exploit the possibilities
Showing 1 - 25 of 37 RSS Feed

Files Date: 2009-01-23 to 2009-01-24

Mandriva Linux Security Advisory 2009-026
Posted Jan 23, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-026 - phpMyAdmin has been updated to mitigate various cross site scripting and cross site request forgery vulnerabilities.

tags | advisory, vulnerability, xss, csrf
systems | linux, mandriva
advisories | CVE-2008-4775, CVE-2008-5621, CVE-2008-5622
MD5 | 9b139ba25b174440691a508e3f11cb1a
IP-Array Linux IPTables Firewall Script
Posted Jan 23, 2009
Authored by AllKind | Site sourceforge.net

IP-Array is a Linux iptables Firewall script written in bash. It allows the creation of precise, stateful rules, while remaining easy to configure. IP-Array supports VPN, Traffic Shaping (creation of custom HTB and SFQ qdiscs, Classes, and Filters), multiple external interfaces, multiple LANs, multiple DMZs, NAT, logging, MAC address matching, packet marking, syslog logging, and various sysctl settings. It also includes some presets and autoconfig options for common needs like DNS, FTP, SMTP.

Changes: Three bug fixes.
tags | bash
systems | linux, unix
MD5 | 4659e1b6aeb850c77c3bd0af6ac54c83
Iodine IPv4 DNS Tunneler
Posted Jan 23, 2009
Authored by Yarrick | Site code.kryo.se

iodine is a piece of software that lets you tunnel IPv4 data through a DNS server. This can be useful in situations where Internet access is firewalled, but DNS queries are allowed. It needs a TUN/TAP device to operate. The bandwidth is asymmetrical with limited upstream and up to 1 Mbit/s downstream.

Changes: Added capability to forward DNS queries outside tunnel domain to a nameserver on localhost. Fixed a segfault and an endless loop. Multiple other fixes and enhancements.
systems | unix
MD5 | af2d9062b7788fc47385d8c6c645dfa0
PHP-Nuke Downloads Module SQL Injection
Posted Jan 23, 2009
Authored by IRCRASH | Site ircrash.com

The Downloads module in PHP-Nuke 8.0 suffers from a blind remote SQL injection vulnerability.

tags | exploit, remote, php, sql injection
MD5 | dd07a0c24a86adc358bd9715e062b68d
AXIS Camera Control Buffer Overflow
Posted Jan 23, 2009
Authored by Alin Rad Pop | Site secunia.com

Secunia Research has discovered a vulnerability in AXIS Camera Control, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error in the CamImage.CamImage.1 ActiveX control (AxisCamControl.ocx) and can be exploited to cause a heap-based buffer overflow by assigning an overly long string to the "image_pan_tilt" property. Successful exploitation allows execution of arbitrary code, but requires that the user is tricked into visiting and clicking a malicious web page. AXIS Camera Control version 2.40.0.0 is affected.

tags | advisory, web, overflow, arbitrary, activex
advisories | CVE-2008-5260
MD5 | ea1f58ca4dea9b020d62a810084a1a20
BBSxp 5.13 Cross Site Scripting
Posted Jan 23, 2009
Authored by arashps0

BBSxp versions 5.13 and below suffer from a cross site scripting vulnerability in error.asp.

tags | exploit, xss, asp
MD5 | 410d9874c2bee873c6ece73da8c7980a
EPOLL System password.dat Disclosure
Posted Jan 23, 2009
Authored by Pouya Server

EPOLL System password.dat disclosure exploit.

tags | exploit, info disclosure
MD5 | 9d2f51be9d2e4aefa72c4aef7ff2e5be
ECOUNT System password.dat Disclosure
Posted Jan 23, 2009
Authored by Pouya Server

ECOUNT System version 2.1 password.dat disclosure exploit.

tags | exploit, info disclosure
MD5 | 4f5bba64d1d2e0bdb513deda987f3ba7
Bharat Sanchar Nigam Ltd. SQL Injection
Posted Jan 23, 2009
Authored by Rohit Bansal

Bharat Sanchar Nigam Ltd., a large telecommunications company in India, suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | d0a0fd3fca124b287694cdde71b39287
Picviz Plotting Tool
Posted Jan 23, 2009
Site wallinfire.net

Picviz is a parallel coordinates plotter which enables easy scripting from various types of input (such as tcpdump, syslog, iptables logs, or Apache logs) to visualize your data and discover interesting results quickly. Its primary goal is to graph data in order to be able to quickly analyze problems and find correlations among variables. With security analysis in mind, the program has been designed to be very flexible, able to graph millions of events.

tags | tool
systems | unix
MD5 | b0f814e23e8eac186a752e9e52f382d0
Secunia Security Advisory 33444
Posted Jan 23, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Secunia Research has discovered a vulnerability in AXIS Camera Control, which can be exploited by malicious people to compromise a user's system.

tags | advisory
MD5 | 281310ed160b5fb93242559de1bd01fa
Secunia Security Advisory 33592
Posted Jan 23, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Ralink Technology Wireless Drivers, which can be exploited to cause a DoS (Denial of Service) or compromise a vulnerable system.

