exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 51 RSS Feed

Files Date: 2012-01-25

p0f 3.03b Windows Port
Posted Jan 25, 2012
Authored by Michal Zalewski, David Coomber | Site lcamtuf.coredump.cx

P0f is a tool that utilizes an array of sophisticated, purely passive traffic fingerprinting mechanisms to identify the players behind any incidental TCP/IP communications (often as little as a single normal SYN) without interfering in any way. Version 3 is a complete rewrite of the original codebase, incorporating a significant number of improvements to network-level fingerprinting, and introducing the ability to reason about application-level payloads (e.g., HTTP).

Changes: This is a Windows port of the latest release created by David Coomber.
tags | tool, web, scanner, tcp
systems | windows
SHA-256 | ae853ced1e0f3446f86a75db60b1aa28e2344aae92002f1ae7860e5b0620124e
Mobius Forensic Toolkit 0.5.11
Posted Jan 25, 2012
Site savannah.nongnu.org

Mobius Forensic Toolkit is a forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files for easy integration with other tools.

Changes: This release features 14 new registry reports: autorun, services, IE download folder, IE typed URLs, MRU files opened/saved, MRU files executed, search assistant, printer ports, processors, all devices, enumerated devices, HID devices, network devices, and stream devices. Minor improvements were made.
tags | tool, python, forensics
systems | unix
SHA-256 | fe30099f81b1becba0ff46b3fca74de5b1cea906c4b982ebd958cd840ce253b4
Zero Day Initiative Advisory 12-018
Posted Jan 25, 2012
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 12-018 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Symantec PCAnywhere. Authentication is not required to exploit this vulnerability. The flaw exists within the awhost32 component which is used when handling incoming connections. This process listens on TCP port 5631. When handling an authentication request the process copies the user supplied username unsafely to a fixed-length buffer of size 0x108. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the SYSTEM account.

tags | advisory, remote, arbitrary, tcp
advisories | CVE-2011-3478
SHA-256 | f2e5416cfb35582eb7bb064faa5f556740901c0c7936212dbaf2cc1269cea59b
vBadvanced CMPS 3.2.2 Local File Inclusion / Remote File Inclusion
Posted Jan 25, 2012
Authored by PacketiK

vBadvanced CMPS versions 3.2.2 and below suffer from local file inclusion and remote file inclusion vulnerabilities.

tags | exploit, remote, local, vulnerability, code execution, file inclusion
SHA-256 | c6a391cbf24f61e8fea160228f0df279dca4ae0f1ad3d65b35e040748bf83045
Linux/x86 Add New User/Password Shellcode
Posted Jan 25, 2012
Authored by KedAns-Dz

180 bytes small Linux/x86 add new user/password shellcode.

tags | x86, shellcode
systems | linux
SHA-256 | 2507665fb5598085aa7170024022a8af2b3c254563abca1ee43b028cda2e1de8
UltraPlayer 2.112 Stack Buffer Overflow
Posted Jan 25, 2012
Authored by KedAns-Dz | Site metasploit.com

This Metasploit module exploits a stack buffer overflow in versions 2.112 of UltraPlayer by creating a specially crafted .m3u file. The file allows an attacker to execute arbitrary code.

tags | exploit, overflow, arbitrary
SHA-256 | ca1fcc7a152abea97e8cfb96078845d146070280b9ea0f1eac09f15ddad9d831
NX Web Companion Spoofing Arbitrary Code Execution
Posted Jan 25, 2012
Authored by otr

NX Web Companion suffers from a spoofing vulnerability that may allow for arbitrary code execution.

tags | advisory, web, arbitrary, spoof, code execution
SHA-256 | c6dbb4c255fa34d27c7f911a58e314d1f1d2ecc2c658c6db8ccba523adf5f97b
Microsoft Office 2003 .doc Buffer Overflow
Posted Jan 25, 2012
Authored by KedAns-Dz | Site metasploit.com

This Metasploit module exploits a buffer overflow in Microsoft Office 2003 and command execution with .a malicious doc file .

