Twenty Year Anniversary
Showing 1 - 25 of 35 RSS Feed

Files Date: 2012-07-11

Weevely PHP Backdoor 0.7
Posted Jul 11, 2012
Authored by Emilio Pinna | Site epinna.github.com

Weevely is a stealth PHP web shell that simulates a telnet-like connection. It is an essential tool for web application testing post exploitation, and can be used as a stealth backdoor web shell to manage legit web accounts, even free hosted ones. Is currently included in Backtrack and Backbox and other Linux distributions for penetration testing.

Changes: Portscan modules added. Proxies modules added. File system browsing and remote command execution even if PHP security restrictions are in place. Various other additions.
tags | tool, web, shell, php, rootkit
systems | linux, unix
MD5 | f1bdc9de8ada128ea06fc0acfaaeeffb
Samhain File Integrity Checker 3.0.5
Posted Jul 11, 2012
Authored by Rainer Wichmann | Site samhain.sourceforge.net

Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.

Changes: This release fixes some issues with the Windows registry check.
tags | tool, tcp, intrusion detection
systems | linux, unix, solaris, aix, hpux, unixware
MD5 | 1a88244c35a33becef30e98bfaa6174f
Drupal Book Block 6.x-1.0-beta1 Cross Site Scripting
Posted Jul 11, 2012
Authored by Zach Alexander

Drupal version 6.26 with Book Block version 6.x-1.0-beta1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 51b0bcbca16885d211c2f0efd957f0f5
IOSEC HTTP Anti Flood/DoS Security Gateway Module 1.7
Posted Jul 11, 2012
Authored by Gokhan Muharremoglu | Site sourceforge.net

This module provides security enhancements against (HTTP) Flood and Brute Force Attacks for native PHP or .NET scripts at the web application level. Scanning, crawling, and floor tools can be detected and blocked by this module via htaccess or iptables, etc.

Changes: Improved Implicit Deny Mode. Admin GUI Removed. Various other additions.
tags | web, php
MD5 | 9f857e37445fbb6fc5de047f2670646b
Microsoft Security Bulletin Summary For July 2012
Posted Jul 11, 2012
Site microsoft.com

This bulletin summary lists 9 released Microsoft security bulletins for July, 2012.

tags | advisory
MD5 | aab13b2de03772b1823d16df42e38085
HP Security Bulletin HPSBMU02796 SSRT100594
Posted Jul 11, 2012
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU02796 SSRT100594 - Potential security vulnerabilities have been identified with HP Operations Agent for AIX, HP-UX, Linux, Solaris, and Windows. The vulnerabilities could be remotely exploited resulting in the execution of arbitrary code. Revision 1 of this advisory.

tags | advisory, arbitrary, vulnerability
systems | linux, windows, solaris, aix, hpux
advisories | CVE-2012-2019, CVE-2012-2020
MD5 | 15894492d2ead9f378cbdd213a590671
Technical Cyber Security Alert 2012-192A
Posted Jul 11, 2012
Authored by US-CERT | Site us-cert.gov

Technical Cyber Security Alert 2012-192A - Select Microsoft software products contain multiple vulnerabilities. Microsoft has released updates to address these vulnerabilities.

tags | advisory, vulnerability
MD5 | ed104ededeff66229ae740a423c3d921
toStaticHTML HTML Sanitizing Bypass
Posted Jul 11, 2012
Authored by Adi Cohen | Site blog.watchfire.com

The *toStaticHTML* component, which is found in Internet Explorer versions greater than 8, SharePoint and Lync is used to sanitize HTML fragments from dynamic and potentially malicious content. An attacker is able to create a specially formed CSS that will overcome * toStaticHTML*'s security logic; therefore, after passing the specially crafted CSS string through the *toStaticHTML* function, it will contain an expression that triggers a JavaScript call.

tags | exploit, javascript, xss
advisories | CVE-2012-1858
MD5 | ad76cc4f504fecd5c463709842fcb510
Instagram Friendship Authorization Logic
Posted Jul 11, 2012
Authored by Sebastian Guerrero Selma

An Instagram lack of control on authorization logic allows a user to add himself as a friend of any user on the Instagram social network.

tags | advisory
MD5 | 94c0151548b0dab0ec9fda388db7f4a3
Secunia Security Advisory 49837
Posted Jul 11, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for bind. This fixes a vulnerability, which can be exploited by malicious people to conduct spoofing attacks.

tags | advisory, spoof
systems | linux, suse
MD5 | 69062d6c7799987d813b9c6c3af7128f
Secunia Security Advisory 49791
Posted Jul 11, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Charlie Eriksen has discovered a security issue, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory
MD5 | d5d4d84da04a36c76076027a0589b531
Secunia Security Advisory 49799
Posted Jul 11, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Cyberoam UTM, which can be exploited by malicious people to conduct spoofing attacks.

