what you don't know can hurt you
Showing 1 - 25 of 31 RSS Feed

Files Date: 2011-02-15

Mptcp Packet Manipulator 1.7
Posted Feb 15, 2011
Authored by Khun | Site hexcodes.org

Mpctp is a tool for manipulation of raw packets that allows a large number of options. Its primary purpose is to diagnose and test several scenarios that involving the use of the types of TCP/IP packets. It is able to send certain types of packets to any specific target and manipulations of various fields at runtime. These fields can be modified in its structure as the the Source/Destination IP address and Source/Destination MAC address.

Changes: Various updates.
tags | tool, scanner, tcp
systems | unix
SHA-256 | 8e8204b70f419814270efe1a84e5a1a57379fb615a273913b02f39c00bcd3841
Ubuntu Security Notice USN-1064-1
Posted Feb 15, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1064-1 - Neel Mehta discovered that incorrectly formatted ClientHello handshake messages could cause OpenSSL to parse past the end of the message. This could allow a remote attacker to cause a crash and denial of service by triggering invalid memory accesses.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2011-0014
SHA-256 | 0363a4620aad3ba274e0d561fa4343dcb277629a86069b3850aa4b9eed29fc1c
Tembria Server Monitor Weak Cryptographic Password Storage
Posted Feb 15, 2011
Authored by Rob Kraus | Site solutionary.com

A vulnerability exists in the Tembria Server Monitor application allowing an attacker to easily decrypt usernames and passwords used to authenticate to the application. This is a second level attack that requires access to the password files stored within the application directory.

tags | advisory
SHA-256 | 163a065cfecd676df474c29e1bd95914935a34327f5d1ac24420581f6c99a5ae
AutoPlay 1.33 Buffer Overflow
Posted Feb 15, 2011
Authored by badc0re | Site zeroscience.mk

AutoPlay version 1.33 local buffer overflow exploit that creates a malicious autoplay.ini file.

tags | exploit, overflow, local
SHA-256 | 3d6ec4b37f5393ccc419eac3e4e7edbdd77b47c7d203d69da6130e06a397a565
Zero Day Initiative Advisory 11-084
Posted Feb 15, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-084 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Java Runtime Environment. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the findClass method of the sun.plugin2.applet.Applet2ClassLoader class. Due to a failure to properly validate URLs supplied by an implicitly trusted applet, it is possible to execute arbitrary code on Windows 32-bit and 64-bit, as well as Linux 32-bit platforms under the context of the SYSTEM user.

tags | advisory, java, remote, arbitrary
systems | linux, windows
advisories | CVE-2010-4452
SHA-256 | 1c7151242a63212a2753302b519801eac9936ba533ed1416c16f2de270ae545b
Fina Iptables Script 0.2.4
Posted Feb 15, 2011
Authored by Tobias Klausmann | Site schwarzvogel.de

Fina is a simple, robust bash script that loads iptables rules from a rules directory. As such, it isn't concerned with creating rules for you; it just helps you load them in a robust way, going back to older or safe rules when things go wrong.

tags | tool, firewall, bash
systems | linux, unix
SHA-256 | 1f01f9f59cd9051c233a38c73377d3066a54814024c0723704714ed3717e2246
Mandriva Linux Security Advisory 2011-028
Posted Feb 15, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-028 - Incorrectly formatted ClientHello handshake message could cause OpenSSL to parse past the end of the message. This allows an attacker to crash an application using OpenSSL by triggering an invalid memory access. Additionally, some applications may be vulnerable to expose contents of a parsed OCSP nonce extension.

tags | advisory
systems | linux, mandriva
advisories | CVE-2011-0014
SHA-256 | 2b7b0d41ceaac24980fc028cbc657ac4083b57ea934c5280858484dfc8348854
Oracle 10/11g exp.exe Buffer Overflow
Posted Feb 15, 2011
Authored by mr_me

Oracle 10/11g exp.exe param file local buffer overflow proof of concept exploit.

tags | exploit, overflow, local, proof of concept
SHA-256 | 5bc9f0e6eb52e601de2e7868bb5965400e6367fd5d43aa95bc7a483d47042933
Lingxia I.C.E CMS Blind SQL Injection
Posted Feb 15, 2011
Authored by mr_me

Lingxia I.C.E CMS remote blind SQL injection proof of concept exploit.

tags | exploit, remote, sql injection, proof of concept
SHA-256 | 849e822c4ad163e9f886e1f7a76b149fe0052436cccd30ddc705a2bc19428834
phpMyBitTorrent 2.0.4 SQL Injection
Posted Feb 15, 2011
Authored by #forkbombers

phpMyBitTorrent version 2.0.4 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | f9ba1987c71d6647882f802bab7f06f8b9632a0390e53bada56fb564d8b031f5
QuickRecon 0.2
Posted Feb 15, 2011
Authored by Filip Szymanski

QuickRecon is a python script for simple information gathering. It attempts to find subdomain names, perform zone transfers and gathers emails from Google and Bing.

