what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 795 RSS Feed

Files Date: 2011-05-01 to 2011-05-31

FreeBSD Security Advisory - BIND Remote Denial Of Service
Posted May 30, 2011
Site security.freebsd.org

FreeBSD Security Advisory - Very large RRSIG RRsets included in a negative response can trigger an assertion failure that will crash named(8) due to an off-by-one error in a buffer size check.

tags | advisory
systems | freebsd
advisories | CVE-2011-1910
SHA-256 | 830b4abf997e208ee19a29014f1bce9fcf3eacab0dd0921152c8321eb8c768ce
Callisto 821+ Cross Site Request Forgery / Cross Site Scripting
Posted May 30, 2011
Authored by MustLive

Callisto 821+ ADSL modems suffer from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
SHA-256 | 0e16cf1eb86fda073d42b60cae20ced062f3ed4454b91874e9820d5bfad4540b
Callisto 821+ Predictable Resource Location / Brute Force
Posted May 30, 2011
Authored by MustLive

Callisto 821+ ADSL modems suffer from predictable resource location and brute force vulnerabilities.

tags | advisory, cracker, vulnerability
SHA-256 | 822d5a0c54180ec61e1ca3a6846235d8c78dc0026a6c0c9d4a4dfc30a5a61dcd
Ubuntu Security Notice USN-1140-1
Posted May 30, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1140-1 - Marcus Granado discovered that PAM incorrectly handled configuration files with non-ASCII usernames. A remote attacker could use this flaw to cause a denial of service, or possibly obtain login access with a different users username. This issue only affected Ubuntu 8.04 LTS. It was discovered that the PAM pam_xauth, pam_env and pam_mail modules incorrectly handled dropping privileges when performing operations. A local attacker could use this flaw to read certain arbitrary files, and access other sensitive information. It was discovered that the PAM pam_namespace module incorrectly cleaned the environment during execution of the namespace.init script. A local attacker could use this flaw to possibly gain privileges. It was discovered that the PAM pam_xauth module incorrectly handled certain failures. A local attacker could use this flaw to delete certain unintended files. It was discovered that the PAM pam_xauth module incorrectly verified certain file properties. A local attacker could use this flaw to cause a denial of service.

tags | advisory, remote, denial of service, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2010-3435, CVE-2009-0887, CVE-2010-3316, CVE-2010-3430, CVE-2010-3431, CVE-2010-3435, CVE-2010-3853, CVE-2010-4706, CVE-2010-4707
SHA-256 | 1475b1ea584745e75607c08eb5e889073214913e719c51acce41d09dc235d52b
Ubuntu Security Notice USN-1139-1
Posted May 30, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1139-1 - It was discovered that Bind incorrectly handled certain bad signatures if multiple trust anchors existed for a single zone. A remote attacker could use this flaw to cause Bind to stop responding, resulting in a denial of service. This issue only affected Ubuntu 8.04 LTS and 10.04 LTS. Frank Kloeker and Michael Sinatra discovered that Bind incorrectly handled certain very large RRSIG RRsets included in negative responses. A remote attacker could use this flaw to cause Bind to stop responding, resulting in a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2010-3762, CVE-2011-1910
SHA-256 | 82a2c36b85a888540cafda385a6411a7d5d9aa9aa7f327427e24d3e0ecb19e3a
International PHP Conference 2011 Call For Papers
Posted May 30, 2011
Site phpconference.com

The International PHP Conference 2011 Call For Papers has been announced. It will take place in Mainz, Germany from October 9th through the 12th, 2011.

tags | paper, php, conference
SHA-256 | 8a2e81d4311e352081c0c25bfa398b6310f9084e941f26468333b4652e99bfab
QuickRecon 0.3.1
Posted May 30, 2011
Authored by Filip Szymanski

QuickRecon is a python script for simple information gathering. It attempts to find subdomain names, perform zone transfers and gathers emails from Google and Bing.

Changes: Small changes in the GUI.
tags | tool, scanner, python
systems | unix
SHA-256 | fde8a018a8ee2f85f499817eff388b2355cd49343730fe973a1d15d9fd880370
Apache Archiva 1.3.4 Cross Site Request Forgery
Posted May 30, 2011
Authored by Riyaz Walikar | Site archiva.apache.org

Apache Archiva versions 1.3.0 through 1.3.4 suffer from multiple cross site request forgery vulnerabilities. Proof of concept findings included.

tags | exploit, vulnerability, proof of concept, csrf
advisories | CVE-2011-1026
SHA-256 | b246d86c77384bffeea71e41705debe975936da36f6664257f23a0509e892515
Apache Archiva 1.3.4 Cross Site Scripting
Posted May 30, 2011
Authored by Riyaz Walikar | Site archiva.apache.org

Apache Archiva versions 1.3.0 through 1.3.4 suffer from multiple cross site scripting vulnerabilities. Proof of concept findings are included.

tags | exploit, vulnerability, xss, proof of concept
advisories | CVE-2011-1077
SHA-256 | 1f7075aceb2d7c4e01fac7c5d2d2a82b49fcbec88ecad5a0c498e8a110ae8625
Paranoia 2011 Call For Papers
Posted May 30, 2011
Site paranoia.watchcom.no

Paranoia 2011 has announced its call for papers. It will be held November 10th, 2011 in Oslo, Norway.

tags | paper, conference
SHA-256 | 852a2cdc27859956dd0c7d0d0f740412798d569772869d1d3f9a5c108ad488e5
w-Agora Forum 4.2.1 Shell Upload
Posted May 30, 2011
Authored by Treasure Priyamal

w-Agora Forum version 4.2.1 suffers from a shell upload vulnerability.

