what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 16 of 16 RSS Feed

Files Date: 2013-07-22

Fwknop Port Knocking Utility 2.5
Posted Jul 22, 2013
Authored by Michael Rash | Site cipherdyne.org

fwknop implements an authorization scheme that requires only a single encrypted packet to communicate various pieces of information, including desired access through a Netfilter policy and/or specific commands to execute on the target system. The main application of this program is to protect services such as SSH with an additional layer of security in order to make the exploitation of vulnerabilities much more difficult. The authorization server works by passively monitoring authorization packets via libpcap.

Changes: This release added support for HMAC SHA-256 authenticated encryption in the encrypt-then-authenticate model. Many bugs discovered by the Coverity static analyzer were fixed. OpenSSL compatibility tests were added to the test suite. Client stanza saving ability was added for the ~/.fwknoprc file, simplifying fwknop client usage. The ability to automatically generate both Rijndael and HMAC keys with --key-gen was added.
tags | tool, scanner, vulnerability
systems | unix
SHA-256 | ebf0f5a55992e516fa44063993cbcc51bb9555cef769ac9ab5d8be77a8df99dc
Artweaver 3.1.5 Buffer Overflow
Posted Jul 22, 2013
Authored by Core Security Technologies, Daniel Kazimirow | Site coresecurity.com

Core Security Technologies Advisory - Artweaver is prone to a security vulnerability when processing AWD files. This vulnerability could be exploited by a remote attacker to execute arbitrary code on the target machine by enticing Artweaver users to open a specially crafted file.

tags | advisory, remote, arbitrary
advisories | CVE-2013-2576
SHA-256 | 8873c3cc679a450c834c0d3effea661d00b6fc7035c223ebc4f127cdeecfa1c1
XnView 2.03 Buffer Overflow
Posted Jul 22, 2013
Authored by Core Security Technologies, Ricardo Narvaja | Site coresecurity.com

Core Security Technologies Advisory - XnView is prone to a security vulnerability when processing PCT files. This vulnerability could be exploited by a remote attacker to execute arbitrary code on the target machine, by enticing the user of XnView to open a specially crafted file.

tags | advisory, remote, arbitrary
advisories | CVE-2013-2577
SHA-256 | ca26300ca7108c01d37afc023226b062ec8f28da70b639d5efffa6f4508c47ce
Red Hat Security Advisory 2013-1101-01
Posted Jul 22, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1101-01 - The virtio-win package provides paravirtualized network drivers for most Microsoft Windows operating systems. Paravirtualized drivers are virtualization-aware drivers used by fully virtualized guests running on Red Hat Enterprise Linux. An unquoted search path flaw was found in the way the QEMU Guest Agent service installation was performed on Windows. Depending on the permissions of the directories in the unquoted search path, a local, unprivileged user could use this flaw to have a binary of their choosing executed with SYSTEM privileges.

tags | advisory, local
systems | linux, redhat, windows
advisories | CVE-2013-2231
SHA-256 | ec47d43348aba295395f355d49d7df9d89d29633f2e0a120214cee8ab4f597ae
Red Hat Security Advisory 2013-1100-01
Posted Jul 22, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1100-01 - KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. qemu-kvm is the user-space component for running virtual machines using KVM. An unquoted search path flaw was found in the way the QEMU Guest Agent service installation was performed on Windows. Depending on the permissions of the directories in the unquoted search path, a local, unprivileged user could use this flaw to have a binary of their choosing executed with SYSTEM privileges. This issue was discovered by Lev Veyde of Red Hat.

tags | advisory, local
systems | linux, redhat, windows
advisories | CVE-2013-2231
SHA-256 | 17f080562461d9428e71f2571c2d5e807125df384a59fdf41c09bd5873a86e96
Samsung TV Denial Of Service
Posted Jul 22, 2013
Authored by Malik Messelem

The DMCRUIS/0.1 web server on Samsung TVs suffers from a denial of service vulnerability.

tags | exploit, web, denial of service
advisories | CVE-2013-4890
SHA-256 | e9b3d22fa6b4f3fc19e75db76fe9f037ca994a090ee5b9c167a7c2876397d627
Photo Server 2.0 Shell Upload / Command Injection
Posted Jul 22, 2013
Authored by Benjamin Kunz Mejri, Vulnerability Laboratory | Site vulnerability-lab.com

Photo Server version 2.0 suffers from remote shell upload and command injection vulnerabilities.

tags | exploit, remote, shell, vulnerability
SHA-256 | 149ec4f509df9c7841d47111e32d365b17fccc1ffcff2c4cc0364c89074f6895
Dell Kace 1000 SMA 5.4.742 SQL Injection
Posted Jul 22, 2013
Authored by Ibrahim El-Sayed, Vulnerability Laboratory | Site vulnerability-lab.com

