exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 101 - 125 of 829 RSS Feed

Files Date: 2011-12-01 to 2011-12-31

Secunia Security Advisory 47399
Posted Dec 26, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Heimdal, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
SHA-256 | de71ca2a8ea24dafdc1a57e7ab07c06b75b25bf81db8f57d1bddbee632f6c95b
Secunia Security Advisory 46239
Posted Dec 26, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in GNU inetutils, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
SHA-256 | caa1d2427111e5d8ed36f6b8cc613797bc04cc45d9a6f1bb8801ab96b0d33298
Secunia Security Advisory 47374
Posted Dec 26, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for heimdal. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
systems | linux, debian
SHA-256 | a2ebc46d3000793cf059ddcfda602a2be3ccf1c3fc8adab653da5b5c4629aaa9
Secunia Security Advisory 47397
Posted Dec 26, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - FreeBSD has acknowledged a vulnerability in telnetd, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
systems | freebsd
SHA-256 | 216286f9074ec3da24abb06c04384888a6ea4fe08fe36b870a2a624119e454af
Secunia Security Advisory 47373
Posted Dec 26, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for inetutils. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
systems | linux, debian
SHA-256 | 597888135993d423afcca806e81d66232a0d5a9e479902dd90d110a289d25dbb
Debian Security Advisory 2371-1
Posted Dec 25, 2011
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2371-1 - Two buffer overflows were discovered in JasPer, a library for handling JPEG-2000 images, which could lead to the execution of arbitrary code.

tags | advisory, overflow, arbitrary
systems | linux, debian
advisories | CVE-2011-4516, CVE-2011-4517
SHA-256 | 378ae0ceefe4816301fc1cbd5602b9554680c22218691bc93c90385f418234a7
Hardware Involved Software Attacks
Posted Dec 25, 2011
Authored by Jeff Forristal

Whitepaper called Hardware Involved Software Attacks. Computer security vulnerabilities involving hardware are under-represented within the security industry. With a growing number of attackers, malware, and researchers moving beyond pure software attack scenarios and into scenarios incorporating a hardware element, it is important to start laying a foundation on how to understand, characterize, and defend against these types of hybrid attacks. This paper introduces and details a starting taxonomy of security attacks called hardware involved software attacks, in an effort to further security community awareness of hardware security and its role in upholding the security of the PC platform.

tags | paper, vulnerability
SHA-256 | c7725f5f5155ccae730b5464c6855db0d3283f354981f52fcebb60c92127731a
Windows Media Player 11.0.5721.5262 Denial Of Service
Posted Dec 25, 2011
Authored by Level

Microsoft Windows Media Player version 11.0.5721.5262 remote denial of service exploit.

tags | exploit, remote, denial of service
systems | windows
SHA-256 | 8f956aea0456c97de55561f1b85fde6e2d17e46339271b02a273569d29f09677
Putty 0.60 Denial Of Service
Posted Dec 25, 2011
Authored by Level

Putty version 0.60 null pointer denial of service exploit.

tags | exploit, denial of service
SHA-256 | c0e5d6fed8a39f92e5fe93389c056c8233af29be9277250b0220f8dccc1f7f2e
MySQL 5.5.8 Denial Of Service
Posted Dec 25, 2011
Authored by Level

MySQL version 5.5.8 remote denial of service proof of concept exploit.

tags | exploit, remote, denial of service, proof of concept
SHA-256 | e47dc3eb176f47a4d695cb60327c8ceca93506e42b7b61b174b504ddbbd485fd
FreeSSHd Remote Denial Of Service
Posted Dec 25, 2011
Authored by Level

FreeSSHD remote denial of service proof of concept exploit.

tags | exploit, remote, denial of service, proof of concept
SHA-256 | 64ef29a432819a28b41d8f37b7d65cc811d1a982933c6caf1642e4ced0608e7a
Pre Studio Business Card Designer SQL Injection
Posted Dec 25, 2011
Authored by r45c4l

Pre Studio Business Card Designer suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | c794f54bab399b0c0633492d18f99b818df6ffbe8246ade34257f886b2c02046
D-Zayn Web Design Access SQL Injection
Posted Dec 25, 2011
Authored by 3spi0n

D-Zayn Web Design Access suffers from a remote SQL injection vulnerability.

tags | exploit, remote, web, sql injection
SHA-256 | a1ae391f129cbd6c64b9a123df61a7dcf6e5f853e2420e8d50108ee26be570cb
Construindo Shellcodes
Posted Dec 25, 2011
Authored by m0nad

Whitepaper called Construindo Shellcodes. It discusses how to build shellcodes and use them. Written in Portuguese.

tags | paper, shellcode
SHA-256 | 8a69b4c29cd9e658b54a12c337266f622bc5a9644d51ae9a62cf454b59fa26b1
GraphicClone Cross Site Scripting
Posted Dec 25, 2011
Authored by Mr.PaPaRoSSe

GraphicClone suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 7e386b1f62fdf95ab4f2156dbfe331cae9df9200886e6339cdf26aab4295c59f
Packet Fence 3.1.0
Posted Dec 24, 2011
Site packetfence.org

PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.

