Phrack Magazine Issue 64 - Hijacking RDS TMC traffic information signals, Cryptanalysis of DPA-128, Autopsy of cvsxpl, and more.
00f30e4d9bef0d50250a1c8179bece264131faa95ea263cc2f74d269e82be401Phrack Magazine Issue 65 - Stealth Hooking, Clawing holes in NAT with UPnP, phook - The PEB Hooker, and more.
5114ec6adfd66b13b36e5bc248d1590e87ccf9c9f3c48ba5aa900bbc827e3e01Green Dam version 3.17 remote buffer overflow exploit with shellcode for Microsoft Windows XP SP2.
8064256cbb0c0234a75de1d55a45027e0398c4e93f0f7f69e95157e3db333d98phpWebThings versions 1.5.2 and below MD5 hash retrieval and file disclosure exploit.
15525bf55b3f1630e82f9c3c6286feb059ef2099f6908c5d4e4f69a5584f68a4Campus Virtual-LMS suffers from remote SQL injection, cross site request forgery, and cross site scripting vulnerabilities.
bb6332159cb50b38e5e2b49954b10e245a98a4aaff0da919b5c154fb4be2675aSecunia Research has discovered a vulnerability in Firefox, which can be exploited by malicious people to potentially compromise a user's system. The vulnerability is caused due to a race condition when accessing the private data of an NPObject JS wrapper class object if navigating away from a web page while loading a Java applet. This can be exploited via a specially crafted web page to use already freed memory. Successful exploitation may allow execution of arbitrary code. Firefox versions 3.0.7, 3.0.8, and 3.0.9 for Windows with JRE 6 Update 13 are affected.
59a414dd2e58d6c33945c4e0a4203f55a583994a9ddb89946f7965278edcebe0Apple iTunes version 8.1.1.10 itms/itcp buffer overflow exploit for Microsoft Windows.
140b17c3410e2700b0f0b0f6aba6cda0e9899e7773db6b0f7c41bb673a524261dradis is a tool for sharing information during security testing. While plenty of tools exist to help in the different stages of the test, not so many exist to share interesting information captured. When a team of testers is working on the same set of targets, having a common repository of information is essential to avoid duplication of efforts.
56becee9922782acdeeeed9b6cfea60cfef8ff24b8ebb8aada68448d415c2dbe4images versions 1.7.7 and below suffer from filter bypass HTML injection and cross site scripting vulnerabilities.
f48b2a32d18fb3ebdbb217bae7706e39b9f13e6d42d74b033e146ce5d844ee6aZip Store Chat versions 4.0 and 5.0 suffer from a remote SQL injection vulnerability that allows for authentication bypass.
e88eb6dbdd3d473e899228376ce9969ab03c58593ffbf35c5808c146e355fba2Proof of concept code for local media file enumeration with Windows Media Player.
b348e72cfc7aac1f736188f30a7e6b02f98dee30a8a45660ee5223f6b32c6aa3Proof of concept that demonstrates hijacking iframes in webpages where a WMP object is embedded.
c15454780c747ae7c41ce81a6bf984543719990d87b2c518b3de897b464579b5Proof of concept code that demonstrates Windows Media Player IP scanning capabilities.
56926b2b5261fbb5eaa8ca7543ba12691ac258d6d4ae4c15c8956f1744f410a0Secunia Security Advisory - A vulnerability has been reported in MRCGIGUY The Ticket System, which can be exploited by malicious people to bypass certain security restrictions.
0556a60bbe9a5a7f4b5958c1f05ed2a0d2aad63533c8add2a9aeeb98244acab5Ubuntu Security Notice USN-787-1 - The apache2 packages have been patched to address flaws in apr-util, mod_proxy_ajp, configuration issues, and more.
6699a0f10c75437f8abf294f828cc14f6d1a7f0848d59e33a9b455348d35c9bb
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed