accept no compromises
Showing 1 - 23 of 23 RSS Feed

Files Date: 2013-01-04

Enterasys NetSight nssyslogd.exe Buffer Overflow
Posted Jan 4, 2013
Authored by Jeremy Brown | Site metasploit.com

This Metasploit module exploits a stack buffer overflow in Enterasys NetSight. The vulnerability exists in the Syslog service (nssylogd.exe) when parsing a specially crafted PRIO from a syslog message. The module has been tested successfully on Enterasys NetSight 4.0.1.34 over Windows XP SP3 and Windows 2003 SP2.

tags | exploit, overflow
systems | windows, xp
advisories | CVE-2011-5227, OSVDB-77971
MD5 | 94b5565ea73b5e2ffa5148137c79b1af
pfSense 2.0.1 XSS / CSRF / Command Execution
Posted Jan 4, 2013
Authored by Yann CAM

pfSense version 2.0.1 suffers from cross site request forgery and cross site scripting vulnerabilities. The cross site request forgery proof of concept also demonstrates a remote command execution vulnerability.

tags | exploit, remote, vulnerability, xss, proof of concept, csrf
MD5 | 98ec38c0ae93ce39477f2d2e55d6c927
TomatoCart 1.x Unrestricted File Creation
Posted Jan 4, 2013
Authored by Aung Khant | Site yehg.net

TomatoCart 1.x versions are susceptible to an unrestricted file creation vulnerability.

tags | exploit
MD5 | 9320e51242a937a70f2850016cb6ce4b
ICEstate SQL Injection
Posted Jan 4, 2013
Authored by cr4wl3r

ICEstate (Real Estate Marketplace) suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 9929037dce23e5a11654c5e424af9514
Nova: Network Anti-Reconnaissance Tool 12.12
Posted Jan 4, 2013
Authored by PerricOxide

Nova is a software application for preventing and detecting hostile network reconnaissance (such as nmap scans). It does this by first creating the Haystack: a large collection of low interaction honeypots using an updated version of Honeyd. Finding real machines on the network becomes like finding a needle in a haystack of fake machines. Second, Nova uses machine learning algorithms to automatically detect and classify attempts at hostile reconnaissance, so there's no need to go searching manually through your honeypot's log files. It provides an easy to use Web-based interface powered by Node.js to configure itself and Honeyd instances.

Changes: A significantly streamlined and improved Quasar UI.
tags | tool, web, intrusion detection
systems | unix
MD5 | 2385ff063f4a84fee57b5f2ea5a7a8d3
Eye-Fi Helper Directory Traversal
Posted Jan 4, 2013
Authored by Paul Johnston

Eye-Fi Helper versions prior to 3.4.23 suffer from a directory traversal vulnerability. Exploit included in eyepwn.zip.

tags | exploit
systems | linux
advisories | CVE-2011-4696
MD5 | 79c8536c512d26ca302524003722071b
Elastix 2.3 PHP Code Injection
Posted Jan 4, 2013
Authored by i-Hmx

Elastix versions prior to 2.4 php code injection exploit.

tags | exploit, php
MD5 | 3a83f4bde8e5aacc028919ed199be65f
160By2 / Way2SMS Cross Site Request Forgery
Posted Jan 4, 2013
Authored by Sabari Selvan

160By2.com and Way2SMS.com suffer from a cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | 1a9679636db50bf4ac7d396ef082a275
MyBB Profile Wii Friend Code 1.0 Cross Site Scripting / SQL Injection
Posted Jan 4, 2013
Authored by Ichi

MyBB Profile Wii Friend Code version 1.0 suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
MD5 | 146248ad6f133325c66ee20bcb448c20
Secunia Security Advisory 51683
Posted Jan 4, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in WHMCompleteSolution, which can be exploited by malicious users to bypass certain security restrictions and conduct SQL injection attacks.

tags | advisory, vulnerability, sql injection
MD5 | 63c69f52f38081dfa2616339ea4d1165
Secunia Security Advisory 51709
Posted Jan 4, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in SWI-Prolog, which can be exploited by malicious people to potentially compromise a vulnerable system.

tags | advisory, vulnerability
MD5 | 0a6fdc1e5b6a1c5291f864e4f9af5e34
Secunia Security Advisory 51736
Posted Jan 4, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for JBoss Enterprise Web Server. This fixes a vulnerability, which can be exploited by malicious users to bypass certain security restrictions.

tags | advisory, web
systems | linux, redhat
MD5 | a21b1826ee166c5237ccf6f7cd19e95f
Secunia Security Advisory 51719
Posted Jan 4, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in WHMCompleteSolution, which can be exploited by malicious users to conduct SQL injection attacks.

tags | advisory, sql injection
MD5 | 5176cb10103425ab847e572e755665e2
Secunia Security Advisory 51699
Posted Jan 4, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Mohamed Ramadan has discovered a security issue in Facebook Camera for iOS, which can be exploited by malicious people to conduct spoofing attacks.

