exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 101 - 125 of 653 RSS Feed

Files Date: 2012-11-01 to 2012-11-30

Secunia Security Advisory 49987
Posted Nov 26, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in WibuKey Runtime for Windows, which can be exploited by malicious people to compromise a user's system.

tags | advisory
systems | windows
SHA-256 | 45ef6e56dd3a165aa40e9befd41b7be705f8ba498a83106e031dcb9af4344f15
Secunia Security Advisory 51341
Posted Nov 26, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ingress Security has discovered a vulnerability in jBilling, which can be exploited by malicious people to conduct cross-site request forgery attacks.

tags | advisory, csrf
SHA-256 | dc243ca9371074e2d2e4ec396a8c616c2dbe8a77e54384eca9ab28cfe113fafa
Secunia Security Advisory 51299
Posted Nov 26, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in OpenBSD, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | openbsd
SHA-256 | 52a834674389e78d1d6edad3245c756ad34424fb5d62c4beea2c53c998123ca2
Exploitation Of MS-SQL Servers Explained
Posted Nov 26, 2012
Authored by Agd_Scorp

Whitepaper called Exploitation of MS-SQL Servers Explained. Written in Turkish.

tags | paper
SHA-256 | 4ffc2985fa1f3d4996dafdb8b9f4aeb73a2c9f7d902970dcdd4e16f2f7207a9d
BuyClassifiedScript PHP Code Injection
Posted Nov 25, 2012
Authored by d3b4g

BuyClassifiedScript suffers from an arbitrary php code execution vulnerability.

tags | exploit, arbitrary, php, code execution
SHA-256 | 1d47dd28c7b9bccc97e6f8b813c6ecfe54aade43089149efe88d27ee09d44f53
Websense Proxy Filter Bypass
Posted Nov 25, 2012
Authored by Nahuel Grisolia

Websense Proxy Filter suffers from a special request filter bypass vulnerability.

tags | exploit, bypass
SHA-256 | baed8e0e50663c0af97bdc3fb3969603f6c0b777526aa8c815ba613c81bf010a
BlazeVideo HDTV Player 6.6 Professional Proof Of Concept
Posted Nov 25, 2012
Authored by Nezim

BlazeVideo HDTV Player version 6.6 Professional buffer overflow direct return exploit.

tags | exploit, overflow
SHA-256 | 879708faa6a7427f5d73fd59635094faf07bf19bbddb4363f6f4a87bdd9c092e
Aviosoft Digital TV Player Professional 1.x Proof Of Concept
Posted Nov 25, 2012
Authored by Nezim

Aviosoft Digital TV Player Professional version 1.x suffers form a buffer overflow vulnerability.

tags | exploit, overflow
SHA-256 | e43c1c4abce9400453e38924e7f750cc47329aa88a14ed285d546cca7835ad7b
D-Link DSR-250N Backdoor
Posted Nov 25, 2012
Authored by 0_o

D-Link DSR-250N has a backdoor account that allows for persistent root access.

tags | exploit, root
SHA-256 | 80fd9d3e7fad566709a302521d1f123f923a95c1459f2c137d1705ee73d4dd6c
WordPress Ads Box SQL Injection
Posted Nov 25, 2012
Authored by Ashiyane Digital Security Team

WordPress Ads Box third party plugin suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.

tags | exploit, remote, sql injection
SHA-256 | b6407ecbef69c88c80d6162e6f7335e75a4148321947e65507f8f5d6d8271394
ES CMS 0.1 SQL Injection
Posted Nov 25, 2012
Authored by Mr.XpR

ES CMS version 1.0 suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.

tags | exploit, remote, sql injection
SHA-256 | daa80edba48418d7f028eef0daced982f7b36eff55719be1f08023c6b001181e
SWF Upload f10 / f11 Cross Site Scripting
Posted Nov 25, 2012
Authored by MustLive

swfupload_f10.swf and swfupload_f11.swf both suffer from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | a064f09576b12ab9d5a45fe75c0226e749c3b0025cd2959f6177a48202d94b92
Army Ezine Colombia XSS / SQL Injection
Posted Nov 25, 2012
Authored by Ur0b0r0x

Army Ezine Colombia suffers from cross site scripting and remote SQL injection vulnerabilities. Note that this finding houses site-specific data.

tags | exploit, remote, vulnerability, xss, sql injection
SHA-256 | 15188ed796801a9d0a3f0e2dab1c9a7050d8a3174f895338116f2f758fe78230
jBilling 3.0.2 Cross Site Scripting
Posted Nov 24, 2012
Authored by Ingress Security, Woody Hughes

jBilling versions 3.0.2 and below suffer from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 4ceac8d0fc1f1afec1cf3dcadedca25fa1795ffaf93a687d404a447d3f2a5c35
WordPress Malmonation Theme SQL Injection
Posted Nov 24, 2012
Authored by Ashiyane Digital Security Team, sil3nt

WordPress Malmonation theme suffers from a remote SQL injection vulnerability. Note that this theme is specific to this site.

tags | exploit, remote, sql injection
SHA-256 | 5e7908209d87b1e1f212f6ab59e22fe30ff71c8f26dcbfee81ee4769a88aa0a7
MurmurHash Algorithm Collision Denial Of Service
Posted Nov 24, 2012
Authored by Andrea Barisani, Open Source CERT | Site ocert.org

