exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 18 of 18 RSS Feed

Files Date: 2012-11-22 to 2012-11-23

Slackware Security Advisory - seamonkey Updates
Posted Nov 22, 2012
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New seamonkey packages are available for Slackware 13.37, 14.0, and -current to fix security issues.

tags | advisory
systems | linux, slackware
SHA-256 | b63a4dbdbb1ef8c895ac5afc462ea155c07bc23c4edd49af0325b7f3fa1e920b
Slackware Security Advisory - mozilla-thunderbird Updates
Posted Nov 22, 2012
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New mozilla-thunderbird packages are available for Slackware 13.37, 14.0, and -current to fix security issues.

tags | advisory
systems | linux, slackware
SHA-256 | 7b7836408b4254a7a556ead89226e0ca4048fbd90c229d4b90f988a290afe1c7
Mandriva Linux Security Advisory 2012-174
Posted Nov 22, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-174 - Heap-based buffer overflow in tif_pixarlog.c in LibTIFF before 4.0.3 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted TIFF image using the PixarLog Compression format. ppm2tiff does not check the return value of the TIFFScanlineSize function, which allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted PPM image that triggers an integer overflow, a zero-memory allocation, and a heap-based buffer overflow. The updated packages have been patched to correct these issues.

tags | advisory, remote, denial of service, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2012-4447, CVE-2012-4564
SHA-256 | 77a768adbe80cd4b982ace89f614bb542baed7f98b9bac2b9895f19f597fdf85
TOR Virtual Network Tunneling Tool 0.2.3.25
Posted Nov 22, 2012
Authored by Roger Dingledine | Site tor.eff.org

Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).

Changes: This release reduces directory overhead, provides enormous crypto performance improvements for fast relays on recent hardware, a new v3 TLS handshake protocol that can better resist fingerprinting, support for protocol obfuscation plugins, better scalability for hidden services, IPv6 support for bridges, performance improvements like allowing clients to skip the first round-trip on the circuit ("optimistic data") and refilling token buckets more often, a new "stream isolation" design to isolate different applications on different circuits, and many stability, security, and privacy fixes.
tags | tool, remote, local, peer2peer
systems | unix
SHA-256 | bb2d6f1136f33e11d37e6e34184143bf191e59501613daf33ae3d6f78f3176a0
Twitter 5.0 Eavesdropping Proof Of Concept
Posted Nov 22, 2012
Authored by Carlos Reventlov

The Twitter 5.0 application for iPhone grabs images over HTTP and due to this, allows for a man in the middle attack / image swap. Proof of concept included.

tags | exploit, web, proof of concept
systems | apple, iphone
SHA-256 | e23c89d44db9163f784b4ff04d606d1d56ae5646f4b6067a4cf9eb08c6eab232
WordPress Zarzadzanie Kontem Shell Upload
Posted Nov 22, 2012
Authored by Ashiyane Digital Security Team

WordPress Zarzadzonie Kontem third party plugin suffers from a remote shell upload vulnerability. Note that this finding houses site-specific data.

tags | exploit, remote, shell
SHA-256 | dabbf8f277721a115251a4fc9ddc214797c96b3fbf36964e3d3366e8ea03717c
WordPress Zingiri Web Shop 2.5.0 Shell Upload
Posted Nov 22, 2012
Authored by Ashiyane Digital Security Team

WordPress Zingiri Web Shop third party plugin version 2.5.0 suffers from a remote shell upload vulnerability. Note that this finding houses site-specific data.

tags | exploit, remote, web, shell
SHA-256 | 33e48b2629820bb1f49eb5160c1b5e85747875d370c0743db0987af583804bcd
WordPress Webplayer SQL Injection
Posted Nov 22, 2012
Authored by Novin hack

WordPress Webplayer Player third party plugin suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.

tags | exploit, remote, sql injection
SHA-256 | d69cd4bc562251e4c95062dd6d91dc522ad3027613df830d537ee3bf94f409e3
WordPress FS-Real-Estate SQL Injection
Posted Nov 22, 2012
Authored by Novin hack

WordPress FS-Real-Estate third party plugin suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.

tags | exploit, remote, sql injection
SHA-256 | a95cc5c4f3002f51988d57a65b80a57548cc9d52aa6c7054c64b6cab72660b0c
Gianni Messina CMS 2.0 2010 SQL Injection
Posted Nov 22, 2012
Authored by Ashiyane Digital Security Team

