what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 29 RSS Feed

Files Date: 2012-01-19

Suricata IDPE 1.2
Posted Jan 19, 2012
Site openinfosecfoundation.org

Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and Barnyard2 tools.

Changes: PCAP live runmodes were fixed. CPU affinity settings for live runmodes were fixed. Windows/Cygwin path handling was improved.
tags | tool, intrusion detection
systems | unix
SHA-256 | 7915f5ba4ff02af2da4e132cc03472d674c4633ae0e4c0bacad2a58daad5e262
Ubuntu Security Notice USN-1334-1
Posted Jan 19, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1334-1 - It was discovered that libxml2 contained an off by one error. If a user or application linked against libxml2 were tricked into opening a specially crafted XML file, an attacker could cause the application to crash or possibly execute arbitrary code with the privileges of the user invoking the program. It was discovered that libxml2 is vulnerable to double-free conditions when parsing certain XML documents. This could allow a remote attacker to cause a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2011-0216, CVE-2011-2821, CVE-2011-2834, CVE-2011-3905, CVE-2011-3919
SHA-256 | 828483a1a6bbf8065e049dfca2a65efa7ca35f2fa4a558adde9549639c05bfb7
OpenSSL Toolkit 1.0.0g
Posted Jan 19, 2012
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.

Changes: This release fixed a DTLS DoS issue which was recently introduced by the fix for CVE-2011-4109.
tags | encryption, protocol
systems | unix
advisories | CVE-2011-4109
SHA-256 | 905106a1505e7d9f7c36ee81408d3aa3d41aac291a9603d0c290c9530c92fc2c
Ubuntu Security Notice USN-1335-1
Posted Jan 19, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1335-1 - Jon Larimer discovered that t1lib did not properly parse AFM fonts. If a user were tricked into using a specially crafted font file, a remote attacker could cause t1lib to crash or possibly execute arbitrary code with user privileges. Jonathan Brossard discovered that t1lib did not correctly handle certain malformed font files. If a user were tricked into using a specially crafted font file, a remote attacker could cause t1lib to crash. Various other issues were also addressed.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2010-2642, CVE-2011-0433, CVE-2011-1552, CVE-2011-1553, CVE-2011-1554
SHA-256 | 0c7caf48e49174279d1eded16dc85b00dae0d90d73ac400b2fd293a3054adf7e
Suhosin PHP Extension Transparent Cookie Encryption Stack Buffer Overflow
Posted Jan 19, 2012
Authored by Stefan Esser

A possible stack buffer overflow in Suhosin extension's transparent cookie encryption that can only be triggered in an uncommon and weakened Suhosin configuration can lead to arbitrary remote code execution, if the FORTIFY_SOURCE compile option was not used when Suhosin was compiled. Versions 0.9.32.1 and below are affected.

tags | exploit, remote, overflow, arbitrary, code execution
SHA-256 | 7b76245682b97cb024e98bdc990fce1fd1209c0093a98ed46429a4d2ea80c3ec
Wvdial / usb_modeswitch File Overwrite
Posted Jan 19, 2012
Authored by srm

When using usb_modeswitch and invoking pppd from wvdial in -detach mode. a /tmp/debug file is created. A local Attacker could overwrite arbitrary files.

tags | exploit, arbitrary, local
SHA-256 | 8d3c41b30627a514ca963158a099851a1cb31165bd228c27f1d9b76af12c9189
MySQL Brute Force Tool
Posted Jan 19, 2012
Authored by James Stevenson | Site stev.org

This is a small MySQL cracking tool capable of running login attempts from multiple threads in parallel. It is capable of 1024 concurrent connections.

tags | tool, cracker, sql injection
SHA-256 | f146f20998994d92b163d14ad2d638e4e8fe1b472cee16e5eb3e73270024ebab
Brand PHP SQL Injection
Posted Jan 19, 2012
Authored by Th4 MasK

Brand PHP suffers from a remote SQL injection vulnerability.

tags | exploit, remote, php, sql injection
SHA-256 | 5202ae7947a4a055dddb182e81350e331df628a89622b1ce210398cc6bde0da3
appRain CMF 0.1.5 Shell Upload
Posted Jan 19, 2012
Authored by EgiX

appRain CMF versions 0.1.5 and below suffer from an unrestricted shell upload vulnerability in uploadify.php.

tags | exploit, shell, php
SHA-256 | 506aabb495e506a158aa2e70e4e9660ae29a6ff831efa1d2287c34419cba6dda
WordPress uCan Post 1.0.09 Cross Site Scripting
Posted Jan 19, 2012
Authored by Gianluca Brindisi

WordPress uCan Post plugin versions 1.0.09 and below suffer from a stored cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 8fb475a0d2e5e4779f36ff9b345d1258634708bb89aa4a29d9182794886fa1f2
Microsoft Anti-XSS Library Bypass
Posted Jan 19, 2012
Authored by Adi Cohen

The Microsoft Anti-XSS library versions 3.0 and 4.0 suffer from a javascript bypass vulnerability.

tags | exploit, javascript, bypass
SHA-256 | 9c3724fcd0d3afee3bd1af91d841bc9d029d55edbafef54c733f648ff52a0dc3
WebCrafters Design SQL Injection
Posted Jan 19, 2012
Authored by 3spi0n

WebCrafters Design suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 904ec1a80572fb9651b9e0e1dd92fb557140f8775d231ae04d32b996e8170f7f
WOL-E Wake On LAN Hacking Toolset 1.0
Posted Jan 19, 2012
Authored by Nathaniel Carew | Site code.google.com

