Podcast Generator version 1.3 suffers from a cross site scripting vulnerability.
2256a38f17173ed816fe7cabfff9c440395b4467ec256360e807f3753b51286dSambascan2 allows you to search an entire network or a number of hosts for SMB shares. It will also list the contents of all public shares that it finds. The difference between sambascan2 and other SMB viewers and scanners is that it will search everything using TCP/IP, and it will not send a lot of broadcast messages, so it can be used over LAN boundaries. It only uses SMB to list the shares and their contents.
d5a0c533e34a8f2f940ca2ddca16bb43b19cbd98de73b58e83dea97d8972dd00AOL Desktop version 9.6 buffer overflow exploit that creates a malicious .rtx file.
043b3ebffbc5083cf90c8757c9af9f839bb8800fe52564f9e5949f2b1867c8f7QuickShare File Share version 1.2.1 suffers from a directory traversal vulnerability.
d7ed75e1d802259579a6e45360cb55024fc8640a7eee5794fb64b8a33fd89152ReOS version 2.0.5 suffers from local file inclusion and remote SQL injection vulnerabilities.
5a8e5817823d30503230ffaff2b61bf1ddc51513d3fe38f7cc92c817b7954aaeWOOT '11 Call For Papers - This will be held August 8th through the 9th, 2011, in San Francisco, CA. WOOT '11 is co-located with the 20th USENIX Security Symposium (USENIX Security '11), which will take place August 10th through the 12th, 2011.
165d18aec7757220c2eb237ad9a6e63de84f0aa51c00170410040415c51b8f11Firebook versions 3.100328 and below suffer from cross site scripting, information disclosure and anti-automation vulnerabilities.
82487596fbff0b19a56bc44a59e6356477480e03b625ac49af35d2b485d946d2VLC Media Player suffers from a subtitle StripTags() function memory corruption vulnerability.
1844be25e4af847b0acec66eb3fc23968dedba8261216ebd1b34ec5ac695ca3eThe openscap project is a set of open source libraries that support the SCAP (Security Content Automation Protocol) set of standards from NIST. It supports CPE, CCE, CVE, CVSS, OVAL, and XCCDF.
c67a73acedd82066c52ecb7e2a83e08a1324c883f8ca2a9ef786bbc40c01442bPodcast Generator version 1.3 suffers from local file inclusion and path disclosure vulnerabilities.
42566ebcc4b5ae95e763cf98fb96fc6858b012a187fc3171ed4149a47005d465ReOS version 2.0.5 suffers from a remote SQL injection vulnerability.
770e563de457cac2b0557f5b025d956fa9790bafd506c72266092c57f6e30a0bOemPro versions 3.6.4 and below suffer from remote shell upload and SQL injection vulnerabilities.
2593f069770353df7120f32d0aa6f72b448cb80998b87d7bb4a1c1a8660e0d0bThis Metasploit module exploits an input validation error in VideoLAN VLC < 1.1.7. By creating a malicious MKV or WebM file, a remote attacker could execute arbitrary code.
089c03cdcf6cbedcf40c0da3c8c00719db381e766eff4249410bb2a906521f96Linux Security Checklist is a perl script that audits a given Linux host and provides recommendations for security enhancements.
b95fbf25b0b3c21107a5f4e00b5cab884b3c4b39a41ba33531e455870fe91952SimpleSPA is an application that consists of a single packet authorization mechanism designed for the purpose of hiding semi-public services like a SSH server. There is a server side (Linux only) and a client side (Windows and Linux). This application is similar to FWKnop and more of an academic/proof of concept application as opposed to a full blown commercial quality application. involves a client that creates a packet with a payload encrypted with the public half of two different RSA keys. The idea is that one key would be shared by all users and it would encrypt the user name of the individual. A second key specific to each individual user would encrypt a pre-shared key (just any old string, nothing secret about it really) and a timestamp (to counter replay attacks). The server would receive this packet and decrypt this first half of the packet, which would give us the user name of the person sending the packet. The server would then know which user specific second key to use to decrypt the pre-shared key and time stamp to evaluate them for acceptability. If all is good, then the server would open up a port for the semi-public service we were trying to conceal for a brief amount of time to allow for a connection to be made. PDF included that explains everything. Written in Java.
378f5402ded74b2de9cd170f0b9807fe64089a1ec6ed3df52cbfb01b705fce3dTHC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.
85fbcf53bc7d8ae99a8bd31dd09810abd9cf9397679a94aea52cd1b1c8e06ac0Cisco Security Advisory - Tandberg C Series Endpoints and E/EX Personal Video units that are running software versions prior to TC4.0.0 ship with a root administrator account that is enabled by default with no password. An attacker could use this account in order to modify the application configuration or operating system settings. Resolving this default password issue does not require a software upgrade and can be changed or disabled by a configuration command for all affected customers. The workaround detailed in this document demonstrates how to disable the root account or change the password.
0bf1d1a2a5073105e6e57bd85957a61f87e2f9a536784275c073ea397c43b70bSecunia Security Advisory - A vulnerability has been reported in IBM Rational Build Forge, which can be exploited by malicious people to conduct cross-site scripting attacks.
f5fe266a2800adeea0c6751dbc2fcdebd2463e8d1b035a8fc8727a07ddc62442Secunia Security Advisory - Secunia Research has discovered multiple vulnerabilities in SigPlus Pro ActiveX control, which can be exploited by malicious people to compromise a user's system.
e94ee9b0a8aa5ffaddb44fca537951393bc583ac47fd55111d5b0b7ce6d8b46aSecunia Security Advisory - Ubuntu has issued an update for openoffice.org. This fixes a security issue and multiple vulnerabilities, which can be exploited by malicious, local users to gain escalated privileges and by malicious people to compromise a user's system.
00e2c3580a5bf0aaffbc32a5e1b9cd82dba1662edb8daceee4faad7ae296b9a3Secunia Security Advisory - A security issue has been reported in the AES module for Drupal, which can be exploited by malicious people to disclose sensitive information.
1bd0bafb451ec9f94ea41468c791264abeaf246944f667e619677ae28329e61eSecunia Security Advisory - A security issue has been reported in multiple TANDBERG products, which can be exploited by malicious people to compromise a vulnerable system.
08de09b45205522dd9db20f5336d1d84709662e254532c8543013610bd092adfSecunia Security Advisory - Michael Brooks has reported a vulnerability in Majordomo 2, which can be exploited by malicious people to disclose sensitive information.
e349b599b4afb09edbdd15abc1f4f21947856071df2fef4d8d4e0031dd82aa7aSecunia Security Advisory - A vulnerability has been reported in the Userpoints module for Drupal, which can be exploited by malicious users to conduct script insertion attacks.
8f8664e4d251809340427d68972b677b45330b34645965a5b2052282e3812fecSecunia Security Advisory - A vulnerability has been reported in the Flag Page module for Drupal, which can be exploited by malicious users to conduct script insertion attacks.
fe19d5fe1d98ad00843f087f8bc077595054c2dd87c34ef4e66071bf4bb7cada
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed