exploit the possibilities
Showing 1 - 25 of 50 RSS Feed

Files Date: 2011-10-24

SAP Management Console OSExecute Payload Execution
Posted Oct 24, 2011
Authored by Chris John Riley | Site metasploit.com

This Metasploit module executes an arbitrary payload through the SAP Management Console SOAP Interface. A valid username and password must be provided.

tags | exploit, arbitrary
MD5 | d302eb51c1c7370171b436f8a7c1b241
Cytel Studio 9.0 (CY3 File) Stack Buffer Overflow
Posted Oct 24, 2011
Authored by Luigi Auriemma, James Fitts | Site metasploit.com

This Metasploit module exploits a stack based buffer overflow found in Cytel Studio <= 9.0. The overflow is triggered during the copying of strings to a stack buffer of 256 bytes.

tags | exploit, overflow
advisories | OSVDB-75991
MD5 | 803c6fca9cba79ef5cd0543f93bb1810
Debian Security Advisory 2326-1
Posted Oct 24, 2011
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2326-1 - Kees Cook of the ChromeOS security team discovered a buffer overflow in pam_env, a PAM module to set environment variables through the PAM stack, which allowed the execution of arbitrary code. An additional issue in argument parsing allows denial of service.

tags | advisory, denial of service, overflow, arbitrary
systems | linux, debian
advisories | CVE-2011-3148, CVE-2011-3149
MD5 | 576656d0a1d04a1014434f398bb7c36c
Core Security Technologies Advisory 2011.0810
Posted Oct 24, 2011
Authored by Core Security Technologies, Matthew Bergin, Matias Blanco | Site coresecurity.com

Core Security Technologies Advisory - When the install script for e107 CMS has not been removed, an attacker can "reinstall" the application using arbitrary parameters. If the attacker puts a valid MySql server followed a semicolon and PHP code, this will be executed when the config file gets requested. This parameters are stored in the config file "e107_config.php". Version 0.7.24 is affected.

tags | exploit, arbitrary, php
advisories | CVE-2011-1513
MD5 | 475e59b9a2f74d30c17656851b32c8da
THC SSL Denial Of Service Tool 1.4 Windows Version
Posted Oct 24, 2011
Authored by thc | Site thc.org

THC-SSL-DOS is tool to stress test the SSL handshake by triggering processor intensive RSA_encrypt() calls on the server side. Establishing a secure SSL connection requires 15x more processing power on the server than on the client. THC-SSL-DOS exploits this asymmetric property by overloading the server and knocking it off the Internet. This problem affects all SSL implementations today. The vendors are aware of this problem since 2003 and the topic has been widely discussed. This attack further exploits the SSL secure Renegotiation feature to trigger thousands of renegotiations via a single TCP connection. Windows binary version.

tags | exploit, tool, denial of service, tcp
systems | windows
advisories | CVE-2009-3555
MD5 | 7a40638354c8133ba93f966c31237518
THC SSL Denial Of Service Tool 1.4
Posted Oct 24, 2011
Authored by thc | Site thc.org

THC-SSL-DOS is tool to stress test the SSL handshake by triggering processor intensive RSA_encrypt() calls on the server side. Establishing a secure SSL connection requires 15x more processing power on the server than on the client. THC-SSL-DOS exploits this asymmetric property by overloading the server and knocking it off the Internet. This problem affects all SSL implementations today. The vendors are aware of this problem since 2003 and the topic has been widely discussed. This attack further exploits the SSL secure Renegotiation feature to trigger thousands of renegotiations via a single TCP connection.

tags | exploit, tool, denial of service, tcp
systems | unix
advisories | CVE-2009-3555
MD5 | a559f69caba2886e2be8e9cd6a47cd3c
Agnitio 2.1
Posted Oct 24, 2011
Authored by David Rook | Site sourceforge.net

Agnitio is a tool to help developers and security professionals conduct manual security code reviews in a consistent and repeatable way. Agnitio aims to replace the adhoc nature of manual security code review documentation, create an audit trail and reporting. Both x86 and x64 versions are included in this archive.

Changes: Windows x64 support. Automatically decompiles Android .apk application for easy analysis. Various other features and updates.
tags | x86
systems | windows
MD5 | 59cf63a6f55574a2f985861dc0056619
InverseFlow 2.4 Cross Site Scripting
Posted Oct 24, 2011
Authored by Amir Expl0its

InverseFlow version 2.4 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | a18449e8c57cf1723782f98458529229
Bleeding Life 2 Exploit Pack
Posted Oct 24, 2011
Site blackhatacademy.org

Black Hat Academy has decided to go open source with the Bleeding Life 2 exploit pack. This is an exploit pack that affects Windows-based web browsers via Adobe and Java.

tags | exploit, java, web
systems | linux, windows
advisories | CVE-2008-2992, CVE-2010-1297, CVE-2010-2884, CVE-2010-0188, CVE-2010-0642, CVE-2010-3552
MD5 | df19be9e1d930def74baab341a3a5f08
Debian Security Advisory 2325-1
Posted Oct 24, 2011
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2325-1 - Buffer overflow in the "linux emulation" support in FreeBSD kernel allows local users to cause a denial of service (panic) and possibly execute arbitrary code by calling the bind system call with a long path for a UNIX-domain socket, which is not properly handled when the address is used by other unspecified system calls.

