Exploit the possiblities
Showing 1 - 25 of 30 RSS Feed

Files Date: 2012-07-23

InCoP (Invisible CamOuflage Protocol) 0.2
Posted Jul 23, 2012
Authored by Luis Campo Giralte | Site code.google.com

InCoP (Invisible CamOuflage Protocol) enables the communication between secure systems such as NIDS, ideally located in isolated networks. This hybrid daemon is capable of hiding information by learning from the network and, in a second stage, of sending similar traffic in order to hide the messages as a cover channel does.

tags | tool, protocol
systems | unix
MD5 | 73d8f1be5b3e618a029f7bcbb5aa1bb2
Mandriva Linux Security Advisory 2012-109
Posted Jul 23, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-109 - The XSL implementation in libxslt allows remote attackers to cause a denial of service via unspecified vectors. The updated packages have been patched to correct this issue.

tags | advisory, remote, denial of service
systems | linux, mandriva
advisories | CVE-2012-2825
MD5 | aafc52bea8d1aa208bf1e93da242e41d
Mandriva Linux Security Advisory 2012-108
Posted Jul 23, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-108 - Unspecified vulnerability in the _php_stream_scandir function in the stream implementation in PHP before 5.3.15 and 5.4.x before 5.4.5 has unknown impact and remote attack vectors, related to an overflow. The SQLite functionality in PHP before 5.3.15 allows remote attackers to bypass the open_basedir protection mechanism via unspecified vectors. The updated packages have been upgraded to the 5.3.15 version which is not vulnerable to these issues. Additionally the php-timezonedb packages has been upgraded to the latest version as well.

tags | advisory, remote, overflow, php
systems | linux, mandriva
advisories | CVE-2012-2688, CVE-2012-3365
MD5 | cb6339f2ab0f23b465ebf42626304b47
Symantec Web Gateway 5.0.2 Blind SQL Injection
Posted Jul 23, 2012
Authored by muts

Symantec Web Gateway version 5.0.2 suffers from a remote blind SQL injection vulnerability.

tags | exploit, remote, web, sql injection
advisories | CVE-2012-2574
MD5 | 24d7a90be5ce185dacd90c3230dd3739
Simple Web Server Connection Header Buffer Overflow
Posted Jul 23, 2012
Authored by mr.pr0n, juan | Site metasploit.com

This Metasploit module exploits a vulnerability in Simple Web Server 2.2 rc2. A remote user can send a long string data in the Connection Header to cause an overflow on the stack when function vsprintf() is used, and gain arbitrary code execution. The module has been tested successfully on Windows 7 SP1 and Windows XP SP3.

tags | exploit, remote, web, overflow, arbitrary, code execution
systems | windows, xp, 7
MD5 | d8d2ec005f962860b2da889da4d291c1
EGallery PHP File Upload Vulnerability
Posted Jul 23, 2012
Authored by Sammy FORGIT, juan | Site metasploit.com

This Metasploit module exploits a vulnerability found in EGallery 1.2 By abusing the uploadify.php file, a malicious user can upload a file to the egallery/ directory without any authentication, which results in arbitrary code execution. The module has been tested successfully on Ubuntu 10.04.

tags | exploit, arbitrary, php, code execution
systems | linux, ubuntu
advisories | OSVDB-83891
MD5 | 95885aafd89fb4191f4ba1c513063adf
MySQL Squid Access Report 2.1.4 HTML Injection
Posted Jul 23, 2012
Authored by Daniel Godoy

MySQL Squid Access Report version 2.1.4 suffers from an html injection vulnerability.

tags | exploit
MD5 | 6220f3cb2504e476413803a4d4d48ba5
Nessus On Android 1.0.1 Credential Disclosure
Posted Jul 23, 2012

Nessus version 1.0.1 for Android stores the username and password in cleartext.

tags | exploit
MD5 | 3940f6a96bf4331972ccffe0f39d4212
Ubuntu Security Notice USN-1515-1
Posted Jul 23, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1515-1 - An error was discovered in the Linux kernel's memory subsystem (hugetlb). An unprivileged local user could exploit this flaw to cause a denial of service (crash the system).

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2012-2390
MD5 | 4c532373badc98dd1d6f13513bdf91ee
Ubuntu Security Notice USN-1513-1
Posted Jul 23, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1513-1 - Mateusz Jurczyk discovered that libexif incorrectly parsed certain malformed EXIF tags. If a user or automated system were tricked into processing a specially crafted image file, an attacker could cause libexif to crash, leading to a denial of service, or possibly obtain sensitive information. Mateusz Jurczyk discovered that libexif incorrectly parsed certain malformed EXIF tags. If a user or automated system were tricked into processing a specially crafted image file, an attacker could cause libexif to crash, leading to a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2012-2814, CVE-2012-2836, CVE-2012-2837, CVE-2012-2812, CVE-2012-2813, CVE-2012-2814, CVE-2012-2836, CVE-2012-2837, CVE-2012-2840, CVE-2012-2841
MD5 | 408293813aa9b5dfa3221f9f3d846678
Red Hat Security Advisory 2012-1109-01
Posted Jul 23, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1109-01 - JBoss Application Server is the base package for JBoss Enterprise Portal Platform, providing the core server components. The Java Naming and Directory Interface Java API allows Java software clients to locate objects or services in an application server. It was found that the JBoss JNDI service allowed unauthenticated, remote write access by default. The JNDI and HA-JNDI services, and the HAJNDIFactory invoker servlet were all affected. A remote attacker able to access the JNDI service, HA-JNDI service, or the HAJNDIFactory invoker servlet on a JBoss server could use this flaw to add, delete, and modify items in the JNDI tree. This could have various, application-specific impacts.

