ignore security and it'll go away
Showing 1 - 25 of 738 RSS Feed

Files Date: 2012-07-01 to 2012-07-31

ROP Gadget Tool 3.4.1
Posted Jul 30, 2012
Authored by Jonathan Salwan

This tool lets you search your gadgets on your binaries (ELF format) to facilitate your ROP exploitation. The gadgets are found on executable segments.

Changes: Various bug fixes and a new feature.
tags | tool
systems | unix
MD5 | 7b2720f3dbe16ca49a3bd540789ef2bd
Mandriva Linux Security Advisory 2012-110-1
Posted Jul 30, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-110 - Security issues were identified and fixed in mozilla firefox and thunderbird. Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Security researcher Mario Gomes and research firm Code Audit Labs reported a mechanism to short-circuit page loads through drag and drop to the address bar by canceling the page load. Google security researcher Abhishek Arya used the Address Sanitizer tool to uncover four issues. Various other security issues have also been addressed.

tags | advisory
systems | linux, mandriva
advisories | CVE-2012-1949, CVE-2012-1948, CVE-2012-1950, CVE-2012-1951, CVE-2012-1954, CVE-2012-1953, CVE-2012-1952, CVE-2012-1955, CVE-2012-1966, CVE-2012-1957, CVE-2012-1958, CVE-2012-1959, CVE-2012-1960, CVE-2012-1961, CVE-2012-1962, CVE-2012-1963, CVE-2012-1964, CVE-2012-1965, CVE-2012-1967
MD5 | fe7347ff232f759e1925b05ce60f0f75
Mandriva Linux Security Advisory 2012-119
Posted Jul 30, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-119 - High numbers of queries with DNSSEC validation enabled can cause an assertion failure in named, caused by using a bad cache data structure before it has been initialized. The updated packages have been upgraded to bind 9.7.6-P2 and 9.8.3-P2 which is not vulnerable to this issue.

tags | advisory
systems | linux, mandriva
advisories | CVE-2012-3817
MD5 | f9530642686cb32cb7bb2fd45e7edcff
Microsoft Office SharePoint Server 2007 Remote Code Execution
Posted Jul 30, 2012
Authored by James Burton, juan, Oleksandr Mirosh | Site metasploit.com

This Metasploit module exploits a vulnerability found in SharePoint Server 2007 SP2. The software contains a directory traversal, that allows a remote attacker to write arbitrary files to the filesystem, sending a specially crafted SOAP ConvertFile request to the Office Document Conversions Launcher Service, which results in code execution under the context of 'SYSTEM'. The module uses uses the Windows Management Instrumentation service to execute an arbitrary payload on vulnerable installations of SharePoint on Windows 2003 Servers. It has been successfully tested on Office SharePoint Server 2007 SP2 over Windows 2003 SP2.

tags | exploit, remote, arbitrary, code execution
systems | windows
advisories | CVE-2010-3964, OSVDB-69817
MD5 | aecf7d89719f33bb3c548cb8e12e80ff
Secunia Security Advisory 50042
Posted Jul 30, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in OpenTTD, which can be exploited by malicious users to cause a DoS (Denial of Service).

tags | advisory, denial of service
MD5 | 912eb99b24fa420b5b0557039e92c520
Secunia Security Advisory 50077
Posted Jul 30, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in keepalived, which can be exploited by malicious, local users to potentially gain escalated privileges.

tags | advisory, local
MD5 | 30115035dbb3cdeae63824bc3d5f3c49
Secunia Security Advisory 50076
Posted Jul 30, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in Empire Server, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory, vulnerability
MD5 | d49dae21b89aa10ddf7056139767e0ed
Secunia Security Advisory 50090
Posted Jul 30, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in GraphicsMagick, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
MD5 | 8229dd9933f7297f562dea0a333d3a88
Secunia Security Advisory 50091
Posted Jul 30, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in ImageMagick, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
MD5 | febffb40a79e232c234a80b2cf0328b1
Secunia Security Advisory 50025
Posted Jul 30, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ariko-Security has discovered multiple vulnerabilities in Oxwall, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss
MD5 | de6c78847801266b29002268e4a443f0
Secunia Security Advisory 50045
Posted Jul 30, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in OpenStack Keystone, which can be exploited by malicious users to bypass certain security restrictions.

tags | advisory, vulnerability
MD5 | 32b0bca37f6d5e029109b02956aaf15f
Secunia Security Advisory 50102
Posted Jul 30, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for rocksndiamonds. This fixes a security issue, which can be exploited by malicious, local users to perform certain actions with escalated privileges.

tags | advisory, local
systems | linux, suse
MD5 | 414e2efe9611a809c8b58b1d5ef3af43
Secunia Security Advisory 50092
Posted Jul 30, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in Libxml2, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise an application using the library.