tags | advisory, spoof
systems | cisco
MD5 | f6d120e11dd9c70600def8323fa6d504
Secunia Security Advisory 51706
Posted Jan 4, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue has been reported in RPM Package Manager, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory
MD5 | 78b0e8a61d8e5789ca0e5110cb9758b6
Secunia Security Advisory 51714
Posted Jan 4, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in multiple WPScientist themes for WordPress, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
MD5 | cb1d4fd545f5598d17841b1fded15114
Secunia Security Advisory 51708
Posted Jan 4, 2013
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue has been reported in nginx, which can be exploited by malicious people to conduct spoofing attacks.

tags | advisory, spoof
MD5 | dfafb90e080e84c7d48b105c8c67da63
Nova: Network Anti-Reconnaissance Tool 12.11
Posted Jan 4, 2013
Authored by PerricOxide

Nova is a software application for preventing and detecting hostile network reconnaissance (such as nmap scans). It does this by first creating the Haystack: a large collection of low interaction honeypots using an updated version of Honeyd. Finding real machines on the network becomes like finding a needle in a haystack of fake machines. Second, Nova uses machine learning algorithms to automatically detect and classify attempts at hostile reconnaissance, so there's no need to go searching manually through your honeypot's log files. It provides an easy to use Web-based interface powered by Node.js to configure itself and Honeyd instances.

Changes: Many bugfixes, and stability and UI improvements. This is the first release marked as stable.
tags | tool, web, intrusion detection
systems | unix
MD5 | 5c624e1a15be6ffc8ec7d14521e221dd
Aastra IP Telephone Crypto Failure
Posted Jan 4, 2013
Authored by Timo Juhani Lindfors

The Aastra 6753i IP telephone uses 3DES encrypted payloads in ECB mode to pass configuration files, allowing for modification to the phone's set up.

tags | advisory, telephony
MD5 | 8a8883e4facec874ccc991366cb27831
Red Hat Security Advisory 2013-0005-01
Posted Jan 4, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0005-01 - Apache Tomcat is a servlet container. It was found that when an application used FORM authentication, along with another component that calls request.setUserPrincipal() before the call to FormAuthenticator#authenticate(), it was possible to bypass the security constraint checks in the FORM authenticator by appending "/j_security_check" to the end of a URL. A remote attacker with an authenticated session on an affected application could use this flaw to circumvent authorization controls, and thereby access resources not permitted by the roles associated with their authenticated session.

tags | advisory, remote
systems | linux, redhat
advisories | CVE-2012-3546
MD5 | dcf31246613c9587f0c898e010345447
Red Hat Security Advisory 2013-0004-01
Posted Jan 4, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-0004-01 - Apache Tomcat is a servlet container. It was found that when an application used FORM authentication, along with another component that calls request.setUserPrincipal() before the call to FormAuthenticator#authenticate(), it was possible to bypass the security constraint checks in the FORM authenticator by appending "/j_security_check" to the end of a URL. A remote attacker with an authenticated session on an affected application could use this flaw to circumvent authorization controls, and thereby access resources not permitted by the roles associated with their authenticated session.

tags | advisory, remote
systems | linux, redhat
advisories | CVE-2012-3546
MD5 | bff14bfdea94ed2f5f082aeb9d2259bb
Ratbox IRCd Denial Of Service
Posted Jan 4, 2013
Authored by Aph3x, UberLame, O_O, Apetrick | Site zempirians.com

This exploit demonstrates a remotely trigger-able crash in ircd-ratbox version 2.0. It affects Shadowircd version 6.3.3 and Charybdis version 3.4.2.

tags | exploit
advisories | CVE-2012-6084
MD5 | 74a33186fbb10b3bcc73f9cf4e165d67
WordPress Valums Uploader Shell Upload
Posted Jan 4, 2013
Authored by JingoBD

The WordPress Valums Uploader plugin suffers from a remote shell upload vulnerability. Note that this finding houses site-specific data.

tags | exploit, remote, shell
MD5 | 7f25ec1905a75da5d05ae29b8b2b616b
Page 1 of 1
Back1Next

File Archive:

July 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    2 Files
  • 2
    Jul 2nd
    3 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    4 Files
  • 5
    Jul 5th
    15 Files
  • 6
    Jul 6th
    15 Files
  • 7
    Jul 7th
    10 Files
  • 8
    Jul 8th
    2 Files
  • 9
    Jul 9th
    10 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    15 Files
  • 12
    Jul 12th
    19 Files
  • 13
    Jul 13th
    16 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    3 Files
  • 16
    Jul 16th
    2 Files
  • 17
    Jul 17th
    8 Files
  • 18
    Jul 18th
    11 Files
  • 19
    Jul 19th
    15 Files
  • 20
    Jul 20th
    15 Files
  • 21
    Jul 21st
    15 Files
  • 22
    Jul 22nd
    7 Files
  • 23
    Jul 23rd
    2 Files
  • 24
    Jul 24th
    19 Files
  • 25
    Jul 25th
    28 Files
  • 26
    Jul 26th
    2 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close