exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 90 RSS Feed

Files Date: 2010-08-13

Adobe Font Parsing Integer Overflow
Posted Aug 13, 2010
Authored by Ramz Afzar | Site rafzar.com

This is a detailed write up along with proof of concept code for the Adobe Acrobat font parsing integer overflow vulnerability.

tags | exploit, overflow, proof of concept
SHA-256 | 3f0ddd64f75743a12e58ba0b0b85e48865c1938a53a467deb7d73e2ae74128da
eazyCMS Cross Site Scripting
Posted Aug 13, 2010
Authored by High-Tech Bridge SA | Site htbridge.com

eazyCMS suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | fe1793c76d0607e7c421c7c854c55d40113ad3a86db3673458bad98d7aa20000
CMS Source SQL Injection / Cross Site Scripting / Local File Inclusion
Posted Aug 13, 2010
Authored by High-Tech Bridge SA | Site htbridge.com

CMS Source suffers from cross site scripting, local file inclusion and remote SQL injection vulnerabilities.

tags | exploit, remote, local, vulnerability, xss, sql injection, file inclusion
SHA-256 | 1cc0749f065c95606df88e248cc7105d95495566d53e2424e2456ee38ef4ab21
Get Tube SQL Injection
Posted Aug 13, 2010
Authored by Mr.P3rfekT

Get Tube versions 2.3, 3.02, 4.01, 4.5 and 4.51 all suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 348c5b150e32652de8ebf6730862212ac2bdb62b315a194f10f448915847216b
Plogger Remote File Disclosure
Posted Aug 13, 2010
Authored by Mr.tro0oqy

Plogger suffers from a remote file disclosure vulnerability.

tags | exploit, remote, info disclosure
SHA-256 | 028bb6e850d1eb80337e0d8798503ad19f0cd6190774b7fb0902fe28f2a9e850
iDEFENSE Security Advisory 2010-08-10.2
Posted Aug 13, 2010
Authored by iDefense Labs, wushi | Site idefense.com

iDefense Security Advisory 08.10.10 - Remote exploitation of an memory corruption vulnerability in Microsoft's Office RTF Parsing Engine could allow an attacker to execute arbitrary code with the privileges of the current user. During the processing of a RTF document containing certain control words, the RTF parsing engine may incorrectly read a value from the RTF file. This value may directly affect the control of execution flow within the RTF parsing engine.

tags | advisory, remote, arbitrary
advisories | CVE-2010-1901
SHA-256 | b5e0d708c7afc4fb28b1ce1539313fd783bff59a1505c38d75cbd5f66b9d464d
Attacking And Fixing The Microsoft Windows Kerberos Login Service
Posted Aug 13, 2010
Authored by Riccardo Focardi, Tommaso Malgherini

Whitepaper called Attacking and fixing the Microsoft Windows Kerberos Login Service.

tags | paper
systems | windows
SHA-256 | dca56f74aa6bce65400493957a77a259aea8e57979675bb75f2810e882eaa367
MySQL Injection - Simple Load File And Into OutFile Tutorial
Posted Aug 13, 2010
Authored by MikiSoft

This is a short tutorial called MySQL Injection - Simple Load File and Into OutFile.

tags | paper, sql injection
SHA-256 | 6866aa8f28dcac6458750046b3125a824fcea99b3aedbddd27f63076b1098e76
NuFW Authenticating Firewall 2.4.3
Posted Aug 13, 2010
Authored by regit | Site nufw.org

NuFW is a set of daemons that filters packets on a per-user basis. The gateway authorizes a packet depending on which remote user has sent it. On the client side, users have to run a client that sends authentication packets to the gateway. On the server side, the gateway associates user ids to packets, thus enabling the possibility to filter packets on a user basis. Furthermore, the server architecture is done to use external authentication source such as an LDAP server.

Changes: This release features mainly client-side improvements. The SASL mechanism may now be chosen. In case of failure, a fallback is made to the next best mechanism.
tags | tool, remote, firewall
systems | unix
SHA-256 | dcdbd2708f2c2e12467e8290427000123747df8a0fffb5c31fdecd194bc1d79d
i-Web Suite SQL Injection / Cross Site Scripting
Posted Aug 13, 2010
Authored by High-Tech Bridge SA | Site htbridge.com

i-Web Suite suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, web, vulnerability, xss, sql injection
SHA-256 | bf4044fcb65c8a8357940ed4f827599eb42d238e77f419d0367b86f3d5d7d30c
Clam AntiVirus Toolkit 0.96.2
Posted Aug 13, 2010
Authored by Tomasz Kojm | Site clamav.net

Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a commandline scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.

Changes: This version brings a new PDF parser, performance and memory improvements, and a number of bugfixes and minor enhancements. This upgrade is recommended for all users.
tags | virus
systems | unix
SHA-256 | 6aa0b0d96ed25ffb4b5aca53f6348978c94771503c299f86e480fef475abcefa
Botan C++ Crypto Algorithms Library 1.9.10
Posted Aug 13, 2010
Site botan.randombit.net

Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS #10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to most systems and compilers, and includes a substantial tutorial and API reference.

Changes: This release adds a constant-time AES implementation using SSSE3 instructions; in addition to avoiding timing and cache-based side channel attacks, it can be significantly faster on some modern processors like Intel\'s Nehalem. Engines can now be loaded dynamically at runtime. GCC\'s byteswapping builtins are now used when available.
tags | library
SHA-256 | 43a45df9dabb835d342206a7b3508b2a323f7118a76b748d149e73aff2797db0
SmartCode ServerX VNC Server 1.1.5.0 Denial Of Service
Posted Aug 13, 2010
Authored by LiquidWorm | Site zeroscience.mk

SmartCode ServerX VNC Server Active-X version 1.1.5.0 suffers from a denial of service vulnerability in scvncsrvx.dll.

tags | exploit, denial of service, activex
SHA-256 | b7b28563723da38901481e1b6eb926086c2a9be731100ece4948f14243ae3599
SoftX FTP Client 3.3 Directory Traversal
Posted Aug 13, 2010
Authored by High-Tech Bridge SA | Site htbridge.com

SoftX FTP Client version 3.3 suffers from a directory traversal vulnerability.

tags | exploit, file inclusion
SHA-256 | dbcedb388fc3cec8a38ca122492b3bce0cc46f9cb2b690a1c3cdfd9f08d2e9d6
Edit-X CMS Cross Site Scripting
Posted Aug 13, 2010
Authored by High-Tech Bridge SA | Site htbridge.com

Edit-X CMS suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 2493f966b165a37e381bdb0d0205c2066af08865b6433ca14a31779009cf9ffe
SyntaxCMS 1.3 SQL Injection
Posted Aug 13, 2010
Authored by High-Tech Bridge SA | Site htbridge.com

SyntaxCMS version 1.3 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | bd694637af43965326dd67f57bef977e3167de288d7ed427c6b440da21916a2b
Onyx 0.3.2 Cross Site Scripting
Posted Aug 13, 2010
Authored by High-Tech Bridge SA | Site htbridge.com

Onyx version 0.3.2 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 6a3b8d84636dbbe4bd6ba3105e5cd9d6c1ec410d0225b38f59524b9530a4fe79
Xion 1.0.125 Stack Buffer Overflow
Posted Aug 13, 2010
Authored by corelanc0d3r, dijital1 | Site corelan.be

Xion Player version 1.0.125 local stack buffer overflow exploit that creates a malicious .m3u file.

tags | exploit, overflow, local
SHA-256 | 623e89f49bcef9f0a3b4ba99e4d3ef07532083ae2fdac43b0fe5118d47d2d2a5
SUSE Security Announcement 2010.034
Posted Aug 13, 2010
Site suse.com

SUSE Security Announcement - Flash Player was updated to version 10.1.82.76 fixing several critical security issues.

tags | advisory
systems | linux, suse
advisories | CVE-2010-0209, CVE-2010-2188, CVE-2010-2213, CVE-2010-2214, CVE-2010-2215, CVE-2010-2216
SHA-256 | 4215852f7aadcf5349f4c7580bafcadb08e54ededfb7e59ee009754ac6aedcda
SWFTools Two Integer Overflows
Posted Aug 13, 2010
Authored by Stefan Cornelius | Site secunia.com

Secunia Research has discovered two vulnerabilities in SWFTools, which can be exploited by malicious people to compromise a user's system. An integer overflow error within the "getPNG()" function in lib/png.c can be exploited to cause a heap-based buffer overflow via specially crafted PNG images. An integer overflow error within the "jpeg_load()" function in lib/jpeg.c can be exploited to cause a heap-based buffer overflow via specially crafted JPEG images.

tags | advisory, overflow, vulnerability
advisories | CVE-2010-1516
SHA-256 | 0ac4acaa34693c9c47c3dd9fce7cfc4554b9166403d11d3a10fa1521d9a9191c
WordPress 3.0.1 Cross Site Scripting
Posted Aug 13, 2010
Authored by David "Aesthetico" Vieira-Kurz | Site majorsecurity.de

WordPress version 3.0.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 921c86ce003e8c1e9768354aad33c41325ac356eece76c0d02ce5a7905ee5694
Mystic 0.1.4 Cross Site Request Forgery / Cross Site Scripting
Posted Aug 13, 2010
Authored by High-Tech Bridge SA | Site htbridge.com

Mystic version 0.1.4 suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
SHA-256 | 427020de4e1b9b5f83c2de4198f6ef49be2c9c4afedc88d0ef39ab6f9983d734
Secunia Security Advisory 40949
Posted Aug 13, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Kleeja, which can be exploited by malicious people to conduct cross-site request forgery attacks.

tags | advisory, csrf
SHA-256 | bd9b18dec802b6e28ae587b635b4bf972f719b725562bcbc6c87604a45e2ff7d
Secunia Security Advisory 40956
Posted Aug 13, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in strongSwan, which can be exploited by malicious people to potentially compromise a vulnerable system.

tags | advisory, vulnerability
SHA-256 | 1b93e6e3e7066178799f6ab4b477e30c91731adaf3f2b15cd503949b1a3180e8
Secunia Security Advisory 40967
Posted Aug 13, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - High-Tech Bridge SA has reported some vulnerabilities in CMS Source, which can be exploited by malicious users and malicious people to disclose sensitive information and by malicious people to to conduct cross-site scripting and SQL injection attacks.

tags | advisory, vulnerability, xss, sql injection
SHA-256 | ecbab0a967f36d8ae4063c8a9743b45c5aa150d60ea07094d100f65f86f6dd88
Page 1 of 4
Back1234Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close