what you don't know can hurt you
Showing 1 - 22 of 22 RSS Feed

Files Date: 2012-11-12

GNU Transport Layer Security Library 3.1.4
Posted Nov 12, 2012
Authored by Simon Josefsson, Nikos Mavrogiannopoulos | Site gnu.org

GnuTLS is a secure communications library implementing the SSL and TLS protocols and technologies around them. It provides a simple C language application programming interface (API) to access the secure communications protocols, as well as APIs to parse and write X.509, PKCS #12, OpenPGP, and other required structures. It is intended to be portable and efficient with a focus on security and interoperability.

Changes: This release includes initial support for the DTLS-SRTP protocol, updates related to the new DANE library, and several simplifications to the existing API.
tags | protocol, library
SHA-256 | f27d92cdca8a4f4406e58c91e90e9ce1c6f23d1bbeddf864be789b99b0ef7d70
Libgcrypt 1.5.0
Posted Nov 12, 2012
Authored by Werner Koch | Site gnu.org

Libgcrypt is a general-purpose cryptographic library based on the code from GnuPG. It provides functions for all cryptographic building blocks: symmetric ciphers (AES, DES, Blowfish, CAST5, Twofish, and Arcfour), hash algorithms (MD4, MD5, RIPE-MD160, SHA-1, and TIGER-192), MACs (HMAC for all hash algorithms), public key algorithms (RSA, ElGamal, and DSA), large integer functions, random numbers, and a lot of supporting functions.

Changes: This release added a new gcry_kdf_derive function implementing OpenPGP S2K algorithms and PBKDF2, support for Windows CE, support for ECDH, OAEP, and PSS methods (RFC 3447), new "%M" and "%u" format specifiers for gcry_sexp_build, and new functions that map ECC parameters to a curve name and parameter values. gcry_mpi_cmp when applied to opaque values now has a defined semantic. Intel AES-NI instructions are used if available. The module register subsystem has been deprecated. CTR mode may now be used with data chunks of arbitrary length. PKCS v1.5 code was fixed to always return the leading zero.
tags | library
systems | unix
SHA-256 | cc98b1f64c9ae3b0185099cef4ac6c436a849095edf87f34157f0bb10e187990
IDIC Blogs Shell Upload
Posted Nov 12, 2012
Authored by cr4wl3r

IDIC Blogs suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
SHA-256 | ad459bc9dc2ccd4b884ec45eb321463f3f3eb6e1a2b1676758c7eb846beeae6d
BananaDance Wiki b2.2 Cross Site Scripting / SQL Injection
Posted Nov 12, 2012
Authored by Katharina S.L., Vulnerability Laboratory | Site vulnerability-lab.com

BananaDance Wiki version b2.2 suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
SHA-256 | 37ff3df19e6aaf91a7a828f64ebd039105f5fd56742cdbfbcbec3d46a36a9fc0
vBulletin vBay 11.9 SQL Injection
Posted Nov 12, 2012
Authored by Dan UK

vBulletin vBay versions 1.1.9 and below suffer from an error-based remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 6f8ed8daae627a0c41ec335ebfcf80879204f786f34ec40bc271cf7ad90e2ea9
Smadav AntiVirus 9.1 Denial Of Service
Posted Nov 12, 2012
Authored by Mada R Perdhana

Smadav AntiVirus version 9.1 crash denial of service proof of concept exploit.

tags | exploit, denial of service, proof of concept
SHA-256 | 6aa58964ac0b9bed4c210d3143a768670633a3140ab74a4cbb42d0ae32b98f05
Infin8 Shell Upload
Posted Nov 12, 2012
Authored by Net.W0lf, Hack Center Security Team

Sites designed by Infin8 suffer from a remote shell upload vulnerability. Note that this finding houses site-specific data.

tags | exploit, remote, shell
SHA-256 | 586c78ad4fabbf086d403c8eef84b12fdc9608bf23a4f73603525e9f9fcc3a97
DNS 2 GeoIP
Posted Nov 12, 2012
Authored by Jethro Inwald

DNS 2 GeoIP is a simple python script that brute forces DNS and subsequently geolocates the found subdomains. It is useful for determining which services a company hosts off site or on site during a penetration test.

tags | tool, rootkit, python
systems | unix
SHA-256 | 12f04939eaa592462e7f86a13519994bcc657009b29709b32e4d4208459afcf8
Zoner Photo Studio 15 Build 3 Registry Value Parsing
Posted Nov 12, 2012
Authored by Julien Ahrens

Zoner Photo Studio version 15 build 3 (Zps.exe) registry value parsing local buffer overflow exploit.

