what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 90 RSS Feed

Files Date: 2010-08-13

Adobe Font Parsing Integer Overflow
Posted Aug 13, 2010
Authored by Ramz Afzar | Site rafzar.com

This is a detailed write up along with proof of concept code for the Adobe Acrobat font parsing integer overflow vulnerability.

tags | exploit, overflow, proof of concept
SHA-256 | 3f0ddd64f75743a12e58ba0b0b85e48865c1938a53a467deb7d73e2ae74128da
eazyCMS Cross Site Scripting
Posted Aug 13, 2010
Authored by High-Tech Bridge SA | Site htbridge.com

eazyCMS suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | fe1793c76d0607e7c421c7c854c55d40113ad3a86db3673458bad98d7aa20000
CMS Source SQL Injection / Cross Site Scripting / Local File Inclusion
Posted Aug 13, 2010
Authored by High-Tech Bridge SA | Site htbridge.com

CMS Source suffers from cross site scripting, local file inclusion and remote SQL injection vulnerabilities.

tags | exploit, remote, local, vulnerability, xss, sql injection, file inclusion
SHA-256 | 1cc0749f065c95606df88e248cc7105d95495566d53e2424e2456ee38ef4ab21
Get Tube SQL Injection
Posted Aug 13, 2010
Authored by Mr.P3rfekT

Get Tube versions 2.3, 3.02, 4.01, 4.5 and 4.51 all suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 348c5b150e32652de8ebf6730862212ac2bdb62b315a194f10f448915847216b
Plogger Remote File Disclosure
Posted Aug 13, 2010
Authored by Mr.tro0oqy

Plogger suffers from a remote file disclosure vulnerability.

tags | exploit, remote, info disclosure
SHA-256 | 028bb6e850d1eb80337e0d8798503ad19f0cd6190774b7fb0902fe28f2a9e850
iDEFENSE Security Advisory 2010-08-10.2
Posted Aug 13, 2010
Authored by iDefense Labs, wushi | Site idefense.com

iDefense Security Advisory 08.10.10 - Remote exploitation of an memory corruption vulnerability in Microsoft's Office RTF Parsing Engine could allow an attacker to execute arbitrary code with the privileges of the current user. During the processing of a RTF document containing certain control words, the RTF parsing engine may incorrectly read a value from the RTF file. This value may directly affect the control of execution flow within the RTF parsing engine.

tags | advisory, remote, arbitrary
advisories | CVE-2010-1901
SHA-256 | b5e0d708c7afc4fb28b1ce1539313fd783bff59a1505c38d75cbd5f66b9d464d
Attacking And Fixing The Microsoft Windows Kerberos Login Service
Posted Aug 13, 2010
Authored by Riccardo Focardi, Tommaso Malgherini

Whitepaper called Attacking and fixing the Microsoft Windows Kerberos Login Service.

tags | paper
systems | windows
SHA-256 | dca56f74aa6bce65400493957a77a259aea8e57979675bb75f2810e882eaa367
MySQL Injection - Simple Load File And Into OutFile Tutorial
Posted Aug 13, 2010
Authored by MikiSoft

This is a short tutorial called MySQL Injection - Simple Load File and Into OutFile.

tags | paper, sql injection
SHA-256 | 6866aa8f28dcac6458750046b3125a824fcea99b3aedbddd27f63076b1098e76
NuFW Authenticating Firewall 2.4.3
Posted Aug 13, 2010
Authored by regit | Site nufw.org

NuFW is a set of daemons that filters packets on a per-user basis. The gateway authorizes a packet depending on which remote user has sent it. On the client side, users have to run a client that sends authentication packets to the gateway. On the server side, the gateway associates user ids to packets, thus enabling the possibility to filter packets on a user basis. Furthermore, the server architecture is done to use external authentication source such as an LDAP server.