tags | advisory, spoof
MD5 | e52974a7571d0893096bb0e82b77e0f7
Secunia Security Advisory 49834
Posted Jul 11, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Gentoo has issued an update for pidgin-otr. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.

tags | advisory
systems | linux, gentoo
MD5 | 9c2863b32b3e17890c5add1816f47f35
Secunia Security Advisory 49844
Posted Jul 11, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Gentoo has issued an update for keepalived. This fixes a security issue, which can be exploited by malicious, local users to cause a DoS (Denial of Service).

tags | advisory, denial of service, local
systems | linux, gentoo
MD5 | 470da9ba3eee908e45b5727441352620
Secunia Security Advisory 49862
Posted Jul 11, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for pidgin. This fixes multiple weaknesses, security issues, and a vulnerability, which can be exploited by malicious, local users to disclose potentially sensitive information and by malicious people to cause a DoS (Denial of Service) and compromise a user's system.

tags | advisory, denial of service, local
systems | linux, ubuntu
MD5 | 83e1c70fafe99c40f945ed0158b647e6
Secunia Security Advisory 49828
Posted Jul 11, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Gentoo has issued an update for jruby. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | linux, gentoo
MD5 | b37d7b4d6676f766c2ccc14ab794293d
Secunia Security Advisory 49846
Posted Jul 11, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Gentoo has issued an update for mod_fcgid. This fixes a security issue, which can be exploited by malicious, local users to potentially gain escalated privileges.

tags | advisory, local
systems | linux, gentoo
MD5 | 59f48a7a4dac0b9aac4df762161ba77a
Secunia Security Advisory 49841
Posted Jul 11, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Gentoo has issued an update for gnash. This fixes a security issue and a vulnerability, which can be exploited by malicious, local users to disclose sensitive information and by malicious people to compromise a user's system.

tags | advisory, local
systems | linux, gentoo
MD5 | c69633fb81d0df58faa6cc4d42dde6f6
Secunia Security Advisory 49832
Posted Jul 11, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Gentoo has issued an update for chasen. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.

tags | advisory
systems | linux, gentoo
MD5 | a272adf3be23f919a71dc281055a72ae
Secunia Security Advisory 49861
Posted Jul 11, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - OpenVZ has issued an update for the kernel. This fixes two vulnerabilities, which can be exploited by malicious, local users in a guest virtual machine to gain escalated privileges and by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service, kernel, local, vulnerability
MD5 | cbf06ee68dcce0eb42c7e00633aaec8b
Secunia Security Advisory 49860
Posted Jul 11, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Gentoo has issued an update for sudo. This fixes a vulnerability, which can be exploited by malicious users to bypass certain security restrictions.

tags | advisory
systems | linux, gentoo
MD5 | 881b3922a758bce83e96855231712a22
Secunia Security Advisory 49859
Posted Jul 11, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Gentoo has issued an update for libxml2. This fixes a vulnerability, which can be exploited by malicious people to compromise an application using the library.

tags | advisory
systems | linux, gentoo
MD5 | 5b9e5ed28dd44314ab6c6686664dd8e4
Secunia Security Advisory 49776
Posted Jul 11, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in Wangkongbao CNS-1000 and CNS-1100, which can be exploited by malicious people to disclose sensitive information.

tags | advisory, vulnerability
MD5 | e345ee3ef0892f0b062854618d9976db
Secunia Security Advisory 49872
Posted Jul 11, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in HP Operations Agent, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory, vulnerability
MD5 | 2618de453085d085927ea54b4d5ed805
Secunia Security Advisory 49865
Posted Jul 11, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in The Guardian News Feed plugin for WordPress, which can be exploited by malicious people to conduct cross-site request forgery attacks.

tags | advisory, csrf
MD5 | 546d7a6bb4eb15e4382d026b59df5fe6
Page 1 of 2
Back12Next

Want To Donate?


Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

File Archive:

August 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    19 Files
  • 2
    Aug 2nd
    17 Files
  • 3
    Aug 3rd
    16 Files
  • 4
    Aug 4th
    1 Files
  • 5
    Aug 5th
    1 Files
  • 6
    Aug 6th
    19 Files
  • 7
    Aug 7th
    15 Files
  • 8
    Aug 8th
    9 Files
  • 9
    Aug 9th
    7 Files
  • 10
    Aug 10th
    10 Files
  • 11
    Aug 11th
    1 Files
  • 12
    Aug 12th
    0 Files
  • 13
    Aug 13th
    14 Files
  • 14
    Aug 14th
    18 Files
  • 15
    Aug 15th
    38 Files
  • 16
    Aug 16th
    16 Files
  • 17
    Aug 17th
    22 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close