accept no compromises
Showing 1 - 25 of 69 RSS Feed

Files Date: 2012-04-11

Subverting Networks
Posted Apr 11, 2012
Authored by Parul Khanna

This is a brief presentation that touches on various elements of attacks used to cause computer security issues. It is very high level.

tags | paper
MD5 | 34f4f122d7199b20bb266a1772100939
Ubuntu Security Notice USN-1420-1
Posted Apr 11, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1420-1 - It was discovered that the NVIDIA graphics drivers could be reconfigured to gain access to arbitrary system memory. A local attacker could use this issue to possibly gain root privileges.

tags | advisory, arbitrary, local, root
systems | linux, ubuntu
advisories | CVE-2012-0946
MD5 | fcf3621d1e929a10c6ff0a8f0afed521
Technical Cyber Security Alert 2012-101B
Posted Apr 11, 2012
Authored by US-CERT | Site us-cert.gov

Technical Cyber Security Alert 2012-101B - Adobe has released Security Bulletin APSB12-08, which describes multiple vulnerabilities affecting Adobe Reader and Acrobat. As part of this update, Adobe Reader and Acrobat 9.x will use the system-wide Flash Player browser plug-in instead of the Authplay component. In addition, Reader and Acrobat now disable the rendering of 3D content by default.

tags | advisory, vulnerability
MD5 | 6595d0dd4ab1e29fe00b04df2e20537d
NIELD (Network Interface Events Logging Daemon) 0.23
Posted Apr 11, 2012
Authored by Tetsumune KISO | Site github.com

Network Interface Events Logging Daemon is a tool that receives notifications from the kernel through the rtnetlink socket, and generates logs related to link state, neighbor cache (ARP,NDP), IP address (IPv4,IPv6), route, FIB rules.

Changes: This release includes minor updates and bugfixes.
tags | tool, kernel, system logging
systems | linux, unix
MD5 | e9f4ca6f02b310f96cfc608eadac646f
BGS CMS 2.2.1 Cross Site Scripting
Posted Apr 11, 2012
Authored by LiquidWorm | Site zeroscience.mk

BGS CMS version 2.2.1 suffers from multiple stored and reflected cross site scripting vulnerabilities when parsing user input to several parameters via GET and POST method (post-auth). Attackers can exploit this weakness to execute arbitrary HTML and script code in a user's browser session.

tags | exploit, arbitrary, vulnerability, xss
MD5 | c54a0b84f4d59f813d6cc23eb05848b4
Seditio Chat 1.0 Cross Site Request Forgery
Posted Apr 11, 2012
Authored by Akastep

Seditio Chat plugin version 1.0 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | dd3f6378280f2561e905f9b5dde908a2
Mandriva Linux Security Advisory 2012-055
Posted Apr 11, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-055 - The RPC code generator in Samba 3.x before 3.4.16, 3.5.x before 3.5.14, and 3.6.x before 3.6.4 does not implement validation of an array length in a manner consistent with validation of array memory allocation, which allows remote attackers to execute arbitrary code via a crafted RPC call. The updated packages have been patched to correct this issue.

tags | advisory, remote, arbitrary
systems | linux, mandriva
advisories | CVE-2012-1182
MD5 | b1365ce3f37309392f2a856a33bc2c37
Koprana CMS SQL Injection
Posted Apr 11, 2012
Authored by The UnKn0wN

Koprana CMS remote SQL injection exploit written in PHP.

tags | exploit, remote, php, sql injection
MD5 | 75d22aa7ea037fa9dd9fbc4af9eebb2e
Koprana CMS Shell Upload
Posted Apr 11, 2012
Authored by The UnKn0wN

Koprana CMS remote shell upload exploit written in PHP.

tags | exploit, remote, shell, php
MD5 | 5363b47d972d785998ba879624130b09
Technical Cyber Security Alert 2012-101A
Posted Apr 11, 2012
Authored by US-CERT | Site us-cert.gov

Technical Cyber Security Alert 2012-101A - There are multiple vulnerabilities in Microsoft Windows, Internet Explorer, Microsoft .NET Framework, Microsoft Office, Microsoft Server Software, Microsoft SQL Server, Microsoft Developer Tools, and Microsoft Forefront United Access Gateway. Microsoft has released updates to address these vulnerabilities.

tags | advisory, vulnerability
systems | windows
MD5 | 012a55eecbf0aa3febb5ac96e10846ea
wicd Privilege Escalation
Posted Apr 11, 2012
Site infosecinstitute.com

wicd suffers from a privilege escalation vulnerability. Exploit that spawns a root shell and a patch are included.

tags | exploit, shell, root
MD5 | a33a9fa0bd4815a1f8f963ca6c0d50b7
Mozilla Firefox Bootstrapped Addon Social Engineering Code Execution
Posted Apr 11, 2012
Site metasploit.com

This exploit dynamically creates a .xpi addon file. The resulting bootstrapped Firefox addon is presented to the victim via a web page with. The victim's Firefox browser will pop a dialog asking if they trust the addon. Once the user clicks "install", the addon is installed and executes the payload with full user permissions. As of Firefox 4, this will work without a restart as the addon is marked to be "bootstrapped". As the addon will execute the payload after each Firefox restart, an option can be given to automatically uninstall the addon once the payload has been executed.