tags | exploit, overflow
SHA-256 | e45bf18ac108e4ae3783ccae6f6292790febfb3111809b9cea39d7aae1a9bdb6
RSSLounge Cross Site Scripting
Posted Jan 25, 2012
Authored by Mr.PaPaRoSSe

RSSLounge suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 0247221fb2aeed4124aa951eb761e61549b9bf29018bda5ac1745ddf5313614f
Linux/x86 Search / Inject PHP Backdoor Shellcode
Posted Jan 25, 2012
Authored by KedAns-Dz

This Linux/x86 shellcode searches .php files and injects a PHP backdoor into them.

tags | x86, php, shellcode
systems | linux
SHA-256 | 083be87460a5024c26d79b3f9143ff66d4099a6b438b7ea88f793822bed39c10
Acolyte CMS 1.5 / 6.3 Cross Site Scripting / SQL Injection
Posted Jan 25, 2012
Authored by Hubert Wojciechowski, Vulnerability Laboratory | Site vulnerability-lab.com

Acolyte CMS versions 1.5 and 6.3 suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
SHA-256 | 51fa4e3bd561627016cc5adc2f2401ab8129e365593901bbdd521ba1b6406931
D-Link DIR-601 Directory Traversal
Posted Jan 25, 2012
Authored by Rob Kraus | Site solutionary.com

D-Link DIR-601 suffers from a tftp related directory traversal vulnerability.

tags | advisory
SHA-256 | c2341be3374f364db4886f7f9c73cd038eea6bb969288bf41618374a371eccf2
DClassifieds 0.1 Final Cross Site Request Forgery
Posted Jan 25, 2012
Authored by High-Tech Bridge SA | Site htbridge.com

DClassifieds version 0.1 Final suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | 888779fbbbf396ea56ee0df0bf1228d2933f57d7888511a331b394459aab82c6
OSclass 2.3.3 Cross Site Scripting / SQL Injection
Posted Jan 25, 2012
Authored by High-Tech Bridge SA | Site htbridge.com

OSclass version 2.3.3 suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
SHA-256 | 68a8b30bf86fd39358f8a0a0494cc909420ce555fbbc8fcc42bab6bdd5564c4d
Debian Security Advisory 2393-1
Posted Jan 25, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2393-1 - Julien Tinnes reported a buffer overflow in the bip multiuser irc proxy which may allow arbitrary code execution by remote users.

tags | advisory, remote, overflow, arbitrary, code execution
systems | linux, debian
advisories | CVE-2012-0806
SHA-256 | aa0e1e2a4fec81c893d4428c6732094a2f6aba097136844a5a8ecb22a2e06f1f
MobiPST 2012 Call For Papers
Posted Jan 25, 2012
Site edas.info

Call For Papers for MobiPST 2012 - The Second International Workshop on Privacy, Security and Trust in Mobile and Wireless Systems (MobiPST 2012) will be held in Munchen, Germany, July 30th through August 2nd, 2012.

tags | paper, conference
SHA-256 | eaa7cdd9a0335e23bd731fc072e34da3b22b7bb6ac8fff8ba34a5e743d2c0e14
Ubuntu Security Notice USN-1347-1
Posted Jan 25, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1347-1 - It was discovered that Evince did not properly parse AFM font files when processing DVI files. If a user were tricked into opening a specially crafted DVI file, an attacker could cause Evince to crash or potentially execute arbitrary code with the privileges of the user invoking the program. In the default installation, attackers would be isolated by the Evince AppArmor profile. Various other issues were also addressed.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2011-0433
SHA-256 | e2ae8a4942a1408fd1f5749f1c33407b0d8a1c24263d7c02adea8d51a57e1826
HP Security Bulletin HPSBUX02729 SSRT100687 3
Posted Jan 25, 2012
Authored by HP | Site hp.com

HP Security Bulletin HPSBUX02729 SSRT100687 3 - A potential security vulnerability has been identified with HP-UX running BIND. This vulnerability could be exploited remotely to create a Denial of Service (DoS). Revision 3 of this advisory.

