exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 57 RSS Feed

Files Date: 2010-10-04 to 2010-10-05

Introduction To Metasploit
Posted Oct 4, 2010
Authored by P0C T34M

Whitepaper called Introduction to Metasploit. Written in Arabic.

tags | paper
SHA-256 | b6428c54335fa37f8bc90d06de566bb58aaaebecc11f04d903e2a3cfc50cd8b8
Mandriva Linux Security Advisory 2010-195
Posted Oct 4, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-195 - libESMTP, probably 1.0.4 and earlier, does not properly handle a backslashed 0 field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408. The match_component function in smtp-tls.c in libESMTP 1.0.3.r1, and possibly other versions including 1.0.4, treats two strings as equal if one is a substring of the other, which allows remote attackers to spoof trusted certificates via a crafted subjectAltName.

tags | advisory, remote, arbitrary, spoof
systems | linux, mandriva
advisories | CVE-2010-1192, CVE-2010-1194
SHA-256 | 7d2a2655d0bc856465b92c6c2f680298e7c00c413037228658babf2ed384b5d1
Mandriva Linux Security Advisory 2010-196
Posted Oct 4, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-196 - Multiple stack-based buffer overflows in the Sieve plugin in Dovecot 1.0 before 1.0.4 and 1.1 before 1.1.7, as derived from Cyrus libsieve, allow context-dependent attackers to cause a denial of service and possibly execute arbitrary code via a crafted SIEVE script, as demonstrated by forwarding an e-mail message to a large number of recipients, a different vulnerability than CVE-2009-2632.

tags | advisory, denial of service, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2009-3235
SHA-256 | 9a3686cad02bb3f6785e39683ac633d1dd451a5c0d3265195bc19564d9b9cba3
CuteNews Local File Inclusion
Posted Oct 4, 2010
Authored by eidelweiss

CuteNews suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
SHA-256 | caccde755bfbe7f98d41777d2d8c96a88e23336827845acba44f4444922c5ca6
Facebook.com Cross Site Request Forgery / Cross Site Scripting
Posted Oct 4, 2010
Authored by John Jean | Site wargan.com

Facebook.com suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
SHA-256 | 2a56c78b4d9faa62d3f97a355e88375441218e8acf64eb122ad6ef1ef100a9f5
SnackAmp 3.1.3B SMP Buffer Overflow
Posted Oct 4, 2010
Authored by Muhamad Fadzil Ramli

SnackAmp version 3.1.3B malicious SMP buffer overflow exploit with DEP bypass.

tags | exploit, overflow
SHA-256 | 6b3746b0928c1d95c1cafeabece47e71024f0d6098da89f7f3dfd6b25dbca2b3
Web.config Download Proof Of Concept
Posted Oct 4, 2010
Authored by Giorgio Fedon | Site blog.mindedsecurity.com

Proof of concept exploit that demonstrates the downloading of Web.config. This affects unpatched versions of .NET framework 3.5 Sp1. Full details are available on the homepage.

tags | exploit, web, proof of concept
SHA-256 | c2bff02b5943229b67a2c7bfe0e791c38fd61cecc58a739443381625fa85ed4b
NetWin Surgemail 4.3e Cross Site Scripting
Posted Oct 4, 2010
Authored by Kerem Kocaer

NetWin Surgemail version 4.3e suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 0835158fda6c41308fa60e24e3d49d7bea9c3893a72e0b9d8c22545411ac45a8
ITS SCADA SQL Injection
Posted Oct 4, 2010
Authored by Andrej Komarov, Eugene Salov

ITS SCADA suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
SHA-256 | 6b2bfbde9ed54d4607036817af12071cbc28999cc84c4895379b19a1be15fbcb
FreeBSD 7.0 - 7.2 pseudofs Null Pointer Dereference
Posted Oct 4, 2010
Authored by Przemyslaw Frasunek

FreeBSD versions 7.0 through 7.2 pseudofs null pointer dereference local exploit.

tags | exploit, local
systems | freebsd
SHA-256 | 22f7237d83ef0a7ecbc6f409a5b2a8f85c968be8f991ec9d649f3b126b963114
Uebimiau Webmail 3.2.0-2.0 Local File Inclusion
Posted Oct 4, 2010
Authored by Blake

Uebimiau Webmail version 3.2.0-2.0 suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
SHA-256 | 7fc91fe88ddc29761c0a08cb6b86047aa397c875786e4649924f32af2a98044c
Aspect Ratio CMS Blind SQL Injection
Posted Oct 4, 2010
Authored by Stephan Sattler

Aspect Ratio CMS suffers from a remote blind SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 5b97eff78f9cc36a72b689b6a0c3a72327a5b51bfafe5af2de86330ab1decaad
DNET Live-Stats 0.8 Local File Inclusion
Posted Oct 4, 2010
Authored by Blake

DNET Live-Stats version 0.8 suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
SHA-256 | c9b189d8fc877e16ec667d8396e8b82cd74519b4232e0d79808a2bed332b0e20
Abhimanyu Infotech SQL Injection
Posted Oct 4, 2010
Authored by ZoRLu

Abhimanyu Infotech SQL injection exploit that leverages show_news.php.

tags | exploit, php, sql injection
SHA-256 | 099a613d5f44b9bd44d09e1ee6c6631491f691ebbc8b92b9e8cd968505396248
Mobius Forensic Toolkit 0.5.5
Posted Oct 4, 2010
Site savannah.nongnu.org

Mobius Forensic Toolkit is a forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files for easy integration with other tools.

