seeing is believing
Showing 1 - 25 of 69 RSS Feed

Files Date: 2010-08-17

Firewall Builder With GUI 4.1.0
Posted Aug 17, 2010
Site fwbuilder.org

Firewall Builder consists of a GUI and set of policy compilers for various firewall platforms. It helps users maintain a database of objects and allows policy editing using simple drag-and-drop operations. The GUI and policy compilers are completely independent, which provides for a consistent abstract model and the same GUI for different firewall platforms. It currently supports iptables, ipfilter, ipfw, OpenBSD pf, Cisco PIX and FWSM, and Cisco routers access lists.

Changes: This version adds support for Address Table objects that use the iptables ipset module, a new toolbar shortcut to view complete generated firewall configuration files in the GUI, and many GUI adjustments to make it more convenient to use it on laptops.
tags | tool, firewall
systems | cisco, linux, openbsd
MD5 | a65d75777e5d9b4c10100866349aa5c8
Mambo / Joomla HeXimage 2.1.2 SQL Injection
Posted Aug 17, 2010
Authored by Don Tukulesto | Site indonesiancoder.com

The Mambo / Joomla HeXimage component version 2.1.2 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 83761729d21fe7c0fb105fd7173bcb9c
Triologic Media Player 8 Universal Unicode Buffer Overflow
Posted Aug 17, 2010
Authored by Glafkos Charalambous

Triologic Media Player 8 local universal unicode buffer overflow exploit that creates a malicious .m3u file.

tags | exploit, overflow, local
MD5 | 7c2a695250fc2bfa965a4bab259fd8a1
Brazip 9.0 Buffer Overflow
Posted Aug 17, 2010
Authored by ItSecTeam

Brazip version 9.0 .zip file buffer overflow proof of concept exploit.

tags | exploit, overflow, proof of concept
MD5 | 54b87970861932254867fb4d2faf2fae
Debian Linux Security Advisory 2092-1
Posted Aug 17, 2010
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2092-1 - Dan Rosenberg discovered that in lxr-cvs, a code-indexing tool with a web frontend, not enough sanitation of user input is performed; an attacker can take advantage of this and pass script code in order to perform cross-site scripting attacks.

tags | advisory, web, xss
systems | linux, debian
advisories | CVE-2010-1625, CVE-2010-1738, CVE-2010-1448, CVE-2009-4497
MD5 | 5c7ffaa09167e2762ee7162974c026e9
Microsoft Windows Microsoft Windows Does Not Handle src == dest
Posted Aug 17, 2010
Authored by Tavis Ormandy

The win32k!GreStretchBltInternal() function in Microsoft Windows does not handle src == dest correctly. Proof of concept code included.

tags | exploit, proof of concept
systems | windows
MD5 | 61fc723d27ab62b254afc8e1ad8613f0
Apache CouchDB Cross Site Request Forgery
Posted Aug 17, 2010
Authored by Jan Lehnardt | Site couchdb.apache.org

Apache CouchDB versions prior to version 0.11.1 are vulnerable to cross site request forgery (CSRF) attacks. A malicious website can POST arbitrary JavaScript code to well known CouchDB installation URLs (like http://localhost:5984/) and make the browser execute the injected JavaScript in the security context of CouchDB's admin interface Futon.

tags | advisory, web, arbitrary, javascript, csrf
MD5 | 65d8869788216e6c830f5184962e2e09
Ubuntu Security Notice 973-1
Posted Aug 17, 2010
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 973-1 - Will Dormann, Alin Rad Pop, Braden Thomas, and Drew Yao discovered that the Xpdf used in KOffice contained multiple security issues in its JBIG2 decoder. It was discovered that the Xpdf used in KOffice contained multiple security issues when parsing malformed PDF documents.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2009-0146, CVE-2009-0147, CVE-2009-0165, CVE-2009-0166, CVE-2009-0195, CVE-2009-0799, CVE-2009-0800, CVE-2009-1179, CVE-2009-1180, CVE-2009-1181, CVE-2009-3606, CVE-2009-3608, CVE-2009-3609
MD5 | 53a5e37eb800557c3b2c154e9a831713
Microsoft Windows KTM Invalid Free With Reused Transaction GUID
Posted Aug 17, 2010
Authored by Tavis Ormandy

Microsoft Windows suffers from a KTM invalid free with reused transaction GUID vulnerability. Proof of concept code included.

tags | exploit, proof of concept
systems | windows
advisories | CVE-2010-1889
MD5 | b687cb93dcfd7ffb4b829731e1ed4355
Microsoft Windows win32k!xxxRealDrawMenuItem() Missing HBITMAP Bounds Checks
Posted Aug 17, 2010
Authored by Tavis Ormandy

Microsoft Windows suffers from missing HBITMAP bounds checks in the win32k!xxxRealDrawMenuItem() routine. Proof of concept code included.

tags | exploit, proof of concept
systems | windows
MD5 | fb9dd25753769b96f2052ab1b78b0627
Free Simple Software 1.0 Remote File Inclusion
Posted Aug 17, 2010
Authored by Dr.Saudi

Free Simple Software version 1.0 suffers from a remote file inclusion vulnerability.

tags | exploit, remote, code execution, file inclusion
MD5 | ed07a602e0437bf225f1bd1f96e99d25
Ubuntu Security Notice 972-1
Posted Aug 17, 2010
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 972-1 - It was discovered that FreeType did not correctly handle certain malformed font files. If a user were tricked into using a specially crafted font file, a remote attacker could cause FreeType to crash or possibly execute arbitrary code with user privileges.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2010-1797, CVE-2010-2541, CVE-2010-2805, CVE-2010-2806, CVE-2010-2807, CVE-2010-2808
MD5 | d0ff33eeeb8bed90c3310a32cc55e8ba
Microsoft Windows nt!SeObjectCreateSaclAccessBits() Missed ACE Bounds Checks
Posted Aug 17, 2010
Authored by Tavis Ormandy

