what you don't know can hurt you
Showing 1 - 25 of 90 RSS Feed

Files Date: 2010-08-13

Adobe Font Parsing Integer Overflow
Posted Aug 13, 2010
Authored by Ramz Afzar | Site rafzar.com

This is a detailed write up along with proof of concept code for the Adobe Acrobat font parsing integer overflow vulnerability.

tags | exploit, overflow, proof of concept
MD5 | 4909f0cbcbf11cd7fe575cea411c27ff
eazyCMS Cross Site Scripting
Posted Aug 13, 2010
Authored by High-Tech Bridge SA | Site htbridge.com

eazyCMS suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | a79767f2e3711d515aa73a9a601238cc
CMS Source SQL Injection / Cross Site Scripting / Local File Inclusion
Posted Aug 13, 2010
Authored by High-Tech Bridge SA | Site htbridge.com

CMS Source suffers from cross site scripting, local file inclusion and remote SQL injection vulnerabilities.

tags | exploit, remote, local, vulnerability, xss, sql injection, file inclusion
MD5 | 2113892a5e803e5b09eea288af28f97a
Get Tube SQL Injection
Posted Aug 13, 2010
Authored by Mr.P3rfekT

Get Tube versions 2.3, 3.02, 4.01, 4.5 and 4.51 all suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 2b51a4aa3f6b23777a524ca4843eeb2a
Plogger Remote File Disclosure
Posted Aug 13, 2010
Authored by Mr.tro0oqy

Plogger suffers from a remote file disclosure vulnerability.

tags | exploit, remote, info disclosure
MD5 | 3b61e704e94b5389de91280c52adb8a3
iDEFENSE Security Advisory 2010-08-10.2
Posted Aug 13, 2010
Authored by iDefense Labs, wushi | Site idefense.com

iDefense Security Advisory 08.10.10 - Remote exploitation of an memory corruption vulnerability in Microsoft's Office RTF Parsing Engine could allow an attacker to execute arbitrary code with the privileges of the current user. During the processing of a RTF document containing certain control words, the RTF parsing engine may incorrectly read a value from the RTF file. This value may directly affect the control of execution flow within the RTF parsing engine.

tags | advisory, remote, arbitrary
advisories | CVE-2010-1901
MD5 | aad21e7fdba76b3b2765d4cdf06fcb9e
Attacking And Fixing The Microsoft Windows Kerberos Login Service
Posted Aug 13, 2010
Authored by Riccardo Focardi, Tommaso Malgherini

Whitepaper called Attacking and fixing the Microsoft Windows Kerberos Login Service.

tags | paper
systems | windows
MD5 | 624502cb2c087f19c3ad8cef1f81071c
MySQL Injection - Simple Load File And Into OutFile Tutorial
Posted Aug 13, 2010
Authored by MikiSoft

This is a short tutorial called MySQL Injection - Simple Load File and Into OutFile.

tags | paper, sql injection
MD5 | 2919fdf1ea63bdd21b064c4495257766
NuFW Authenticating Firewall 2.4.3
Posted Aug 13, 2010
Authored by regit | Site nufw.org

NuFW is a set of daemons that filters packets on a per-user basis. The gateway authorizes a packet depending on which remote user has sent it. On the client side, users have to run a client that sends authentication packets to the gateway. On the server side, the gateway associates user ids to packets, thus enabling the possibility to filter packets on a user basis. Furthermore, the server architecture is done to use external authentication source such as an LDAP server.

Changes: This release features mainly client-side improvements. The SASL mechanism may now be chosen. In case of failure, a fallback is made to the next best mechanism.
tags | tool, remote, firewall
systems | unix
MD5 | c7dd517473d8735688ca29fa4e1aad85
i-Web Suite SQL Injection / Cross Site Scripting
Posted Aug 13, 2010
Authored by High-Tech Bridge SA | Site htbridge.com

i-Web Suite suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, web, vulnerability, xss, sql injection
MD5 | fdd0da08dced8aac593d4f5d19f2d275
Clam AntiVirus Toolkit 0.96.2
Posted Aug 13, 2010
Authored by Tomasz Kojm | Site clamav.net

Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a commandline scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.

Changes: This version brings a new PDF parser, performance and memory improvements, and a number of bugfixes and minor enhancements. This upgrade is recommended for all users.
tags | virus
systems | unix
MD5 | a2c2555d86868f91a01d0e2c2403bbec
Botan C++ Crypto Algorithms Library 1.9.10
Posted Aug 13, 2010
Site botan.randombit.net

Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS #10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to most systems and compilers, and includes a substantial tutorial and API reference.