Changes: The Hive extension assembles the registry\'s logical structure, akin to that viewed with regedit. The new extension Hive Report adds report capabilities to the Hive extension. Three registry reports were added: OS information, user accounts and user profiles. The Report Viewer extension shows generated reports.
tags | tool, python, forensics
SHA-256 | ec65b64f4524a8a7deb461ff0b8df63db26df45397d7cee1b846bd19b53dd82f
Win32/XP Pro SP3 Add New Local Administrator Shellcode
Posted Oct 4, 2010
Authored by Anastasios Monachos

113 bytes small generic Win32/XP Pro SP3 add new local administrator shellcode.

tags | local, shellcode
systems | windows
SHA-256 | 4651924f38d3b39b87fec3f3ed9e5d843645d2d4ccb4ec77449aaa48c7749d8e
Generic Win32 Add New Local Administrator Shellcode
Posted Oct 4, 2010
Authored by Anastasios Monachos

326 bytes small generic Win32 add new local administrator shellcode.

tags | local, shellcode
systems | windows
SHA-256 | b8cc1cbf3df621cb3da50f5af0f5ee39f43693b4a4e8fdfb2c3d6f71dea4aaec
FAQMasterFlex 1.2 SQL Injection
Posted Oct 4, 2010
Authored by cyb3r.anbu

FAQMasterFlex version 1.2 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | b2550956f463005cf29109ee9ed5356b6345ce57da3ecf7fa1cc0da3a94c3b0a
Cilem Haber 1.4.4 Database Disclosure
Posted Oct 4, 2010
Authored by ZoRLu

Cilem Haber version 1.4.4 suffers from a database disclosure vulnerability.

tags | exploit, info disclosure
SHA-256 | bdc941e374e6699f709194eb361b07e183ae67ff3a1a2445b7963c2cd0c85bd7
CA BrightStor ARCserve Message Engine 0x72 Buffer Overflow
Posted Oct 4, 2010
Authored by MC | Site metasploit.com

This Metasploit module exploits a buffer overflow in Computer Associates BrightStor ARCserve Backup 11.1 - 11.5 SP2. By sending a specially crafted RPC request, an attacker could overflow the buffer and execute arbitrary code.

tags | exploit, overflow, arbitrary
SHA-256 | c4ca4645d9925d456decaa55b7a17382e1c311a583da4c7b865b4621e3893f92
CA BrightStor ARCserve Tape Engine 0x8A Buffer Overflow
Posted Oct 4, 2010
Authored by MC | Site metasploit.com

This Metasploit module exploits a stack buffer overflow in Computer Associates BrightStor ARCserve Backup r11.1 - r11.5. By sending a specially crafted DCERPC request, an attacker could overflow the buffer and execute arbitrary code.

tags | exploit, overflow, arbitrary
SHA-256 | e55c78f6c73f858857f835c254a3c8793ee443028db1ba508ebb04ffca926082
Secunia Security Advisory 41695
Posted Oct 4, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in ProxySG, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
SHA-256 | 310aca70fe5869e11b3244db7f518959ee1e3a822dbc428a0e9ce8f444aa7c23
Secunia Security Advisory 41685
Posted Oct 4, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Kerem Kocaer has discovered a vulnerability in SurgeMail, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
SHA-256 | d5c58e76c40efaad324a674d4dcad1f804d04b08c2cd6cb6beaff15baeb97a96
Secunia Security Advisory 41701
Posted Oct 4, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in APR-util, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service, vulnerability
SHA-256 | 4226149adf9c5285bcab49eec64df725278e0b6207a717bac23a256b6ca76f1c
Secunia Security Advisory 41716
Posted Oct 4, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in MySQL, which can be exploited by malicious users to gain escalated privileges or cause a DoS (Denial of Service).

tags | advisory, denial of service, vulnerability
SHA-256 | 473d6fe8322f443e4753d45f2c901ca0e578a15886ca4856e4c273ceefebf02d
Page 1 of 3
Back123Next

File Archive:

October 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    39 Files
  • 2
    Oct 2nd
    23 Files
  • 3
    Oct 3rd
    18 Files
  • 4
    Oct 4th
    20 Files
  • 5
    Oct 5th
    0 Files
  • 6
    Oct 6th
    0 Files
  • 7
    Oct 7th
    17 Files
  • 8
    Oct 8th
    66 Files
  • 9
    Oct 9th
    25 Files
  • 10
    Oct 10th
    20 Files
  • 11
    Oct 11th
    21 Files
  • 12
    Oct 12th
    0 Files
  • 13
    Oct 13th
    0 Files
  • 14
    Oct 14th
    0 Files
  • 15
    Oct 15th
    0 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close