Gianni Messina CMS 2.0 2010 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 7413f864df6b0ffa6276a50f18c07ec9b0803cac1c325169b0ab7f2f1ed57b44
WordPress Simple Slider 1.0 Cross Site Scripting
Posted Nov 22, 2012
Authored by Aditya Balapure

WordPress Simple Slider plugin version 1.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | b62822bddeca9f6484d902fe80cc09828535e9f746d5cf7e2ffa58d421d49075
vBulletin 5.0.0 Beta 19 Cross Site Scripting
Posted Nov 22, 2012
Authored by KrypTiK

vBulletin version 5.0.0 Beta 19 suffers from a cross site scripting vulnerability.

tags | advisory, xss
SHA-256 | 383a851953f113d20eee5651b22a19e11f4351c29d50b0617501bbb61a8f4268
Simple Lighttpd 1.4.31 Denial Of Service
Posted Nov 22, 2012
Authored by Milan Berger

Simple Lighttpd version 1.4.31 denial of service proof of concept exploit.

tags | exploit, denial of service, proof of concept
advisories | CVE-2012-5533
SHA-256 | bb9db2d5fb90777223307f529d060fc6a280653ad1ae2d1bd6798d5cfd9126c8
WordPress Plg Novana SQL Injection
Posted Nov 22, 2012
Authored by Ashiyane Digital Security Team, sil3nt

WordPress Plg Novana third party plugin suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 981db04fd87b5d87619c34a16a05e6dbd45876887adce6d3423107dafc1af622
GNU SIP Witch Telephony Server 1.4.0
Posted Nov 22, 2012
Authored by David Sugar | Site gnutelephony.org

GNU SIP Witch is a pure SIP-based office telephone call server that supports generic phone system features like call forwarding, hunt groups and call distribution, call coverage and ring groups, holding, and call transfer, as well as offering SIP rver, or an IP-PBX, and does not try to emulate Asterisk, FreeSWITCH, or Yate.

Changes: Updated for the new ucommon 6 API. Support for VoIP hotspot mode. Initial support for the exosip 4.0 API. Better mingw build support. Better debuging tools. A switchview GUI.
tags | tool, telephony
systems | unix
SHA-256 | fffa541c346b2d756f93b344a190f965c9b43b7dca0fb94043b81a9f64107cc1
Entropy Broker RNG 2.0.1
Posted Nov 22, 2012
Authored by Folkert van Heusden | Site vanheusden.com

Entropy Broker is an infrastructure for distributing cryptographically secure random numbers (entropy data) from one or more servers to one or more clients. Entropy Broker allows you to distribute entropy data (random values) to /dev/random devices from other systems (real servers or virtualised systems). It helps preventing that the /dev/random device gets depleted; an empty /dev/random-device can cause programs to hang (waiting for entropy data to become available). This is useful for systems that need to generate encryption keys, run VPN software or run a casino website.

Changes: This release fixes crashes with the Linux kernel client.
tags | tool, encryption
systems | linux
SHA-256 | 3d1e4c41d08e5baf8af7d5cee22f9eb7fd7ed309f653a29a3211116a0cf24340
WordPress Magazine Basic SQL Injection
Posted Nov 22, 2012
Authored by Novin hack

WordPress Magazine Basic third party plugin theme suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.

tags | exploit, remote, sql injection
SHA-256 | a0f0a2bb4d25112d7a6582eb26bee1291efed1a5f1e1f840369aeeedd948fe27
Linux 2.6 Kernel /proc Rootkit Backdoor
Posted Nov 22, 2012
Authored by Analiz

Unix/Darbe-A is a new kernel rootkit backdoor based in the /proc file system.

tags | tool, kernel, rootkit
systems | unix
SHA-256 | e25b0997b5091f37ef98994f27fe8bbbd761dbb249f79ecc16ff5c73bf2ba57e
Page 1 of 1
Back1Next

File Archive:

October 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    39 Files
  • 2
    Oct 2nd
    23 Files
  • 3
    Oct 3rd
    18 Files
  • 4
    Oct 4th
    0 Files
  • 5
    Oct 5th
    0 Files
  • 6
    Oct 6th
    0 Files
  • 7
    Oct 7th
    0 Files
  • 8
    Oct 8th
    0 Files
  • 9
    Oct 9th
    0 Files
  • 10
    Oct 10th
    0 Files
  • 11
    Oct 11th
    0 Files
  • 12
    Oct 12th
    0 Files
  • 13
    Oct 13th
    0 Files
  • 14
    Oct 14th
    0 Files
  • 15
    Oct 15th
    0 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close