what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 42 RSS Feed

Files Date: 2009-07-22 to 2009-07-23

Whitepaper Called Returning Into Libc
Posted Jul 22, 2009
Authored by 6_Bl4ck9_f0x6

Whitepaper called Returning into libc. Written in Portuguese.

tags | paper
SHA-256 | 3580c5306764d1c29398c6bd477d467f86fc2867b349f4943a56b214df186d74
Akamai Download Manager Active-X Issue
Posted Jul 22, 2009
Site akamai.com

Akamai has become aware of a security vulnerability within the Akamai Download Manager up to and including version 2.2.4.7 of the ActiveX control. For successful exploitation, this vulnerability requires a user to be convinced to visit a malicious URL put into place by an attacker. This may then lead to an unauthorized download and automatic execution of arbitrary code run within the context of the victim user.

tags | advisory, arbitrary, activex
SHA-256 | 6fc366214bd516b6a4df693b28db45824983d914361ec322d96d6ab47a9dbfff
Phorum 5.2.11 Cross Site Scripting
Posted Jul 22, 2009
Authored by crashfr | Site sysdream.com

Phorum version 5.2.11 suffers from cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 37a4c5e5603b44b34dcfd5876a877496b6e20448b77907df59ddb38159ab3975
Ebay Clone 2009 SQL Injection
Posted Jul 22, 2009
Authored by MizoZ

Ebay Clone 2009 suffers from multiple remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
SHA-256 | 79d11b0e2bb6498b955af7eadc0f479b8fdf25849dd2022be874c24ca295d64a
3a WebMoney Remote File Inclusion
Posted Jul 22, 2009
Authored by Septemb0x | Site cyber-warrior.org

3a WebMoney suffers from a remote file inclusion vulnerability.

tags | exploit, remote, code execution, file inclusion
SHA-256 | 1aef5b22ef765a72c94bf48c2df81019e73bd5b18ea7ff1422ef1fcafd9cdc65
AShop ru.1.Beta Database Config Disclosure
Posted Jul 22, 2009
Authored by Septemb0x | Site cyber-warrior.org

AShop version ru.1.Beta suffers from a remote database configuration disclosure vulnerability.

tags | exploit, remote, info disclosure
SHA-256 | fded7097c9fbd4a2b01c23bd5b87959fd862927fea8c453911ba2b7f5a209667
Knigman Shop Script Database Config Disclosure
Posted Jul 22, 2009
Authored by Septemb0x | Site cyber-warrior.org

Knigman Shop Script suffers from a remote database configuration disclosure vulnerability.

tags | exploit, remote, info disclosure
SHA-256 | 4568a9052afe1540e313f47e7f21ecab68f900e6d1b37874df6dd2a2e1fa7ee7
Ubuntu Security Notice 798-1
Posted Jul 22, 2009
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice USN-798-1 - Several flaws were discovered in the Firefox browser and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. Attila Suszter discovered a flaw in the way Firefox processed Flash content. If a user were tricked into viewing and navigating within a specially crafted Flash object, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. It was discovered that Firefox did not properly handle some SVG content. An attacker could exploit this to cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. A flaw was discovered in the JavaScript engine. If a user were tricked into viewing a malicious website, an attacker could exploit this perform cross-site scripting attacks.

tags | advisory, remote, denial of service, arbitrary, javascript, xss
systems | linux, ubuntu
advisories | CVE-2009-2462, CVE-2009-2463, CVE-2009-2464, CVE-2009-2465, CVE-2009-2466, CVE-2009-2467, CVE-2009-2469, CVE-2009-2472
SHA-256 | 3fce72ef2ecfd481b235326ef82129042a5ba046cafbaf06c83b33248cdae746
Uber Web Security Scanner
Posted Jul 22, 2009
Authored by noptrix | Site nullsecurity.net

uwss is a web security scanner and used for testing security holes in web applications. It can act as a fuzzer whose objective is to probe the application with various crafted attack strings. uwss is built upon a modular concept.

tags | tool, web, scanner, fuzzer
systems | unix
SHA-256 | 13057a6d9a4ce6617d07316cf3ac864b76984cb10985c54168293dbc49851d8a
HP Security Bulletin HPSBUX02437 SSRT090038
Posted Jul 22, 2009
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin - Potential security vulnerabilities have been identified with HP-UX running XNTP. The vulnerabilities could be exploited remotely to execute arbitrary code.

tags | advisory, arbitrary, vulnerability
systems | hpux
advisories | CVE-2009-0159, CVE-2009-1252
SHA-256 | d9cdab8e1fe997da061f0612c947f172b2fcb3add913836a42b31e48d2a4ae54
strongSwan IPsec / IKEv1 / IKEv2 Implementation For Linux
Posted Jul 22, 2009
Authored by Andreas Steffen | Site strongswan.org

strongSwan is a complete IPsec and IKEv1 implementation for Linux 2.4 and 2.6 kernels. It interoperates with most other IPsec-based VPN products. It is a descendant of the discontinued FreeS/WAN project. The focus of the strongSwan project is on strong authentication mechanisms using X.509 public key certificates and optional secure storage of private keys on smartcards through a standardized PKCS#11 interface. A unique feature is the use of X.509 attribute certificates to implement advanced access control schemes based on group memberships.