A variety of programming languages suffer from a denial-of-service (DoS) condition against storage functions of key/value pairs in hash data structures, the condition can be leveraged by exploiting predictable collisions in the underlying hashing algorithms. The issue is similar to the one reported in oCERT-2011-003 and concerns the MurmurHash algorithm family. The condition for predictable collisions in the hashing functions has been reported for the following language implementations: JRuby (MurmurHash2), Ruby (MurmurHash2), Rubinius (MurmurHash3), Oracle JDK (MurmurHash), OpenJDK (MurmurHash). In the case of Java OpenJDK the hash function affected by the reported issue is not enabled by default, the default function is however reported vulnerable to oCERT-2011-003.

tags | advisory, java, ruby
advisories | CVE-2012-5370, CVE-2011-5371, CVE-2011-5372, CVE-2011-5373
SHA-256 | 6158aaf285af06ef9ef0b5c3fb1ac4513de61a3ac22d037a2d66fa0654d3a613
Beat Websites 1.0 SQL Injection
Posted Nov 24, 2012
Authored by Metropolis

Beat Websites version 1.0 suffers from a remote blind SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 88a56d21e7494bc2d27b6237a91c756294b7134a1ab51354af09d4a448df1cce
Router Exploitation
Posted Nov 23, 2012
Authored by FX | Site recurity-labs.com

This is a presentation called Router Exploitation. It was given at BlackHat 2009. It discusses various vendors such as Cisco, Juniper, Huawei, and more.

tags | paper
systems | cisco, juniper
SHA-256 | d251e8ce38047dd92c1a121ab52dccf2904bfc18ca85475675ae8202a6a1241d
FreeBSD Security Advisory - Linux Input Validation
Posted Nov 23, 2012
Authored by Mateusz Guzik | Site security.freebsd.org

FreeBSD Security Advisory - FreeBSD is binary-compatible with the Linux operating system through a loadable kernel module/optional kernel component. A programming error in the handling of some Linux system calls may result in memory locations being accessed without proper validation. It is possible for a local attacker to overwrite portions of kernel memory, which may result in a privilege escalation or cause a system panic.

tags | advisory, kernel, local
systems | linux, freebsd
advisories | CVE-2012-4576
SHA-256 | 6702f60b55d6453bd757f5c5f78ebb7b3615928a68a5c006f536a774870013bf
FreeBSD Security Advisory - EAP-TLS Message Insufficient Validation
Posted Nov 23, 2012
Authored by Timo Warns, Jouni Malinen | Site security.freebsd.org

FreeBSD Security Advisory - The internal authentication server of hostapd does not sufficiently validate the message length field of EAP-TLS messages. A remote attacker could cause the hostapd daemon to abort by sending specially crafted EAP-TLS messages, resulting in a Denial of Service.

tags | advisory, remote, denial of service
systems | freebsd
advisories | CVE-2012-4445
SHA-256 | 2e64da0ea32a2dac049fee64d2e2a83e329082a4961e1f7560ffefb7f8cc5160
FreeBSD Security Advisory - named Denial Of Service
Posted Nov 23, 2012
Site security.freebsd.org

FreeBSD Security Advisory - The BIND daemon would crash when a query is made on a resource record with RDATA that exceeds 65535 bytes. The BIND daemon would lock up when a query is made on specific combinations of RDATA. A remote attacker can query a resolving name server to retrieve a record whose RDATA is known to be larger than 65535 bytes, thereby causing the resolving server to crash via an assertion failure in named. An attacker who is in a position to add a record with RDATA larger than 65535 bytes to an authoritative name server can cause that server to crash by later querying for that record. The attacker can also cause the server to lock up with specific combinations of RDATA.

tags | advisory, remote
systems | freebsd
advisories | CVE-2012-4244, CVE-2012-5166
SHA-256 | 06e1aee7809f7e8aa741e07c76a29eb43443068d25922ef3f329e9890d2bf998
Greenstone XSS / Password Disclosure / Log Forging
Posted Nov 23, 2012
Authored by Akastep

Greenstone Digital Library Software suffers from cross site scripting, password file disclosure, broken salt, and log forging vulnerabilities.

tags | exploit, vulnerability, xss, info disclosure
SHA-256 | 6abb1bda55fdf2a144f85a5781c58e9555df57ab3346329f169d03b28b7f55e7
Cisco WAG120N Command Execution
Posted Nov 23, 2012
Authored by Manu

Cisco WAG120N suffers from a remote command execution vulnerability in setup.cgi.

tags | exploit, remote, cgi
systems | cisco
SHA-256 | 3f3738e0fe87c901ce923fe505448e7d8a980e7ffb970f817472dc722f51bd86
Slackware Security Advisory - mozilla-firefox Updates
Posted Nov 23, 2012
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New mozilla-firefox packages are available for Slackware 13.37, 14.0, and -current to fix security issues.

tags | advisory
systems | linux, slackware
SHA-256 | adf8111d665f3a46a324885a6c9a7d02bae0571ab36a5bde6b53d6b571145526
Debian Security Advisory 2576-1
Posted Nov 23, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2576-1 - Andy Lutomirski discovered that tcsd (the TPM userspace daemon) was missing a of input validation. Using carefully crafted input, it can lead to a denial of service by making the daemon crash with a segmentation fault.

tags | advisory, denial of service
systems | linux, debian
advisories | CVE-2012-0698
SHA-256 | 800af7d0630c558f72202a51ab53232166e3ed09332a713e3e5689149fd3c4f5
Page 5 of 27
Back34567Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close