exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 30 RSS Feed

Files Date: 2012-07-23

InCoP (Invisible CamOuflage Protocol) 0.2
Posted Jul 23, 2012
Authored by Luis Campo Giralte | Site code.google.com

InCoP (Invisible CamOuflage Protocol) enables the communication between secure systems such as NIDS, ideally located in isolated networks. This hybrid daemon is capable of hiding information by learning from the network and, in a second stage, of sending similar traffic in order to hide the messages as a cover channel does.

tags | tool, protocol
systems | unix
SHA-256 | c768e433735d4d709fc03347480e852525e812532fc5d8ba45ee91d978044d24
Mandriva Linux Security Advisory 2012-109
Posted Jul 23, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-109 - The XSL implementation in libxslt allows remote attackers to cause a denial of service via unspecified vectors. The updated packages have been patched to correct this issue.

tags | advisory, remote, denial of service
systems | linux, mandriva
advisories | CVE-2012-2825
SHA-256 | dc8ab75689783fd73ff8eed92cf10fede40cab98ea6318b17769701db4617cd5
Mandriva Linux Security Advisory 2012-108
Posted Jul 23, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-108 - Unspecified vulnerability in the _php_stream_scandir function in the stream implementation in PHP before 5.3.15 and 5.4.x before 5.4.5 has unknown impact and remote attack vectors, related to an overflow. The SQLite functionality in PHP before 5.3.15 allows remote attackers to bypass the open_basedir protection mechanism via unspecified vectors. The updated packages have been upgraded to the 5.3.15 version which is not vulnerable to these issues. Additionally the php-timezonedb packages has been upgraded to the latest version as well.

tags | advisory, remote, overflow, php
systems | linux, mandriva
advisories | CVE-2012-2688, CVE-2012-3365
SHA-256 | 8c8bb030e17e5411417b68b186f12f4c547e4fe82b46c174807e0d6a29db2919
Symantec Web Gateway 5.0.2 Blind SQL Injection
Posted Jul 23, 2012
Authored by muts

Symantec Web Gateway version 5.0.2 suffers from a remote blind SQL injection vulnerability.

tags | exploit, remote, web, sql injection
advisories | CVE-2012-2574
SHA-256 | 6aec98e00f8daa7f3e784b9b085136fd783f41fed252a1521762a3217af9e407
Simple Web Server Connection Header Buffer Overflow
Posted Jul 23, 2012
Authored by mr.pr0n, juan | Site metasploit.com

This Metasploit module exploits a vulnerability in Simple Web Server 2.2 rc2. A remote user can send a long string data in the Connection Header to cause an overflow on the stack when function vsprintf() is used, and gain arbitrary code execution. The module has been tested successfully on Windows 7 SP1 and Windows XP SP3.

tags | exploit, remote, web, overflow, arbitrary, code execution
systems | windows
SHA-256 | ef2c81d5811597767d04bfb232a9ea85a237262aae453dc634269ab733bcb34c
EGallery PHP File Upload Vulnerability
Posted Jul 23, 2012
Authored by Sammy FORGIT, juan | Site metasploit.com

This Metasploit module exploits a vulnerability found in EGallery 1.2 By abusing the uploadify.php file, a malicious user can upload a file to the egallery/ directory without any authentication, which results in arbitrary code execution. The module has been tested successfully on Ubuntu 10.04.

tags | exploit, arbitrary, php, code execution
systems | linux, ubuntu
advisories | OSVDB-83891
SHA-256 | 526da632857518ba04c937502d05234c1849101abc35c576432b65f2a4fbe5d5
MySQL Squid Access Report 2.1.4 HTML Injection
Posted Jul 23, 2012
Authored by Daniel Godoy

MySQL Squid Access Report version 2.1.4 suffers from an html injection vulnerability.

tags | exploit
SHA-256 | 9ef08e7e97feb92f78a981eb4bf8bf5381847ef326753e6e48890bc57bb3df6e
Nessus On Android 1.0.1 Credential Disclosure
Posted Jul 23, 2012

Nessus version 1.0.1 for Android stores the username and password in cleartext.

tags | exploit
SHA-256 | 431b63271cbeb833e8b77bb7acf8523e8c996d9baec5986af6a90caeab756c6a
Ubuntu Security Notice USN-1515-1
Posted Jul 23, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1515-1 - An error was discovered in the Linux kernel's memory subsystem (hugetlb). An unprivileged local user could exploit this flaw to cause a denial of service (crash the system).

