exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 100 RSS Feed

Files

Free Monthly Websites 2.0 Admin Bypass / Shell Upload
Posted Feb 5, 2013
Authored by X-Cisadane

Free Monthly Websites version 2.0 suffers from administrative login bypass and remote shell upload vulnerabilities.

tags | exploit, remote, shell, vulnerability, bypass
SHA-256 | 7dff8f85bd24d0a360959644e73a994d3f3c19b656937df8fc49f27ae18c7a7f

Related Files

TOR Virtual Network Tunneling Tool 0.2.2.37
Posted Jun 14, 2012
Authored by Roger Dingledine | Site tor.eff.org

Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).

Changes: This release introduces a workaround for a critical renegotiation bug in OpenSSL 1.0.1 (20% of the Tor network can't talk to itself currently).
tags | tool, remote, local, peer2peer
systems | unix
SHA-256 | ae2c1fb52babd9e92264ac7c4486d3e941be6deb91b8a590965848fbbcbd9e88
Marco Valentino SQL Injection
Posted Jun 14, 2012
Authored by Taurus Omar

Websites designed by Marco Valentino appears susceptible to remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
SHA-256 | cfe8383e708270f8806f14e704993616f1e3ad197fc401073cc7f2bcb946f30c
TOR Virtual Network Tunneling Tool 0.2.2.36
Posted Jun 7, 2012
Authored by Roger Dingledine | Site tor.eff.org

Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).

Changes: This release updates the addresses for two of the eight directory authorities, fixes some potential anonymity and security issues, and fixes several crash bugs. Tor 0.2.1.x has reached its end-of-life. Those Tor versions have many known flaws, and nobody should be using them. You should upgrade. If you're using a Linux or BSD distribution and its packages are obsolete, stop using those packages and upgrade anyway.
tags | tool, remote, local, peer2peer
systems | unix
advisories | CVE-2011-4576
SHA-256 | 0e57e6e7dbc98aaa1b458ba745dac9fb19ed3ef59e4251d98de02068723148db
Oracle Service Applications SQL Injection
Posted Apr 12, 2012
Authored by Mohd. Shadab Siddiqui, Vulnerability Laboratory | Site vulnerability-lab.com

Various Oracle websites appear to suffer from blind SQL injection vulnerabilities. A cross site scripting issue also exists.

tags | exploit, vulnerability, xss, sql injection
SHA-256 | c84df9781055fd52a22321f022e6e8331e5acbf26ea03af8ba9a8d181cd80877
Technical Cyber Security Alert 2012-24A
Posted Jan 25, 2012
Authored by US-CERT | Site us-cert.gov

Technical Cyber Security Alert 2012-24A - US-CERT has received information from multiple sources about coordinated distributed denial-of-service (DDoS) attacks with targets that included U.S. government agency and entertainment industry websites. The loosely affiliated collective "Anonymous" allegedly promoted the attacks in response to the shutdown of the file hosting site MegaUpload and in protest of proposed U.S. legislation concerning online trafficking in copyrighted intellectual property and counterfeit goods (Stop Online Piracy Act, or SOPA, and Preventing Real Online Threats to Economic Creativity and Theft of Intellectual Property Act, or PIPA).

tags | advisory
SHA-256 | 925a21594f876a867e4c6e9471fa1023ca73286d7899e7a048b74bdefeb10aaa
Ubuntu Security Notice USN-1254-1
Posted Dec 22, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1254-1 - It was discovered that CVE-2011-3004, which addressed possible privilege escalation in addons, also affected Thunderbird 3.1. An attacker could potentially exploit a user who had installed an add-on that used loadSubscript in vulnerable ways. Yosuke Hasegawa discovered that the Mozilla browser engine mishandled invalid sequences in the Shift-JIS encoding. It may be possible to trigger this crash without the use of debugging APIs, which might allow malicious websites to exploit this vulnerability. An attacker could possibly use this flaw this to steal data or inject malicious scripts into web content. Various other issues were also addressed.

tags | advisory, web
systems | linux, ubuntu
advisories | CVE-2011-3647, CVE-2011-3648, CVE-2011-3650
SHA-256 | 7380de76d3f7ae9d28ad3d7ebd18e2d1d0c2c421ee05e83463651e5d8cf20229
TOR Virtual Network Tunneling Tool 0.2.2.35
Posted Dec 18, 2011
Authored by Roger Dingledine | Site tor.eff.org

Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).

