what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 35 RSS Feed

Files Date: 2012-07-11

Weevely PHP Backdoor 0.7
Posted Jul 11, 2012
Authored by Emilio Pinna | Site epinna.github.com

Weevely is a stealth PHP web shell that simulates a telnet-like connection. It is an essential tool for web application testing post exploitation, and can be used as a stealth backdoor web shell to manage legit web accounts, even free hosted ones. Is currently included in Backtrack and Backbox and other Linux distributions for penetration testing.

Changes: Portscan modules added. Proxies modules added. File system browsing and remote command execution even if PHP security restrictions are in place. Various other additions.
tags | tool, web, shell, php, rootkit
systems | linux, unix
SHA-256 | 9ca1b6b62a4fcc57851e48e31b456e9ea711e0ef46b10cf39d3277547b450333
Samhain File Integrity Checker 3.0.5
Posted Jul 11, 2012
Authored by Rainer Wichmann | Site samhain.sourceforge.net

Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.

Changes: This release fixes some issues with the Windows registry check.
tags | tool, tcp, intrusion detection
systems | linux, unix, solaris, aix, hpux, unixware
SHA-256 | 9e3d29cc126a1609f93c89cc4b178fb01f091d989e2b8cec117b79eadf7b611c
Drupal Book Block 6.x-1.0-beta1 Cross Site Scripting
Posted Jul 11, 2012
Authored by Zach Alexander

Drupal version 6.26 with Book Block version 6.x-1.0-beta1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | f9634f63ca64e4955a6dcb078fc3edf1f92c7055f4d7d300f83c4c36269e47a6
IOSEC HTTP Anti Flood/DoS Security Gateway Module 1.7
Posted Jul 11, 2012
Authored by Gokhan Muharremoglu | Site sourceforge.net

This module provides security enhancements against (HTTP) Flood and Brute Force Attacks for native PHP or .NET scripts at the web application level. Scanning, crawling, and floor tools can be detected and blocked by this module via htaccess or iptables, etc.

Changes: Improved Implicit Deny Mode. Admin GUI Removed. Various other additions.
tags | web, php
SHA-256 | 12678f9ec1be90549e9ec56df43ef737708150240ad1ffb39db4ea94844cf7d1
Microsoft Security Bulletin Summary For July 2012
Posted Jul 11, 2012
Site microsoft.com

This bulletin summary lists 9 released Microsoft security bulletins for July, 2012.

tags | advisory
SHA-256 | 90418879d0ab238c7a2eaf6a976ffbf6331efc6d9df5d266240df7df8636c141
HP Security Bulletin HPSBMU02796 SSRT100594
Posted Jul 11, 2012
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU02796 SSRT100594 - Potential security vulnerabilities have been identified with HP Operations Agent for AIX, HP-UX, Linux, Solaris, and Windows. The vulnerabilities could be remotely exploited resulting in the execution of arbitrary code. Revision 1 of this advisory.

tags | advisory, arbitrary, vulnerability
systems | linux, windows, solaris, aix, hpux
advisories | CVE-2012-2019, CVE-2012-2020
SHA-256 | f09a5f81faf7af5e254b05b3be1fd73b6b15db2f21af5f02b640f67fecda1cd2
Technical Cyber Security Alert 2012-192A
Posted Jul 11, 2012
Authored by US-CERT | Site us-cert.gov

Technical Cyber Security Alert 2012-192A - Select Microsoft software products contain multiple vulnerabilities. Microsoft has released updates to address these vulnerabilities.

tags | advisory, vulnerability
SHA-256 | d79a26f7a01e84d85d8e6b2b329b1ee96d50bd0c7702c374af21e2c61c93f041
toStaticHTML HTML Sanitizing Bypass
Posted Jul 11, 2012
Authored by Adi Cohen | Site blog.watchfire.com

The *toStaticHTML* component, which is found in Internet Explorer versions greater than 8, SharePoint and Lync is used to sanitize HTML fragments from dynamic and potentially malicious content. An attacker is able to create a specially formed CSS that will overcome * toStaticHTML*'s security logic; therefore, after passing the specially crafted CSS string through the *toStaticHTML* function, it will contain an expression that triggers a JavaScript call.

tags | exploit, javascript, xss
advisories | CVE-2012-1858
SHA-256 | 250fdc51b42fbad45e46c18cf75919ff7aaf7e27a4da2764383c71b6233a3cdb
Instagram Friendship Authorization Logic
Posted Jul 11, 2012
Authored by Sebastian Guerrero Selma

An Instagram lack of control on authorization logic allows a user to add himself as a friend of any user on the Instagram social network.

tags | advisory
SHA-256 | a536d4f7b0bf113f33674e2217db3a96072490c932f09b8e3096070d991995ff
Secunia Security Advisory 49837
Posted Jul 11, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for bind. This fixes a vulnerability, which can be exploited by malicious people to conduct spoofing attacks.

