exploit the possibilities
Showing 1 - 25 of 51 RSS Feed

Files Date: 2012-01-25

p0f 3.03b Windows Port
Posted Jan 25, 2012
Authored by Michal Zalewski, David Coomber | Site lcamtuf.coredump.cx

P0f is a tool that utilizes an array of sophisticated, purely passive traffic fingerprinting mechanisms to identify the players behind any incidental TCP/IP communications (often as little as a single normal SYN) without interfering in any way. Version 3 is a complete rewrite of the original codebase, incorporating a significant number of improvements to network-level fingerprinting, and introducing the ability to reason about application-level payloads (e.g., HTTP).

Changes: This is a Windows port of the latest release created by David Coomber.
tags | tool, web, scanner, tcp
systems | windows
MD5 | aea524324828790b24a90be3bb7a0d93
Mobius Forensic Toolkit 0.5.11
Posted Jan 25, 2012
Site savannah.nongnu.org

Mobius Forensic Toolkit is a forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files for easy integration with other tools.

Changes: This release features 14 new registry reports: autorun, services, IE download folder, IE typed URLs, MRU files opened/saved, MRU files executed, search assistant, printer ports, processors, all devices, enumerated devices, HID devices, network devices, and stream devices. Minor improvements were made.
tags | tool, python, forensics
systems | unix
MD5 | e4f9643b6c77ffa9ff00ab0f59dd9097
Zero Day Initiative Advisory 12-018
Posted Jan 25, 2012
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 12-018 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Symantec PCAnywhere. Authentication is not required to exploit this vulnerability. The flaw exists within the awhost32 component which is used when handling incoming connections. This process listens on TCP port 5631. When handling an authentication request the process copies the user supplied username unsafely to a fixed-length buffer of size 0x108. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the SYSTEM account.

tags | advisory, remote, arbitrary, tcp
advisories | CVE-2011-3478
MD5 | 824e081f7e89eb770aac1138d6cd8241
vBadvanced CMPS 3.2.2 Local File Inclusion / Remote File Inclusion
Posted Jan 25, 2012
Authored by PacketiK

vBadvanced CMPS versions 3.2.2 and below suffer from local file inclusion and remote file inclusion vulnerabilities.

tags | exploit, remote, local, vulnerability, code execution, file inclusion
MD5 | e2be31fe18b36ede34febe2700666d74
Linux/x86 Add New User/Password Shellcode
Posted Jan 25, 2012
Authored by KedAns-Dz

180 bytes small Linux/x86 add new user/password shellcode.

tags | x86, shellcode
systems | linux
MD5 | cd7399535526f6e2b9460ccc859d6f7d
UltraPlayer 2.112 Stack Buffer Overflow
Posted Jan 25, 2012
Authored by KedAns-Dz | Site metasploit.com

This Metasploit module exploits a stack buffer overflow in versions 2.112 of UltraPlayer by creating a specially crafted .m3u file. The file allows an attacker to execute arbitrary code.

tags | exploit, overflow, arbitrary
MD5 | 20042a4b7aa659fb5891b18094d0cbac
NX Web Companion Spoofing Arbitrary Code Execution
Posted Jan 25, 2012
Authored by otr

NX Web Companion suffers from a spoofing vulnerability that may allow for arbitrary code execution.

tags | advisory, web, arbitrary, spoof, code execution
MD5 | 217d5cb4dac721dbdb33b56bf020535d
Microsoft Office 2003 .doc Buffer Overflow
Posted Jan 25, 2012
Authored by KedAns-Dz | Site metasploit.com

This Metasploit module exploits a buffer overflow in Microsoft Office 2003 and command execution with .a malicious doc file .

tags | exploit, overflow
MD5 | db39a8eae4763d436952cb3f35e8e9c5
RSSLounge Cross Site Scripting
Posted Jan 25, 2012
Authored by Mr.PaPaRoSSe

RSSLounge suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 3f7098392517c55f0ef07693c57b205c
Linux/x86 Search / Inject PHP Backdoor Shellcode
Posted Jan 25, 2012
Authored by KedAns-Dz

This Linux/x86 shellcode searches .php files and injects a PHP backdoor into them.

tags | x86, php, shellcode
systems | linux
MD5 | 5888da252a52b2b4c0e54a04877f8d94
Acolyte CMS 1.5 / 6.3 Cross Site Scripting / SQL Injection
Posted Jan 25, 2012
Authored by snup | Site vulnerability-lab.com

Acolyte CMS versions 1.5 and 6.3 suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
MD5 | 7a33966913a9b34eb4a26af0124517cb
D-Link DIR-601 Directory Traversal
Posted Jan 25, 2012
Authored by Rob Kraus | Site solutionary.com

D-Link DIR-601 suffers from a tftp related directory traversal vulnerability.

tags | advisory
MD5 | e834eb0071d2f83454670f7ea6966f65
DClassifieds 0.1 Final Cross Site Request Forgery
Posted Jan 25, 2012
Authored by High-Tech Bridge SA | Site htbridge.com

DClassifieds version 0.1 Final suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | dbf14b7af94fa3d3f651987807cbf217
OSclass 2.3.3 Cross Site Scripting / SQL Injection
Posted Jan 25, 2012
Authored by High-Tech Bridge SA | Site htbridge.com

OSclass version 2.3.3 suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
MD5 | 26ca463e838a42eeb09efe4b55942d1e
Debian Security Advisory 2393-1
Posted Jan 25, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2393-1 - Julien Tinnes reported a buffer overflow in the bip multiuser irc proxy which may allow arbitrary code execution by remote users.