Microsoft Windows suffers from missing ACE bounds checks in the routine nt!SeObjectCreateSaclAccessBits(). Proof of concept code included.

tags | exploit, proof of concept
systems | windows
advisories | CVE-2010-1890
MD5 | a00365ebdc867a53de1b5dbe9193f33b
WhatWeb Scanner 0.4.5
Posted Aug 17, 2010
Authored by Andrew Horton (urbanadventurer) | Site morningstarsecurity.com

WhatWeb is a next generation web scanner that identifies what websites are running. Flexible plugin architecture with over 300 plugins so far. Passive plugins use information in the headers, cookies, HTML body and URL. Aggressive plugins can identify versions of Joomla, phpBB, etc by making extra requests to the webserver.

tags | tool, web, scanner
systems | unix
MD5 | 87c63c591654687a22528083df043d04
Microsoft Windows nt!NtCreateThread Race Condition
Posted Aug 17, 2010
Authored by Tavis Ormandy

Microsoft Windows suffers from a race condition in NtCreateThread(). Proof of concept code included.

tags | exploit, proof of concept
systems | windows
advisories | CVE-2010-1888
MD5 | 35848b6e617f707b6528987bbbb83e1a
Microsoft SRV2.SYS SMB Negotiate ProcessID Function Table Dereference
Posted Aug 17, 2010
Authored by Piotr Bania | Site piotrbania.com

Microsoft SRV2.SYS SMB negotiate ProcessID function table dereference exploit.

tags | exploit
MD5 | 8cba58cb68e1ea95df1c766612e2cf66
A-PDF WAV To MP3 Convertyer 1.0.0 Stack Buffer Overflow
Posted Aug 17, 2010
Authored by d4rk-h4ck3r

A-PDF WAV to MP3 Converter version 1.0.0 .m3u stack buffer overflow exploit.

tags | exploit, overflow
MD5 | 4534ccebf861622a387248a23bfa7397
Secunia Security Advisory 40957
Posted Aug 17, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in Ezyweb CMS, which can be exploited by malicious people to conduct SQL injection attacks and compromise a vulnerable system.

tags | advisory, vulnerability, sql injection
MD5 | 52674d83c6efea6f1bbeb3f0cf1625c8
Secunia Security Advisory 40965
Posted Aug 17, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in the Linux Kernel, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and potentially gain escalated privileges.

tags | advisory, denial of service, kernel, local
systems | linux
MD5 | 496c0962865b6b8d1c4ab7fd88dc56e6
Secunia Security Advisory 41002
Posted Aug 17, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Brad Spengler has reported a vulnerability in the Linux Kernel, which can be exploited by malicious, local users to cause a DoS (Denial of Service).

tags | advisory, denial of service, kernel, local
systems | linux
MD5 | 1c3c9260d37d0d2df9a6c6d88c29ac4d
Secunia Security Advisory 41025
Posted Aug 17, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Apache has acknowledged some vulnerabilities in Apache Geronimo, which can be exploited by malicious people to disclose system information or potentially sensitive information, cause a DoS (Denial of Service), and compromise a vulnerable system.

tags | advisory, denial of service, vulnerability
MD5 | 8818bcd2f33e0ff936c20769080ac7b8
Secunia Security Advisory 41021
Posted Aug 17, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Apache has acknowledged a vulnerability in Apache Geronimo, which can be exploited by malicious people to disclose certain system information and cause a DoS (Denial of Service).

tags | advisory, denial of service
MD5 | 772f0174444a3a8db31f0c2479094d69
Secunia Security Advisory 40994
Posted Aug 17, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Lincoln has discovered two vulnerabilities and a security issue in 123 Flash Chat, which can be exploited by malicious people to disclose sensitive information and conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss
MD5 | 5d6ece3d13ac7e0d2ea4e33a53dc43d5
Secunia Security Advisory 41028
Posted Aug 17, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Lincoln has discovered a security issue in 123 Flash Chat, which can be exploited by malicious people to disclose sensitive information.

tags | advisory
MD5 | 4a1069f93365d1338f549d5a828207da
Secunia Security Advisory 40968
Posted Aug 17, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in i-Web Suite, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks.

tags | advisory, web, vulnerability, xss, sql injection
MD5 | 3ad5ba3f05276b57fa044e058083e1ef
Page 1 of 3
Back123Next

File Archive:

October 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    15 Files
  • 2
    Oct 2nd
    16 Files
  • 3
    Oct 3rd
    15 Files
  • 4
    Oct 4th
    15 Files
  • 5
    Oct 5th
    11 Files
  • 6
    Oct 6th
    6 Files
  • 7
    Oct 7th
    2 Files
  • 8
    Oct 8th
    1 Files
  • 9
    Oct 9th
    13 Files
  • 10
    Oct 10th
    16 Files
  • 11
    Oct 11th
    15 Files
  • 12
    Oct 12th
    23 Files
  • 13
    Oct 13th
    13 Files
  • 14
    Oct 14th
    12 Files
  • 15
    Oct 15th
    2 Files
  • 16
    Oct 16th
    16 Files
  • 17
    Oct 17th
    16 Files
  • 18
    Oct 18th
    15 Files
  • 19
    Oct 19th
    10 Files
  • 20
    Oct 20th
    7 Files
  • 21
    Oct 21st
    4 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close