tags | advisory, denial of service
systems | hpux
advisories | CVE-2011-4313
SHA-256 | 0f390da79dca7121a928ccac203062c88e4b9d40c3e900178619534800c5aa2d
HP Security Bulletin HPSBUX02719 SSRT100658 4
Posted Jan 25, 2012
Authored by HP | Site hp.com

HP Security Bulletin HPSBUX02719 SSRT100658 4 - A potential security vulnerability has been identified with HP-UX running BIND. This vulnerability could be exploited remotely to create a Denial of Service (DoS). Revision 4 of this advisory.

tags | advisory, denial of service
systems | hpux
advisories | CVE-2011-2464
SHA-256 | db5efe12393320a38d7152547fd542c151617597369faaad374988166242bb6d
Verkehrsbetriebe Berlin SQL Injection
Posted Jan 25, 2012
Authored by Vulnerability Laboratory | Site vulnerability-lab.com

Verkehrsbetriebe Berlin suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | fb54b702fdb97e4b2487f7217d188f9ad3e15e521696a53844b118cb2cf31648
Symantec PCAnywhere Privilege Escalation
Posted Jan 25, 2012
Authored by Edward Torkington | Site ngssoftware.com

Symantec PCAnywhere version 12.5.x suffers from a local privilege escalation vulnerability.

tags | advisory, local
SHA-256 | 949533286d184aa8a366db5cecd292980a2b41e4568456879244809c63d57eb0
Symantec PCAnywhere Code Execution
Posted Jan 25, 2012
Authored by Edward Torkington | Site ngssoftware.com

Symantec PCAnywhere version 12.5.x suffers from a code execution vulnerability.

tags | advisory, code execution
SHA-256 | 27a6825032e4993b1623f73392cbc9e6de469b4fcbc3c00fff8bed55e45dcc02
Technical Cyber Security Alert 2012-24A
Posted Jan 25, 2012
Authored by US-CERT | Site us-cert.gov

Technical Cyber Security Alert 2012-24A - US-CERT has received information from multiple sources about coordinated distributed denial-of-service (DDoS) attacks with targets that included U.S. government agency and entertainment industry websites. The loosely affiliated collective "Anonymous" allegedly promoted the attacks in response to the shutdown of the file hosting site MegaUpload and in protest of proposed U.S. legislation concerning online trafficking in copyrighted intellectual property and counterfeit goods (Stop Online Piracy Act, or SOPA, and Preventing Real Online Threats to Economic Creativity and Theft of Intellectual Property Act, or PIPA).

tags | advisory
SHA-256 | 925a21594f876a867e4c6e9471fa1023ca73286d7899e7a048b74bdefeb10aaa
Facebook Applications Null Byte Injection
Posted Jan 25, 2012
Authored by Fiez Crack

Multiple Facebook applications suffer from a null byte SQL injection vulnerability.

tags | exploit, sql injection
SHA-256 | 712bc0035aef721e45958679ad3227dc02a5a2003c0fac08baef7c664fb8ee22
HP Security Bulletin HPSBUX02734 SSRT100729
Posted Jan 25, 2012
Authored by HP | Site hp.com

HP Security Bulletin HPSBUX02734 SSRT100729 - A potential security vulnerability has been identified with HP-UX OpenSSL. This vulnerability could be exploited remotely to create a Denial of Service (DoS) or to gain unauthorized access. Revision 1 of this advisory.

tags | advisory, denial of service
systems | hpux
advisories | CVE-2011-3210, CVE-2011-4108, CVE-2011-4109, CVE-2011-4576, CVE-2011-4577, CVE-2011-4619
SHA-256 | b2265e92d8b81cb40b2add6a630d861f1b28f98b30119e91fd07549aa77efff1
Page 1 of 3
Back123Next

File Archive:

December 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    0 Files
  • 2
    Dec 2nd
    41 Files
  • 3
    Dec 3rd
    25 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close