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2012-2390
SHA-256 | 908d6a9a0c0821a79bc5cf79e57840b3dad2e4da19e3a8fd156866d4b8a0c82b
Ubuntu Security Notice USN-1513-1
Posted Jul 23, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1513-1 - Mateusz Jurczyk discovered that libexif incorrectly parsed certain malformed EXIF tags. If a user or automated system were tricked into processing a specially crafted image file, an attacker could cause libexif to crash, leading to a denial of service, or possibly obtain sensitive information. Mateusz Jurczyk discovered that libexif incorrectly parsed certain malformed EXIF tags. If a user or automated system were tricked into processing a specially crafted image file, an attacker could cause libexif to crash, leading to a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2012-2814, CVE-2012-2836, CVE-2012-2837, CVE-2012-2812, CVE-2012-2813, CVE-2012-2814, CVE-2012-2836, CVE-2012-2837, CVE-2012-2840, CVE-2012-2841
SHA-256 | 478214c4d3e32e1c8fdcb76337db0b554d6781b86f323a6fdbd0ee1bf03843a4
Red Hat Security Advisory 2012-1109-01
Posted Jul 23, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1109-01 - JBoss Application Server is the base package for JBoss Enterprise Portal Platform, providing the core server components. The Java Naming and Directory Interface Java API allows Java software clients to locate objects or services in an application server. It was found that the JBoss JNDI service allowed unauthenticated, remote write access by default. The JNDI and HA-JNDI services, and the HAJNDIFactory invoker servlet were all affected. A remote attacker able to access the JNDI service, HA-JNDI service, or the HAJNDIFactory invoker servlet on a JBoss server could use this flaw to add, delete, and modify items in the JNDI tree. This could have various, application-specific impacts.

tags | advisory, java, remote
systems | linux, redhat
advisories | CVE-2011-4605
SHA-256 | 78dd41f8b5b34025ec971ccb9596f9551cde8d2534b3816a8c8e07e50a8da9ef
Red Hat Security Advisory 2012-1110-01
Posted Jul 23, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1110-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. A flaw was found in the way BIND handled zero length resource data records. A malicious owner of a DNS domain could use this flaw to create specially-crafted DNS resource records that would cause a recursive resolver or secondary server to crash or, possibly, disclose portions of its memory.

tags | advisory, protocol
systems | linux, redhat
advisories | CVE-2012-1667
SHA-256 | bf4b7f97287a52171592309210c2633fc1a28c7720d8f80f2637a9c2ad1314da
Debian Security Advisory 2508-1
Posted Jul 23, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2508-1 - Rafal Wojtczuk from Bromium discovered that FreeBSD wasn't handling correctly uncanonical return addresses on Intel amd64 CPUs, allowing privilege escalation to kernel for local users.

tags | advisory, kernel, local
systems | linux, freebsd, debian
advisories | CVE-2012-0217
SHA-256 | 7aebd5ce5840f094d51d7679c7d9ff0704d0af681bb872fa59cd27000b552673
CVE-2012-1889: Security Update Analysis
Posted Jul 23, 2012
Authored by Brian Mariani, High-Tech Bridge SA, Frederic Bourla | Site htbridge.com

Since the 30th of May 2012 hackers were abusing the Microsoft XML core services vulnerability. The 10th of July 2012 Microsoft finally published a security advisory which fixes this issue. The present document and video explains the details about this fix. As a lab test they used a Windows XP workstation with Service Pack 3. The Internet explorer version is 6.0.

