exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 22 of 22 RSS Feed

Files Date: 2010-10-05

Ubuntu Security Notice 999-1
Posted Oct 5, 2010
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 999-1 - Mike Roszkowski discovered that the Kerberos KDC did not correctly validate the contents of certain messages. If an authenticated remote attacker sent specially crafted TGS requests, the KDC service would crash, leading to a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2010-1322
SHA-256 | 5de8b3fb4816aafe3b8e24e0543bd5f4519a3ac80cdb3555bd7c8f5dccf79f6e
Gentoo Linux Security Advisory 201010-1
Posted Oct 5, 2010
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201010-1 - Multiple vulnerabilities in libpng might lead to privilege escalation or a Denial of Service. Versions less than 1.4.3 are affected.

tags | advisory, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2010-0205, CVE-2010-1205, CVE-2010-2249
SHA-256 | 053ed2283e7bc0cc350641770fd5cf189d7743c4b37cb99243aa7582fe434950
Xplico Network Forensic Analysis Tool 0.6.0
Posted Oct 5, 2010
Authored by Gianluca Costa, Andrea de Franceschi | Site xplico.org

Xplico is an open source Network Forensic Analysis Tool (NFAT) that allows for data extraction from traffic captures. It supports extraction of mail from POP, IMAP, and SMTP, can extract VoIP streams, etc. This is the version that has a GUI allowing you to view photos, texts and videos contained in MMS messages.

Changes: XI configuration and administrator pages have been added. IRC, ARP/RARP, radiotap and other dissectors have been added.
tags | tool, imap, forensics
SHA-256 | b19b074e421a326d04c0e311798ab6b4e157d9889a469732c033aaa433452907
MIT krb5 Security Advisory 2010-006
Posted Oct 5, 2010
Site web.mit.edu

MIT krb5 Security Advisory 2010-006 - When the MIT krb5 KDC receives certain Kerberos TGS request messages, it may dereference an uninitialized pointer while processing authorization data, causing a crash, or in rare cases, unauthorized information disclosure, ticket modification, or execution of arbitrary code. The crash may be triggered by legitimate requests. This is an implementation vulnerability in MIT krb5, and not a vulnerability in the Kerberos protocol.

tags | advisory, arbitrary, protocol, info disclosure
advisories | CVE-2010-1322
SHA-256 | f3039556ba2a6b5f444436e40cac97de156ae171ed4baa92a2d04b1d58559192
Zed Attack Proxy (ZAP) 1.0.0
Posted Oct 5, 2010
Authored by Psiinon | Site owasp.org

The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing. ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually. Mac OS X, Windows and Cross Platform releases are all included in this file.

tags | web, vulnerability
systems | windows, apple, osx
SHA-256 | 91e84d4d8c33fdbfa8e41f39c4f82e45db20959792a1fa9ddfe0c442f33bb47e
SquirrelMail Virtual Keyboard 0.9.1 Cross Site Scripting
Posted Oct 5, 2010
Authored by Moritz Naumann

SquirrelMail Virtual Keyboard plugin versions 0.9.1 and suffer from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | a91bac14350627388057c184ca13072b38a66ed5a1695d547a0e23f34571df23
Docebo 3.6.0.4 Cross Site Scripting
Posted Oct 5, 2010
Authored by High-Tech Bridge SA | Site htbridge.com

Docebo version 3.6.0.4 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 200b66412cd6c1270d15fb7f54e4e6a15be9a6dbc2a69fcf07aa11e25b148afc
IMF 2011 Call For Papers
Posted Oct 5, 2010
Site imf-conference.org

IMF 2011 Call For Papers - The International Conference on IT-Incident Management and IT-Forensics invites submissions for IMF 2011 being held from May 10th through the 12th, 2011 in Stuttgart, Germany.

tags | paper, conference
SHA-256 | 1d063b6ccaabd1e0ed8c260e135d883efa612c2580eba356dab2a239afced41c
CleanerSoft's Free Hide Folder Proof Of Concept
Posted Oct 5, 2010
Authored by The Laughing Man

This tool is a proof of concept utility that demonstrates how CleanerSoft's Free Hide Folder is insecure. It uncovers the master password, shows what folders are hidden and can unhide them.

tags | exploit, proof of concept
SHA-256 | b57fab33a5d38439456d68699ade172233b85c0a1e62fe7cde6dc3117397f4a5
SPAW Editor Local File Inclusion
Posted Oct 5, 2010
Authored by soorakh kos

