The XOOPS Recipe module version 2.2 suffers from a remote SQL injection vulnerability.
197b2804308d8e205922298f88970c52f176b671c457649161e780bd0d2e8857PHP-Fusion version 6.00.307 remote blind SQL injection exploit that makes use of submit.php.
6134178aeb7b56660fa59a9fcbec796d8152026eafa4b0fac5f93fb4731b5cdcAllMyGuests versions 0.4.1 and below suffer from a remote SQL injection vulnerability.
7f33072849bd400424508e6b772b460dc26f9811383d88b31a978eb4d6a2e999It appears that Google Web History is susceptible to an attack along the lines of cross site request forgery.
3e67c37c3a52b3e819ec8ff21beb4bbc682276f0a0c6164aa7e742f06f4a31dfSUSE Security Announcement - A large amount of vulnerabilities related to OpenOffice have been patched on SuSE.
844f9feac6e7fecf046f967e47d04ca672e92a3da3619753c28a416cc530a21cThe Motorola Surfboard cable modem suffers from cross site request forgery vulnerabilities.
b98c308fb47b4f3a9bf954a422d5ba85c189c273d9b9eac792e5a7f6e88acea2Simple Customer version 1.2 suffers from a SQL injection vulnerability in contact.php.
576c21f88e3a069e914133bf420c9c3e8596d5b403842d43ab836f9cabe8df84PhShoutBox versions 1.5 and below suffer from an insecure handling of cookies vulnerability.
54418c43af425a34ca60fca59cd326647c6b2eddc14661e8616ef2cd43c57278OpenInvoice version 0.9 arbitrary change user password exploit.
3d2533ea10938129e8713db59be46d317b9733024bcf480f854c9fadea6e7a092532|Gigs versions 1.2.2 and below suffer from an arbitrary database download vulnerability.
9ee5ebba483b75345b0e35fb9111178d9cdf2f4addfe6686ccb1a0dc748e19e2Python code that creates a file that is able to trigger a buffer overflow vulnerability in SubEdit Player build 4066.
70130ae0fb590abfb628ee4677f5f956bf3be5b9fc0461b15dbbebbd2b4e6079Virtualization != Security - Virtualization has emerged as the most disruptive datacenter technology of the last decade. Mr. Ingevaldson from IBM Internet Security Systems will discuss the emergence of virtualization as well as the many ways that it changes traditional security architecture as well as the ways it does not. Virtualization will influence the security business much like it is reshaping IT. Mr. Ingevaldson will review the brief history of security in virtualization as well as comment on the next-generation security technologies for the virtualized datacenter.
8d383025969032a36e2bacadfeef635abcd689a53e6eb810a3d394a5f1eb85cbHow We Cracked Their Codes - A Case Study in Compromising the Most Popular High Security Lock in America.
b8b5de86321c9109e1ebf43a06b3ac64aa1305152ab68be0c84a7022f61eb241Presentation discussing the hijacking of VSAT connections.
6dfeb2819f6eea9512236553e50c0bf610cc640a2964f073804f8b09f78b57b8Cracking into Embedded Devices and Beyond - The presentation covers cracking into embedded devices by exploiting vulnerabilities present on default software running on the target device.
b17e69cf657c3562c5c8244483120184a84061a080f2c346f2373b88d8170d3eCracking the GSM A5/1 Encryption in Seconds - Presentation explaining the security, technology and protocols of a GSM network. Further discusses building a GSM scanner for 900 USD. The second part of the talk reveals a practical solution to crack the GSM encryption A5/1.
fb2ff4fbbd8c3a9085eba1671fef94bd320cb3f478b3c80f491d30ff8ed76c9cVoIP (in)Security: Italians Do It Better - This presentation will explain in detail how a small group of annoyed Italian VoIP hackers used the Chaos Computer Club phone network during the 2007 Hacker camp for fun and profit.
518efe57180ba0d7c5e64792e43454b24d3d1634ef0768699047b17df11fd79bHacking Second Life - A presentation that covers the basic architecture of SecondLife and points out the possible attack vectors against SecondLife itself, but will also demonstrate hacks from the inside of SecondLife against real-life systems in the internet.
fd3518c421efc61d62c97afa9fafe5bb277b1577ffc98e5668bc5b92b66370d2Malware: Behavior, Tools, Scripting and Advanced Analysis - Presentation discussing a new tool taht is an extension to Bochs, a popular open-source CPU emulator. This extension will provide with advanced debugging and scripting functionality enabling the easy creation of a wide range of tools. The scripting interface of this tool provides a full Python environment to control the whole CPU, memory, devices, etc. Among the examples that will be presented, time allowing, will be generic unpacking techniques, monitoring of malware behavior or low-level system access to kernel/administrative objects. The tool was created to assist the process of automated malware analysis but its flexibility make it a good candidate to also assist in vulnerability discovery.
f9882e5282c5f3eaead310c40b32cb0f3c225d921e4c88aafa3ba6fca595e3ddSecuring Next Generation Applications - Scan, Detect, and Mitigate.
d19c2013f9c13ff698a8b10c146857e5fd1996461317ffb2e89134213d493121Hacks Happen - Conservative estimates put the total annual IT security spending in the US at $50 billion and e-crime losses at $100 billion. We are losing two dollars for every dollar spent. Those numbers are said to be worse on a global scale. Newly passed laws, industry regulation, and press coverage have certainly raised the profile of the problem, but where have these actions really gotten us?
732c1f50ff097c1e696ca7bc02cfc76b46a8058c253e98d918cd850d46a2557cHacking The Cell Architecture - This presentation intends to cover security aspects related to a new architecture, widely deployed and used called Cell. The architecture itself will be deeply explained, focusing on the security concerns that appear in this kind of asymmetric multi-core systems. While Cell architecture is used in the new playstation 3 it is also used in big blade machines.
6652d0e5155144577fa230a1ebfc66f7778e0db6b263a9c2ec8f132977fb67e3Penetration Testing SCADA and National Critical Infrastructure - Real-Life Experiences and Case Studies.
f21a1ea9e81567a87aac33d06cdf7676173295bfa37f9ad68da8d0795dbbd4d0In-depth Anti-Forensics - Challenges of Steganography and Discovering Hidden Data.
ce75ad6f552cae5156d9a3755ba145b80dbe81052871c602631d458c9ab13895Practical Oracle Forensics - Oracle forensics is a new discipline without special tools/scripts. Most presentations about Oracle forensics are still very basic. The typical approach in these presentations is to show what tools/(log)files are available to do forensics. In the real world with huge databases (many GB, sometimes TB) it is normally not helpful. This presentation is using a different approach. Based on the different type of attackers (leaving employee, nosy DBA/employee, external hacker etc.) we have different traces in Oracle and we show in different scenarios how to find evidence. We provide a free toolset to do a (basic) forensic analysis without having deep Oracle knowledge.
20612b361c886e97ff98ce3ea92f2c60e6d189c077a2b13341e46c3521bd8f78
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed