what you don't know can hurt you
Showing 1 - 25 of 26 RSS Feed

Files Date: 2012-10-19

ManageEngine Security Manager Plus 5.5 SQL Injection
Posted Oct 19, 2012
Authored by xistence

ManageEngine Security Manager Plus versions 5.5 build 5505 remote SYSTEM/root SQL injection exploit that spawns a shell.

tags | exploit, remote, shell, root, sql injection
SHA-256 | 6d2a8bcbddb1c5a2fce72265db430d93c35c4e46841e736af9eb65ee5db7fa47
ManageEngine Security Manager Plus 5.5 Traversal
Posted Oct 19, 2012
Authored by xistence

ManageEngine Security Manager Plus versions 5.5 build 5505 and below suffer from a path traversal vulnerability.

tags | exploit, file inclusion
SHA-256 | fa2c630e11d919d9d1b121504583b9b23aae97d94b41855b33e036271a53318b
ManageEngine Security Manager Plus 5.5 Build 5505 Code Execution
Posted Oct 19, 2012
Authored by xistence | Site metasploit.com

This Metasploit module exploits a SQL injection found in ManageEngine Security Manager Plus advanced search page. It will send a malicious SQL query to create a JSP file under the web root directory, and then let it download and execute our malicious executable under the context of SYSTEM. No authentication is necessary to exploit this.

tags | exploit, web, root, sql injection
SHA-256 | e2984c80e9b18bcfe0bf36c7deb7a463e4967710e4784d8a20eb3c7da32c323b
Joomla Commedia 3.1 SQL Injection
Posted Oct 19, 2012
Authored by Daniel Barragan

Joomla Commedia component version 3.1 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 770a367b7480f324da5c7b2384c0f9976eb34880bfcc80a40d8be7b9a89c5974
ccrypt 1.10
Posted Oct 19, 2012
Authored by Peter Selinger | Site ccrypt.sourceforge.net

ccrypt is a command line utility for encrypting and decrypting files and streams. It was designed as a replacement for the standard Unix crypt utility, which is notorious for using a very weak encryption algorithm. ccrypt is based on the Rijndael cipher, which is the U.S. government's chosen candidate for the Advanced Encryption Standard (AES). This cipher is believed to provide very strong security. A compatibility mode is included for decrypting legacy "unix crypt" files.

Changes: This release fixes a number of minor portability issues and minor bugs, factors ccrypt core functionality into a convenience library (libccrypt.a), adds a ccguess program to assist in the recovery of mistyped keys, improves error checking and fixes minor compiler warnings, adds minor improvements to Emacs support, and adds a --disable-emacs configuration option.
tags | tool, encryption
systems | unix
SHA-256 | 87d66da2170facabf6f2fc073586ae2c7320d4689980cfca415c74688e499ba0
An Empirical Study Of Zero-Day Attacks In The Real World
Posted Oct 19, 2012
Authored by Tudor Dumitras, Leyla Bilge

Whitepaper called Before We Knew It - An Empirical Study of Zero-Day Attacks in the Real World. Little is known about the duration and prevalence of zero- day attacks, which exploit vulnerabilities that have not been disclosed publicly. Knowledge of new vulnerabilities gives cyber criminals a free pass to attack any target of their choosing, while remaining undetected. Unfortunately, these serious threats are difficult to analyze, because, in general, data is not available until after an attack is discovered. Moreover, zero-day attacks are rare events that are unlikely to be observed in honeypots or in lab experiments.

tags | paper, vulnerability
SHA-256 | 875340efc98130f5d6030b38d6b55785d579d8ed9efe58da591760856f6d59ce
OpenSSH 6.0p1 Backdoor Patch
Posted Oct 19, 2012
Authored by shaolininteger

This patch is for openssh-6.0p1 source which combines a known openssh backdoor and Sebastian Krahmer's openssh.reverse capabilities.

tags | encryption
SHA-256 | 77795e61b1faaed272981f2e590710ad4ed211619c986900dce34613dd61bca5
Joomla Freestyle Support 1.9 SQL Injection
Posted Oct 19, 2012
Authored by Daniel Barragan

Joomla Freestyle Support component version 1.9.1.1447 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | f435492e3f19abf07fe1c8d0509f446005f9930040bdd4c5203fed8c6a03ce2b
Joomla Tag SQL Injection
Posted Oct 19, 2012
Authored by Daniel Barragan

Joomla Tag component suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 875f404515cc1703d07d6e1a0aa5738d22364d54f7524668ebfc08b3b5ea72e9
Happy B-Day HKM Shellcode
Posted Oct 19, 2012
Authored by nitr0us

50 bytes small novelty Happy B-day HKM shellcode.

tags | shellcode
SHA-256 | d3fd68cf8cf5f083dcba30cf495843ea1bdc136f3ec361aa1a4bb9fbd81c8bfa
Secunia Security Advisory 51025
Posted Oct 19, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Gentoo has issued an update for w3m. This fixes a vulnerability, which can be exploited by malicious people to conduct spoofing attacks.

