exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 50 RSS Feed

Files Date: 2011-10-24 to 2011-10-25

SAP Management Console OSExecute Payload Execution
Posted Oct 24, 2011
Authored by Chris John Riley | Site metasploit.com

This Metasploit module executes an arbitrary payload through the SAP Management Console SOAP Interface. A valid username and password must be provided.

tags | exploit, arbitrary
SHA-256 | 631d430623b1bdaf08c10284315fb2752c47e9e4c998de80b05ea83f243e5517
Cytel Studio 9.0 (CY3 File) Stack Buffer Overflow
Posted Oct 24, 2011
Authored by Luigi Auriemma, James Fitts | Site metasploit.com

This Metasploit module exploits a stack based buffer overflow found in Cytel Studio <= 9.0. The overflow is triggered during the copying of strings to a stack buffer of 256 bytes.

tags | exploit, overflow
advisories | OSVDB-75991
SHA-256 | 54cba2669ee78e390a6c7b20623fad6a9b5c9f2f49e59b8a55adc94afd84b482
Debian Security Advisory 2326-1
Posted Oct 24, 2011
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2326-1 - Kees Cook of the ChromeOS security team discovered a buffer overflow in pam_env, a PAM module to set environment variables through the PAM stack, which allowed the execution of arbitrary code. An additional issue in argument parsing allows denial of service.

tags | advisory, denial of service, overflow, arbitrary
systems | linux, debian
advisories | CVE-2011-3148, CVE-2011-3149
SHA-256 | 771fcceaab3f6197448e1213947aed4e74dbd5266078d423cdce7c53e7d97c25
Core Security Technologies Advisory 2011.0810
Posted Oct 24, 2011
Authored by Core Security Technologies, Matthew Bergin, Matias Blanco | Site coresecurity.com

Core Security Technologies Advisory - When the install script for e107 CMS has not been removed, an attacker can "reinstall" the application using arbitrary parameters. If the attacker puts a valid MySql server followed a semicolon and PHP code, this will be executed when the config file gets requested. This parameters are stored in the config file "e107_config.php". Version 0.7.24 is affected.

tags | exploit, arbitrary, php
advisories | CVE-2011-1513
SHA-256 | f1aa6364a9b7aec87affa0e57cc0ec5d09d69d9a12a32fe5e884c8288d964039
THC SSL Denial Of Service Tool 1.4 Windows Version
Posted Oct 24, 2011
Authored by thc | Site thc.org

THC-SSL-DOS is tool to stress test the SSL handshake by triggering processor intensive RSA_encrypt() calls on the server side. Establishing a secure SSL connection requires 15x more processing power on the server than on the client. THC-SSL-DOS exploits this asymmetric property by overloading the server and knocking it off the Internet. This problem affects all SSL implementations today. The vendors are aware of this problem since 2003 and the topic has been widely discussed. This attack further exploits the SSL secure Renegotiation feature to trigger thousands of renegotiations via a single TCP connection. Windows binary version.

tags | exploit, tool, denial of service, tcp
systems | windows
advisories | CVE-2009-3555
SHA-256 | ec82cd6af4177e4a8b85e8a626ee51b84eae5e08cf6958418b50d517c68148c9
THC SSL Denial Of Service Tool 1.4
Posted Oct 24, 2011
Authored by thc | Site thc.org

THC-SSL-DOS is tool to stress test the SSL handshake by triggering processor intensive RSA_encrypt() calls on the server side. Establishing a secure SSL connection requires 15x more processing power on the server than on the client. THC-SSL-DOS exploits this asymmetric property by overloading the server and knocking it off the Internet. This problem affects all SSL implementations today. The vendors are aware of this problem since 2003 and the topic has been widely discussed. This attack further exploits the SSL secure Renegotiation feature to trigger thousands of renegotiations via a single TCP connection.

tags | exploit, tool, denial of service, tcp
systems | unix
advisories | CVE-2009-3555
SHA-256 | ed7020c0275df347123a0b49a345aa44b2ec9b2ac9b1471870303b8b95c7ef87
Agnitio 2.1
Posted Oct 24, 2011
Authored by David Rook | Site sourceforge.net

Agnitio is a tool to help developers and security professionals conduct manual security code reviews in a consistent and repeatable way. Agnitio aims to replace the adhoc nature of manual security code review documentation, create an audit trail and reporting. Both x86 and x64 versions are included in this archive.

Changes: Windows x64 support. Automatically decompiles Android .apk application for easy analysis. Various other features and updates.
tags | x86
systems | windows
SHA-256 | ea8f8d900c63a5b4ffd55ccbaf931a5028774259ceed201a1ec6b7a1da68e984
InverseFlow 2.4 Cross Site Scripting
Posted Oct 24, 2011
Authored by Amir Expl0its

InverseFlow version 2.4 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 6d58621745c9445aa8e48b328ff3f2cbb28a3eddc45c49e3963eefaf7b723404
Bleeding Life 2 Exploit Pack
Posted Oct 24, 2011
Site blackhatacademy.org

Black Hat Academy has decided to go open source with the Bleeding Life 2 exploit pack. This is an exploit pack that affects Windows-based web browsers via Adobe and Java.

tags | exploit, java, web
systems | linux, windows
advisories | CVE-2008-2992, CVE-2010-1297, CVE-2010-2884, CVE-2010-0188, CVE-2010-0642, CVE-2010-3552
SHA-256 | 36303b4d6d25064a2ca162802f5dd9c42e121666c9a8518b0f3c3041b3c36994
Debian Security Advisory 2325-1
Posted Oct 24, 2011
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2325-1 - Buffer overflow in the "linux emulation" support in FreeBSD kernel allows local users to cause a denial of service (panic) and possibly execute arbitrary code by calling the bind system call with a long path for a UNIX-domain socket, which is not properly handled when the address is used by other unspecified system calls.

