Twenty Year Anniversary
Showing 1 - 24 of 24 RSS Feed

Files Date: 2012-07-26

europ INNET Web Studio Administration Program 2.0 XSS / CSRF / LFI
Posted Jul 26, 2012
Authored by Akastep

europ INNET Web Studio Administration Program version 2.0 suffers from cross site request forgery, cross site scripting, local file inclusion, path disclosure, and remote SQL injection vulnerabilities.

tags | exploit, remote, web, local, vulnerability, xss, sql injection, file inclusion, csrf
MD5 | ed6d22f82eaa6e297f3ac0913bd76601
Linux x86 ASLR Deactivation Shellcode
Posted Jul 26, 2012
Authored by Jean Pascal Pereira

83 bytes small Linux/x86 ASLR deactivation shellcode.

tags | x86, shellcode
systems | linux
MD5 | a99ce52f1b6aa826c15e317fca3b9bcb
Mini-Stream RM-MP3 Converter 3.1.2.1.2010.03.30 Buffer Overflow
Posted Jul 26, 2012
Authored by Gianni Gnesa

Mini-Stream RM-MP3 Converter version 3.1.2.1.2010.03.30 buffer overflow exploit with ASLR and DEP bypass.

tags | exploit, overflow
advisories | CVE-2009-1328
MD5 | ee610fc0a06a608bc350e0655b56e609
PHP UnZIP 0.1 File Disclosure
Posted Jul 26, 2012
Authored by Taurus Omar

PHP UnZIP version 0.1 suffers from a remote disclosure vulnerability. Note that this finding houses site-specific data.

tags | exploit, remote, php, info disclosure
MD5 | d553dc83434e11a14d60b1f1200ed271
Photodex ProShow Producer 5.0.3256 Buffer Overflow
Posted Jul 26, 2012
Authored by mr.pr0n, Julien Ahrens, juan | Site metasploit.com

This Metasploit module exploits a stack-based buffer overflow in Photodex ProShow Producer version 5.0.3256 in the handling of the plugins load list file. An attacker must send the crafted "load" file to victim, who must store it in the installation directory. The vulnerability will be triggered the next time ProShow is opened. The module has been tested successfully on Windows XP SP3 and Windows 7 SP1.

tags | exploit, overflow
systems | windows, xp, 7
advisories | OSVDB-83745
MD5 | 2564eff9044f229cc53b605dd7e8892e
Secunia Security Advisory 50052
Posted Jul 26, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - muts has reported a vulnerability in Dell SonicWALL Scrutinizer, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, sql injection
MD5 | 47953672b2c2e2bae9f03d446d401a49
Secunia Security Advisory 50054
Posted Jul 26, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - NetBSD has issued an update for bind. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | netbsd
MD5 | 1627fe916d3df6392ff0aae096a360ab
Secunia Security Advisory 49973
Posted Jul 26, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue has been reported in the Location module for Drupal, which can be exploited by malicious users to bypass certain security restrictions.

tags | advisory
MD5 | c21c026f1d04b405ae69efccb6bdf5b4
Secunia Security Advisory 50064
Posted Jul 26, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - HTTPCS has discovered two vulnerabilities in Thelia, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss
MD5 | f6a2a4975e8384a70e3a34d64f59618b
Secunia Security Advisory 50048
Posted Jul 26, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in Adaptive Server Enterprise, which can be exploited by malicious users to bypass certain security restrictions and by malicious people to bypass certain security restrictions and compromise a vulnerable system.

tags | advisory, vulnerability
MD5 | be69dfbd2ac8db81c8d1903c2c7b4d2a
Secunia Security Advisory 50056
Posted Jul 26, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for openssl. This fixes a security issue, which can be exploited by malicious people to bypass certain security restrictions in an application using the library.

tags | advisory
systems | linux, ubuntu
MD5 | 05661cfb72c7043b3da27cd3c2c6fc5e
Secunia Security Advisory 50067
Posted Jul 26, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A weakness has been reported in the Secure Login module for Drupal, which can be exploited by malicious people to conduct spoofing attacks.

tags | advisory, spoof
MD5 | 52bee8201c4d0a178db406a53542211b
Secunia Security Advisory 50037
Posted Jul 26, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability with an unknown impact has been reported in multiple Sybase products.

tags | advisory
MD5 | 0606c5efd489bda0dc166ad4084ec7e7
Secunia Security Advisory 50060
Posted Jul 26, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in the Authen::ExternalAuth extension for RT, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory
MD5 | 4207966b2c5fd006574dc0d78b1e71f1
Secunia Security Advisory 50024
Posted Jul 26, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some Vulnerabilities have been reported in the RTFM extension for RT, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss
MD5 | 59bb5b02b1305273c70c113be60bffbd
Secunia Security Advisory 50010
Posted Jul 26, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in the Extension::MobileUI for RT, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss
MD5 | 67f0d9a33f868042054d451de85296ab
Entropy Broker RNG 0.9
Posted Jul 26, 2012
Authored by Folkert van Heusden | Site vanheusden.com

Entropy Broker is an infrastructure for distributing cryptographically secure random numbers (entropy data) from one or more servers to one or more clients. Entropy Broker allows you to distribute entropy data (random values) to /dev/random devices from other systems (real servers or virtualised systems). It helps preventing that the /dev/random device gets depleted; an empty /dev/random-device can cause programs to hang (waiting for entropy data to become available). This is useful for systems that need to generate encryption keys, run VPN software or run a casino website.