Dell Kace 1000 SMA version 5.4.742 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 693c5b2e61edff845088532a9358fff8f70678f354d983b1ac6cbfc327108d2a
Collabtive 1.0 XSS / Shell Upload / Privilege Escalation
Posted Jul 22, 2013
Authored by Enrico Cinquini

Collabtive version 1.0 suffers from cross site scripting, remote shell upload, and arbitrary account deletion vulnerabilities.

tags | exploit, remote, arbitrary, shell, vulnerability, xss
SHA-256 | db6047545975993b9eb3318de2e4ffdb0ea6799f5df0acdd3e8af273d4493481
OATH Toolkit 2.4.0
Posted Jul 22, 2013
Site nongnu.org

OATH Toolkit attempts to collect several tools that are useful when deploying technologies related to OATH, such as HOTP one-time passwords. It is a fork of the earlier HOTP Toolkit.

Changes: This release adds new liboath API methods for validating TOTP OTPs. The new methods (oath_totp_validate3 and oath_totp_validate3_callback) introduce a new parameter *otp_counter, which is set to the actual counter used to calculate the OTP (unless it is a NULL pointer).
tags | tool
systems | unix
SHA-256 | 66ebf924304409356b35a3423e4b7255996c5a42503c3188bf08c6446f436ddc
WordPress FlagEm Cross Site Scripting
Posted Jul 22, 2013
Authored by IeDb

The WordPress FlagEm plugin suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | b2aff13a721933615831574d3a200e0aa8d91b95d990db54195e7205f361aeb2
PCMan FTP Server 2.0.7 Buffer Overflow
Posted Jul 22, 2013
Authored by MSJ

PCMan FTP Server version 2.0.7 remote buffer overflow exploit.

tags | exploit, remote, overflow
SHA-256 | 823e653d8a82b7def332d37498fc6aa74c4bd6b3c4d38913e525c15b1fff1e71
Microsoft DirectShow Memory Overwrite
Posted Jul 22, 2013
Authored by Andres Gomez Ramirez

Microsoft DirectShow suffers from an arbitrary memory overwrite vulnerability.

tags | advisory, arbitrary
SHA-256 | 966359e1bfa8e5872cbdaaf4d8d308eea241b248036ed506a60a1cb9909d046f
RootPanel SQL Injection
Posted Jul 22, 2013
Authored by Akastep

RootPanel suffers from a remote SQL injection vulnerability that allows for account takeover.

tags | exploit, remote, sql injection
SHA-256 | 3b0a2b15e86e26905ee913231acbaecfa5ddc1f2eefcea4109cfc8734f8e8c13
Jetaudio 8.0.17 Crash Proof Of Concept
Posted Jul 22, 2013
Authored by Asesino04

Jetaudio version 8.0.17 suffers from a denial of service vulnerability when handling a malicious .m3u file.

tags | exploit, denial of service
SHA-256 | 120dc26c9dad5d23c8bbfa20b77c6e8094e7c37d3f7486ece227d645cfb2c75d
VbsEdit 5.9.3 Buffer Overflow
Posted Jul 22, 2013
Authored by d3b4g

VbsEdit version 5.9.3 suffers from a buffer overflow vulnerability.

tags | exploit, overflow
SHA-256 | 58ac21c66b7e12fd936c5067c4466ccea32a8778db1358b7ba0282b79506259c
Page 1 of 1
Back1Next

File Archive:

November 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    16 Files
  • 2
    Nov 2nd
    17 Files
  • 3
    Nov 3rd
    17 Files
  • 4
    Nov 4th
    11 Files
  • 5
    Nov 5th
    0 Files
  • 6
    Nov 6th
    0 Files
  • 7
    Nov 7th
    3 Files
  • 8
    Nov 8th
    59 Files
  • 9
    Nov 9th
    12 Files
  • 10
    Nov 10th
    6 Files
  • 11
    Nov 11th
    11 Files
  • 12
    Nov 12th
    1 Files
  • 13
    Nov 13th
    0 Files
  • 14
    Nov 14th
    9 Files
  • 15
    Nov 15th
    33 Files
  • 16
    Nov 16th
    53 Files
  • 17
    Nov 17th
    11 Files
  • 18
    Nov 18th
    14 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    26 Files
  • 22
    Nov 22nd
    22 Files
  • 23
    Nov 23rd
    10 Files
  • 24
    Nov 24th
    9 Files
  • 25
    Nov 25th
    11 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close