exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 18 of 18 RSS Feed

Files Date: 2012-11-22 to 2012-11-23

Slackware Security Advisory - seamonkey Updates
Posted Nov 22, 2012
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New seamonkey packages are available for Slackware 13.37, 14.0, and -current to fix security issues.

tags | advisory
systems | linux, slackware
SHA-256 | b63a4dbdbb1ef8c895ac5afc462ea155c07bc23c4edd49af0325b7f3fa1e920b
Slackware Security Advisory - mozilla-thunderbird Updates
Posted Nov 22, 2012
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New mozilla-thunderbird packages are available for Slackware 13.37, 14.0, and -current to fix security issues.

tags | advisory
systems | linux, slackware
SHA-256 | 7b7836408b4254a7a556ead89226e0ca4048fbd90c229d4b90f988a290afe1c7
Mandriva Linux Security Advisory 2012-174
Posted Nov 22, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-174 - Heap-based buffer overflow in tif_pixarlog.c in LibTIFF before 4.0.3 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted TIFF image using the PixarLog Compression format. ppm2tiff does not check the return value of the TIFFScanlineSize function, which allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted PPM image that triggers an integer overflow, a zero-memory allocation, and a heap-based buffer overflow. The updated packages have been patched to correct these issues.

tags | advisory, remote, denial of service, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2012-4447, CVE-2012-4564
SHA-256 | 77a768adbe80cd4b982ace89f614bb542baed7f98b9bac2b9895f19f597fdf85
TOR Virtual Network Tunneling Tool 0.2.3.25
Posted Nov 22, 2012
Authored by Roger Dingledine | Site tor.eff.org

Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).

Changes: This release reduces directory overhead, provides enormous crypto performance improvements for fast relays on recent hardware, a new v3 TLS handshake protocol that can better resist fingerprinting, support for protocol obfuscation plugins, better scalability for hidden services, IPv6 support for bridges, performance improvements like allowing clients to skip the first round-trip on the circuit ("optimistic data") and refilling token buckets more often, a new "stream isolation" design to isolate different applications on different circuits, and many stability, security, and privacy fixes.
tags | tool, remote, local, peer2peer
systems | unix
SHA-256 | bb2d6f1136f33e11d37e6e34184143bf191e59501613daf33ae3d6f78f3176a0
Twitter 5.0 Eavesdropping Proof Of Concept
Posted Nov 22, 2012
Authored by Carlos Reventlov

The Twitter 5.0 application for iPhone grabs images over HTTP and due to this, allows for a man in the middle attack / image swap. Proof of concept included.

tags | exploit, web, proof of concept
systems | apple, iphone
SHA-256 | e23c89d44db9163f784b4ff04d606d1d56ae5646f4b6067a4cf9eb08c6eab232
WordPress Zarzadzanie Kontem Shell Upload
Posted Nov 22, 2012
Authored by Ashiyane Digital Security Team

WordPress Zarzadzonie Kontem third party plugin suffers from a remote shell upload vulnerability. Note that this finding houses site-specific data.

tags | exploit, remote, shell
SHA-256 | dabbf8f277721a115251a4fc9ddc214797c96b3fbf36964e3d3366e8ea03717c
WordPress Zingiri Web Shop 2.5.0 Shell Upload
Posted Nov 22, 2012
Authored by Ashiyane Digital Security Team

WordPress Zingiri Web Shop third party plugin version 2.5.0 suffers from a remote shell upload vulnerability. Note that this finding houses site-specific data.

tags | exploit, remote, web, shell
SHA-256 | 33e48b2629820bb1f49eb5160c1b5e85747875d370c0743db0987af583804bcd
WordPress Webplayer SQL Injection
Posted Nov 22, 2012
Authored by Novin hack

WordPress Webplayer Player third party plugin suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.

tags | exploit, remote, sql injection
SHA-256 | d69cd4bc562251e4c95062dd6d91dc522ad3027613df830d537ee3bf94f409e3
WordPress FS-Real-Estate SQL Injection
Posted Nov 22, 2012
Authored by Novin hack

WordPress FS-Real-Estate third party plugin suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.

tags | exploit, remote, sql injection
SHA-256 | a95cc5c4f3002f51988d57a65b80a57548cc9d52aa6c7054c64b6cab72660b0c
Gianni Messina CMS 2.0 2010 SQL Injection
Posted Nov 22, 2012
Authored by Ashiyane Digital Security Team

Gianni Messina CMS 2.0 2010 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 7413f864df6b0ffa6276a50f18c07ec9b0803cac1c325169b0ab7f2f1ed57b44
WordPress Simple Slider 1.0 Cross Site Scripting
Posted Nov 22, 2012
Authored by Aditya Balapure