Changes: This release features mainly client-side improvements. The SASL mechanism may now be chosen. In case of failure, a fallback is made to the next best mechanism.
tags | tool, remote, firewall
systems | unix
SHA-256 | dcdbd2708f2c2e12467e8290427000123747df8a0fffb5c31fdecd194bc1d79d
i-Web Suite SQL Injection / Cross Site Scripting
Posted Aug 13, 2010
Authored by High-Tech Bridge SA | Site htbridge.com

i-Web Suite suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, web, vulnerability, xss, sql injection
SHA-256 | bf4044fcb65c8a8357940ed4f827599eb42d238e77f419d0367b86f3d5d7d30c
Clam AntiVirus Toolkit 0.96.2
Posted Aug 13, 2010
Authored by Tomasz Kojm | Site clamav.net

Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a commandline scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.

Changes: This version brings a new PDF parser, performance and memory improvements, and a number of bugfixes and minor enhancements. This upgrade is recommended for all users.
tags | virus
systems | unix
SHA-256 | 6aa0b0d96ed25ffb4b5aca53f6348978c94771503c299f86e480fef475abcefa
Botan C++ Crypto Algorithms Library 1.9.10
Posted Aug 13, 2010
Site botan.randombit.net

Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS #10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to most systems and compilers, and includes a substantial tutorial and API reference.

Changes: This release adds a constant-time AES implementation using SSSE3 instructions; in addition to avoiding timing and cache-based side channel attacks, it can be significantly faster on some modern processors like Intel\'s Nehalem. Engines can now be loaded dynamically at runtime. GCC\'s byteswapping builtins are now used when available.
tags | library
SHA-256 | 43a45df9dabb835d342206a7b3508b2a323f7118a76b748d149e73aff2797db0
SmartCode ServerX VNC Server 1.1.5.0 Denial Of Service
Posted Aug 13, 2010
Authored by LiquidWorm | Site zeroscience.mk

SmartCode ServerX VNC Server Active-X version 1.1.5.0 suffers from a denial of service vulnerability in scvncsrvx.dll.

tags | exploit, denial of service, activex
SHA-256 | b7b28563723da38901481e1b6eb926086c2a9be731100ece4948f14243ae3599
SoftX FTP Client 3.3 Directory Traversal
Posted Aug 13, 2010
Authored by High-Tech Bridge SA | Site htbridge.com

SoftX FTP Client version 3.3 suffers from a directory traversal vulnerability.

tags | exploit, file inclusion
SHA-256 | dbcedb388fc3cec8a38ca122492b3bce0cc46f9cb2b690a1c3cdfd9f08d2e9d6
Edit-X CMS Cross Site Scripting
Posted Aug 13, 2010
Authored by High-Tech Bridge SA | Site htbridge.com

Edit-X CMS suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 2493f966b165a37e381bdb0d0205c2066af08865b6433ca14a31779009cf9ffe
SyntaxCMS 1.3 SQL Injection
Posted Aug 13, 2010
Authored by High-Tech Bridge SA | Site htbridge.com

SyntaxCMS version 1.3 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | bd694637af43965326dd67f57bef977e3167de288d7ed427c6b440da21916a2b
Onyx 0.3.2 Cross Site Scripting
Posted Aug 13, 2010
Authored by High-Tech Bridge SA | Site htbridge.com

Onyx version 0.3.2 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 6a3b8d84636dbbe4bd6ba3105e5cd9d6c1ec410d0225b38f59524b9530a4fe79
Xion 1.0.125 Stack Buffer Overflow
Posted Aug 13, 2010
Authored by corelanc0d3r, dijital1 | Site corelan.be

Xion Player version 1.0.125 local stack buffer overflow exploit that creates a malicious .m3u file.

tags | exploit, overflow, local
SHA-256 | 623e89f49bcef9f0a3b4ba99e4d3ef07532083ae2fdac43b0fe5118d47d2d2a5
SUSE Security Announcement 2010.034
Posted Aug 13, 2010
Site suse.com

SUSE Security Announcement - Flash Player was updated to version 10.1.82.76 fixing several critical security issues.