tags | exploit, shell
SHA-256 | 1d03bd93f900a0aeef872305e5386ad4576347bb3a38abce47a006ff17a3c125
Forticlient SSL VPN Symlink Overwrite
Posted May 30, 2011
Authored by magikh0e

Forticlient SSL VPN suffers from an insecure lock file creation vulnerability.

tags | exploit
SHA-256 | 8506d14f5b9b106d76701809ddd09faece117b48ea34a90276743543733328d0
TinyMCE AjaxFileManager Shell Upload
Posted May 30, 2011
Authored by Dr Trojan

TinyMCE AjaxFileManager suffers from a shell upload vulnerability.

tags | exploit, shell
SHA-256 | 44777303e5da93672d9c5850f2ad115033b7443eace995d9841ceb2e993b5de7
Joomla Joomnik SQL Injection
Posted May 30, 2011
Authored by SOLVER

The Joomla Joomnik component suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 26a5ba75fdccbc4771490590f55b59f490f45090d5cd4c980defbc32c76774b2
HP Data Protector Client EXEC_SETUP Code Execution
Posted May 30, 2011
Authored by fdisk

HP Data Protector Client EXEC_SETUP remote code execution proof of concept exploit.

tags | exploit, remote, code execution, proof of concept
advisories | CVE-2011-0922
SHA-256 | 74be50124dc9e7c705be0e3addd5aeb34b9d814fd5388d581dbc47f14bf3077b
vBulletin 4.1.2 search.php SQL Injection
Posted May 30, 2011
Authored by James Bercegay | Site gulftech.org

vBulletin versions 4 through 4.1.2 are vulnerable to a preauth SQL Injection issue that may be used by an attacker to extract user credentials, and potentially gain administrative access, potentially leading to remote PHP code execution.

tags | exploit, remote, php, code execution, sql injection
SHA-256 | 66a76054bed8d3379af551d8013a3dd18f852a2244d56170a687f6adc9318f37
BadAss 0.7 Beta
Posted May 30, 2011
Authored by blass

BadAss is a Ruby script that makes it very easy to perform cracking attacks, port scanning, and more.

Changes: No need to restart Badass on every command any longer. Menu is reorganized. GUI tools removed. FTP brute force added. Other changes and additions as well.
tags | tool, ruby
systems | unix
SHA-256 | 27b9a31a0aeb0f73a9228bb7edf5950983ba7e4f65ca5d54508227253f6cc3c7
WysGui <= 2.3 (FCKeditor) File Upload Code Execution
Posted May 30, 2011
Authored by KedAns-Dz | Site metasploit.com

This Metasploit module exploits a vulnerability in the FCK/CKeditor plugin. By renaming the uploaded file this vulnerability can be used to upload/execute code on the affected system.

tags | exploit
SHA-256 | b79669815ce9dff5b0766e6ccba3931a6b21c34e7949eaf09004b7f32698c32f
Bitweaver 2.x (FCKeditor) File Upload Code Execution
Posted May 30, 2011
Authored by KedAns-Dz | Site metasploit.com

This Metasploit module exploits a vulnerability in the FCK/CKeditor plugin. By renaming the uploaded file this vulnerability can be used to upload/execute code on the affected system.

tags | exploit
SHA-256 | 95ab789932419023a2b9612004b6abf2c74e2907a3d992a52eb027409b4fa0c2
nvisionix Roaming System Remote metasys 0.2 Local File Inclusion
Posted May 30, 2011
Authored by Treasure Priyamal

nvisionix Roaming System Remote metasys version 0.2 suffers from a local file inclusion vulnerability.

tags | exploit, remote, local, file inclusion
SHA-256 | b9be354e82d57c4f7deaa02953e80b5ac0e0d369470d7bee527364a2667c04a8
Puzzle Apps CMS 3.2 Local File Inclusion
Posted May 30, 2011
Authored by Treasure Priyamal | Site treasuresec.com

Puzzle Apps CMS version 3.2 suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
SHA-256 | 6d2efad599342b5af563d8a1a79db973c417e849a4fe79b9d7a34b7a1f635ec2
FreeBSD/x86 Encrypted setuid(0) execve /bin/sh Shellcode
Posted May 30, 2011
Authored by mywisdom

51 bytes small FreeBSD/x86 encrypted setuid(0) execve /bin/sh shellcode.

tags | x86, shellcode
systems | freebsd
SHA-256 | 26faf53012df696882e42100ade0f9df1ba86b375a1b76b4d60d4dd234f92ad1
Easy Media Script SQL Injection
Posted May 30, 2011
Authored by Lagripe-Dz

Easy Media Script suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | a13242a67439f45baff81c279fd56c1d356e2056ac5ab470c6d891f895b1f4d8
html_edit CMS 3.1.x Cross Site Request Forgery
Posted May 30, 2011
Authored by KedAns-Dz

html_edit CMS versions 3.1.x and below suffer from multiple cross site request forgery vulnerabilities.

tags | exploit, vulnerability, csrf
SHA-256 | 6034d2e3fdab3d6511c53b6a343e759386febddea427cac72d6a2449a1f8035b
Understanding Basic Vuln C0de For RCE
Posted May 30, 2011
Authored by eidelweiss

Whitepaper called Understanding Basic Vuln c0de for RCE (Remote Command Execution).

tags | paper, remote
SHA-256 | 9907db6251dee6363621a9bac17337fb5c5d9bae683f453fccf2a42db3aebae3
Page 1 of 32
Back12345Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close