tags | advisory, denial of service
MD5 | 963568c4486a19b28e5fc8974919db72
Secunia Security Advisory 33650
Posted Jan 23, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Tobias Klein has reported some vulnerabilities in GStreamer Good Plug-ins, which can potentially be exploited by malicious people to compromise a vulnerable system.

tags | advisory, vulnerability
MD5 | 55ba41a00e3d947559c0f02c2e9624fe
Secunia Security Advisory 33643
Posted Jan 23, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Futomi's CGI Cafe Search CGI, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory, cgi
MD5 | 42ebf6b701695cbe9ec808fc2616e708
Secunia Security Advisory 33627
Posted Jan 23, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in mod-auth-mysql, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, sql injection
MD5 | bbc842e896a746419e38ea94665f3979
Secunia Security Advisory 33597
Posted Jan 23, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Gjoko 'LiquidWorm' Krstic has discovered a vulnerability in FTPShell Server, which can be exploited by malicious people to compromise a user's system.

tags | advisory
MD5 | df295ba08fc82a50160aaad157eacddd
Secunia Security Advisory 33068
Posted Jan 23, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Sun has acknowledged a vulnerability in Sun Solaris, which can potentially be exploited by malicious people to compromise a user's system.

tags | advisory
systems | solaris
MD5 | 73ef3bb978b3b350884a2ac5aa9b5a0b
Technical Cyber Security Alert 2009-22A
Posted Jan 23, 2009
Authored by US-CERT | Site us-cert.gov

Technical Cyber Security Alert TA09-022A - Apple has released QuickTime 7.6 to correct multiple vulnerabilities affecting QuickTime for Mac OS X and Windows. Attackers may be able to exploit these vulnerabilities to execute arbitrary code or cause a denial of service.

tags | advisory, denial of service, arbitrary, vulnerability
systems | windows, apple, osx
MD5 | 21b42abcdd1c32b5c29b928c137158e9
GStreamer Heap Overflow And Out Of Bounds
Posted Jan 23, 2009
Authored by Tobias Klein | Site trapkit.de

GStreamer gst-plugins-good versions below 0.10.12 suffer from heap overflow and array index out of bounds vulnerabilities.

tags | advisory, overflow, vulnerability
MD5 | 5cc5a720e6c759db400f4b17ebb7e9ed
VUPlayer 2.49 .ASX Buffer Overflow
Posted Jan 23, 2009
Authored by SimO-s0fT

VUPlayer version 2.49 .ASX file local universal buffer overflow exploit.

tags | exploit, overflow, local
MD5 | 5f29d4aec40b357cd3306df8d73fb661
Whitepaper - Applied Binary Code Obfuscation
Posted Jan 23, 2009
Authored by Glafkos Charalambous, George Nicolaou | Site astalavista.com

Whitepaper called Applied Binary Code Obfuscation.

tags | paper
MD5 | 5ae18ba9c525b0951148610f29b49e25
SUSE Security Announcement SUSE-SA:2009:005
Posted Jan 23, 2009
Site suse.com

SUSE Security Announcement - Some months ago a vulnerability in the DNS protocol was published that allowed easy spoofing of DNS entries. The only way to protect against spoofing is to use DNSSEC. Unfortunately the bind code that verifies the certification chain of a DNSSEC zone transfer does not properly check the return value of function DSA_do_verify(). This allows the spoofing of records signed with DSA or NSEC3DSA.

tags | advisory, spoof, protocol
systems | linux, suse
advisories | CVE-2009-0025
MD5 | f011ca0b87a56d0c51242a49468a5936
Sad Raven Guetbook 1.1 passwd.dat Disclosure
Posted Jan 23, 2009
Authored by Pouya Server

Sad Raven's Guestbook version 1.1 passwd.dat disclosure exploit.

tags | exploit, info disclosure
MD5 | d00d1c7fd10d34961e751972104293e6
Whitepaper - Modifying An Application's Memory
Posted Jan 23, 2009
Authored by Aodrulez | Site aodrulez.blogspot.com

Whitepaper discussing Mem-Jacking, or modifying the memory of an application.

tags | paper
MD5 | cc2f41f04e00408dcc58626498f8e9cf
Whitepaper - Exploit Buffer Overflows
Posted Jan 23, 2009
Authored by Kalgecin | Site maestro-sec.com

Whitepaper called Exploiting Buffer Overflows.

tags | paper, overflow
MD5 | 0f480dacfac9e600be7bac03af23bffe
Page 1 of 2
Back12Next

File Archive:

May 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    16 Files
  • 2
    May 2nd
    8 Files
  • 3
    May 3rd
    8 Files
  • 4
    May 4th
    2 Files
  • 5
    May 5th
    1 Files
  • 6
    May 6th
    15 Files
  • 7
    May 7th
    22 Files
  • 8
    May 8th
    16 Files
  • 9
    May 9th
    17 Files
  • 10
    May 10th
    16 Files
  • 11
    May 11th
    3 Files
  • 12
    May 12th
    4 Files
  • 13
    May 13th
    25 Files
  • 14
    May 14th
    24 Files
  • 15
    May 15th
    78 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    16 Files
  • 18
    May 18th
    2 Files
  • 19
    May 19th
    1 Files
  • 20
    May 20th
    11 Files
  • 21
    May 21st
    21 Files
  • 22
    May 22nd
    20 Files
  • 23
    May 23rd
    36 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close