tags | advisory
systems | linux, suse
advisories | CVE-2010-0209, CVE-2010-2188, CVE-2010-2213, CVE-2010-2214, CVE-2010-2215, CVE-2010-2216
SHA-256 | 4215852f7aadcf5349f4c7580bafcadb08e54ededfb7e59ee009754ac6aedcda
SWFTools Two Integer Overflows
Posted Aug 13, 2010
Authored by Stefan Cornelius | Site secunia.com

Secunia Research has discovered two vulnerabilities in SWFTools, which can be exploited by malicious people to compromise a user's system. An integer overflow error within the "getPNG()" function in lib/png.c can be exploited to cause a heap-based buffer overflow via specially crafted PNG images. An integer overflow error within the "jpeg_load()" function in lib/jpeg.c can be exploited to cause a heap-based buffer overflow via specially crafted JPEG images.

tags | advisory, overflow, vulnerability
advisories | CVE-2010-1516
SHA-256 | 0ac4acaa34693c9c47c3dd9fce7cfc4554b9166403d11d3a10fa1521d9a9191c
WordPress 3.0.1 Cross Site Scripting
Posted Aug 13, 2010
Authored by David "Aesthetico" Vieira-Kurz | Site majorsecurity.de

WordPress version 3.0.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 921c86ce003e8c1e9768354aad33c41325ac356eece76c0d02ce5a7905ee5694
Mystic 0.1.4 Cross Site Request Forgery / Cross Site Scripting
Posted Aug 13, 2010
Authored by High-Tech Bridge SA | Site htbridge.com

Mystic version 0.1.4 suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
SHA-256 | 427020de4e1b9b5f83c2de4198f6ef49be2c9c4afedc88d0ef39ab6f9983d734
Secunia Security Advisory 40949
Posted Aug 13, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Kleeja, which can be exploited by malicious people to conduct cross-site request forgery attacks.

tags | advisory, csrf
SHA-256 | bd9b18dec802b6e28ae587b635b4bf972f719b725562bcbc6c87604a45e2ff7d
Secunia Security Advisory 40956
Posted Aug 13, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in strongSwan, which can be exploited by malicious people to potentially compromise a vulnerable system.

tags | advisory, vulnerability
SHA-256 | 1b93e6e3e7066178799f6ab4b477e30c91731adaf3f2b15cd503949b1a3180e8
Secunia Security Advisory 40967
Posted Aug 13, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - High-Tech Bridge SA has reported some vulnerabilities in CMS Source, which can be exploited by malicious users and malicious people to disclose sensitive information and by malicious people to to conduct cross-site scripting and SQL injection attacks.

tags | advisory, vulnerability, xss, sql injection
SHA-256 | ecbab0a967f36d8ae4063c8a9743b45c5aa150d60ea07094d100f65f86f6dd88
Page 1 of 4
Back1234Next

File Archive:

January 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    0 Files
  • 2
    Jan 2nd
    13 Files
  • 3
    Jan 3rd
    5 Files
  • 4
    Jan 4th
    5 Files
  • 5
    Jan 5th
    9 Files
  • 6
    Jan 6th
    5 Files
  • 7
    Jan 7th
    0 Files
  • 8
    Jan 8th
    0 Files
  • 9
    Jan 9th
    18 Files
  • 10
    Jan 10th
    31 Files
  • 11
    Jan 11th
    30 Files
  • 12
    Jan 12th
    33 Files
  • 13
    Jan 13th
    25 Files
  • 14
    Jan 14th
    0 Files
  • 15
    Jan 15th
    0 Files
  • 16
    Jan 16th
    7 Files
  • 17
    Jan 17th
    25 Files
  • 18
    Jan 18th
    38 Files
  • 19
    Jan 19th
    6 Files
  • 20
    Jan 20th
    21 Files
  • 21
    Jan 21st
    0 Files
  • 22
    Jan 22nd
    0 Files
  • 23
    Jan 23rd
    24 Files
  • 24
    Jan 24th
    68 Files
  • 25
    Jan 25th
    22 Files
  • 26
    Jan 26th
    20 Files
  • 27
    Jan 27th
    17 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close