exploit the possibilities
Showing 1 - 16 of 16 RSS Feed

Files Date: 2013-07-22

Fwknop Port Knocking Utility 2.5
Posted Jul 22, 2013
Authored by Michael Rash | Site cipherdyne.org

fwknop implements an authorization scheme that requires only a single encrypted packet to communicate various pieces of information, including desired access through a Netfilter policy and/or specific commands to execute on the target system. The main application of this program is to protect services such as SSH with an additional layer of security in order to make the exploitation of vulnerabilities much more difficult. The authorization server works by passively monitoring authorization packets via libpcap.

Changes: This release added support for HMAC SHA-256 authenticated encryption in the encrypt-then-authenticate model. Many bugs discovered by the Coverity static analyzer were fixed. OpenSSL compatibility tests were added to the test suite. Client stanza saving ability was added for the ~/.fwknoprc file, simplifying fwknop client usage. The ability to automatically generate both Rijndael and HMAC keys with --key-gen was added.
tags | tool, scanner, vulnerability
systems | unix
MD5 | 324f955d051a02e45cfa2baef779a4d9
Artweaver 3.1.5 Buffer Overflow
Posted Jul 22, 2013
Authored by Core Security Technologies, Daniel Kazimirow | Site coresecurity.com

Core Security Technologies Advisory - Artweaver is prone to a security vulnerability when processing AWD files. This vulnerability could be exploited by a remote attacker to execute arbitrary code on the target machine by enticing Artweaver users to open a specially crafted file.

tags | advisory, remote, arbitrary
advisories | CVE-2013-2576
MD5 | 7c3a19da9cfae68e3c49e9d7bc3705c6
XnView 2.03 Buffer Overflow
Posted Jul 22, 2013
Authored by Core Security Technologies, Ricardo Narvaja | Site coresecurity.com

Core Security Technologies Advisory - XnView is prone to a security vulnerability when processing PCT files. This vulnerability could be exploited by a remote attacker to execute arbitrary code on the target machine, by enticing the user of XnView to open a specially crafted file.

tags | advisory, remote, arbitrary
advisories | CVE-2013-2577
MD5 | eb96413aa26f5ae0feabd9147fc5396b
Red Hat Security Advisory 2013-1101-01
Posted Jul 22, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1101-01 - The virtio-win package provides paravirtualized network drivers for most Microsoft Windows operating systems. Paravirtualized drivers are virtualization-aware drivers used by fully virtualized guests running on Red Hat Enterprise Linux. An unquoted search path flaw was found in the way the QEMU Guest Agent service installation was performed on Windows. Depending on the permissions of the directories in the unquoted search path, a local, unprivileged user could use this flaw to have a binary of their choosing executed with SYSTEM privileges.

tags | advisory, local
systems | linux, redhat, windows
advisories | CVE-2013-2231
MD5 | 0235d9a70c0433b12208d99f284abd1c
Red Hat Security Advisory 2013-1100-01
Posted Jul 22, 2013
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2013-1100-01 - KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. qemu-kvm is the user-space component for running virtual machines using KVM. An unquoted search path flaw was found in the way the QEMU Guest Agent service installation was performed on Windows. Depending on the permissions of the directories in the unquoted search path, a local, unprivileged user could use this flaw to have a binary of their choosing executed with SYSTEM privileges. This issue was discovered by Lev Veyde of Red Hat.

tags | advisory, local
systems | linux, redhat, windows
advisories | CVE-2013-2231
MD5 | cf9133ca7a535ad9a6483d26eccde5d4
Samsung TV Denial Of Service
Posted Jul 22, 2013
Authored by Malik Messelem

The DMCRUIS/0.1 web server on Samsung TVs suffers from a denial of service vulnerability.

tags | exploit, web, denial of service
advisories | CVE-2013-4890
MD5 | 255f52df7efa2179812c8d9457d0d0e0
Photo Server 2.0 Shell Upload / Command Injection
Posted Jul 22, 2013
Authored by Benjamin Kunz Mejri | Site vulnerability-lab.com

Photo Server version 2.0 suffers from remote shell upload and command injection vulnerabilities.