tags | advisory, denial of service, overflow, arbitrary, kernel, local
systems | linux, unix, freebsd, debian
advisories | CVE-2011-4062
SHA-256 | bd606722c312b01cbd9cde3ca4809d0d695405f02e122b34b4f9587f53523509
Gentoo Linux Security Advisory 201110-20
Posted Oct 24, 2011
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201110-20 - Multiple vulnerabilities were found in Clam AntiVirus, the most severe of which may allow the execution of arbitrary code. Versions less than 0.97.3 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2010-0405, CVE-2010-3434, CVE-2010-4260, CVE-2010-4261, CVE-2010-4479, CVE-2011-1003, CVE-2011-2721, CVE-2011-3627
SHA-256 | 8a4cb5b5ff29de3a4a524379def9f673e2628a57bd1fb5f9d7b6f15abab93201
Secunia Security Advisory 46498
Posted Oct 24, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Gentoo has issued an update for rgmanager. This fixes two security issues, which can be exploited by malicious, local users to gain escalated privileges.

tags | advisory, local
systems | linux, gentoo
SHA-256 | bd7c1a6e9a61a3f541384fac5bce5f7987c068c97bb014208e9966e7eb1dff42
Secunia Security Advisory 46136
Posted Oct 24, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Pantech Link, which can be exploited by malicious people to conduct spoofing attacks.

tags | advisory, spoof
SHA-256 | cfdd15c209bb4dc30027871d31c05a18a3f70ddc2fb800ab43eb30f0f1144fa3
Secunia Security Advisory 46249
Posted Oct 24, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fedora has issued an update for firefox and xulrunner. This fixes multiple vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions and compromise a user's system.

tags | advisory, vulnerability
systems | linux, fedora
SHA-256 | 7d69e43146b863d5987fb37a8a9296a78eb77c5cc3f52afa2a94271dfde7e0ac
Secunia Security Advisory 46235
Posted Oct 24, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in BaserCMS, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
SHA-256 | e3c87aa1d49a17c3c3a8fc05ee17798998d0b0f75f7c4fbc1e1e274e3f28c647
Secunia Security Advisory 46265
Posted Oct 24, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Sitewatch has discovered a vulnerability in the Pixiv Custom theme for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
SHA-256 | cf0fb57be2d8912cc3a8746104b55338d07eed20830ae134f0baedc7a8053ccf
Secunia Security Advisory 46261
Posted Oct 24, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fedora has issued an update for drupal6-views_bulk_operations. This fixes a vulnerability, which can be exploited by malicious users to conduct script insertion attacks.

tags | advisory
systems | linux, fedora
SHA-256 | 11cd196bf412ee531e28681747f5d4a1977ac558a501e96dff3ecb6cc4d2b2cf
Secunia Security Advisory 46286
Posted Oct 24, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple security issues have been reported in Puppet, which can be exploited by malicious, local users to perform certain actions with escalated privileges.

tags | advisory, local
SHA-256 | 5ae2a3c7cc319e8ef5dbde3f53ef40e34ca7bfd7b669873f6d901fcb18b30635
Secunia Security Advisory 46287
Posted Oct 24, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - OpenVZ has issued an update for the kernel. This fixes some weaknesses and vulnerabilities, which can be exploited by malicious, local users to disclose certain system information, cause a DoS (Denial of Service), and gain escalated privileges and by malicious, local users in a guest virtual machine and malicious people to cause a DoS.

tags | advisory, denial of service, kernel, local, vulnerability
SHA-256 | 377904a61148454928988c5b08f4445aa45a16bf904d7e4d43471c873509ec86
Secunia Security Advisory 46174
Posted Oct 24, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Cisco IOS, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | cisco
SHA-256 | 310541a816f0dfcd6e28a6410a79e2c4263e4d97c28a0cba21343637803b551b
Secunia Security Advisory 46257
Posted Oct 24, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for MozillaFirefox. This fixes multiple vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions and compromise a user's system.

tags | advisory, vulnerability
systems | linux, suse
SHA-256 | c1a9d9169626b95660ab57e98e58186b1bf9761d22e1c23c6b4d4882aa8863d8
Secunia Security Advisory 46227
Posted Oct 24, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in the WP-Polls plugin for WordPress, which can be exploited by malicious users to conduct SQL injection attacks.

tags | advisory, sql injection
SHA-256 | 9642aa644328900807c0cdb3884b2b92f70de23c5d038530273d954a0ff67de3
Secunia Security Advisory 46264
Posted Oct 24, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Sitewatch has discovered a vulnerability in the EvoLve theme for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
SHA-256 | 4b88941dbba24418c7a5539f8ef2a2aee65a566be1adc4f4c9f21729530aaa59
Secunia Security Advisory 46289
Posted Oct 24, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for puppet. This fixes multiple security issues, which can be exploited by malicious, local users to perform certain actions with escalated privileges.

tags | advisory, local
systems | linux, ubuntu
SHA-256 | f8a95d9fe5061c506eb69950e89485d64615fba02391d8cb48d8ef28a7cd3f0c
Secunia Security Advisory 46299
Posted Oct 24, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Perl, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory, perl
SHA-256 | 10ca5c28a3146dc10ca9fdaf31b0a9504c37519b8efb4763caa9da4ad3afa37e
Page 1 of 2
Back12Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close