Exploit the possiblities
Showing 1 - 25 of 34 RSS Feed

Files Date: 2012-12-18

WordPress Clockstone Theme File Upload
Posted Dec 18, 2012
Authored by DigiP | Site attack-scanner.com

The Clockstone WordPress theme appears to suffer from a remote shell upload vulnerability.

tags | exploit, remote, shell
MD5 | 948683daa1964c6bc3a5c3c633d40adc
Centrify Deployment Manager 2.1.0.283 Local Root
Posted Dec 18, 2012
Authored by Larry W. Cashdollar

Centrify Deployment Manager version 2.1.0.283 local root exploit that leverages a race condition in /tmp.

tags | exploit, local, root
advisories | CVE-2012-6348
MD5 | 0a2956c59cfa90b08bf35c9a86db4d27
Enterpriser16 LB 7.1 Cross Site Scripting
Posted Dec 18, 2012
Authored by Ibrahim El-Sayed | Site vulnerability-lab.com

Enterpriser16 LB version 7.1 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 3aeebfbcb683b0ed7a9634d120d9ee15
FS-InitRandMAC 1.0
Posted Dec 18, 2012
Authored by Alberto Fontanella | Site fulgursecurity.com

This is a simple tool to set your NIC MAC address on boot to a random value generated by OpenSSL.

tags | tool
systems | unix
MD5 | f54fc929796c9d1a44227221fbab5d64
SonicWall SonicOS 5.8.1.8 WAF Cross Site Scripting
Posted Dec 18, 2012
Authored by Benjamin Kunz Mejri | Site vulnerability-lab.com

SonicWall SonicOS version 5.8.1.8 suffers from a POST-based cross site scripting vulnerability.

tags | exploit, xss
MD5 | 2ceaba0146e6b2bdb860ae7d04d1c96c
MyBB MyYoutube Cross Site Scripting
Posted Dec 18, 2012
Authored by limb0

MyBB MyYoutube plugin suffers from a stored cross site scripting vulnerability.

tags | exploit, xss
MD5 | cbeb79698c7ed62fdf0db65f8021efc9
MyBB Xbox Live ID Cross Site Scripting
Posted Dec 18, 2012
Authored by limb0

MyBB Xbox Live ID plugin suffers from a stored cross site scripting vulnerability.

tags | exploit, xss
MD5 | a8e060f9bf6d313030f213c3328d3004
MyBB Profile Skype ID 1.0 Cross Site Scripting
Posted Dec 18, 2012
Authored by limb0

MyBB Profile Skype ID plugin version 1.0 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | 9a6f9b78971bc396d4a3ec8d09d1bcf1
MyBB MyTube 1.0 Cross Site Scripting
Posted Dec 18, 2012
Authored by Kim Kun Bum

MyBB MyTube plugin version 1.0 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | 92207eb5b0196081d213c8ac6fbd5998
MyBB Facebook Profile 2.4 Cross Site Scripting
Posted Dec 18, 2012
Authored by limb0

MyBB Facebook Profile plugin version 2.4 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | 03e388646b2c4cf3ffc3476e8e995684
MyBB Bank Transactions 2.0 SQL Injection
Posted Dec 18, 2012
Authored by limb0

MyBB Bank Transactions plugin version 2.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 1b81a948617b260adb33a5503ae9acfd
Address Application Layer Attacks With Mod Security
Posted Dec 18, 2012
Authored by Archana Sharma

This article sheds some light concepts pertaining to the WAF-like feature functionality of mod_security in Apache.

tags | paper
MD5 | 2381d9eb80165ee0eb3b7356174869ee
Firefox 17.0.1 Crash Proof Of Concept
Posted Dec 18, 2012
Authored by limb0

Firefox version 17.0.1 crash proof of concept exploit.

tags | exploit, proof of concept
MD5 | c4bdc30ccda9c86ed909cae6f34e9ce3
Secunia Security Advisory 51591
Posted Dec 18, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in IBM Intelligent Operations Center, which can be exploited by malicious people to conduct script insertion attacks.

tags | advisory
MD5 | d905086dddffff389468fcec0e6dc83f
Secunia Security Advisory 51625
Posted Dec 18, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for bogofilter. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | linux, ubuntu
MD5 | c7c56ab6c3577799161cf84ed7aa8541
Secunia Security Advisory 51612
Posted Dec 18, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in the User Profile Skype ID plugin for MyBB, which can be exploited by malicious users to conduct script insertion attacks.

tags | advisory
MD5 | 661d1e767a128471c5973fb907aad9a7
Secunia Security Advisory 51586
Posted Dec 18, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - IBM has acknowledged two vulnerabilities in IBM InfoSphere BigInsights, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service, vulnerability
MD5 | e87fe3325625f93f1ebee0b3337fe3e3
Secunia Security Advisory 51603
Posted Dec 18, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A weakness has been discovered in SANLock, which can be exploited by malicious, local users to manipulate certain data.