tags | advisory, java, remote
systems | linux, redhat
advisories | CVE-2011-4605
MD5 | fa06b75565e160f603b4610527cfa308
Red Hat Security Advisory 2012-1110-01
Posted Jul 23, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1110-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. A flaw was found in the way BIND handled zero length resource data records. A malicious owner of a DNS domain could use this flaw to create specially-crafted DNS resource records that would cause a recursive resolver or secondary server to crash or, possibly, disclose portions of its memory.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2012-1667
MD5 | 327d8938b02d2846719b5ee50a88fed5
Debian Security Advisory 2508-1
Posted Jul 23, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2508-1 - Rafal Wojtczuk from Bromium discovered that FreeBSD wasn't handling correctly uncanonical return addresses on Intel amd64 CPUs, allowing privilege escalation to kernel for local users.

tags | advisory, kernel, local
systems | linux, freebsd, debian
advisories | CVE-2012-0217
MD5 | 8a6f7c22e18fe0913aca5494b2f79a20
CVE-2012-1889: Security Update Analysis
Posted Jul 23, 2012
Authored by Brian Mariani, High-Tech Bridge SA, Frederic Bourla | Site htbridge.com

Since the 30th of May 2012 hackers were abusing the Microsoft XML core services vulnerability. The 10th of July 2012 Microsoft finally published a security advisory which fixes this issue. The present document and video explains the details about this fix. As a lab test they used a Windows XP workstation with Service Pack 3. The Internet explorer version is 6.0.

tags | paper
systems | windows, xp
advisories | CVE-2012-1889
MD5 | a0d1c207cb55892da09387080f48352a
Atmail WebAdmin / Webmail Control Panel SQL Root Password Disclosure
Posted Jul 23, 2012
Authored by Ciph3r

Atmail WebAdmin and Webmail Control Panel suffers from a SQL root password disclosure vulnerability.

tags | exploit, root, info disclosure
MD5 | 5c9ac782df027f25b54222574b6cff14
Symantec Web Gateway 5.0.3.18 Blind SQL Injection
Posted Jul 23, 2012
Authored by muts

Symantec Web Gateway version 5.0.3.18 suffers from a remote blind SQL injection backdoor via MySQL triggers.

tags | exploit, remote, web, sql injection
advisories | CVE-2012-2961
MD5 | e17186f788a1aa28c81caa291ae9db30
Secunia Security Advisory 50005
Posted Jul 23, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for pidgin. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and compromise a user's system.

tags | advisory, denial of service, vulnerability
systems | linux, redhat
MD5 | 85e5f6a9824a0b887f404b04ae2bf630
Secunia Security Advisory 50008
Posted Jul 23, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for kdepim. This fixes a security issue, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory
systems | linux, ubuntu
MD5 | 648af170cf2e98c638be8e1ab1bc9fbf
Secunia Security Advisory 50014
Posted Jul 23, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for puppet. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to disclose certain sensitive information, by malicious users to disclose and manipulate certain data, and by malicious people to bypass certain security restrictions.

tags | advisory, local, vulnerability
systems | linux, suse
MD5 | 53e95d4b4f54ddd61a4f7bff36729cb7
Secunia Security Advisory 49989
Posted Jul 23, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in eCryptfs, which can be exploited by malicious, local users to potentially gain escalated privileges.

tags | advisory, local
MD5 | c1cb7609544999e008794ef412001c55
Secunia Security Advisory 50034
Posted Jul 23, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for MozillaFirefox. This fixes multiple vulnerabilities, which can be exploited by malicious people to conduct spoofing and cross-site scripting attacks, disclose certain sensitive information, bypass certain security restrictions, and compromise a user's system.

tags | advisory, spoof, vulnerability, xss
systems | linux, suse
MD5 | 8dfa77ff60604b0578eff6dbce11d345
Secunia Security Advisory 49983
Posted Jul 23, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for gdk-pixbuf. This fixes a vulnerability, which can be exploited by malicious people to compromise an application using the library.

tags | advisory
systems | linux, suse
MD5 | 5f87d82979310daa32a1133b9f41b80c
Secunia Security Advisory 50015
Posted Jul 23, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability with an unknown impact has been reported in TeamViewer.

tags | advisory
MD5 | cb3e762e026801dc5f64845d9b6bc6b2
Secunia Security Advisory 50006
Posted Jul 23, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in X-Cart Gold, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
MD5 | 0fbea989eb5cec00e7e3f7ae3202a72c
Secunia Security Advisory 50033
Posted Jul 23, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Symantec Backup Exec System Recovery 2010 and Symantec System Recovery 2011, which can be exploited by malicious people to compromise a user's system.

tags | advisory
MD5 | e9f67b981f02e79d890e0d2875931dc2
Page 1 of 2
Back12Next

File Archive:

December 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    15 Files
  • 2
    Dec 2nd
    2 Files
  • 3
    Dec 3rd
    1 Files
  • 4
    Dec 4th
    15 Files
  • 5
    Dec 5th
    15 Files
  • 6
    Dec 6th
    18 Files
  • 7
    Dec 7th
    17 Files
  • 8
    Dec 8th
    15 Files
  • 9
    Dec 9th
    13 Files
  • 10
    Dec 10th
    4 Files
  • 11
    Dec 11th
    28 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close