what you don't know can hurt you
Showing 1 - 15 of 15 RSS Feed

Files Date: 2011-10-03

Malware Analyser 3.3
Posted Oct 3, 2011
Authored by Beenu Arora | Site malwareanalyser.com

Malware Analyser is freeware tool to perform static and dynamic analysis on malwares.

Changes: Added traces signatures. Improved parsing. Bug fixes.
tags | tool, forensics
MD5 | 1312f218a6a5479d9b4329833cfa013c
Ashampoo Burning Studio Elements 10.0.9 Heap Overflow
Posted Oct 3, 2011
Authored by LiquidWorm | Site zeroscience.mk

Ashampoo Burning Studio Elements version 10.0.9 suffers from a heap overflow vulnerability. It fails to properly sanitize user supplied input when parsing .ashprj project file formats resulting in a crash corrupting the heap-based memory. The attacker can use this scenario to lure unsuspecting users to open malicious crafted .ashprj files with a potential for arbitrary code execution on the affected system.

tags | exploit, overflow, arbitrary, code execution
MD5 | f0492e7bbdbe04926e536db6204979b5
Phorum 5.2.18 Cross Site Scripting
Posted Oct 3, 2011
Authored by Stefan Schurtz

Phorum version 5.2.8 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 7bd5a795afe6db02d981de6ca85e7490
Netvolution CMS 2.5.8 Blind SQL Injection
Posted Oct 3, 2011
Authored by Patroklos Argyroudis, Dimitris Glynos | Site census-labs.com

Netvolution CMS version 2.5.8 suffers from a remote blind SQL injection vulnerability via the HTTP referer header.

tags | exploit, remote, web, sql injection
advisories | CVE-2011-3340
MD5 | e39d539b523f2c3791fa0ec37de5b54f
Metropolis Technologies OfficeWatch Directory Traversal
Posted Oct 3, 2011
Authored by Digital Defense, r@b13$, Chris Graham | Site digitaldefense.net

Metropolis Technologies OfficeWatch enables a web server on TCP port 80 that is susceptible to a directory traversal. An attacker may send a ../ (dot-dot-slash) sequence to traverse out of the web root and access arbitrary files on the host.

tags | advisory, web, arbitrary, root, tcp
MD5 | 2935db7b692f3ccd3f03083af86137c3
ThinVNC Product Suite Arbitrary File Retrieval
Posted Oct 3, 2011
Authored by Digital Defense, r@b13$ | Site digitaldefense.net

Multiple Cybele Software, Inc. products are vulnerable to arbitrary file retrieval and directory traversal vulnerabilities including ThinVNC, ThinRDP, and ThinVNC Access Point 2.0. An unauthenticated remote attacker can submit requests for files that are located outside the root of the web server that is distributed with these Cybele Software, Inc. products.

tags | advisory, remote, web, arbitrary, root, vulnerability
MD5 | 34a20d2c0fd04f07d27b62973123b161
Hydra Network Logon Cracker 7.1
Posted Oct 3, 2011
Authored by van Hauser, thc | Site thc.org

THC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.

Changes: Added HTTP Proxy URL enumeration module, SOCKS4/SOCKS5 proxy support with authentication, IPv6 support for SOCKS5 module, and more. Various bug fixes and enhancements.
tags | tool, web, cracker, imap
systems | cisco, unix
MD5 | 0c3a6a351cb2e233cb989f0bcdd75edf
Debian Security Advisory 2314-1
Posted Oct 3, 2011
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2314-1 - Multiple security issues have been discovered in puppet, a centralized configuration management system.

tags | advisory
systems | linux, debian
advisories | CVE-2011-3848, CVE-2011-3870, CVE-2011-3869, CVE-2011-3871
MD5 | 9510271c6a81c86b6afaa1821681c3c5
Password Authentication Cracking!
Posted Oct 3, 2011
Authored by thc, David Maciejak

This article will show how to use Hydra to check for weak passwords. Hydra tries all possible password combination against a server on the Internet until one valid one is found to log in to the server. It is a powerful tool for hackers and network administrators alike.

tags | paper, cracker
MD5 | 45d2e31a0e92f5ddf5088ff6f089a4b4
Red Hat Security Advisory 2011-1349-01
Posted Oct 3, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-1349-01 - The RPM Package Manager is a command line driven package management system capable of installing, uninstalling, verifying, querying, and updating software packages. Multiple flaws were found in the way the RPM library parsed package headers. An attacker could create a specially-crafted RPM package that, when queried or installed, would cause rpm to crash or, potentially, execute arbitrary code. Note: Although an RPM package can, by design, execute arbitrary code when installed, this issue would allow a specially-crafted RPM package to execute arbitrary code before its digital signature has been verified. Package downloads from the Red Hat Network remain secure due to certificate checks performed on the secure connection.

tags | advisory, arbitrary
systems | linux, redhat
advisories | CVE-2011-3378
MD5 | a8389156f650235b27fd244c0474d1ed
Ubuntu Security Notice USN-1224-1
Posted Oct 3, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1224-1 - It was discovered that rsyslog had an off-by-two error when parsing legacy syslog messages. An attacker could potentially exploit this to cause a denial of service via application crash.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2011-3200
MD5 | d9a3f7da154d0f5ad8738f1dab1d27a4
JBoss addURL Misconfiguration Attack
Posted Oct 3, 2011
Authored by y0ug

This is a proof of concept exploit that leverages the addUrl method in the DeploymentScanner module on an exposed JBoss JMX console.

tags | exploit, proof of concept
advisories | CVE-2010-0738
MD5 | 5dacc755b8a3e39cc0ea4915d4ca1983
QtWeb 3.7.3 URL Spoof
Posted Oct 3, 2011
Authored by Lostmon | Site lostmon.blogspot.com

QtWeb Internet Browser version 3.7.3 suffers from a URL spoofing vulnerability that can allow for phishing attacks.

tags | exploit, spoof
MD5 | 6de08c599898053a533146ebfd2284a9
Packet Storm New Exploits For September, 2011
Posted Oct 3, 2011
Authored by Todd J. | Site packetstormsecurity.com

This archive contains all of the 286 exploits added to Packet Storm in September, 2011.

tags | exploit
systems | linux
MD5 | b2dc7a06ff832e6e6050d307eb69d036
Browser Exploit Against SSL/TLS
Posted Oct 3, 2011
Authored by Juliano Rizzo, Thai Duong

Browser Exploit Against SSL/TLS, or BEAST, is a proof of concept tool that demonstrates a weakness in the SSL protocol. It allows attackers to silently decrypt data that's passing between a webserver and an end-user browser.

tags | exploit, protocol, proof of concept
MD5 | c0d832089612de08c6935977f7c401f5
Page 1 of 1

File Archive:

May 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    1 Files
  • 2
    May 2nd
    4 Files
  • 3
    May 3rd
    26 Files
  • 4
    May 4th
    17 Files
  • 5
    May 5th
    3 Files
  • 6
    May 6th
    32 Files
  • 7
    May 7th
    11 Files
  • 8
    May 8th
    2 Files
  • 9
    May 9th
    2 Files
  • 10
    May 10th
    13 Files
  • 11
    May 11th
    11 Files
  • 12
    May 12th
    0 Files
  • 13
    May 13th
    0 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    0 Files
  • 17
    May 17th
    0 Files
  • 18
    May 18th
    0 Files
  • 19
    May 19th
    0 Files
  • 20
    May 20th
    0 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2020 Packet Storm. All rights reserved.

Security Services
Hosting By