tags | exploit, web
MD5 | 3db86c57b35683b631c29411e6cb10f8
GroupWare epesiBIM CRM 1.2.1 Cross Site Scripting
Posted Apr 11, 2012
Authored by Chokri Ben Achor | Site vulnerability-lab.com

GroupWare epesiBIM CRM version 1.2.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 2663bd6db7609e1cf3448329ff2e3322
Joomla The Estate Agent SQL Injection
Posted Apr 11, 2012
Authored by xDarkSton3x

The Joomla The Estate Agent component suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 6b14536e0db2a8f20eac16309765a5ad
Joomla Bearleague SQL Injection
Posted Apr 11, 2012
Authored by xDarkSton3x

The Joomla Bearleague component suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | febefa16693396ef43efb94a14bcae88
National Center EDU Research SQL Injection
Posted Apr 11, 2012
Authored by Alexander Fuchs | Site vulnerability-lab.com

The National Center of Education Research suffers from a remote blind SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 562aaa00b8dde12dd0588f8b82adf5f3
Matterdaddy Market 1.1 SQL Injection
Posted Apr 11, 2012
Authored by Chokri Ben Achor | Site vulnerability-lab.com

Matterdaddy Market eCommerce CMS version 1.1 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 24bf9937eb1c1c914dd965bfc2971cf0
Europcar.bg Cross Site Scripting
Posted Apr 11, 2012
Authored by Ryuzaki Lawlet

Europcar.bg suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | c83682e9b5b35121eac6bd0544ef7736
Europcarug.com Cross Site Scripting
Posted Apr 11, 2012
Authored by Ryuzaki Lawlet

Europcarug.com suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | b44c3b05690bd17469a89f98a6b9347f
Scully.cfa.harvard.edu Cross Site Scripting
Posted Apr 11, 2012
Authored by Ryuzaki Lawlet

Scully.cfa.harvard.edu suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 85f9da8c7253080b70e8c4f898e762dc
Minerva Infotech CMS 1.0 Blind SQL Injection
Posted Apr 11, 2012
Authored by Andrea Bocchetti

Minerva Infotech CMS version 1.0 suffers from a remote blind SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | c3ce1229da6a490303ba75a47879ed4b
Debian Security Advisory 2448-1
Posted Apr 11, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2448-1 - It was discovered that a heap-based buffer overflow in InspIRCd could allow remote attackers to execute arbitrary code via a crafted DNS query.

tags | advisory, remote, overflow, arbitrary
systems | linux, debian
advisories | CVE-2012-1836
MD5 | b6f9381caf3501eaca8f7794e84f1710
Gentoo Linux Security Advisory 201204-02
Posted Apr 11, 2012
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201204-2 - A heap-based buffer overflow in InspIRCd may allow execution of arbitrary code. Versions less than 2.0.5-r1 are affected.

tags | advisory, overflow, arbitrary
systems | linux, gentoo
advisories | CVE-2012-1836
MD5 | 6491b034555e88df6c6c262a126947b2
Ubuntu Security Notice USN-1419-1
Posted Apr 11, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1419-1 - It was discovered that Puppet used a predictable filename when downloading Mac OS X package files. A local attacker could exploit this to overwrite arbitrary files. It was discovered that Puppet incorrectly handled filebucket retrieval requests. A local attacker could exploit this to read arbitrary files. It was discovered that Puppet incorrectly handled filebucket store requests. A local attacker could exploit this to perform a denial of service via resource exhaustion. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, local
systems | linux, apple, osx, ubuntu
advisories | CVE-2012-1906, CVE-2012-1986, CVE-2012-1987, CVE-2012-1988, CVE-2012-1989, CVE-2012-1906, CVE-2012-1986, CVE-2012-1987, CVE-2012-1988, CVE-2012-1989
MD5 | c04fc17bff68786d0e5e2e838af6ab31
Gentoo Linux Security Advisory 201204-03
Posted Apr 11, 2012
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201204-3 - Multiple vulnerabilities have been reported in Chromium, some of which may allow execution of arbitrary code. Versions less than 18.0.1025.151 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2011-3066, CVE-2011-3067, CVE-2011-3068, CVE-2011-3069, CVE-2011-3070, CVE-2011-3071, CVE-2011-3072, CVE-2011-3073, CVE-2011-3074, CVE-2011-3075, CVE-2011-3076, CVE-2011-3077
MD5 | ead3c2c0741b009b67faaa12f05c10e9
Page 1 of 3
Back123Next

File Archive:

July 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    2 Files
  • 2
    Jul 2nd
    3 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    4 Files
  • 5
    Jul 5th
    15 Files
  • 6
    Jul 6th
    15 Files
  • 7
    Jul 7th
    10 Files
  • 8
    Jul 8th
    2 Files
  • 9
    Jul 9th
    10 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    15 Files
  • 12
    Jul 12th
    19 Files
  • 13
    Jul 13th
    16 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    3 Files
  • 16
    Jul 16th
    2 Files
  • 17
    Jul 17th
    8 Files
  • 18
    Jul 18th
    11 Files
  • 19
    Jul 19th
    15 Files
  • 20
    Jul 20th
    15 Files
  • 21
    Jul 21st
    15 Files
  • 22
    Jul 22nd
    7 Files
  • 23
    Jul 23rd
    2 Files
  • 24
    Jul 24th
    19 Files
  • 25
    Jul 25th
    28 Files
  • 26
    Jul 26th
    2 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close