what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 41 RSS Feed

Files Date: 2011-03-29

Moscrack WPA Cluster Cracker 2.03b
Posted Mar 29, 2011
Authored by Ryan Babchishin | Site moscrack.sourceforge.net

Moscrack is intended to facilitate the use of a WPA cracker on a cluster. Currently, it has only been used with Mosix (clustering software) and SSH nodes. It works by reading a word list from STDIN or a file, breaking it into chunks and passing those chunks off to separate processes that run in parallel. The parallel processes can then execute on different nodes in your cluster. All results are checked (to a degree) and recorded on your master node. Logging, error handling, etc. are all handled for you. Moscrack is designed to be run for long periods of time (days, weeks, or more).

Changes: HotConfig improvements and fixes were made. A configuration file is used. Console output was improved. SSH uses pure Perl. Cygwin node stability was improved.
tags | cracker
systems | unix
SHA-256 | 985aceb4a402b0e03e0ee23d6fa5dd9c61cb8ad0fe211a22a5db5c3547ed3972
Ubuntu Security Notice USN-1098-1
Posted Mar 29, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1098-1 - It was discovered that vsftpd incorrectly handled certain glob expressions. A remote authenticated user could use a crafted glob expression to cause vftpd to consume all resources, leading to a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2011-0762
SHA-256 | 069ed5ee94ecf7be1a9e9660c508d1df643b11ee2a9f85007c94090cdd00fb32
XOOPS JOBs Cross Site Scripting / Backup Disclosure
Posted Mar 29, 2011
Authored by KedAns-Dz

The XOOPS JOBs module suffers from database disclosure and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, info disclosure
SHA-256 | e6f7b69ca39f113e542da04a07b9c042cf8cb5348e4113cc11d3c4be4ccdb15e
ISSA Ireland Security Conference 2011 Call For Papers
Posted Mar 29, 2011
Site issaireland.org

The ISSA Ireland Security Conference (IISC) 2011 call for papers has been announced. It will be held from May 11th through the 12th, 2011 in The Royal College of Physicians Ireland on Kildare Street, Dublin.

tags | paper, conference
SHA-256 | cc742e348803b4bebccc7e0c52ac2c3b04a64d189f3658425747a6b6c29779ab
IDEAL Administration 2011 11.4 Buffer Overflow
Posted Mar 29, 2011
Authored by Dr_IDE

IDEAL Administration 2011 version 11.4 local SEH buffer overflow exploit that binds a shell to port 4444.

tags | exploit, overflow, shell, local
SHA-256 | a2205ff75ac16e41c0d959abdf59f6428e9908fee53656bf350ee7b0796ee06c
Enano CMS 1.1.7 / 1.0.6 Cross Site Scripting
Posted Mar 29, 2011
Authored by Mesut Timur

Enano CMS versions 1.1.7 and below and 1.0.6 and below suffer from a cross site scripting vulnerability.

tags | advisory, xss
SHA-256 | d571fee22d5a09bcc9d89f487634700a9dde68a4debe97b0a28647b6a0353046
Adobe Omniture Cookie-Forcing
Posted Mar 29, 2011
Authored by Tom Keetch

Adobe Omniture suffers from a vulnerability where a malicious cookie can hijack secure connections to the domain by injecting malicious javascript into the page via the cookie.

tags | advisory, javascript
SHA-256 | 867e790d12052d21305ffeaf4682a50de4c09e3a702babdcf130ce2820d2e241
Hacking The Skiddies
Posted Mar 29, 2011
Authored by MaXe

Whitepaper called Hacking the Skiddies.

tags | paper
SHA-256 | 3610f5af940459d0f9772372a3ff9dc213bca95a57b0cebe37d73f4edd86bf38
Bypassing Anti-Virus Scanners
Posted Mar 29, 2011
Authored by MaXe

Whitepaper called Bypassing Anti-Virus Scanners.

tags | paper, virus
SHA-256 | 8919103e539f8e08d30103803a77e6ad632dce79dedb8e58ee5be3b8dbcbf8c6
Tracks 1.7.2 Cross Site Scripting
Posted Mar 29, 2011
Authored by Mesut Timur

Tracks version 1.7.2 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 0e9afb6d0f5ba2d4b1518a64d2c034a1836ded19120b4ca68150dd5d16c2fd1a
Ubuntu Security Notice USN-1097-1
Posted Mar 29, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1097-1 - It was discovered that the Tomcat SecurityManager did not properly restrict the working directory. An attacker could use this flaw to read or write files outside of the intended working directory. It was discovered that Tomcat did not properly escape certain parameters in the Manager application which could result in browsers becoming vulnerable to cross-site scripting attacks when processing the output. With cross-site scripting vulnerabilities, if a user were tricked into viewing server output during a crafted server request, a remote attacker could exploit this to modify the contents, or steal confidential data (such as passwords), within the same domain. It was discovered that Tomcat incorrectly enforced the maxHttpHeaderSize limit in certain configurations. A remote attacker could use this flaw to cause Tomcat to consume all available memory, resulting in a denial of service.

tags | advisory, remote, denial of service, vulnerability, xss
systems | linux, ubuntu
advisories | CVE-2010-3718, CVE-2011-0013, CVE-2011-0534
SHA-256 | affa18051becc121040b13af705845364918ff2478b4a20b6a34eadba75cede8
DCS Self MNS Product SQL Injection
Posted Mar 29, 2011
Authored by eXeSoul