tags | advisory, spoof
systems | linux, suse
SHA-256 | 67806af2019ce9afef848ad43be6730e835db69f6ae16a72b9e20554668643c0
Secunia Security Advisory 49791
Posted Jul 11, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Charlie Eriksen has discovered a security issue, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory
SHA-256 | 5ae570cac554cae6d2fcc3a8592b5234422d6854de9a7dde3f6aa9a906481c74
Secunia Security Advisory 49799
Posted Jul 11, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Cyberoam UTM, which can be exploited by malicious people to conduct spoofing attacks.

tags | advisory, spoof
SHA-256 | 1268e76d4d4fdfaad0974ab2b720eedfd1939abe52e88c734f60bd1ffdfb0d31
Secunia Security Advisory 49834
Posted Jul 11, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Gentoo has issued an update for pidgin-otr. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.

tags | advisory
systems | linux, gentoo
SHA-256 | 452ca257dce37ca6415a8414945752cb71fbcd1796a03f76ae0910c5676dfa70
Secunia Security Advisory 49844
Posted Jul 11, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Gentoo has issued an update for keepalived. This fixes a security issue, which can be exploited by malicious, local users to cause a DoS (Denial of Service).

tags | advisory, denial of service, local
systems | linux, gentoo
SHA-256 | f82d1d8875d14dce6e5de1306f762bdf90d78d3176bacba8bc06a2d441a072fa
Secunia Security Advisory 49862
Posted Jul 11, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for pidgin. This fixes multiple weaknesses, security issues, and a vulnerability, which can be exploited by malicious, local users to disclose potentially sensitive information and by malicious people to cause a DoS (Denial of Service) and compromise a user's system.

tags | advisory, denial of service, local
systems | linux, ubuntu
SHA-256 | 8f20dd492884ea18b59ac442c8527c5e7506814b0f5617221ed7d53ec305b003
Secunia Security Advisory 49828
Posted Jul 11, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Gentoo has issued an update for jruby. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | linux, gentoo
SHA-256 | 0fdc466f978aaf1eea0ffdffecc1150f51a48f96ce12cb6897e14eff707f2060
Secunia Security Advisory 49846
Posted Jul 11, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Gentoo has issued an update for mod_fcgid. This fixes a security issue, which can be exploited by malicious, local users to potentially gain escalated privileges.

tags | advisory, local
systems | linux, gentoo
SHA-256 | de503953df0e15b6f0759d29c2bef0d5359e37bd5de6172e98b32343969a6d2f
Secunia Security Advisory 49841
Posted Jul 11, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Gentoo has issued an update for gnash. This fixes a security issue and a vulnerability, which can be exploited by malicious, local users to disclose sensitive information and by malicious people to compromise a user's system.

tags | advisory, local
systems | linux, gentoo
SHA-256 | 355c8fea298b1db7f85dd5e2abc8fcf34ea00490065591d995c79033da96ce9a
Secunia Security Advisory 49832
Posted Jul 11, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Gentoo has issued an update for chasen. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.

tags | advisory
systems | linux, gentoo
SHA-256 | b94cb8c5b9da70bfaace6be81b4f7ea176f275d6a8d07bd6394cce2285ef31c0
Secunia Security Advisory 49861
Posted Jul 11, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - OpenVZ has issued an update for the kernel. This fixes two vulnerabilities, which can be exploited by malicious, local users in a guest virtual machine to gain escalated privileges and by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service, kernel, local, vulnerability
SHA-256 | c3bd672bab9218c466b2db8bc5c1450fd11b5613ee9c6fdf101f4d60a2c6c8e5
Secunia Security Advisory 49860
Posted Jul 11, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Gentoo has issued an update for sudo. This fixes a vulnerability, which can be exploited by malicious users to bypass certain security restrictions.

tags | advisory
systems | linux, gentoo
SHA-256 | 9a1a4820153deb41c7e818a187ea3a7440f6a8f4f19f8aa6c8d766fcd75a92c4
Secunia Security Advisory 49859
Posted Jul 11, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Gentoo has issued an update for libxml2. This fixes a vulnerability, which can be exploited by malicious people to compromise an application using the library.

tags | advisory
systems | linux, gentoo
SHA-256 | 3fce85b6d9bebc0b7368804df76b5865b47f809e607fa360e1686d5d94d4a152
Secunia Security Advisory 49776
Posted Jul 11, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in Wangkongbao CNS-1000 and CNS-1100, which can be exploited by malicious people to disclose sensitive information.

tags | advisory, vulnerability
SHA-256 | 75cc4ea03a026e10c3d1efcd9a60707ba04b367c1e921810aa4ef95056f88614
Secunia Security Advisory 49872
Posted Jul 11, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in HP Operations Agent, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory, vulnerability
SHA-256 | 9cbfa07d0c126c3a02e50f5b81b0d0352d693a33d036963ce7f9e4e5688d78f3
Secunia Security Advisory 49865
Posted Jul 11, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in The Guardian News Feed plugin for WordPress, which can be exploited by malicious people to conduct cross-site request forgery attacks.

tags | advisory, csrf
SHA-256 | a3a0907404c377dc43d2a8565b1cd9056874c29c0db06ced3f9fff51bb8518c2
Page 1 of 2
Back12Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    69 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    0 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close