what you don't know can hurt you
Showing 1 - 25 of 31 RSS Feed

Files Date: 2011-02-15

Mptcp Packet Manipulator 1.7
Posted Feb 15, 2011
Authored by Khun | Site hexcodes.org

Mpctp is a tool for manipulation of raw packets that allows a large number of options. Its primary purpose is to diagnose and test several scenarios that involving the use of the types of TCP/IP packets. It is able to send certain types of packets to any specific target and manipulations of various fields at runtime. These fields can be modified in its structure as the the Source/Destination IP address and Source/Destination MAC address.

Changes: Various updates.
tags | tool, scanner, tcp
systems | unix
MD5 | 7a92db4d641aeff1221e03b4c3bd84df
Ubuntu Security Notice USN-1064-1
Posted Feb 15, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1064-1 - Neel Mehta discovered that incorrectly formatted ClientHello handshake messages could cause OpenSSL to parse past the end of the message. This could allow a remote attacker to cause a crash and denial of service by triggering invalid memory accesses.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2011-0014
MD5 | 0afdb25d621b65a5f5ef0cda02d1ebc7
Tembria Server Monitor Weak Cryptographic Password Storage
Posted Feb 15, 2011
Authored by Rob Kraus | Site solutionary.com

A vulnerability exists in the Tembria Server Monitor application allowing an attacker to easily decrypt usernames and passwords used to authenticate to the application. This is a second level attack that requires access to the password files stored within the application directory.

tags | advisory
MD5 | 0f01e6c7de37ce973f94c68b6d6d42a0
AutoPlay 1.33 Buffer Overflow
Posted Feb 15, 2011
Authored by badc0re | Site zeroscience.mk

AutoPlay version 1.33 local buffer overflow exploit that creates a malicious autoplay.ini file.

tags | exploit, overflow, local
MD5 | 7b1ec0f9042478d12d99a2d61642f833
Zero Day Initiative Advisory 11-084
Posted Feb 15, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-084 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Java Runtime Environment. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the findClass method of the sun.plugin2.applet.Applet2ClassLoader class. Due to a failure to properly validate URLs supplied by an implicitly trusted applet, it is possible to execute arbitrary code on Windows 32-bit and 64-bit, as well as Linux 32-bit platforms under the context of the SYSTEM user.

tags | advisory, java, remote, arbitrary
systems | linux, windows
advisories | CVE-2010-4452
MD5 | acb659199752f997d9c7f78efb4b4f30
Fina Iptables Script 0.2.4
Posted Feb 15, 2011
Authored by Tobias Klausmann | Site schwarzvogel.de

Fina is a simple, robust bash script that loads iptables rules from a rules directory. As such, it isn't concerned with creating rules for you; it just helps you load them in a robust way, going back to older or safe rules when things go wrong.

tags | tool, firewall, bash
systems | linux, unix
MD5 | 8790e6640cd09779db04ded631dc1d88
Mandriva Linux Security Advisory 2011-028
Posted Feb 15, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-028 - Incorrectly formatted ClientHello handshake message could cause OpenSSL to parse past the end of the message. This allows an attacker to crash an application using OpenSSL by triggering an invalid memory access. Additionally, some applications may be vulnerable to expose contents of a parsed OCSP nonce extension.

tags | advisory
systems | linux, mandriva
advisories | CVE-2011-0014
MD5 | 339eaaf0d97faf2b3703191b7a0c0281
Oracle 10/11g exp.exe Buffer Overflow
Posted Feb 15, 2011
Authored by mr_me

Oracle 10/11g exp.exe param file local buffer overflow proof of concept exploit.

tags | exploit, overflow, local, proof of concept
MD5 | f31c4668370a984df7b9fce132d4219f
Lingxia I.C.E CMS Blind SQL Injection
Posted Feb 15, 2011
Authored by mr_me

Lingxia I.C.E CMS remote blind SQL injection proof of concept exploit.

tags | exploit, remote, sql injection, proof of concept
MD5 | a12a585cbf8467dd962136f360c68454
phpMyBitTorrent 2.0.4 SQL Injection
Posted Feb 15, 2011
Authored by #forkbombers

phpMyBitTorrent version 2.0.4 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 4a4e5739a37f5c0769898b72e94f078a
QuickRecon 0.2
Posted Feb 15, 2011
Authored by Filip Szymanski

QuickRecon is a python script for simple information gathering. It attempts to find subdomain names, perform zone transfers and gathers emails from Google and Bing.