tags | advisory, local
MD5 | 562d91f79f382867bbaeeaf4562a95b8
Secunia Security Advisory 51627
Posted Dec 18, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for aptdaemon. This fixes a vulnerability, which can be exploited by malicious people to bypass certain security features.

tags | advisory
systems | linux, ubuntu
MD5 | 629620de8296bd1130107cbd7083bde2
Secunia Security Advisory 51611
Posted Dec 18, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Larry Cashdollar has reported a security issue in Centrify Deployment Manager, which can be exploited by malicious, local users to perform certain actions with escalated privileges.

tags | advisory, local
MD5 | 3149f9fadcb202fbba008cd3546209c3
Secunia Security Advisory 51609
Posted Dec 18, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for flash-player. This fixes multiple vulnerabilities, which can be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability
systems | linux, suse
MD5 | 377600a8b2f193afd90b1d12dc37cfac
Secunia Security Advisory 51558
Posted Dec 18, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Deloitte has reported a vulnerability in Axway SecureTransport, which can be exploited by malicious people to disclose certain sensitive information or manipulate certain data.

tags | advisory
MD5 | e1c7a7339f6daa2bfffc3dedce87d1bd
Crystal Reports CrystalPrintControl ActiveX ServerResourceVersion Property Overflow
Posted Dec 18, 2012
Authored by Dr_IDE, Dmitriy Pletnev, juan vazquez | Site metasploit.com

This Metasploit module exploits a heap based buffer overflow in the CrystalPrintControl ActiveX, while handling the ServerResourceVersion property. The affected control can be found in the PrintControl.dll component as included with Crystal Reports 2008. This Metasploit module has been tested successfully on IE 6, 7 and 8 on Windows XP SP3 and IE 8 on Windows 7 SP1. The module uses the msvcr71.dll library, loaded by the affected ActiveX control, to bypass DEP and ASLR.

tags | exploit, overflow, activex
systems | windows, xp, 7
advisories | CVE-2010-2590, OSVDB-69917
MD5 | 531840a38d272b1140c2fabb863d3a4f
Haveged 1.6
Posted Dec 18, 2012
Site issihosts.com

haveged is a daemon that feeds the /dev/random pool on Linux using an adaptation of the HArdware Volatile Entropy Gathering and Expansion algorithm invented at IRISA. The algorithm is self-tuning on machines with cpuid support, and has been tested in both 32-bit and 64-bit environments. The tarball uses the GNU build mechanism, and includes self test targets and a spec file for those who want to build an RPM.

Changes: The runtime test implementation has been corrected to remove an alignment fault which appeared in AIS test0 on arm64 hosts. The build procedure for clock_gettime() support has been altered to provide better control (now an override for all architectures) and correctly determine dependencies. Minor typos and inaccuracies in the source and man page have been corrected.
tags | tool
systems | linux, unix
MD5 | 5a386a530e89bfbc6c8d22717b16e2a8
Security / Robustness Assessment Of IPv6 ND Implementations
Posted Dec 18, 2012
Authored by Fernando Gont

Recent security research seems to indicate that a number of IPv6 Neighbor Discovery implementations fail to implement basic sanity checks on received packets and/or fail to properly manage protocol data structures, being subject of trivial Denial of Service (DoS) attacks. Additionally, some IPv6 protocol features allow a number of attacks, ranging from man-in-the-middle to Denial of Service (DoS). This document discusses how to conduct a security/robustness assessment of Neighbor Discovery implementations by means of the SI6 Networks' IPv6 toolkit - a free, portable, and fully-featured IPv6 security assessment and trouble-shooting toolkit. Additionally, it provides pointers to ongoing work in this area, such that the aforementioned issues can be mitigated where appropriate.

tags | paper, denial of service, protocol
MD5 | 8a65ffde5b00eee9e520aab39bf62a9d
Page 1 of 2
Back12Next

Want To Donate?


Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

File Archive:

January 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    2 Files
  • 2
    Jan 2nd
    13 Files
  • 3
    Jan 3rd
    16 Files
  • 4
    Jan 4th
    39 Files
  • 5
    Jan 5th
    26 Files
  • 6
    Jan 6th
    40 Files
  • 7
    Jan 7th
    2 Files
  • 8
    Jan 8th
    16 Files
  • 9
    Jan 9th
    25 Files
  • 10
    Jan 10th
    28 Files
  • 11
    Jan 11th
    44 Files
  • 12
    Jan 12th
    32 Files
  • 13
    Jan 13th
    2 Files
  • 14
    Jan 14th
    4 Files
  • 15
    Jan 15th
    31 Files
  • 16
    Jan 16th
    15 Files
  • 17
    Jan 17th
    16 Files
  • 18
    Jan 18th
    8 Files
  • 19
    Jan 19th
    0 Files
  • 20
    Jan 20th
    0 Files
  • 21
    Jan 21st
    0 Files
  • 22
    Jan 22nd
    0 Files
  • 23
    Jan 23rd
    0 Files
  • 24
    Jan 24th
    0 Files
  • 25
    Jan 25th
    0 Files
  • 26
    Jan 26th
    0 Files
  • 27
    Jan 27th
    0 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close