Changes: This release adds a constant-time AES implementation using SSSE3 instructions; in addition to avoiding timing and cache-based side channel attacks, it can be significantly faster on some modern processors like Intel\'s Nehalem. Engines can now be loaded dynamically at runtime. GCC\'s byteswapping builtins are now used when available.
tags | library
MD5 | 3085755edb8d03ea2dc1d720f31944f0
SmartCode ServerX VNC Server 1.1.5.0 Denial Of Service
Posted Aug 13, 2010
Authored by LiquidWorm | Site zeroscience.mk

SmartCode ServerX VNC Server Active-X version 1.1.5.0 suffers from a denial of service vulnerability in scvncsrvx.dll.

tags | exploit, denial of service, activex
MD5 | 9a1b91a119d7d6ac50c20b92ab9f97b6
SoftX FTP Client 3.3 Directory Traversal
Posted Aug 13, 2010
Authored by High-Tech Bridge SA | Site htbridge.com

SoftX FTP Client version 3.3 suffers from a directory traversal vulnerability.

tags | exploit, file inclusion
MD5 | 1661be0a18e36580448e752f319b3924
Edit-X CMS Cross Site Scripting
Posted Aug 13, 2010
Authored by High-Tech Bridge SA | Site htbridge.com

Edit-X CMS suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 4d440cc374ab0a8212656075d2b97e67
SyntaxCMS 1.3 SQL Injection
Posted Aug 13, 2010
Authored by High-Tech Bridge SA | Site htbridge.com

SyntaxCMS version 1.3 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | ed99b4f94015b2281a77468e2a402ba4
Onyx 0.3.2 Cross Site Scripting
Posted Aug 13, 2010
Authored by High-Tech Bridge SA | Site htbridge.com

Onyx version 0.3.2 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | b8e151dedba8ec1d82b17c54b19744cf
Xion 1.0.125 Stack Buffer Overflow
Posted Aug 13, 2010
Authored by corelanc0d3r, dijital1 | Site corelan.be

Xion Player version 1.0.125 local stack buffer overflow exploit that creates a malicious .m3u file.

tags | exploit, overflow, local
MD5 | 1cedabe679beb8fce8ff47fc5193f310
SUSE Security Announcement 2010.034
Posted Aug 13, 2010
Site suse.com

SUSE Security Announcement - Flash Player was updated to version 10.1.82.76 fixing several critical security issues.

tags | advisory
systems | linux, suse
advisories | CVE-2010-0209, CVE-2010-2188, CVE-2010-2213, CVE-2010-2214, CVE-2010-2215, CVE-2010-2216
MD5 | fe2f006a4ea2ce5c6c55f639ad4487fd
SWFTools Two Integer Overflows
Posted Aug 13, 2010
Authored by Stefan Cornelius | Site secunia.com

Secunia Research has discovered two vulnerabilities in SWFTools, which can be exploited by malicious people to compromise a user's system. An integer overflow error within the "getPNG()" function in lib/png.c can be exploited to cause a heap-based buffer overflow via specially crafted PNG images. An integer overflow error within the "jpeg_load()" function in lib/jpeg.c can be exploited to cause a heap-based buffer overflow via specially crafted JPEG images.

tags | advisory, overflow, vulnerability
advisories | CVE-2010-1516
MD5 | 449024581463936d88d1336bcdf8f8cd
WordPress 3.0.1 Cross Site Scripting
Posted Aug 13, 2010
Authored by David "Aesthetico" Vieira-Kurz | Site majorsecurity.de

WordPress version 3.0.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | f4e2b8572c2772bd9ca744abb937557d
Mystic 0.1.4 Cross Site Request Forgery / Cross Site Scripting
Posted Aug 13, 2010
Authored by High-Tech Bridge SA | Site htbridge.com

Mystic version 0.1.4 suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
MD5 | 1e442bfbb73f8ee40a38cbfb3c718cc3
Secunia Security Advisory 40949
Posted Aug 13, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Kleeja, which can be exploited by malicious people to conduct cross-site request forgery attacks.

tags | advisory, csrf
MD5 | da386f663aea94f19de3b3444f465523
Secunia Security Advisory 40956
Posted Aug 13, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in strongSwan, which can be exploited by malicious people to potentially compromise a vulnerable system.

tags | advisory, vulnerability
MD5 | 313899f01add6482681533609e201f3b
Secunia Security Advisory 40967
Posted Aug 13, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - High-Tech Bridge SA has reported some vulnerabilities in CMS Source, which can be exploited by malicious users and malicious people to disclose sensitive information and by malicious people to to conduct cross-site scripting and SQL injection attacks.

tags | advisory, vulnerability, xss, sql injection
MD5 | 5db9c7ac56c2b5f959b987f9d2c0d552
Page 1 of 4
Back1234Next

File Archive:

May 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    16 Files
  • 2
    May 2nd
    8 Files
  • 3
    May 3rd
    8 Files
  • 4
    May 4th
    2 Files
  • 5
    May 5th
    1 Files
  • 6
    May 6th
    15 Files
  • 7
    May 7th
    22 Files
  • 8
    May 8th
    16 Files
  • 9
    May 9th
    17 Files
  • 10
    May 10th
    16 Files
  • 11
    May 11th
    3 Files
  • 12
    May 12th
    4 Files
  • 13
    May 13th
    25 Files
  • 14
    May 14th
    24 Files
  • 15
    May 15th
    78 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    16 Files
  • 18
    May 18th
    2 Files
  • 19
    May 19th
    1 Files
  • 20
    May 20th
    11 Files
  • 21
    May 21st
    21 Files
  • 22
    May 22nd
    20 Files
  • 23
    May 23rd
    36 Files
  • 24
    May 24th
    2 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close