Changes: A major release focused on new features and enhancements. Statement of Health (SoH) support for reliable client-side policy compliance, detection of rogue DHCP Servers through routers, RADIUS Change of Authorization (RFC3576) support for reliable and fast authorization changes, new charts in Web Admin, wireless profile provisioning for iPod, iPhone, and iPad devices, SNMP traps overload protection, improved captive portal detection on Mac OS X Lion and mobile devices, and support for stacked Cisco 3750 switches. There are also the usual minor performance optimizations and several bugfixes.
tags | tool, remote
systems | unix
SHA-256 | 044920c66eb9174ee0f01d8d37ac070092da5cf941fd368330fbbaac4a915a9c
Firewall Builder With GUI 5.0.1.3592
Posted Dec 24, 2011
Site fwbuilder.org

Firewall Builder consists of a GUI and set of policy compilers for various firewall platforms. It helps users maintain a database of objects and allows policy editing using simple drag-and-drop operations. The GUI and policy compilers are completely independent, which provides for a consistent abstract model and the same GUI for different firewall platforms. It currently supports iptables, ipfilter, ipfw, OpenBSD pf, Cisco PIX and FWSM, and Cisco routers access lists.

Changes: This release includes improvements in the design of the installer dialog to let users start in non-batch install mode but continue in batch install mode later; improvements in support for iptables configurations for bridging Linux firewalls; fixes for several GUI crashes; policy compilers now correctly handle /31 subnets.
tags | tool, firewall
systems | cisco, linux, unix, openbsd
SHA-256 | 22120de712844b5d89a3f2924964c16cc86f96f2156ace7c3f551bd0d713c94b
OpenTFTP SP 1.4 Error Packet Overflow
Posted Dec 24, 2011
Authored by tixxDZ, steponequit | Site metasploit.com

This Metasploit module exploits a buffer overflow in OpenTFTP Server SP 1.4. The vulnerable condition triggers when the TFTP opcode is configured as an error packet, the TFTP service will then format the message using a sprintf() function, which causes an overflow, therefore allowing remote code execution under the context of SYSTEM. The offset (to EIP) is specific to how the TFTP was started (as a 'Stand Alone', or 'Service'). By default the target is set to 'Service' because that's the default configuration during OpenTFTP Server SP 1.4's installation.

tags | exploit, remote, overflow, code execution
advisories | CVE-2008-2161
SHA-256 | 10056b046a41d7587ed57448581e4849d5d597aefca473ec48c1a6dfbccc8913
Mandriva Linux Security Advisory 2011-192
Posted Dec 24, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-192 - Security issues were identified and fixed in mozilla firefox and thunderbird. The SVG implementation in Mozilla Firefox 8.0, Thunderbird 8.0, and SeaMonkey 2.5 does not properly interact with DOMAttrModified event handlers, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors involving removal of SVG elements. Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x through 8.0, Thunderbird 5.0 through 8.0, and SeaMonkey before 2.6 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors that trigger a compartment mismatch associated with the nsDOMMessageEvent::GetData function, and unknown other vectors. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, vulnerability
systems | linux, mandriva
advisories | CVE-2011-3658, CVE-2011-3660, CVE-2011-3661, CVE-2011-3663, CVE-2011-3665
SHA-256 | 74b1c50fa04b0741fdb76a94c0c90b30b2e95ec9554f1e5264d61525601acb44
Oracle Job Scheduler Named Pipe Command Execution
Posted Dec 23, 2011
Authored by David Litchfield, sinn3r, juan vazquez | Site metasploit.com

This Metasploit module exploits the Oracle Job Scheduler to execute arbitrary commands. The Job Scheduler is implemented via the component extjob.exe which listens on a named pipe called "orcljsex<SID>" and execute arbitrary commands received throw this channel via CreateProcess(). In order to connect to the Named Pipe remotely SMB access is required. This Metasploit module has been tested on Oracle 10g Release 1 where the Oracle Job Scheduler runs as SYSTEM on Windows but it's disabled by default.

tags | exploit, arbitrary
systems | windows
SHA-256 | a5520991853dfba840715d948313a5ca0eee49a3177ec837c2761cf043b2c418
Open Conference / Journal / Harvester Systems 2.3.x Code Execution
Posted Dec 23, 2011
Authored by mr_me

Open Conference Systems versions 2.3.4 and below, Open Journal Systems version 2.3.6 and below and Open Harvester Systems versions 2.3.1 and below remote code execution exploit.

tags | exploit, remote, code execution
SHA-256 | c8514bceee7ade59cbec79ac89af4009e9637eb3d5dcbf7b21c50429755f0ec6
SIP Username Enumerator For Asterisk
Posted Dec 23, 2011
Authored by Ben Williams

This Metasploit module exploits a SIP username enumeration vulnerability in Asterisk. Performs a REGISTER scan for numeric peer usernames having a nat setting different to global sip nat setting. Works even when alwaysauthreject=yes. For this exploit to work, the source port cannot be 5060.

tags | exploit
advisories | CVE-2011-4597
SHA-256 | 54da0d99e312b44be212dc5220e9ea0fef3a31a1f8a4b91a6f8f48f53c53ca09
Secunia Security Advisory 47308
Posted Dec 23, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in Whois.Cart, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
SHA-256 | 2a8873fd498e4864aec167d8bf600d099f08566136857d5e4a2f66caca79f71e
Secunia Security Advisory 47329
Posted Dec 23, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in HP Managed Printing Administration, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory, vulnerability
SHA-256 | 9a68c26e6c8423e9131753236ea182eab70f56400c1c0677734986cd0affde57
Secunia Security Advisory 47326
Posted Dec 23, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for unbound. This fixes two vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service, vulnerability
systems | linux, debian
SHA-256 | a5a00b15c00059d648cbd48c4ff05d6f977c75338250418f6a806ea9e05f5f03
Page 5 of 34
Back34567Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close