Changes: Bug fix release.
tags | tool, scanner, python
systems | unix
SHA-256 | 883ccd44f2129e5160ea8c433f5ff98e0a5fdf077fe8afbec99020d82d17bbaf
Ocreative Design Studio SQL Injection
Posted Feb 15, 2011
Authored by eXeSoul

Ocreative Design Studio suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | c3cc8936aa3195d9f318223ce2515e0f7595cd2fb41bc4056326e3b83c573d19
Gollos 2.8 Cross Site Scripting
Posted Feb 15, 2011
Authored by High-Tech Bridge SA | Site htbridge.com

Gollos version 2.8 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | a1782067ff2127e84de9830e7ba8f4a03470fcb51ee84ab005798da32a839cf0
Tembria Server Monitor Cross Site Scripting
Posted Feb 15, 2011
Authored by Rob Kraus, Jose R. Hernandez | Site solutionary.com

Tembria Server Monitor suffers from multiple cross site scripting vulnerabilities.

tags | advisory, vulnerability, xss
SHA-256 | bd43f55446ef0b1ec184ba04169d7ae96d5669d34c462d144c86fcb05e1fc3d3
sightFACTORY SQL Injection
Posted Feb 15, 2011
Authored by eXeSoul

sightFACTORY suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 80493891389243700d4ffd195289728d2833efb4ceeb7e0561946ae279bcb56e
Zero Day Initiative Advisory 11-083
Posted Feb 15, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-083 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Oracle Java Runtime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw is due to insufficient defenses against system clipboard hijacking. When in focus, a handle to the system clipboard can be retrieved without user interaction by a malicious component. The clipboard can then be arbitrarily read from or written to. By writing a TransferableProxy object to the system clipboard and then forcing a paste action, arbitrary code can be executed under the context of the user invoking the JRE.

tags | advisory, java, remote, arbitrary
advisories | CVE-2010-4465
SHA-256 | 4c46b3ec192f1d813df40166389dd74826a1e212deec18e5d0c463478a0543f9
Arctic Fox CMS 0.9.4 Information Disclosure
Posted Feb 15, 2011
Authored by High-Tech Bridge SA | Site htbridge.com

Arctic Fox CMS version 0.9.4 suffers from a remote information disclosure vulnerability.

tags | exploit, remote, info disclosure
SHA-256 | b398edc6c051c237457fce2ca656593b776379f0cc9f4b84072c919248771a4f
Zero Day Initiative Advisory 11-082
Posted Feb 15, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-082 - This vulnerability allows remote attackers to leak authentication details on vulnerable installations of the Oracle Java Runtime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists in the handling of NTLM authentication requested generated in the context of the Java Runtime. The Java Virtual Machine will ignore browser policies and respond to WWW-Authenticate requests from the Internet zone resulting in the leakage of NTLM authentication hashes to attackers.

tags | advisory, java, remote
advisories | CVE-2010-4466
SHA-256 | 200d38bc13cbe21ac99e21e9ffec606d81aa8a64514da2b0e7274815d6236e75
Wikipad 1.6.0 Cross Site Scripting / File Disclosure
Posted Feb 15, 2011
Authored by High-Tech Bridge SA | Site htbridge.com

Wikipad version 1.6.0 suffers from cross site scripting and file content disclosure vulnerabilities.

tags | exploit, vulnerability, xss, info disclosure
SHA-256 | 0b16e4b9e89438ed538b13599105fa55488e27f95ac46604ee12ec652377cb52
Photopad 1.2.0 Cross Site Scripting
Posted Feb 15, 2011
Authored by High-Tech Bridge SA | Site htbridge.com

Photopad version 1.2.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | a488c268f86be03cbb8257537eadcf26c4143a9e808a7a5e9aab3ebe260b7f2b
News Events 1.4 SQL Injection
Posted Feb 15, 2011
Authored by ThunDEr HeaD

News Events version 1.4 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 47f66a1220ad3508d9358680dba785fdaa04de782d43acce06a59c3cb7acf61e
Century Marketing Inc SQL Injection
Posted Feb 15, 2011
Authored by eXeSoul

Century Marketing Inc Web Development Firm suffers from a remote SQL injection vulnerability.

tags | exploit, remote, web, sql injection
SHA-256 | 9577ebec7cbcb887e8d9743101524eeae6a0d7bdc3119e6aea98cb643fdaf058
GetSimple CMS 2.03 Shell Upload
Posted Feb 15, 2011
Authored by Chuzz, s3rg3770

GetSimple CMS version 2.03 suffers from a shell upload vulnerability.

tags | exploit, shell
SHA-256 | 9ed94b019619b8b1467fcb8e3fe717edffd835fa6d5854d7ba75eb8d68916e40
Xaraya 2.2.0 Beta 1 Path Disclosure
Posted Feb 15, 2011
Authored by High-Tech Bridge SA | Site htbridge.com

Xaraya version 2.2.0 Beta 1 suffers from a path disclosure vulnerability.

tags | exploit, info disclosure
SHA-256 | 25cf2837e277ac2a10f0dcb8b79e90c2baf2d5219f0eee037896570fdb9032cf
ArtGK CMS Path Disclosure
Posted Feb 15, 2011
Authored by High-Tech Bridge SA | Site htbridge.com

ArtGK CMS suffers from a path disclosure vulnerability.

tags | exploit, info disclosure
SHA-256 | 67b272ba452d861c268cd2bb0d43fa4142e0658b5e21e447de9152a6b9edfbb6
Page 1 of 2
Back12Next

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    26 Files
  • 18
    May 18th
    4 Files
  • 19
    May 19th
    17 Files
  • 20
    May 20th
    2 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    6 Files
  • 24
    May 24th
    19 Files
  • 25
    May 25th
    5 Files
  • 26
    May 26th
    12 Files
  • 27
    May 27th
    12 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close