WOL-E is a suite of tools for the Wake on LAN feature of network attached computers, this is now enabled by default on many Apple computers. These tools include bruteforcing the MAC address to wake up clients, sniffing WOL attempts and passwords, scanning for Apple devices and more.

tags | tool, wireless
systems | unix, apple
SHA-256 | e28f7b08a572231c36ca10c3933eb5f2549796295fe96083eb66efbad6aaf210
Fiche Avion SQL Injection
Posted Jan 19, 2012
Authored by Th4 MasK

Fiche Avion suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 291bba881c5f7057f16dd8f38ea00b8b4452191a552433881e44352cf82b796a
MaDVideO SQL Injection
Posted Jan 19, 2012
Authored by Th4 MasK

MaDVideO suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | b2e362f36095fb73fce78a787618db2eb4ea4648aa9a1e0594c71fede035422e
Visualizza SQL Injection
Posted Jan 19, 2012
Authored by Th4 MasK

Visualizza suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 1ebb1a7d69adbd547979b9bce35c2eb8826be3b3ff91fe9b38e2ffd9a7541def
Common Security Vulnerabilities In Online Payment Systems
Posted Jan 19, 2012
Authored by Hitesh Malviya

This is a short whitepaper that discusses common vulnerabilities in online payment systems.

tags | paper, vulnerability
SHA-256 | ad3dfe59b75e6688f6179cb87d6b7b29635301fd6bf32fb409a1cba64bf5ae99
PostNuke pnAddressbook SQL Injection
Posted Jan 19, 2012
Authored by Robert Cooper

The PostNuke pnAddressbook module suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | f1b0ea692d5ca7446990d64e990500667d0fd90bc9bae0ad6b31d6e250c3130b
HP Security Bulletin HPSBMU02736 SSRT100699
Posted Jan 19, 2012
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU02736 SSRT100699 - Potential security vulnerabilities have been identified with HP Business Availability Center (BAC) and Business Service Management (BSM) . The vulnerabilities could be remotely exploited to allow unauthorized access to sensitive information. Revision 1 of this advisory.

tags | advisory, vulnerability
advisories | CVE-2008-3273, CVE-2010-1428, CVE-2010-1429
SHA-256 | 45d7176639ffb448154803ed3be918ff4fc106da71fbee37f29f495dd411ac87
Secunia Security Advisory 47600
Posted Jan 19, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in XnView, which can be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability
SHA-256 | 00d29b257ad6d65041e3fa9f5a24a7ad6aa44b6f87ae42fef188f0b2f137bbe9
Secunia Security Advisory 47584
Posted Jan 19, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in McAfee GroupShield, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
SHA-256 | 876f4bb8ae3bf2f67af7307c58334a25a189210a53cf2affc44a78fef342f852
Secunia Security Advisory 47586
Posted Jan 19, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in Oracle MySQL Server, which can be exploited by malicious, local users to gain knowledge of sensitive information, manipulate certain data, or cause a DoS (Denial of Service), by malicious users to gain knowledge of sensitive information, manipulate certain data, or cause a DoS, or by malicious people to cause a DoS.

tags | advisory, denial of service, local, vulnerability
SHA-256 | 37883ef6606d6e027797aa12f3754e6b1a8bc1f88f3c28db975ace4edd657db7
Secunia Security Advisory 47649
Posted Jan 19, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in the Panels module for Drupal, which can be exploited by malicious users to conduct script insertion attacks.

tags | advisory
SHA-256 | 17ecb270298f2ff0544eeedc80dda4aa6a50e7e093c81336aab464a35cc4eb2e
Secunia Security Advisory 47653
Posted Jan 19, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in the Quick Tabs module for Drupal, which can be exploited by malicious users to conduct script insertion attacks.

tags | advisory
SHA-256 | 96057d3835fc857698055a213fc2a2e23a19031ab6700049f814bd1976f747b5
Secunia Security Advisory 47566
Posted Jan 19, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Gu1 has discovered a weakness in X.Org, which can be exploited by malicious people with physical access to bypass certain security restrictions.

tags | advisory
SHA-256 | 419e8f3789ced2263564fc8fbdb3e0a3a7978fdafc3d4b97b129b8b878c125b3
Page 1 of 2
Back12Next

File Archive:

September 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    23 Files
  • 2
    Sep 2nd
    12 Files
  • 3
    Sep 3rd
    0 Files
  • 4
    Sep 4th
    0 Files
  • 5
    Sep 5th
    10 Files
  • 6
    Sep 6th
    8 Files
  • 7
    Sep 7th
    30 Files
  • 8
    Sep 8th
    14 Files
  • 9
    Sep 9th
    26 Files
  • 10
    Sep 10th
    0 Files
  • 11
    Sep 11th
    0 Files
  • 12
    Sep 12th
    5 Files
  • 13
    Sep 13th
    28 Files
  • 14
    Sep 14th
    15 Files
  • 15
    Sep 15th
    17 Files
  • 16
    Sep 16th
    9 Files
  • 17
    Sep 17th
    0 Files
  • 18
    Sep 18th
    0 Files
  • 19
    Sep 19th
    12 Files
  • 20
    Sep 20th
    15 Files
  • 21
    Sep 21st
    20 Files
  • 22
    Sep 22nd
    13 Files
  • 23
    Sep 23rd
    12 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    30 Files
  • 27
    Sep 27th
    27 Files
  • 28
    Sep 28th
    8 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close