Changes: video4linux server is now compatible with video4linux2. It will now dump and restore the pool-contents.
tags | tool, encryption
systems | linux
MD5 | 4dfdae989a638eb5ab63b860fa5f8d07
Libcap-NG Library 0.7
Posted Jul 26, 2012
Site people.redhat.com

The libcap-ng library is intended to make programming with POSIX capabilities much easier than the traditional libcap library. It includes utilities that can analyze all currently running applications to locate applications that may have too many privileges.

Changes: This release adds support for a new Linux kernel capability, closes potentially leaked file descriptors, fixes a potential segfault, and solves a problem which resulted in reduced capabilities in pscap to cause fewer processes to be reported on.
tags | library
systems | unix
MD5 | 85c14a2442a3721383a1e2284e254846
Botan C++ Crypto Algorithms Library 1.10.3
Posted Jul 26, 2012
Site botan.randombit.net

Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS #10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to most systems and compilers, and includes a substantial tutorial and API reference.

Changes: Several bugs in the TLS implementation related to session renegotiation have been fixed. The SRP password-based key agreement scheme and the Camellia block cipher have been added. Support for the Ivy Bridge hardware random number generator has also been added. Various minor bugs affecting OpenBSD and MinGW users have been fixed.
tags | library
systems | linux
MD5 | 1b5fcbc5795f615219277efc5059c886
Another File Integrity Checker 3.1
Posted Jul 26, 2012
Authored by Eric Gerbier | Site afick.sourceforge.net

afick is another file integrity checker, designed to be fast and fully portable between Unix and Windows platforms. It works by first creating a database that represents a snapshot of the most essential parts of your computer system. Then a user can run the script to discover all modifications made since the snapshot was taken (i.e. files added, changed, or removed). The configuration syntax is very close to that of aide or tripwire, and a graphical interface is provided.

Changes: This is the first public (stable) release of new 3.x branch. It is a rewrite (partial for now) of afick in object oriented programming, to allow better code and better support. It matches the 2.21 release for features. The two afick branches (2.x and 3.x) will be maintained in parallel for a few versions, to allow users to migrate when they want.
tags | tool, integrity
systems | linux, windows, unix
MD5 | 0549d9754b9f0eb22887e4586d07267c
Red Hat Security Advisory 2012-1114-01
Posted Jul 26, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1114-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issue: A NULL pointer dereference flaw was found in the nf_ct_frag6_reasm() function in the Linux kernel's netfilter IPv6 connection tracking implementation. A remote attacker could use this flaw to send specially-crafted packets to a target system that is using IPv6 and also has the nf_conntrack_ipv6 kernel module loaded, causing it to crash.

tags | advisory, remote, kernel
systems | linux, redhat
advisories | CVE-2012-2744
MD5 | 3f9b1d5d367511dbb4ca34cbc049f78f
Ubuntu Security Notice USN-1517-1
Posted Jul 26, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1517-1 - It was discovered that the Mono System.Web library incorrectly filtered certain error messages related to forbidden files. If a user were tricked into opening a specially crafted URL, an attacker could possibly exploit this to conduct cross-site scripting (XSS) attacks. It was discovered that the Mono System.Web library incorrectly handled the EnableViewStateMac property. If a user were tricked into opening a specially crafted URL, an attacker could possibly exploit this to conduct cross-site scripting (XSS) attacks. This issue only affected Ubuntu 10.04 LTS. Various other issues were also addressed.

tags | advisory, web, xss
systems | linux, ubuntu
advisories | CVE-2012-3382, CVE-2010-1459, CVE-2010-1459, CVE-2012-3382
MD5 | cdf396e3e4997b1813dadf6d0779101a
Red Hat Security Advisory 2012-1116-01
Posted Jul 26, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1116-01 - Perl DBI is a database access Application Programming Interface for the Perl language. perl-DBD-Pg allows Perl applications to access PostgreSQL database servers. Two format string flaws were found in perl-DBD-Pg. A specially-crafted database warning or error message from a server could cause an application using perl-DBD-Pg to crash or, potentially, execute arbitrary code with the privileges of the user running the application. All users of perl-DBD-Pg are advised to upgrade to this updated package, which contains a backported patch to fix these issues. Applications using perl-DBD-Pg must be restarted for the update to take effect.

tags | advisory, arbitrary, perl
systems | linux, redhat
advisories | CVE-2012-1151
MD5 | afa9c610ce344121f6ff1965f1170be3
Ubuntu Security Notice USN-1516-1
Posted Jul 26, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1516-1 - It was discovered that OpenSSL incorrectly handled the SSL_OP_ALL setting. This resulted in TLS 1.1 and TLS 1.2 being inadvertently disabled for certain server and client applications.

tags | advisory
systems | linux, ubuntu
MD5 | 3168552e4301c288674822f1eea2de17
Page 1 of 1
Back1Next

Want To Donate?


Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

File Archive:

August 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    19 Files
  • 2
    Aug 2nd
    17 Files
  • 3
    Aug 3rd
    16 Files
  • 4
    Aug 4th
    1 Files
  • 5
    Aug 5th
    1 Files
  • 6
    Aug 6th
    19 Files
  • 7
    Aug 7th
    15 Files
  • 8
    Aug 8th
    9 Files
  • 9
    Aug 9th
    7 Files
  • 10
    Aug 10th
    10 Files
  • 11
    Aug 11th
    1 Files
  • 12
    Aug 12th
    0 Files
  • 13
    Aug 13th
    14 Files
  • 14
    Aug 14th
    18 Files
  • 15
    Aug 15th
    38 Files
  • 16
    Aug 16th
    16 Files
  • 17
    Aug 17th
    22 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close