tags | advisory, spoof
systems | linux, gentoo
SHA-256 | b60444c1dab4f7af62548a47344ed8c133f5759649193409b2d8ee4a3f9b8bdf
Secunia Security Advisory 51051
Posted Oct 19, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in IBM XIV Storage System, which can be exploited by malicious people to bypass certain security restrictions, disclose certain sensitive information, and cause a DoS (Denial of Service).

tags | advisory, denial of service, vulnerability
SHA-256 | 38ad0c5928d1dad33168ef8da12520ba831090989e4d65b9475fcae6c1d1309b
Secunia Security Advisory 51043
Posted Oct 19, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in IBM WebSphere Message Broker, which can be exploited by malicious users to bypass certain security restrictions.

tags | advisory
SHA-256 | f28fe121ded208c1903b18f60a7094678337a386fa0c07725ab47cad1228c4b2
Secunia Security Advisory 51057
Posted Oct 19, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for hostapd. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | linux, suse
SHA-256 | b4eee896d0e818672f5188e10ded950ce65f30bd542bdf7f3a5404504ce18e74
Secunia Security Advisory 50969
Posted Oct 19, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ken Sager has reported a vulnerability in Campaign Enterprise, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, sql injection
SHA-256 | 5bce59f94c7eae4cd373d363c3f74f97bc2e4a5790bf93b55f6a57f4feb83812
Secunia Security Advisory 51033
Posted Oct 19, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A weakness has been reported in Django, which can be exploited by malicious people to disclose potentially sensitive information.

tags | advisory
SHA-256 | 64c795c384636d194c3b020c0c3372accaf5660aacd1d6346d532f9fcd18c48b
Secunia Security Advisory 51056
Posted Oct 19, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for bind. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | linux, suse
SHA-256 | 247ff2bfbb0e0a96cbced2620506ea6494bb85fde0f4b4fde1e696fcd22c6d64
Secunia Security Advisory 50915
Posted Oct 19, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Andrea Fabrizi has reported two vulnerabilities in Visual Tools VS, which can be exploited by malicious people to disclose sensitive information and potentially compromise a vulnerable system.

tags | advisory, vulnerability
SHA-256 | 3f83fd4c5fdd95ef54dbbd33eaea33eae25800c61f6962aec0df61867218242a
Secunia Security Advisory 50927
Posted Oct 19, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in the Profile Albums plugin for MyBB, which can be exploited by malicious users to conduct SQL injection attacks.

tags | advisory, sql injection
SHA-256 | 6d8a0d53f6bd23bd4f3c8e04000fdd5a7918700015c19da4fb2d48ab72dbea5b
Secunia Security Advisory 51059
Posted Oct 19, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - IBM has acknowledged multiple vulnerabilities in IBM DB2 Query Management Facility for Workstation, which can be exploited by malicious, local users to disclose potentially sensitive information, manipulate certain data, and cause a DoS (Denial of Service) and by malicious people to disclose potentially sensitive information, manipulate certain data, cause a DoS (Denial of Service), and compromise a vulnerable system.

tags | advisory, denial of service, local, vulnerability
SHA-256 | 97d27c91b240dc61a310ce0187c2c09ada0f1048689dab1e7ffe1b5bd641647b
Secunia Security Advisory 51022
Posted Oct 19, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities has been reported in gpEasy CMS, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss
SHA-256 | 285f65b4095e7c1b79d4c09baa7bec8a4c33bf2b22821eda387826310c315068
Secunia Security Advisory 50989
Posted Oct 19, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ken Sager has discovered a vulnerability in Campaign Enterprise, which can be exploited by malicious people to disclose sensitive information.

tags | advisory
SHA-256 | 22e3b9730869b2ff15887674f6f02ce45b58dd11c02e66dd34d8a5745bc8be2e
Secunia Security Advisory 50985
Posted Oct 19, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in Oracle Database, which can be exploited by malicious, local users to manipulate certain data and cause a DoS (Denial of Service), by malicious users to disclose potentially sensitive information, manipulate certain data, and potentially compromise a vulnerable system, and by malicious people to disclose potentially sensitive information, manipulate certain data, and potentially compromise a vulnerable system.

tags | advisory, denial of service, local, vulnerability
SHA-256 | ded331aaaed524a62cecfca52e4bf18ddc0a1c54c85669ac272f0ebe213e5bea
Secunia Security Advisory 51007
Posted Oct 19, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Oracle VM VirtualBox, which can be exploited by malicious, local users to cause a Denial of Service (DoS).

tags | advisory, denial of service, local
SHA-256 | 9d13d457829f6e07ac37139fb0cc541c2208474aeda9445445f23738171a21a2
Secunia Security Advisory 50993
Posted Oct 19, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in Oracle Outside In Technology, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service, vulnerability
SHA-256 | 4cb544459b28f88b61400ba9f9ff3555cced96eabdeac5421d91f7e15f4e2e85
Page 1 of 2
Back12Next

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    26 Files
  • 18
    May 18th
    4 Files
  • 19
    May 19th
    17 Files
  • 20
    May 20th
    2 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    6 Files
  • 24
    May 24th
    19 Files
  • 25
    May 25th
    5 Files
  • 26
    May 26th
    12 Files
  • 27
    May 27th
    12 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close