tags | advisory, denial of service, overflow, arbitrary, kernel, local
systems | linux, unix, freebsd, debian
advisories | CVE-2011-4062
MD5 | d4ace689aa384ccfd58060341857eea6
Gentoo Linux Security Advisory 201110-20
Posted Oct 24, 2011
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201110-20 - Multiple vulnerabilities were found in Clam AntiVirus, the most severe of which may allow the execution of arbitrary code. Versions less than 0.97.3 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2010-0405, CVE-2010-3434, CVE-2010-4260, CVE-2010-4261, CVE-2010-4479, CVE-2011-1003, CVE-2011-2721, CVE-2011-3627
MD5 | cc4177571f49c9147daf34b60a76ff24
Secunia Security Advisory 46498
Posted Oct 24, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Gentoo has issued an update for rgmanager. This fixes two security issues, which can be exploited by malicious, local users to gain escalated privileges.

tags | advisory, local
systems | linux, gentoo
MD5 | 91533aa10f51c75b46a55eae86c2c805
Secunia Security Advisory 46136
Posted Oct 24, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Pantech Link, which can be exploited by malicious people to conduct spoofing attacks.

tags | advisory, spoof
MD5 | 13cc052a8c3073fcc103583995c3edee
Secunia Security Advisory 46249
Posted Oct 24, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fedora has issued an update for firefox and xulrunner. This fixes multiple vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions and compromise a user's system.

tags | advisory, vulnerability
systems | linux, fedora
MD5 | eb5a926c43f894605335190173868c42
Secunia Security Advisory 46235
Posted Oct 24, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in BaserCMS, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
MD5 | eff6dfd89fa34f4a085ee56ab5cc1453
Secunia Security Advisory 46265
Posted Oct 24, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Sitewatch has discovered a vulnerability in the Pixiv Custom theme for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
MD5 | 6dc98f491b991319c143137b54bbd330
Secunia Security Advisory 46261
Posted Oct 24, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fedora has issued an update for drupal6-views_bulk_operations. This fixes a vulnerability, which can be exploited by malicious users to conduct script insertion attacks.

tags | advisory
systems | linux, fedora
MD5 | 68fa345145f2d18dd017201aec435dc9
Secunia Security Advisory 46286
Posted Oct 24, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple security issues have been reported in Puppet, which can be exploited by malicious, local users to perform certain actions with escalated privileges.

tags | advisory, local
MD5 | dc4ff951a18e3b82583bf1ec16a58ddc
Secunia Security Advisory 46287
Posted Oct 24, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - OpenVZ has issued an update for the kernel. This fixes some weaknesses and vulnerabilities, which can be exploited by malicious, local users to disclose certain system information, cause a DoS (Denial of Service), and gain escalated privileges and by malicious, local users in a guest virtual machine and malicious people to cause a DoS.

tags | advisory, denial of service, kernel, local, vulnerability
MD5 | a1ebde8660d699f2bcfd186ca5ccb66c
Secunia Security Advisory 46174
Posted Oct 24, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Cisco IOS, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | cisco
MD5 | 04ae9e0e1d6a0cfa5ccffee90a2a3642
Secunia Security Advisory 46257
Posted Oct 24, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for MozillaFirefox. This fixes multiple vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions and compromise a user's system.

tags | advisory, vulnerability
systems | linux, suse
MD5 | 2c00641f4eb9bd90427ae0683b999acb
Secunia Security Advisory 46227
Posted Oct 24, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in the WP-Polls plugin for WordPress, which can be exploited by malicious users to conduct SQL injection attacks.

tags | advisory, sql injection
MD5 | f1851a6e2cfc0b1ce592c005ef825807
Secunia Security Advisory 46264
Posted Oct 24, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Sitewatch has discovered a vulnerability in the EvoLve theme for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
MD5 | c7418e1b0acff9bba29981915b4a4fb1
Secunia Security Advisory 46289
Posted Oct 24, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for puppet. This fixes multiple security issues, which can be exploited by malicious, local users to perform certain actions with escalated privileges.

tags | advisory, local
systems | linux, ubuntu
MD5 | 633544fe084571a5bfb546c7adfe1c43
Secunia Security Advisory 46299
Posted Oct 24, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Perl, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory, perl
MD5 | a1935cd82276d31426a1d05024e4eeff
Page 1 of 2
Back12Next

File Archive:

August 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    10 Files
  • 2
    Aug 2nd
    8 Files
  • 3
    Aug 3rd
    2 Files
  • 4
    Aug 4th
    1 Files
  • 5
    Aug 5th
    15 Files
  • 6
    Aug 6th
    79 Files
  • 7
    Aug 7th
    16 Files
  • 8
    Aug 8th
    10 Files
  • 9
    Aug 9th
    10 Files
  • 10
    Aug 10th
    0 Files
  • 11
    Aug 11th
    6 Files
  • 12
    Aug 12th
    26 Files
  • 13
    Aug 13th
    15 Files
  • 14
    Aug 14th
    19 Files
  • 15
    Aug 15th
    52 Files
  • 16
    Aug 16th
    11 Files
  • 17
    Aug 17th
    1 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close