SPAW Editor suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
SHA-256 | 193c00e5b83e0013d1445270052d4a8fd7eb54f2dc1c9e134f5c2ffa7cfc4e66
HP Security Bulletin HPSBTU02496 SSRT090245
Posted Oct 5, 2010
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin HPSBTU02496 SSRT090245 - A potential security vulnerability has been identified on the HP Tru64 Operating System when running NTP Server. The vulnerability could be remotely exploited to create a Denial of Service (DoS). Revision 1 of this advisory.

tags | advisory, denial of service
advisories | CVE-2009-3563
SHA-256 | e4a5e456a00147c12f6eb69a4a1eb29db1b375101ad124280b982537fa3ec390
Elxis CMS 2009.2 Electra Rev2631 Cross Site Scripting / SQL Injection
Posted Oct 5, 2010
Authored by High-Tech Bridge SA | Site htbridge.com

Elxis CMS version 2009.2 electra rev2631 suffers from SQL injection and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, sql injection
SHA-256 | 8714b5d62c4b20363ae5f16d006b8b45792ee2b2f874bc833698941981ad15b4
Cag CMS 0.2 Blind SQL Injection / Cross Site Scripting
Posted Oct 5, 2010
Authored by Shamus

Cag CMS versions 0.2 and below suffer from cross site scripting and remote blind SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
SHA-256 | fccf6c3d4056c624b927182c0289f69dfb60b5f911673159639eecf304397f7e
Global Travel SQL Injection
Posted Oct 5, 2010
Authored by jos_ali_joe

Global Travel suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | db9677e795f80295ea8de56cf3b4de3399419736396835dfcdbaf739eb1df364
Debian Linux Security Advisory 2117-1
Posted Oct 5, 2010
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2117-1 - APR-util is part of the Apache Portable Runtime library which is used by projects such as Apache httpd and Subversion. Jeff Trawick discovered a flaw in the apr_brigade_split_line() function in apr-util. A remote attacker could send crafted http requests to cause a greatly increased memory consumption in Apache httpd, resulting in a denial of service.

tags | advisory, remote, web, denial of service
systems | linux, debian
advisories | CVE-2010-1623
SHA-256 | 67cbe05ab7fb997c5c2fe794fbdf3cf7157f9155c673e328458a27e75c48fbca
Debian Linux Security Advisory 2116-1
Posted Oct 5, 2010
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2116-1 - Marc Schoenefeld has found an input stream position error in the way the FreeType font rendering engine processed input file streams. If a user loaded a specially-crafted font file with an application linked against FreeType and relevant font glyphs were subsequently rendered with the X FreeType library (libXft), it could cause the application to crash or, possibly execute arbitrary code.

tags | advisory, arbitrary
systems | linux, debian
advisories | CVE-2010-3311
SHA-256 | 910f30cacded6a419b51fd3cb37ad51bfa809bcf0020a5c6a230b1cb04e23e2b
Secunia Security Advisory 41718
Posted Oct 5, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been discovered in AD-EDIT2, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss
SHA-256 | 49297f1d9f5d3aea144f0e5379c13055ff5e67107d2167a226c8eee2850ee440
Secunia Security Advisory 40905
Posted Oct 5, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issue an update for apr-util. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service, vulnerability
systems | linux, debian
SHA-256 | f84975f5bacc884ff45fbbe96d33bbd96b273b8b915fee54419638b863882bfe
Secunia Security Advisory 41562
Posted Oct 5, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in activeCollab, which can be exploited by malicious users to bypass certain security restrictions.

tags | advisory
SHA-256 | 64cd6acb7081f6f9814511357ace2c6e4a0822c6738230b80bc1a6b9190ddbe0
Secunia Security Advisory 41677
Posted Oct 5, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - David Hoyt has discovered some vulnerabilities in SmarterMail, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss
SHA-256 | 4d67339b385398fee7c113bb1c3fb127aabe37babcc14241b42a968b89875d08
Secunia Security Advisory 41640
Posted Oct 5, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fedora has issued an update for mysql. This fixes some security issues, where one has unknown impacts while others can be exploited by malicious users to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | linux, fedora
SHA-256 | c5b2e7409caa8b348311e94f6b773e6cfe7004b5abbe2b09d980ff8e103ba779
Secunia Security Advisory 41680
Posted Oct 5, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in the JomSocial component for Joomla!, which can be exploited by malicious users to compromise a vulnerable system.

tags | advisory
SHA-256 | 6bd573f839d01debb71eff30f1a9438876a98c70d0217e8bd0ce5b38d92e686a
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close