exploit the possibilities
Showing 1 - 25 of 69 RSS Feed

Files Date: 2010-08-17

Firewall Builder With GUI 4.1.0
Posted Aug 17, 2010
Site fwbuilder.org

Firewall Builder consists of a GUI and set of policy compilers for various firewall platforms. It helps users maintain a database of objects and allows policy editing using simple drag-and-drop operations. The GUI and policy compilers are completely independent, which provides for a consistent abstract model and the same GUI for different firewall platforms. It currently supports iptables, ipfilter, ipfw, OpenBSD pf, Cisco PIX and FWSM, and Cisco routers access lists.

Changes: This version adds support for Address Table objects that use the iptables ipset module, a new toolbar shortcut to view complete generated firewall configuration files in the GUI, and many GUI adjustments to make it more convenient to use it on laptops.
tags | tool, firewall
systems | cisco, linux, openbsd
SHA-256 | 82ff2fd7699988a09f497951b5861a1dc7189949a3bad03a06c9abe36c7ec773
Mambo / Joomla HeXimage 2.1.2 SQL Injection
Posted Aug 17, 2010
Authored by Don Tukulesto | Site indonesiancoder.com

The Mambo / Joomla HeXimage component version 2.1.2 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | a82c7ae489ddc6767e1d78b4572f9ab2e50e77624593f20a6e29e4fd086bb485
Triologic Media Player 8 Universal Unicode Buffer Overflow
Posted Aug 17, 2010
Authored by Glafkos Charalambous

Triologic Media Player 8 local universal unicode buffer overflow exploit that creates a malicious .m3u file.

tags | exploit, overflow, local
SHA-256 | c98bcb4f5c30cf50341fe9acbc2b3765b1637881c6a48f08be423efd0c020da9
Brazip 9.0 Buffer Overflow
Posted Aug 17, 2010
Authored by ItSecTeam

Brazip version 9.0 .zip file buffer overflow proof of concept exploit.

tags | exploit, overflow, proof of concept
SHA-256 | 6c08cb7704eed1e9bb90c4573bbfacf23cc5bff58313175d0a3fd38b1f001731
Debian Linux Security Advisory 2092-1
Posted Aug 17, 2010
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2092-1 - Dan Rosenberg discovered that in lxr-cvs, a code-indexing tool with a web frontend, not enough sanitation of user input is performed; an attacker can take advantage of this and pass script code in order to perform cross-site scripting attacks.

tags | advisory, web, xss
systems | linux, debian
advisories | CVE-2010-1625, CVE-2010-1738, CVE-2010-1448, CVE-2009-4497
SHA-256 | abc283d1362db1638d921c62c402d1f05d20ac74284b3b47eb9575c4941db735
Microsoft Windows Microsoft Windows Does Not Handle src == dest
Posted Aug 17, 2010
Authored by Tavis Ormandy

The win32k!GreStretchBltInternal() function in Microsoft Windows does not handle src == dest correctly. Proof of concept code included.

tags | exploit, proof of concept
systems | windows
SHA-256 | fc09040c5d342c2df12a3cf1039bbbdf234d2446b3a7a32395506c2d1e13a1b2
Apache CouchDB Cross Site Request Forgery
Posted Aug 17, 2010
Authored by Jan Lehnardt | Site couchdb.apache.org

Apache CouchDB versions prior to version 0.11.1 are vulnerable to cross site request forgery (CSRF) attacks. A malicious website can POST arbitrary JavaScript code to well known CouchDB installation URLs (like http://localhost:5984/) and make the browser execute the injected JavaScript in the security context of CouchDB's admin interface Futon.

tags | advisory, web, arbitrary, javascript, csrf
SHA-256 | 8d09452fd99f2a9bde805d6d65592ab8d21f59caa9061c042dfef6dc38b7b5e5
Ubuntu Security Notice 973-1
Posted Aug 17, 2010
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 973-1 - Will Dormann, Alin Rad Pop, Braden Thomas, and Drew Yao discovered that the Xpdf used in KOffice contained multiple security issues in its JBIG2 decoder. It was discovered that the Xpdf used in KOffice contained multiple security issues when parsing malformed PDF documents.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2009-0146, CVE-2009-0147, CVE-2009-0165, CVE-2009-0166, CVE-2009-0195, CVE-2009-0799, CVE-2009-0800, CVE-2009-1179, CVE-2009-1180, CVE-2009-1181, CVE-2009-3606, CVE-2009-3608, CVE-2009-3609
SHA-256 | 937f71ec4cafbb7568afd14d2eedfec7def4d329266ee50640da8a30d1c51a1a
Microsoft Windows KTM Invalid Free With Reused Transaction GUID
Posted Aug 17, 2010
Authored by Tavis Ormandy

Microsoft Windows suffers from a KTM invalid free with reused transaction GUID vulnerability. Proof of concept code included.

tags | exploit, proof of concept
systems | windows
advisories | CVE-2010-1889
SHA-256 | 5836dce352203189816754eb832da87176aa9946d8fa469216974edcc809581e
Microsoft Windows win32k!xxxRealDrawMenuItem() Missing HBITMAP Bounds Checks
Posted Aug 17, 2010
Authored by Tavis Ormandy

Microsoft Windows suffers from missing HBITMAP bounds checks in the win32k!xxxRealDrawMenuItem() routine. Proof of concept code included.

tags | exploit, proof of concept
systems | windows
SHA-256 | 99ba2e3016b4796873f56dc3a4740c9daf5cd34b9cfb6cc505ab6e6a34a350aa
Free Simple Software 1.0 Remote File Inclusion
Posted Aug 17, 2010
Authored by Dr.Saudi

Free Simple Software version 1.0 suffers from a remote file inclusion vulnerability.

tags | exploit, remote, code execution, file inclusion
SHA-256 | 014d9f5cec95c34bf44df85fdd1c453c97840d9b3ebc8f2d3da4d692076f2705
Ubuntu Security Notice 972-1
Posted Aug 17, 2010
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 972-1 - It was discovered that FreeType did not correctly handle certain malformed font files. If a user were tricked into using a specially crafted font file, a remote attacker could cause FreeType to crash or possibly execute arbitrary code with user privileges.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2010-1797, CVE-2010-2541, CVE-2010-2805, CVE-2010-2806, CVE-2010-2807, CVE-2010-2808
SHA-256 | 010c2cc1f2fe5a083968584ff14252965fdbb8468368ccc20b8a944ecec9b786
Microsoft Windows nt!SeObjectCreateSaclAccessBits() Missed ACE Bounds Checks
Posted Aug 17, 2010
Authored by Tavis Ormandy

Microsoft Windows suffers from missing ACE bounds checks in the routine nt!SeObjectCreateSaclAccessBits(). Proof of concept code included.

tags | exploit, proof of concept
systems | windows
advisories | CVE-2010-1890
SHA-256 | 259d5cace1e4bcf5c3aa4140a1b61fc737a3cab09f0850b31a0823faf215291f
WhatWeb Scanner 0.4.5
Posted Aug 17, 2010
Authored by Andrew Horton | Site morningstarsecurity.com

WhatWeb is a next generation web scanner that identifies what websites are running. Flexible plugin architecture with over 300 plugins so far. Passive plugins use information in the headers, cookies, HTML body and URL. Aggressive plugins can identify versions of Joomla, phpBB, etc by making extra requests to the webserver.

tags | tool, web, scanner
systems | unix
SHA-256 | 9c9ab674ccca531106d1ae71068b6e4c59e2611154341959d1193818e14c9f6f
Microsoft Windows nt!NtCreateThread Race Condition
Posted Aug 17, 2010
Authored by Tavis Ormandy

Microsoft Windows suffers from a race condition in NtCreateThread(). Proof of concept code included.

tags | exploit, proof of concept
systems | windows
advisories | CVE-2010-1888
SHA-256 | b6c95d8f1ecf90425e14bc51a1d4453fae29ab4ca1bc8059fd48cb9e0f4a6d71
Microsoft SRV2.SYS SMB Negotiate ProcessID Function Table Dereference
Posted Aug 17, 2010
Authored by Piotr Bania | Site piotrbania.com