Changes: Bug fix release.
tags | tool, scanner, python
systems | unix
MD5 | 7becb66d6de1b27ce0056b0b86776429
Ocreative Design Studio SQL Injection
Posted Feb 15, 2011
Authored by eXeSoul

Ocreative Design Studio suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 3ce8cedb4a592e0b800eebb5291a673b
Gollos 2.8 Cross Site Scripting
Posted Feb 15, 2011
Authored by High-Tech Bridge SA | Site htbridge.com

Gollos version 2.8 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | fbac2a7d79110ecec30b94a75055f2ee
Tembria Server Monitor Cross Site Scripting
Posted Feb 15, 2011
Authored by Rob Kraus, Jose R. Hernandez | Site solutionary.com

Tembria Server Monitor suffers from multiple cross site scripting vulnerabilities.

tags | advisory, vulnerability, xss
MD5 | 5eb079ae5593eae0d344572399df6e4e
sightFACTORY SQL Injection
Posted Feb 15, 2011
Authored by eXeSoul

sightFACTORY suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | c4eb9a9af29bd7005aac2e19ed252607
Zero Day Initiative Advisory 11-083
Posted Feb 15, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-083 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Oracle Java Runtime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw is due to insufficient defenses against system clipboard hijacking. When in focus, a handle to the system clipboard can be retrieved without user interaction by a malicious component. The clipboard can then be arbitrarily read from or written to. By writing a TransferableProxy object to the system clipboard and then forcing a paste action, arbitrary code can be executed under the context of the user invoking the JRE.

tags | advisory, java, remote, arbitrary
advisories | CVE-2010-4465
MD5 | 2ca63ecffe5f113fbd23c586d96d7e18
Arctic Fox CMS 0.9.4 Information Disclosure
Posted Feb 15, 2011
Authored by High-Tech Bridge SA | Site htbridge.com

Arctic Fox CMS version 0.9.4 suffers from a remote information disclosure vulnerability.

tags | exploit, remote, info disclosure
MD5 | 7c55f8e0481eba1e501dbb586e7a9c95
Zero Day Initiative Advisory 11-082
Posted Feb 15, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-082 - This vulnerability allows remote attackers to leak authentication details on vulnerable installations of the Oracle Java Runtime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists in the handling of NTLM authentication requested generated in the context of the Java Runtime. The Java Virtual Machine will ignore browser policies and respond to WWW-Authenticate requests from the Internet zone resulting in the leakage of NTLM authentication hashes to attackers.

tags | advisory, java, remote
advisories | CVE-2010-4466
MD5 | e9b4861de832a7dcb3e61c9344bab0f4
Wikipad 1.6.0 Cross Site Scripting / File Disclosure
Posted Feb 15, 2011
Authored by High-Tech Bridge SA | Site htbridge.com

Wikipad version 1.6.0 suffers from cross site scripting and file content disclosure vulnerabilities.

tags | exploit, vulnerability, xss, info disclosure
MD5 | 9210f683d5edb129f5ed41b77311b037
Photopad 1.2.0 Cross Site Scripting
Posted Feb 15, 2011
Authored by High-Tech Bridge SA | Site htbridge.com

Photopad version 1.2.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 555bb7821a5e35f16313b4aec131cdc0
News Events 1.4 SQL Injection
Posted Feb 15, 2011
Authored by ThunDEr HeaD

News Events version 1.4 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 5da48c93b2612c9ba65a8d60360bfbd4
Century Marketing Inc SQL Injection
Posted Feb 15, 2011
Authored by eXeSoul

Century Marketing Inc Web Development Firm suffers from a remote SQL injection vulnerability.

tags | exploit, remote, web, sql injection
MD5 | e735ed426a0a6cd8cd884ccad20da5fc
GetSimple CMS 2.03 Shell Upload
Posted Feb 15, 2011
Authored by Chuzz, s3rg3770

GetSimple CMS version 2.03 suffers from a shell upload vulnerability.

tags | exploit, shell
MD5 | 505703aa9a74386b4e51ce0e3fef4e72
Xaraya 2.2.0 Beta 1 Path Disclosure
Posted Feb 15, 2011
Authored by High-Tech Bridge SA | Site htbridge.com

Xaraya version 2.2.0 Beta 1 suffers from a path disclosure vulnerability.

tags | exploit, info disclosure
MD5 | fce8c7542954b6ab54942a87fac81e57
ArtGK CMS Path Disclosure
Posted Feb 15, 2011
Authored by High-Tech Bridge SA | Site htbridge.com

ArtGK CMS suffers from a path disclosure vulnerability.

tags | exploit, info disclosure
MD5 | 4e1038ff5f375f454b9b71fc297d6602
Page 1 of 2
Back12Next

File Archive:

February 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    1 Files
  • 2
    Feb 2nd
    2 Files
  • 3
    Feb 3rd
    17 Files
  • 4
    Feb 4th
    15 Files
  • 5
    Feb 5th
    24 Files
  • 6
    Feb 6th
    16 Files
  • 7
    Feb 7th
    19 Files
  • 8
    Feb 8th
    2 Files
  • 9
    Feb 9th
    2 Files
  • 10
    Feb 10th
    15 Files
  • 11
    Feb 11th
    20 Files
  • 12
    Feb 12th
    16 Files
  • 13
    Feb 13th
    19 Files
  • 14
    Feb 14th
    17 Files
  • 15
    Feb 15th
    4 Files
  • 16
    Feb 16th
    4 Files
  • 17
    Feb 17th
    34 Files
  • 18
    Feb 18th
    15 Files
  • 19
    Feb 19th
    20 Files
  • 20
    Feb 20th
    33 Files
  • 21
    Feb 21st
    11 Files
  • 22
    Feb 22nd
    0 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files
  • 29
    Feb 29th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close