tags | advisory, denial of service, vulnerability
MD5 | 919c34e22b5fc926cb17a6e2e96793a0
Secunia Security Advisory 50075
Posted Jul 30, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability with an unknown impact has been reported in VStar Blog Engine.

tags | advisory
MD5 | 4e613adda58c87e8ba29573371b12880
Secunia Security Advisory 50080
Posted Jul 30, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Brendan Coles has discovered multiple vulnerabilities in CuteFlow, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks, bypass certain security restrictions, and compromise a vulnerable system.

tags | advisory, vulnerability, xss, sql injection
MD5 | 4bcb2744e102d31029e177ac6a75d189
Bypassing Spam Filters Using Homographs
Posted Jul 30, 2012
Authored by Fady Mohamed Osman

This is a whitepaper called Bypassing Spam Filter Using Homographs. Some generation code is also included.

tags | paper
systems | linux
MD5 | 9395f5bee432162375e37981ac30a2ac
Develoweb SQL Injection
Posted Jul 30, 2012
Authored by Taurus Omar

Develoweb suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.

tags | exploit, remote, sql injection
MD5 | a4df09b21fb4a7b751f4f43413c80b02
Scrutinizer NetFlow / sFlow Analyzer 9.0.1 XSS / Bypass / File Upload
Posted Jul 29, 2012
Authored by Mario Ceballos, Jonathan Claudius | Site trustwave.com

Scrutinizer NetFlow and sFlow Analyzer versions 9.0.1 and below suffer from bypass, cross site scripting, and remote file upload vulnerabilities. It also has undocumented MySQL admin users.

tags | exploit, remote, vulnerability, xss, file upload
advisories | CVE-2012-2626, CVE-2012-2627, CVE-2012-3848, CVE-2012-3951
MD5 | 73d5828d4514d8fed50ab4579ea87f2b
eNdonesia 8.5 SQL Injection
Posted Jul 29, 2012
Authored by Crim3R

eNdonesia version 8.5 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 836ea9197be4ab16a7931ea849345337
Digital Whisper Electronic Magazine #33
Posted Jul 29, 2012
Authored by cp77fk4r, digitalwhisper

Digital Whisper Electronic Magazine issue 33. Written in Hebrew.

tags | magazine
MD5 | 53fc36c9efb059d360ea78ef433fb466
httpdx 1.5.4 Heap Overflow
Posted Jul 29, 2012
Authored by st3n

httpdx versions 1.5.4 and below suffer from a heap overflow vulnerability.

tags | exploit, overflow
MD5 | adab73920feaeabefb8c4347da2d42cc
Transferable State Attack On Iterated Hashing Functions
Posted Jul 29, 2012
Authored by bwall

This paper describes an attack of the iterated use of hashing functions used as key stretching algorithms where the state of a hash can be transferred to the next hash function.

tags | paper
MD5 | 474d91d129e29f695036dc70ede0344a
SC DHCP 4.1.2 Denial Of Service
Posted Jul 29, 2012
Authored by K1P0D

Proof of concept denial of service exploit for the zero length client id infinite loop vulnerability in DHCP version 4.1.2.

tags | exploit, denial of service, proof of concept
advisories | CVE-2012-3571
MD5 | acd26c3b35f867f8759ed93617b5abaf
ocPortal CMS 7.1.5 Open Redirect
Posted Jul 29, 2012
Authored by Aung Khant | Site yehg.net

ocPortal CMS versions 7.1.5 and below are vulnerable to open URL redirection.

tags | exploit
MD5 | 7a621a9b271953e210df9470cbd70e72
JW Player / SVFP / Poodll / RokBox Cross Site Scripting
Posted Jul 29, 2012
Authored by MustLive

Various flash players, such as JWPlayer for MODx, Simple video flash player for Joomla, Poodll for Moodle, RokBox for Joomla, and RokBox for WordPress all suffer from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | b24214fa12493f0853af80eb6dfeec32
Page 1 of 30
Back12345Next

File Archive:

September 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    5 Files
  • 2
    Sep 2nd
    5 Files
  • 3
    Sep 3rd
    3 Files
  • 4
    Sep 4th
    13 Files
  • 5
    Sep 5th
    16 Files
  • 6
    Sep 6th
    15 Files
  • 7
    Sep 7th
    20 Files
  • 8
    Sep 8th
    16 Files
  • 9
    Sep 9th
    4 Files
  • 10
    Sep 10th
    2 Files
  • 11
    Sep 11th
    15 Files
  • 12
    Sep 12th
    19 Files
  • 13
    Sep 13th
    20 Files
  • 14
    Sep 14th
    38 Files
  • 15
    Sep 15th
    31 Files
  • 16
    Sep 16th
    1 Files
  • 17
    Sep 17th
    7 Files
  • 18
    Sep 18th
    15 Files
  • 19
    Sep 19th
    40 Files
  • 20
    Sep 20th
    8 Files
  • 21
    Sep 21st
    1 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close