SQL injection vulnerabilities.

tags | exploit, remote, local, vulnerability, xss, sql injection, file inclusion
MD5 | 2113892a5e803e5b09eea288af28f97a
Get Tube SQL Injection
Posted Aug 13, 2010
Authored by Mr.P3rfekT

Get Tube versions 2.3, 3.02, 4.01, 4.5 and 4.51 all suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 2b51a4aa3f6b23777a524ca4843eeb2a
Plogger Remote File Disclosure
Posted Aug 13, 2010
Authored by Mr.tro0oqy

Plogger suffers from a remote file disclosure vulnerability.

tags | exploit, remote, info disclosure
MD5 | 3b61e704e94b5389de91280c52adb8a3
iDEFENSE Security Advisory 2010-08-10.2
Posted Aug 13, 2010
Authored by iDefense Labs, wushi | Site idefense.com

iDefense Security Advisory 08.10.10 - Remote exploitation of an memory corruption vulnerability in Microsoft's Office RTF Parsing Engine could allow an attacker to execute arbitrary code with the privileges of the current user. During the processing of a RTF document containing certain control words, the RTF parsing engine may incorrectly read a value from the RTF file. This value may directly affect the control of execution flow within the RTF parsing engine.

tags | advisory, remote, arbitrary
advisories | CVE-2010-1901
MD5 | aad21e7fdba76b3b2765d4cdf06fcb9e
Attacking And Fixing The Microsoft Windows Kerberos Login Service
Posted Aug 13, 2010
Authored by Riccardo Focardi, Tommaso Malgherini

Whitepaper called Attacking and fixing the Microsoft Windows Kerberos Login Service.

tags | paper
systems | windows
MD5 | 624502cb2c087f19c3ad8cef1f81071c
MySQL Injection - Simple Load File And Into OutFile Tutorial
Posted Aug 13, 2010
Authored by MikiSoft

This is a short tutorial called MySQL Injection - Simple Load File and Into OutFile.

tags | paper, sql injection
MD5 | 2919fdf1ea63bdd21b064c4495257766
NuFW Authenticating Firewall 2.4.3
Posted Aug 13, 2010
Authored by regit | Site nufw.org

NuFW is a set of daemons that filters packets on a per-user basis. The gateway authorizes a packet depending on which remote user has sent it. On the client side, users have to run a client that sends authentication packets to the gateway. On the server side, the gateway associates user ids to packets, thus enabling the possibility to filter packets on a user basis. Furthermore, the server architecture is done to use external authentication source such as an LDAP server.

Changes: This release features mainly client-side improvements. The SASL mechanism may now be chosen. In case of failure, a fallback is made to the next best mechanism.
tags | tool, remote, firewall
systems | unix
MD5 | c7dd517473d8735688ca29fa4e1aad85
i-Web Suite SQL Injection / Cross Site Scripting
Posted Aug 13, 2010
Authored by High-Tech Bridge SA | Site htbridge.com

i-Web Suite suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, web, vulnerability, xss, sql injection
MD5 | fdd0da08dced8aac593d4f5d19f2d275
Clam AntiVirus Toolkit 0.96.2
Posted Aug 13, 2010
Authored by Tomasz Kojm | Site clamav.net

Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a commandline scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.

Changes: This version brings a new PDF parser, performance and memory improvements, and a number of bugfixes and minor enhancements. This upgrade is recommended for all users.
tags | virus
systems | unix
MD5 | a2c2555d86868f91a01d0e2c2403bbec
Botan C++ Crypto Algorithms Library 1.9.10
Posted Aug 13, 2010
Site botan.randombit.net

Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS #10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to most systems and compilers, and includes a substantial tutorial and API reference.

Changes: This release adds a constant-time AES implementation using SSSE3 instructions; in addition to avoiding timing and cache-based side channel attacks, it can be significantly faster on some modern processors like Intel\'s Nehalem. Engines can now be loaded dynamically at runtime. GCC\'s byteswapping builtins are now used when available.
tags | library
MD5 | 3085755edb8d03ea2dc1d720f31944f0
SmartCode ServerX VNC Server 1.1.5.0 Denial Of Service
Posted Aug 13, 2010
Authored by LiquidWorm | Site zeroscience.mk

SmartCode ServerX VNC Server Active-X version 1.1.5.0 suffers from a denial of service vulnerability in scvncsrvx.dll.

tags | exploit, denial of service, activex
MD5 | 9a1b91a119d7d6ac50c20b92ab9f97b6
SoftX FTP Client 3.3 Directory Traversal
Posted Aug 13, 2010
Authored by High-Tech Bridge SA | Site htbridge.com

