Exploit the possiblities
Showing 1 - 14 of 14 RSS Feed

Files Date: 2012-09-15

Beltane Web-Based Management For Samhain 1.0.19
Posted Sep 15, 2012
Site la-samhna.de

Beltane is a web-based central management console for the Samhain file integrity / intrusion detection system. It enables the administrator to browse client messages, acknowledge them, and update centrally stored file signature databases. Beltane requires a Samhain (version 1.6.0 or higher) client/server installation, with file signature databases stored on the central server, and logging to a SQL database enabled.

Changes: Various updates.
tags | tool, web, intrusion detection
systems | unix
MD5 | 4b8c5c8b23225fc9b6d2554fdf78827c
LinkedIn Clickjacking / Open Redirection
Posted Sep 15, 2012
Authored by Ajay Singh Negi

LinkedIn suffers from clickjacking and open URL redirection vulnerabilities.

tags | exploit, vulnerability
MD5 | 4094e7c127db43ae824cd1b87b778c6e
Slackware Security Advisory - patch Updates
Posted Sep 15, 2012
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New patch packages are available for Slackware 12.1, 12.2, 13.0, 13.1, 13.37, and -current to fix a security issue.

tags | advisory
systems | linux, slackware
advisories | CVE-2012-4651
MD5 | f5ca8b2e52f0c968f57ba73ecb5e23b0
Confluence Wiki 4.1.4 Cross Site Scripting
Posted Sep 15, 2012
Authored by INTREST SEC

Confluence Wiki versions 3.5.9, 4.0.3, and 4.1.4 suffer from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 18385f05924c77ef5e1d58598146fb29
Slackware Security Advisory - bind Updates
Posted Sep 15, 2012
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New bind packages are available for Slackware 12.1, 12.2, 13.0, 13.1, 13.37, and -current to fix a security issue.

tags | advisory
systems | linux, slackware
MD5 | 4e7c2e8985aca6e0012746dc36ead959
Slackware Security Advisory - dhcp Updates
Posted Sep 15, 2012
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New dhcp packages are available for Slackware 12.1, 12.2, 13.0, 13.1, 13.37, and -current to fix a security issue.

tags | advisory
systems | linux, slackware
advisories | CVE-2012-3955
MD5 | 606d91b2fa961bbd75160a461efe0be1
CNN.com Cross Site Scripting
Posted Sep 15, 2012
Authored by TayfunBasoglu

Multiple CNN sites suffer from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | ee0fb0d3a5c8703b65eabe8350485430
IFOBS Cross Site Scripting / Brute Force
Posted Sep 15, 2012
Authored by MustLive

IFOBS suffers from cross site scripting and brute forcing vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 18d4fb9d14d61bfb5d118fda6322ccfd
Vetor Design SQL Injection
Posted Sep 15, 2012
Authored by TUNISIAN CYBER

Vetor Design based sites suffer from multiple remote SQL injection vulnerabilities. Note that this finding houses site-specific data.

tags | exploit, remote, vulnerability, sql injection
MD5 | d42c6b2c5c82b2840d4b22e9ff22e061
Trainor SQL Injection
Posted Sep 15, 2012
Authored by Net.W0lf, Hack Center Security Team

Trainor suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.

tags | exploit, remote, sql injection
MD5 | 5097046fac0e7bd74a1725e189103f90
University Of Wisconsin - Madison Cross Site Scripting
Posted Sep 15, 2012
Authored by s4r4d0

The University of Wisconsin suffers from a cross site scripting vulnerability on commarts.wisc.edu.

tags | exploit, xss
MD5 | 9bee440883c4efc24acab0bc371d1e7f
Oracle BTM FlashTunnelService Remote Code Execution
Posted Sep 15, 2012
Authored by rgod, sinn3r, juan vazquez | Site metasploit.com

This Metasploit module exploits abuses the FlashTunnelService SOAP web service on Oracle Business Transaction Management 12.1.0.7 to upload arbitrary files, without authentication, using the WriteToFile method. The same method contains a directory traversal vulnerability, which allows to upload the files to arbitrary locations. In order to execute remote code two techniques are provided. If the Oracle app has been deployed in the same WebLogic Samples Domain a JSP can be uploaded to the web root. If a new Domain has been used to deploy the Oracle application, the Windows Management Instrumentation service can be used to execute arbitrary code. Both techniques has been successfully tested on default installs of Oracle BTM 12.1.0.7, Weblogic 12.1.1 and Windows 2003 SP2. Default path traversal depths are provided, but the user can configure the traversal depth using the DEPTH option.

tags | exploit, remote, web, arbitrary, root
systems | windows
advisories | OSVDB-85087
MD5 | d44ccc8262b6ee1b99a8b92df7a65c36
Oracle Java Applet SunToolkit.getField Method Remote Code Execution
Posted Sep 15, 2012
Authored by Minsu Kim, Hyunwoo Choi, Hyunwook Hong, Changhoon Yoon

This document is an analysis of the Oracle Java Applet SunToolkit.getField remote code execution vulnerability as noted in CVE-2012-4681.

tags | paper, java, remote, code execution
advisories | CVE-2012-4781
MD5 | a30f6942df60bfd5825077b8aa0e8f00
Trend Micro InterScan Messaging Security Suite XSS / CSRF
Posted Sep 15, 2012
Authored by modpr0be

Trend Micro InterScan Messaging Security Suite suffers from stored cross site scripting and cross site request forgery vulnerabilities.

tags | exploit, vulnerability, xss, csrf
advisories | CVE-2012-2995, CVE-2012-2996
MD5 | 11bd6fad231e403fae6e563be0b09725
Page 1 of 1
Back1Next

File Archive:

November 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    22 Files
  • 2
    Nov 2nd
    28 Files
  • 3
    Nov 3rd
    10 Files
  • 4
    Nov 4th
    1 Files
  • 5
    Nov 5th
    5 Files
  • 6
    Nov 6th
    15 Files
  • 7
    Nov 7th
    15 Files
  • 8
    Nov 8th
    13 Files
  • 9
    Nov 9th
    9 Files
  • 10
    Nov 10th
    9 Files
  • 11
    Nov 11th
    3 Files
  • 12
    Nov 12th
    2 Files
  • 13
    Nov 13th
    15 Files
  • 14
    Nov 14th
    17 Files
  • 15
    Nov 15th
    19 Files
  • 16
    Nov 16th
    15 Files
  • 17
    Nov 17th
    19 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close