Microsoft SRV2.SYS SMB negotiate ProcessID function table dereference exploit.

tags | exploit
SHA-256 | b6c3e6373f1220e76211f29f7ed7290793eecac9b6685d9f94f4fc054d2818e6
A-PDF WAV To MP3 Convertyer 1.0.0 Stack Buffer Overflow
Posted Aug 17, 2010
Authored by d4rk-h4ck3r

A-PDF WAV to MP3 Converter version 1.0.0 .m3u stack buffer overflow exploit.

tags | exploit, overflow
SHA-256 | 89a1b96ce068cfd8c0c0fae4ba8ed01d40d4dd3440b7a2ec5b827708e3dacce1
Secunia Security Advisory 40957
Posted Aug 17, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in Ezyweb CMS, which can be exploited by malicious people to conduct SQL injection attacks and compromise a vulnerable system.

tags | advisory, vulnerability, sql injection
SHA-256 | 43f3388f6dfcc0dca32bd8017acbd5a819a67fd2dd30f4a5bd9b5a966bded8d3
Secunia Security Advisory 40965
Posted Aug 17, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in the Linux Kernel, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and potentially gain escalated privileges.

tags | advisory, denial of service, kernel, local
systems | linux
SHA-256 | 98b32f0f680e180d3287b3ddb623dc179aafef914b2737516d16640534d2524e
Secunia Security Advisory 41002
Posted Aug 17, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Brad Spengler has reported a vulnerability in the Linux Kernel, which can be exploited by malicious, local users to cause a DoS (Denial of Service).

tags | advisory, denial of service, kernel, local
systems | linux
SHA-256 | 15988a6a7a0899851b421a2c6ff3ea1d50b68fd820fc3fc65c2ab91cdfae6b85
Secunia Security Advisory 41025
Posted Aug 17, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Apache has acknowledged some vulnerabilities in Apache Geronimo, which can be exploited by malicious people to disclose system information or potentially sensitive information, cause a DoS (Denial of Service), and compromise a vulnerable system.

tags | advisory, denial of service, vulnerability
SHA-256 | bdced901f672717d9ed22a59962807cf5ea3c68a7f84186779c4067a156dc62e
Secunia Security Advisory 41021
Posted Aug 17, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Apache has acknowledged a vulnerability in Apache Geronimo, which can be exploited by malicious people to disclose certain system information and cause a DoS (Denial of Service).

tags | advisory, denial of service
SHA-256 | e53e4c1b4f95099cd3eba18ede1c172318e0a8ff1df36bdb19a2659e095c46b8
Secunia Security Advisory 40994
Posted Aug 17, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Lincoln has discovered two vulnerabilities and a security issue in 123 Flash Chat, which can be exploited by malicious people to disclose sensitive information and conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss
SHA-256 | 03e2615bfdef779a8ebd30efea4f7c674712f2df6029b134392e55e11e0e55c6
Secunia Security Advisory 41028
Posted Aug 17, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Lincoln has discovered a security issue in 123 Flash Chat, which can be exploited by malicious people to disclose sensitive information.

tags | advisory
SHA-256 | 63c4ccfbb52439dbd0e8e59d312dfa737379ac8da614e7963174c29267aaaba8
Secunia Security Advisory 40968
Posted Aug 17, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in i-Web Suite, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks.

tags | advisory, web, vulnerability, xss, sql injection
SHA-256 | 182c4ef1674dafaeab3d2d97ddb4f8b685d91f88f8d8628798eb6b1630edd4b5
Page 1 of 3
Back123Next

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    26 Files
  • 18
    May 18th
    4 Files
  • 19
    May 19th
    17 Files
  • 20
    May 20th
    2 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    6 Files
  • 24
    May 24th
    19 Files
  • 25
    May 25th
    5 Files
  • 26
    May 26th
    12 Files
  • 27
    May 27th
    12 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close