SoftX FTP Client version 3.3 suffers from a directory traversal vulnerability.

tags | exploit, file inclusion
MD5 | 1661be0a18e36580448e752f319b3924
Edit-X CMS Cross Site Scripting
Posted Aug 13, 2010
Authored by High-Tech Bridge SA | Site htbridge.com

Edit-X CMS suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 4d440cc374ab0a8212656075d2b97e67
SyntaxCMS 1.3 SQL Injection
Posted Aug 13, 2010
Authored by High-Tech Bridge SA | Site htbridge.com

SyntaxCMS version 1.3 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | ed99b4f94015b2281a77468e2a402ba4
Onyx 0.3.2 Cross Site Scripting
Posted Aug 13, 2010
Authored by High-Tech Bridge SA | Site htbridge.com

Onyx version 0.3.2 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | b8e151dedba8ec1d82b17c54b19744cf
Xion 1.0.125 Stack Buffer Overflow
Posted Aug 13, 2010
Authored by corelanc0d3r, dijital1 | Site corelan.be

Xion Player version 1.0.125 local stack buffer overflow exploit that creates a malicious .m3u file.

tags | exploit, overflow, local
MD5 | 1cedabe679beb8fce8ff47fc5193f310
SUSE Security Announcement 2010.034
Posted Aug 13, 2010
Site suse.com

SUSE Security Announcement - Flash Player was updated to version 10.1.82.76 fixing several critical security issues.

tags | advisory
systems | linux, suse
advisories | CVE-2010-0209, CVE-2010-2188, CVE-2010-2213, CVE-2010-2214, CVE-2010-2215, CVE-2010-2216
MD5 | fe2f006a4ea2ce5c6c55f639ad4487fd
SWFTools Two Integer Overflows
Posted Aug 13, 2010
Authored by Stefan Cornelius | Site secunia.com

Secunia Research has discovered two vulnerabilities in SWFTools, which can be exploited by malicious people to compromise a user's system. An integer overflow error within the "getPNG()" function in lib/png.c can be exploited to cause a heap-based buffer overflow via specially crafted PNG images. An integer overflow error within the "jpeg_load()" function in lib/jpeg.c can be exploited to cause a heap-based buffer overflow via specially crafted JPEG images.

tags | advisory, overflow, vulnerability
advisories | CVE-2010-1516
MD5 | 449024581463936d88d1336bcdf8f8cd
WordPress 3.0.1 Cross Site Scripting
Posted Aug 13, 2010
Authored by David "Aesthetico" Vieira-Kurz | Site majorsecurity.de

WordPress version 3.0.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | f4e2b8572c2772bd9ca744abb937557d
Mystic 0.1.4 Cross Site Request Forgery / Cross Site Scripting
Posted Aug 13, 2010
Authored by High-Tech Bridge SA | Site htbridge.com

Mystic version 0.1.4 suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
MD5 | 1e442bfbb73f8ee40a38cbfb3c718cc3
Secunia Security Advisory 40949
Posted Aug 13, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Kleeja, which can be exploited by malicious people to conduct cross-site request forgery attacks.

tags | advisory, csrf
MD5 | da386f663aea94f19de3b3444f465523
Secunia Security Advisory 40956
Posted Aug 13, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in strongSwan, which can be exploited by malicious people to potentially compromise a vulnerable system.

tags | advisory, vulnerability
MD5 | 313899f01add6482681533609e201f3b
Secunia Security Advisory 40967
Posted Aug 13, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - High-Tech Bridge SA has reported some vulnerabilities in CMS Source, which can be exploited by malicious users and malicious people to disclose sensitive information and by malicious people to to conduct cross-site scripting and SQL injection attacks.

tags | advisory, vulnerability, xss, sql injection
MD5 | 5db9c7ac56c2b5f959b987f9d2c0d552
Page 1 of 4
Back1234Next

File Archive:

June 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    10 Files
  • 2
    Jun 2nd
    16 Files
  • 3
    Jun 3rd
    15 Files
  • 4
    Jun 4th
    25 Files
  • 5
    Jun 5th
    8 Files
  • 6
    Jun 6th
    0 Files
  • 7
    Jun 7th
    0 Files
  • 8
    Jun 8th
    0 Files
  • 9
    Jun 9th
    0 Files
  • 10
    Jun 10th
    0 Files
  • 11
    Jun 11th
    0 Files
  • 12
    Jun 12th
    0 Files
  • 13
    Jun 13th
    0 Files
  • 14
    Jun 14th
    0 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    0 Files
  • 18
    Jun 18th
    0 Files
  • 19
    Jun 19th
    0 Files
  • 20
    Jun 20th
    0 Files
  • 21
    Jun 21st
    0 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close