tags | exploit, remote, shell, vulnerability
MD5 | 1e245ab42a1696bb4fcfcf641a36fa1f
Dell Kace 1000 SMA 5.4.742 SQL Injection
Posted Jul 22, 2013
Authored by Ibrahim El-Sayed | Site vulnerability-lab.com

Dell Kace 1000 SMA version 5.4.742 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 2abe647009c60a0ee4aa6bdc41c34a0e
Collabtive 1.0 XSS / Shell Upload / Privilege Escalation
Posted Jul 22, 2013
Authored by Enrico Cinquini

Collabtive version 1.0 suffers from cross site scripting, remote shell upload, and arbitrary account deletion vulnerabilities.

tags | exploit, remote, arbitrary, shell, vulnerability, xss
MD5 | 9a36097191f1cc37a24c1725084b13c1
OATH Toolkit 2.4.0
Posted Jul 22, 2013
Site nongnu.org

OATH Toolkit attempts to collect several tools that are useful when deploying technologies related to OATH, such as HOTP one-time passwords. It is a fork of the earlier HOTP Toolkit.

Changes: This release adds new liboath API methods for validating TOTP OTPs. The new methods (oath_totp_validate3 and oath_totp_validate3_callback) introduce a new parameter *otp_counter, which is set to the actual counter used to calculate the OTP (unless it is a NULL pointer).
tags | tool
systems | unix
MD5 | 456774fbc37d5267e4e8920694b7ad48
WordPress FlagEm Cross Site Scripting
Posted Jul 22, 2013
Authored by IeDb

The WordPress FlagEm plugin suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | ca8ae9c743b760ed408c2277e9e804c6
PCMan FTP Server 2.0.7 Buffer Overflow
Posted Jul 22, 2013
Authored by MSJ

PCMan FTP Server version 2.0.7 remote buffer overflow exploit.

tags | exploit, remote, overflow
MD5 | e0c0f20a4765001db4736421287c61d3
Microsoft DirectShow Memory Overwrite
Posted Jul 22, 2013
Authored by Andres Gomez Ramirez

Microsoft DirectShow suffers from an arbitrary memory overwrite vulnerability.

tags | advisory, arbitrary
MD5 | f064caccd13c5723fc852b97c77b791d
RootPanel SQL Injection
Posted Jul 22, 2013
Authored by Akastep

RootPanel suffers from a remote SQL injection vulnerability that allows for account takeover.

tags | exploit, remote, sql injection
MD5 | 795ec693341a08d1900f0a8130932ac9
Jetaudio 8.0.17 Crash Proof Of Concept
Posted Jul 22, 2013
Authored by Asesino04

Jetaudio version 8.0.17 suffers from a denial of service vulnerability when handling a malicious .m3u file.

tags | exploit, denial of service
MD5 | 71649b6187ae7bd27765e8205e3ff4dc
VbsEdit 5.9.3 Buffer Overflow
Posted Jul 22, 2013
Authored by d3b4g

VbsEdit version 5.9.3 suffers from a buffer overflow vulnerability.

tags | exploit, overflow
MD5 | 424cecdb28c5ebd773e6f68a72bbf252
Page 1 of 1
Back1Next

File Archive:

May 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    14 Files
  • 2
    May 2nd
    3 Files
  • 3
    May 3rd
    1 Files
  • 4
    May 4th
    18 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    21 Files
  • 7
    May 7th
    15 Files
  • 8
    May 8th
    19 Files
  • 9
    May 9th
    1 Files
  • 10
    May 10th
    2 Files
  • 11
    May 11th
    18 Files
  • 12
    May 12th
    39 Files
  • 13
    May 13th
    15 Files
  • 14
    May 14th
    17 Files
  • 15
    May 15th
    17 Files
  • 16
    May 16th
    2 Files
  • 17
    May 17th
    2 Files
  • 18
    May 18th
    15 Files
  • 19
    May 19th
    21 Files
  • 20
    May 20th
    15 Files
  • 21
    May 21st
    15 Files
  • 22
    May 22nd
    6 Files
  • 23
    May 23rd
    1 Files
  • 24
    May 24th
    1 Files
  • 25
    May 25th
    2 Files
  • 26
    May 26th
    23 Files
  • 27
    May 27th
    13 Files
  • 28
    May 28th
    18 Files
  • 29
    May 29th
    17 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close