tags | advisory, remote, overflow, arbitrary, code execution
systems | linux, debian
advisories | CVE-2012-0806
MD5 | 37b1895dc25699ccbbbff86aa524f9f1
MobiPST 2012 Call For Papers
Posted Jan 25, 2012
Site edas.info

Call For Papers for MobiPST 2012 - The Second International Workshop on Privacy, Security and Trust in Mobile and Wireless Systems (MobiPST 2012) will be held in Munchen, Germany, July 30th through August 2nd, 2012.

tags | paper, conference
MD5 | f62eebe0acd97637ff892ef69a8fb38b
Ubuntu Security Notice USN-1347-1
Posted Jan 25, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1347-1 - It was discovered that Evince did not properly parse AFM font files when processing DVI files. If a user were tricked into opening a specially crafted DVI file, an attacker could cause Evince to crash or potentially execute arbitrary code with the privileges of the user invoking the program. In the default installation, attackers would be isolated by the Evince AppArmor profile. Various other issues were also addressed.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2011-0433
MD5 | 639a3e0f48d3dd0b5c53230a9c123c12
HP Security Bulletin HPSBUX02729 SSRT100687 3
Posted Jan 25, 2012
Authored by HP | Site hp.com

HP Security Bulletin HPSBUX02729 SSRT100687 3 - A potential security vulnerability has been identified with HP-UX running BIND. This vulnerability could be exploited remotely to create a Denial of Service (DoS). Revision 3 of this advisory.

tags | advisory, denial of service
systems | hpux
advisories | CVE-2011-4313
MD5 | 825bb88f85541f34a70025732befba59
HP Security Bulletin HPSBUX02719 SSRT100658 4
Posted Jan 25, 2012
Authored by HP | Site hp.com

HP Security Bulletin HPSBUX02719 SSRT100658 4 - A potential security vulnerability has been identified with HP-UX running BIND. This vulnerability could be exploited remotely to create a Denial of Service (DoS). Revision 4 of this advisory.

tags | advisory, denial of service
systems | hpux
advisories | CVE-2011-2464
MD5 | cd4bb870d1f2bff2678abd272491bdf8
Verkehrsbetriebe Berlin SQL Injection
Posted Jan 25, 2012
Site vulnerability-lab.com

Verkehrsbetriebe Berlin suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | f060c7a9ae2f4f8865df704bd0ea5a1f
Symantec PCAnywhere Privilege Escalation
Posted Jan 25, 2012
Authored by Edward Torkington | Site ngssoftware.com

Symantec PCAnywhere version 12.5.x suffers from a local privilege escalation vulnerability.

tags | advisory, local
MD5 | 2957298220a78082390d73e34cdfe835
Symantec PCAnywhere Code Execution
Posted Jan 25, 2012
Authored by Edward Torkington | Site ngssoftware.com

Symantec PCAnywhere version 12.5.x suffers from a code execution vulnerability.

tags | advisory, code execution
MD5 | 060facd3910ac12a61ed8cab17ba77f1
Technical Cyber Security Alert 2012-24A
Posted Jan 25, 2012
Authored by US-CERT | Site us-cert.gov

Technical Cyber Security Alert 2012-24A - US-CERT has received information from multiple sources about coordinated distributed denial-of-service (DDoS) attacks with targets that included U.S. government agency and entertainment industry websites. The loosely affiliated collective "Anonymous" allegedly promoted the attacks in response to the shutdown of the file hosting site MegaUpload and in protest of proposed U.S. legislation concerning online trafficking in copyrighted intellectual property and counterfeit goods (Stop Online Piracy Act, or SOPA, and Preventing Real Online Threats to Economic Creativity and Theft of Intellectual Property Act, or PIPA).

tags | advisory
MD5 | ee1ff7440a3cf56b7c8253eae3998bcd
Facebook Applications Null Byte Injection
Posted Jan 25, 2012
Authored by Fiez Crack

Multiple Facebook applications suffer from a null byte SQL injection vulnerability.

tags | exploit, sql injection
MD5 | 86cce9541b3b4842da538ac60bb5b2a5
HP Security Bulletin HPSBUX02734 SSRT100729
Posted Jan 25, 2012
Authored by HP | Site hp.com

HP Security Bulletin HPSBUX02734 SSRT100729 - A potential security vulnerability has been identified with HP-UX OpenSSL. This vulnerability could be exploited remotely to create a Denial of Service (DoS) or to gain unauthorized access. Revision 1 of this advisory.

tags | advisory, denial of service
systems | hpux
advisories | CVE-2011-3210, CVE-2011-4108, CVE-2011-4109, CVE-2011-4576, CVE-2011-4577, CVE-2011-4619
MD5 | 67ac7b079800ca611fda987af17a1185
Page 1 of 3
Back123Next

File Archive:

April 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    60 Files
  • 2
    Apr 2nd
    0 Files
  • 3
    Apr 3rd
    0 Files
  • 4
    Apr 4th
    0 Files
  • 5
    Apr 5th
    0 Files
  • 6
    Apr 6th
    0 Files
  • 7
    Apr 7th
    0 Files
  • 8
    Apr 8th
    0 Files
  • 9
    Apr 9th
    0 Files
  • 10
    Apr 10th
    0 Files
  • 11
    Apr 11th
    0 Files
  • 12
    Apr 12th
    0 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    0 Files
  • 16
    Apr 16th
    0 Files
  • 17
    Apr 17th
    0 Files
  • 18
    Apr 18th
    0 Files
  • 19
    Apr 19th
    0 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close