DCS Self MNS Product suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | c2ca0b40610205b927f98747653fb637237ba8db2df139fc58769aafcf5c8a23
Ubuntu Security Notice USN-1096-1
Posted Mar 29, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1096-1 - Philip Martin discovered that the Subversion mod_dav_svn module for Apache did not properly handle certain requests containing a lock token. A remote attacker could use this flaw to cause the service to crash, leading to a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2011-0715
SHA-256 | caf09d37d15cd9024d30be254cdbcd8d0dec859eca34954ae6628f15010273e9
Writing Manual Shellcode By Hand
Posted Mar 29, 2011
Authored by MaXe

Whitepaper called Writing Manual Shellcode by Hand.

tags | paper, shellcode
SHA-256 | 061997e84eadf0ea80fa13c73f114ab9cb5632b12b77b660304a855a3f885f72
Beginners Guide To Cross Site Scripting
Posted Mar 29, 2011
Authored by MaXe

This is a whitepaper called the Beginner's Guide To Cross Site Scripting.

tags | paper, web, xss
SHA-256 | 15ce1410ad4bb0fb2095406b506cffa4cbd1bd7787c82707575a1d8dcf5f7258
Spitfire CMS 1.0.436 Cross Site Scripting
Posted Mar 29, 2011
Authored by High-Tech Bridge SA | Site htbridge.com

Spitfire CMS version 1.0.436 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 8560506e77b07ec1cb96f7f2ebf871e667ed02212de56bc5c5a58d5c27f135e3
Ubuntu Security Notice USN-1095-1
Posted Mar 29, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1095-1 - It was discovered that Quagga incorrectly parsed certain malformed extended communities. A remote attacker could use this flaw to cause Quagga to crash, resulting in a denial of service. It was discovered that Quagga resets BGP sessions when encountering malformed AS_PATHLIMIT attributes. A remote attacker could use this flaw to disrupt BGP sessions, resulting in a denial of service. This update removes AS_PATHLIMIT support from Quagga. This issue only affected Ubuntu 8.04 LTS, 9.10, 10.04 LTS and 10.10.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2010-1674, CVE-2010-1675
SHA-256 | ace92018aca8cb5f956fcdd7df537578af7168e4da59950e1a0e8cf32c374692
Ubuntu Security Notice USN-1094-1
Posted Mar 29, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1094-1 - Petr Matousek discovered that libvirt did not always honor read-only connections. An attacker who is authorized to connect to the libvirt daemon could exploit this to cause a denial of service via application crash.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2011-1146
SHA-256 | 6dd8ec7382009c91aee9deaa35b3fc69dbaca15baed81f8c368a15c73a863ca6
WESPA PHP Newsletter 3.0 Administrator Password Change
Posted Mar 29, 2011
Authored by alieye

WESPA PHP Newsletter version 3.0 suffers from a remote administrative password changing vulnerability when the install script is left in place.

tags | exploit, remote, php, add administrator
SHA-256 | 8967ba02e7bee6dbbd12538c41fde3fc9096ae06d10335d62f3cf4e0d8d3794c
Simple PHP Newsletter Administrator Password Change
Posted Mar 29, 2011
Authored by alieye

Simple PHP Newsletter suffers from a remote administrative password changing vulnerability when the install script is left in place.

tags | exploit, remote, php, add administrator
SHA-256 | 6156bed607c247ce156c38d3a514e9b119d3dc5eea5758f60ee0a71ddce5ee47
Solaris 10 Port Stealing
Posted Mar 29, 2011
Authored by Chris O'Regan

Solaris 10 suffers from a port stealing vulnerability that can be leveraged to enable denial of service and man-in-the-middle attacks.

tags | exploit, denial of service
systems | solaris
SHA-256 | 48675e27be933162ec7baa7aa594498059d2ec27697cce05e158de2eb0bcbf53
Secunia Security Advisory 43910
Posted Mar 29, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - John Leitch has discovered a vulnerability in PyroCMS, which can be exploited by malicious people to conduct script insertion attacks.

tags | advisory
SHA-256 | f0c0672532564446fcce2c6cd50676d8c652589ecf7decf12faa3fe60718d3eb
Secunia Security Advisory 43850
Posted Mar 29, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Luigi Auriemma has reported multiple vulnerabilities in ICONICS GENESIS32 and GENESIS64, which can be exploited by malicious people to cause a DoS (Denial of Service) and compromise a vulnerable system.

tags | advisory, denial of service, vulnerability
SHA-256 | 5d6d4f865f6de3359152e5d6ef149bfb9a71d61d3173febc11bad781a08b421c
Secunia Security Advisory 43886
Posted Mar 29, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - John Leitch has discovered a vulnerability in Easy File Sharing Web Server, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory, web
SHA-256 | dc281f9cbc65856fdf802bde8e23567d51206e02af065ef79da292cdf1ca2eb4
Secunia Security Advisory 43895
Posted Mar 29, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in Ays Blog, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, sql injection
SHA-256 | 6ae7065e60762110eb66aac5141e5b05b642fe79a97bffc2cfe33f057c418d84
Page 1 of 2
Back12Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close