tags | paper
systems | windows
advisories | CVE-2012-1889
SHA-256 | 0663e2de1f39f4495717f0290d861ffdd11a1fe7f2edc6deba2d85db93bac5bd
Atmail WebAdmin / Webmail Control Panel SQL Root Password Disclosure
Posted Jul 23, 2012
Authored by Ciph3r

Atmail WebAdmin and Webmail Control Panel suffers from a SQL root password disclosure vulnerability.

tags | exploit, root, info disclosure
SHA-256 | 02f37f360dac212fc971b316fb483fdb2f286cf0500b33dcd6659f153fdbcbc9
Symantec Web Gateway 5.0.3.18 Blind SQL Injection
Posted Jul 23, 2012
Authored by muts

Symantec Web Gateway version 5.0.3.18 suffers from a remote blind SQL injection backdoor via MySQL triggers.

tags | exploit, remote, web, sql injection
advisories | CVE-2012-2961
SHA-256 | 33d2c7451eea8c45146663fa6330e2747966d6816d1ce83431c543d2238e56fd
Secunia Security Advisory 50005
Posted Jul 23, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for pidgin. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and compromise a user's system.

tags | advisory, denial of service, vulnerability
systems | linux, redhat
SHA-256 | bbe8b8a13a8759aa76ee2d4095f61901a84b6ed2e09c8c00b0a232f11aaea3de
Secunia Security Advisory 50008
Posted Jul 23, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for kdepim. This fixes a security issue, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory
systems | linux, ubuntu
SHA-256 | 4a48c29355c901db7a58c2539f7016b5382827856f3003be6b070f04837c1d5f
Secunia Security Advisory 50014
Posted Jul 23, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for puppet. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to disclose certain sensitive information, by malicious users to disclose and manipulate certain data, and by malicious people to bypass certain security restrictions.

tags | advisory, local, vulnerability
systems | linux, suse
SHA-256 | 295967b07d9b8c0c3c7a63261ede90038f91b9931b4f31950ae32d1c6cf79a0d
Secunia Security Advisory 49989
Posted Jul 23, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in eCryptfs, which can be exploited by malicious, local users to potentially gain escalated privileges.

tags | advisory, local
SHA-256 | 8ba5c8025cdf31999a28147d2f47499f570c07465bb4b5fbf42b379f985d5a5d
Secunia Security Advisory 50034
Posted Jul 23, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for MozillaFirefox. This fixes multiple vulnerabilities, which can be exploited by malicious people to conduct spoofing and cross-site scripting attacks, disclose certain sensitive information, bypass certain security restrictions, and compromise a user's system.

tags | advisory, spoof, vulnerability, xss
systems | linux, suse
SHA-256 | f8ece62afc884cf65b261b5719c6466a3b7e0223e1c0449f6c96743abbb0c8f1
Secunia Security Advisory 49983
Posted Jul 23, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for gdk-pixbuf. This fixes a vulnerability, which can be exploited by malicious people to compromise an application using the library.

tags | advisory
systems | linux, suse
SHA-256 | 9de06b7aefcac4a72445a823fb9bfac3fb5e4a5ed0ea96eb64d7b988f8496286
Secunia Security Advisory 50015
Posted Jul 23, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability with an unknown impact has been reported in TeamViewer.

tags | advisory
SHA-256 | 009cf31aed01a4c1fecb832dc5182eb58f9ab74b6b4c73bea48845fd6f17c2e5
Secunia Security Advisory 50006
Posted Jul 23, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in X-Cart Gold, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
SHA-256 | 34ce834b5144fc0a829154d65e4128faa6374c62e1cfec75e9fed85a86929122
Secunia Security Advisory 50033
Posted Jul 23, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Symantec Backup Exec System Recovery 2010 and Symantec System Recovery 2011, which can be exploited by malicious people to compromise a user's system.

tags | advisory
SHA-256 | 719ab45fb3798af57f8e7d371b3ae750c366e6981150628cb7b629e5f296e755
Page 1 of 2
Back12Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close