WordPress Simple Slider plugin version 1.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | b62822bddeca9f6484d902fe80cc09828535e9f746d5cf7e2ffa58d421d49075
vBulletin 5.0.0 Beta 19 Cross Site Scripting
Posted Nov 22, 2012
Authored by KrypTiK

vBulletin version 5.0.0 Beta 19 suffers from a cross site scripting vulnerability.

tags | advisory, xss
SHA-256 | 383a851953f113d20eee5651b22a19e11f4351c29d50b0617501bbb61a8f4268
Simple Lighttpd 1.4.31 Denial Of Service
Posted Nov 22, 2012
Authored by Milan Berger

Simple Lighttpd version 1.4.31 denial of service proof of concept exploit.

tags | exploit, denial of service, proof of concept
advisories | CVE-2012-5533
SHA-256 | bb9db2d5fb90777223307f529d060fc6a280653ad1ae2d1bd6798d5cfd9126c8
WordPress Plg Novana SQL Injection
Posted Nov 22, 2012
Authored by Ashiyane Digital Security Team, sil3nt

WordPress Plg Novana third party plugin suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 981db04fd87b5d87619c34a16a05e6dbd45876887adce6d3423107dafc1af622
GNU SIP Witch Telephony Server 1.4.0
Posted Nov 22, 2012
Authored by David Sugar | Site gnutelephony.org

GNU SIP Witch is a pure SIP-based office telephone call server that supports generic phone system features like call forwarding, hunt groups and call distribution, call coverage and ring groups, holding, and call transfer, as well as offering SIP rver, or an IP-PBX, and does not try to emulate Asterisk, FreeSWITCH, or Yate.

Changes: Updated for the new ucommon 6 API. Support for VoIP hotspot mode. Initial support for the exosip 4.0 API. Better mingw build support. Better debuging tools. A switchview GUI.
tags | tool, telephony
systems | unix
SHA-256 | fffa541c346b2d756f93b344a190f965c9b43b7dca0fb94043b81a9f64107cc1
Entropy Broker RNG 2.0.1
Posted Nov 22, 2012
Authored by Folkert van Heusden | Site vanheusden.com

Entropy Broker is an infrastructure for distributing cryptographically secure random numbers (entropy data) from one or more servers to one or more clients. Entropy Broker allows you to distribute entropy data (random values) to /dev/random devices from other systems (real servers or virtualised systems). It helps preventing that the /dev/random device gets depleted; an empty /dev/random-device can cause programs to hang (waiting for entropy data to become available). This is useful for systems that need to generate encryption keys, run VPN software or run a casino website.

Changes: This release fixes crashes with the Linux kernel client.
tags | tool, encryption
systems | linux
SHA-256 | 3d1e4c41d08e5baf8af7d5cee22f9eb7fd7ed309f653a29a3211116a0cf24340
WordPress Magazine Basic SQL Injection
Posted Nov 22, 2012
Authored by Novin hack

WordPress Magazine Basic third party plugin theme suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.

tags | exploit, remote, sql injection
SHA-256 | a0f0a2bb4d25112d7a6582eb26bee1291efed1a5f1e1f840369aeeedd948fe27
Linux 2.6 Kernel /proc Rootkit Backdoor
Posted Nov 22, 2012
Authored by Analiz

Unix/Darbe-A is a new kernel rootkit backdoor based in the /proc file system.

tags | tool, kernel, rootkit
systems | unix
SHA-256 | e25b0997b5091f37ef98994f27fe8bbbd761dbb249f79ecc16ff5c73bf2ba57e
Page 1 of 1
Back1Next

File Archive:

June 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    19 Files
  • 2
    Jun 2nd
    16 Files
  • 3
    Jun 3rd
    28 Files
  • 4
    Jun 4th
    0 Files
  • 5
    Jun 5th
    0 Files
  • 6
    Jun 6th
    19 Files
  • 7
    Jun 7th
    23 Files
  • 8
    Jun 8th
    11 Files
  • 9
    Jun 9th
    10 Files
  • 10
    Jun 10th
    4 Files
  • 11
    Jun 11th
    0 Files
  • 12
    Jun 12th
    0 Files
  • 13
    Jun 13th
    0 Files
  • 14
    Jun 14th
    0 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    0 Files
  • 18
    Jun 18th
    0 Files
  • 19
    Jun 19th
    27 Files
  • 20
    Jun 20th
    65 Files
  • 21
    Jun 21st
    10 Files
  • 22
    Jun 22nd
    8 Files
  • 23
    Jun 23rd
    6 Files
  • 24
    Jun 24th
    6 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close