tags | exploit, overflow, local, registry
SHA-256 | c53242a37889f34cff9f519a6c111241471f745688fa36be001c3be8eb171446
CKFinder 2.3 / FCKEditor 2.6.8 SWF Cross Site Scripting
Posted Nov 12, 2012
Authored by Soroush Dalili

CK Finder version 2.3 and FCKEditor version 2.6.8 allow uploads of malicious swf files that can allow for cross site scripting attacks.

tags | exploit, xss
SHA-256 | d82a591cc39f84f739a5883f7788b375ddde2f6568df00ff6cbe8a116ba4e460
Microsoft Visio 2010 Memory Corruption
Posted Nov 12, 2012
Authored by coolkaveh

Microsoft Viso 2010 memory corruption proof of concept exploit.

tags | exploit, proof of concept
systems | linux
SHA-256 | e153bd2eae6932dee637492ff4068b33d6b8c53e89bfca5d0b4b26be2ca9da12
Secunia Security Advisory 51230
Posted Nov 12, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in Roundup, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss
SHA-256 | f2ccb82e92171d2a991beff0b625497785f88434dca3b44765c829240677a9cf
Secunia Security Advisory 51209
Posted Nov 12, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue has been reported in Gajim, which can be exploited by malicious people to conduct spoofing attacks.

tags | advisory, spoof
SHA-256 | af42205b2543aed104576f2fd18abd9aa85b51911c7a55ae34d40642c666188a
Secunia Security Advisory 51251
Posted Nov 12, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for radsecproxy. This fixes a security issue, which can be exploited by malicious users to bypass certain security restrictions.

tags | advisory
systems | linux, debian
SHA-256 | 8539af893fb748e9d7faa5890341f971d1e8803fb267e088aaf5901938a3f882
Secunia Security Advisory 51253
Posted Nov 12, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Ruby, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service, ruby
SHA-256 | ba23ec81a1e456f3111f0f157b44bc5367446ccb9f836220f6f8c649d60e52b9
Secunia Security Advisory 51231
Posted Nov 12, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in WeeChat, which can be exploited by malicious people to potentially compromise a user's system.

tags | advisory
SHA-256 | e4d93351ca754c4f599625bfdb8fe9406d5eb84b46697ef5b280d174f98eea9b
Secunia Security Advisory 51224
Posted Nov 12, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in the Ultimate TinyMCE plugin for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
SHA-256 | 765547a97b83cdf989befd1449f7e088c2acc00b23aa633a4834cf7f67d2c515
Secunia Security Advisory 51256
Posted Nov 12, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Attachmate has acknowledged multiple vulnerabilities in some Reflection products, which can be exploited by malicious, local users to disclose potentially sensitive information, manipulate certain data, and cause a DoS (Denial of Service) and by malicious people to conduct cross-site scripting attacks, disclose potentially sensitive information, manipulate certain data, cause a DoS (Denial of Service), and compromise a vulnerable system.

tags | advisory, denial of service, local, vulnerability, xss
SHA-256 | 0f0e43fe9f065420f9ed951261da456c0c6e28d180993a3f950eb43ac3fbe8a4
Secunia Security Advisory 51276
Posted Nov 12, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Attachmate has acknowledged a vulnerability in Reflection for Secure IT, which can be exploited by malicious people to potentially compromise a vulnerable system.

tags | advisory
SHA-256 | f9369ab9b233523ab71d40bd8bb3899b98737ef62436da54c12254e99bdacd46
Secunia Security Advisory 51262
Posted Nov 12, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in esri ArcGIS, which can be exploited by malicious users to conduct SQL injection attacks.

tags | advisory, sql injection
SHA-256 | dd9c156c19c06aa3b70cd0ca81270de54d94b105225d6578e3e716e829ae8300
Secunia Security Advisory 51222
Posted Nov 12, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for cgit. This fixes a vulnerability, which can be exploited by malicious users to compromise a vulnerable system.

tags | advisory
systems | linux, suse
SHA-256 | 3f99e436adac2f1b6b8356d0bac081fb7434c48dc5d439fb055aff5dd6fa65a5
Secunia Security Advisory 50976
Posted Nov 12, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been discovered in the WP125 plugin for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss
SHA-256 | 585ab871b7f70eb543471047ca492f090f21603141995fe7a84a40e61c35c1a5
Page 1 of 1
Back1Next

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    26 Files
  • 18
    May 18th
    4 Files
  • 19
    May 19th
    17 Files
  • 20
    May 20th
    2 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    6 Files
  • 24
    May 24th
    19 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close