Changes: Optional integrity checksum tests are done over all strongSwan dynamic libraries and plugins during startup. The IKEv1 pluto daemon now supports the ESP authenticated encryption algorithms AES-GCM and AES-CCM.
tags | kernel, encryption
systems | linux
SHA-256 | 67248b40ad5e70cee17052620aba27d375ca88b6b00a9dbfbdbc7d8b5cda7d92
otsAV 1.77.001 Heap Overflow
Posted Jul 22, 2009
Authored by hack4love

otsAV version 1.77.001 local heap overflow proof of concept exploit that creates a malicious .ofl file.

tags | exploit, overflow, local, proof of concept
SHA-256 | fb92adf3b19499a4481bab9f2d50450e72ca076ef8735a180ed868d2dd8d3dc3
RainbowCrack Hash Cracker
Posted Jul 22, 2009
Authored by Zhu Shuanglei | Site project-rainbowcrack.com

RainbowCrack is a general propose implementation of Philippe Oechslin's faster time-memory trade-off technique. It cracks hashes with rainbow tables. Windows binary release.

tags | cracker
systems | windows
SHA-256 | e138bf840a9498c6d2c0d0f2ec4f20754c9731b0af83cdb9ef4b5fa28cd308a2
Debian Linux Security Advisory 1813-2
Posted Jul 22, 2009
Authored by Debian | Site debian.org

Debian Security Advisory 1813-2 - The previous update introduced a regression that stopped encrypted and signed S/MIME messages to work properly. Also, there have been other regressions caused by the introduction of an undefined symbol. This update corrects these flaws. Several vulnerabilities have been found in evolution-data-server, the database backend server for the evolution groupware suite.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2009-0587, CVE-2009-0547, CVE-2009-0582
SHA-256 | 9088ac45791106e1e4cf2844d16833e1df769776b607f955315470f1df30fcfd
WINMOD 1.4 Universal Buffer Overflow
Posted Jul 22, 2009
Authored by Dz_Girl

WINMOD version 1.4 local buffer overflow exploit that creates a malicious .lst file.

tags | exploit, overflow, local
SHA-256 | bb57a45ba9fcdb45e6020b515e54545c9ddaf5809c63a5f02f95430ac853c58a
Secunia Security Advisory 35941
Posted Jul 22, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Moudi has reported two vulnerabilities in phpDirectorySource, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks.

tags | advisory, vulnerability, xss, sql injection
SHA-256 | 8acebcfe9c68f6e9ac793bbcf6a015811acf4e3b5eb7b2988940b67610c2f0b8
Secunia Security Advisory 35946
Posted Jul 22, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in WordPress, which can be exploited by malicious people to conduct script insertion attacks.

tags | advisory
SHA-256 | 99ecb729c1f2eebc334d13579e315193f670106417741a84315200dab9dc6b31
Secunia Security Advisory 35920
Posted Jul 22, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in PDFedit, which can be exploited by malicious people to potentially compromise a user's system.

tags | advisory, vulnerability
SHA-256 | 47946accc684f11d266d048473ca21a547c4791fcff05e615bf5bc2f4e4681e8
Secunia Security Advisory 35519
Posted Jul 22, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been discovered in phpGroupWare, which can be exploited by malicious users to disclose sensitive information and by malicious people to disclose sensitive information or conduct cross-site scripting and SQL injection attacks.

tags | advisory, vulnerability, xss, sql injection
SHA-256 | cdbdf74d4d3bb17e4257c5ebeb62b60ad6a05561fd09c543ac038c3de35647de
Secunia Security Advisory 35799
Posted Jul 22, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Moudi has reported a vulnerability in CJ Dynamic Poll Pro, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
SHA-256 | 16cfdc030934ed7c70e7d51c5ac765cdb3f1d854ab20f77031210bb6750b7a67
Secunia Security Advisory 35893
Posted Jul 22, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - 599eme Man has reported some vulnerabilities in Hutscripts PHP Website Script, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks.

tags | advisory, php, vulnerability, xss, sql injection
SHA-256 | 908badbcf816184403b3c4969e3f7721e3e0e0a9aef5e40bce84a24b77b490a4
Secunia Security Advisory 35862
Posted Jul 22, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Moudi has reported a vulnerability in MyDLstore Pixel Ad Script, which can be exploited by malicious users to conduct SQL injection attacks.

tags | advisory, sql injection
SHA-256 | 6ec7af54d38bace00ad6464195ccf4f0c3269a6f01f2df69f1329e910ef000ae
Secunia Security Advisory 35892
Posted Jul 22, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Moudi has reported a vulnerability in Hotscripts Type PHP Clone Script, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, php, xss
SHA-256 | ecbcb21736f34dd144d87dfbf2fb26ffb3cda8e600de8190c4cfb59157813895
Secunia Security Advisory 35733
Posted Jul 22, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Stefano Angaran has discovered a vulnerability in Snitz Forums 2000, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, sql injection
SHA-256 | d1f2fb605913db4dc6f52c059e074979339668ff81c5ded8fb5222e9e0c4e455
Secunia Security Advisory 35945
Posted Jul 22, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - HP has acknowledged some vulnerabilities in HP-UX, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system.

tags | advisory, denial of service, vulnerability
systems | hpux
SHA-256 | 372bccea1f8b24331b7d7f89f785d2861cbb434da1d894ff4125ace26528d922
Page 1 of 2
Back12Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close