Changes: This release fixes a critical heap overflow security issue in Tor's buffers code. Absolutely everybody should upgrade. The bug relied on an incorrect calculation when making data continuous in one of the IO buffers, if the first chunk of the buffer was misaligned by just the wrong amount. The miscalculation would allow an attacker to overflow a piece of heap-allocated memory. Various other fixes and enhancements are included in this release.
tags | tool, remote, local, peer2peer
systems | unix
advisories | CVE-2011-2778
SHA-256 | f141a41fffd31494a0f96ebbb6b999eab33ce62d5c31f81222a0acd034adbf3a
Ubuntu Security Notice USN-1282-1
Posted Nov 28, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1282-1 - Yosuke Hasegawa discovered that the Mozilla browser engine mishandled invalid sequences in the Shift-JIS encoding. It may be possible to trigger this crash without the use of debugging APIs, which might allow malicious websites to exploit this vulnerability. An attacker could possibly use this flaw this to steal data or inject malicious scripts into web content. Marc Schoenefeld discovered that using Firebug to profile a JavaScript file with many functions would cause Firefox to crash. An attacker might be able to exploit this without using the debugging APIs, which could potentially remotely crash Thunderbird, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, web, denial of service, javascript
systems | linux, ubuntu
advisories | CVE-2011-3648, CVE-2011-3650, CVE-2011-3651, CVE-2011-3652, CVE-2011-3654, CVE-2011-3655
SHA-256 | 173dd2dc6e40dec5c7c9c41431ee90ad71887b768a7cbbe149bad7a87ed33359
Ubuntu Security Notice USN-1277-2
Posted Nov 24, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1277-2 - USN-1277-1 fixed vulnerabilities in Firefox. This update provides updated Mozvoikko and ubufox packages for use with Firefox 8. Yosuke Hasegawa discovered that the Mozilla browser engine mishandled invalid sequences in the Shift-JIS encoding. It may be possible to trigger this crash without the use of debugging APIs, which might allow malicious websites to exploit this vulnerability. An attacker could possibly use this flaw this to steal data or inject malicious scripts into web content. Marc Schoenefeld discovered that using Firebug to profile a JavaScript file with many functions would cause Firefox to crash. An attacker might be able to exploit this without using the debugging APIs, which could potentially remotely crash the browser, resulting in a denial of service. Various other issues were addressed as well.

tags | advisory, web, denial of service, javascript, vulnerability
systems | linux, ubuntu
advisories | CVE-2011-3648, CVE-2011-3650, CVE-2011-3651, CVE-2011-3652, CVE-2011-3654, CVE-2011-3655
SHA-256 | 28bd532ded831a89497654f782221fbde98b55af2975d73060350ebece644e3d
Ubuntu Security Notice USN-1277-1
Posted Nov 24, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1277-1 - Yosuke Hasegawa discovered that the Mozilla browser engine mishandled invalid sequences in the Shift-JIS encoding. It may be possible to trigger this crash without the use of debugging APIs, which might allow malicious websites to exploit this vulnerability. An attacker could possibly use this flaw this to steal data or inject malicious scripts into web content. Marc Schoenefeld discovered that using Firebug to profile a JavaScript file with many functions would cause Firefox to crash. An attacker might be able to exploit this without using the debugging APIs, which could potentially remotely crash the browser, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, web, denial of service, javascript
systems | linux, ubuntu
advisories | CVE-2011-3648, CVE-2011-3650, CVE-2011-3651, CVE-2011-3652, CVE-2011-3654, CVE-2011-3655
SHA-256 | 50cacdc3fc2d46a4452a7d176ace181644b756e1e80e2655e104e50a14231030
TOR Virtual Network Tunneling Tool 0.2.2.34
Posted Nov 3, 2011
Authored by Roger Dingledine | Site tor.eff.org

Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).

Changes: This release fixes a critical anonymity vulnerability where an attacker can deanonymize Tor users. Everybody should upgrade. This release also fixes several vulnerabilities that allow an attacker to enumerate bridge relays.
tags | tool, remote, local, peer2peer
systems | unix
advisories | CVE-2011-2768
SHA-256 | a027a535b35e5f9ca7091e4c83a06b4be48f0f95d6906bdd467ccc0659e7e798
Apple Safari Directory Traversal
Posted Oct 15, 2011
Authored by Aaron Sigel

Apple Safari versions 5.0 and later on Mac OS and Windows are vulnerable to a directory traversal issue with the handling of "safari-extension://" URLs. Attackers can create malicious websites that trigger Safari to send files from the victim's system to the attacker. Arbitrary Javascript can be executed in the web context of the Safari extension.

tags | exploit, web, arbitrary, javascript
systems | windows, apple
advisories | CVE-2011-3229
SHA-256 | f206473f38c0933286bdc00fd667750becd015dc4db7e86a307c3b55344dc453
Debian Security Advisory 2320-1
Posted Oct 9, 2011
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2320-1 - The dokuwiki update included in Debian Lenny 5.0.9 to address a cross site scripting issue (CVE-2011-2510) had a regression rendering links to external websites broken. This update corrects that regression.

tags | advisory, xss
systems | linux, debian
advisories | CVE-2011-2510
SHA-256 | 187beb0ab606aea8a1826ae67ceb93072b90a110da9664c271092622bbc11ee0
Debian Security Advisory 2317-1
Posted Oct 5, 2011
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2317-1 - Mariusz Mlynski discovered that websites could open a download dialog - which has "open" as the default action -, while a user presses the ENTER key. Benjamin Smedberg, Bob Clary and Jesse Ruderman discovered crashes in the rendering engine, which could lead to the execution of arbitrary code. Mark Kaplan discovered an integer underflow in the javascript engine, which could lead to the execution of arbitrary code. Boris Zbarsky discovered that incorrect handling of the window.location object could lead to bypasses of the same-origin policy. Ian Graham discovered that multiple Location headers might lead to CRLF injection.

tags | advisory, arbitrary, javascript
systems | linux, debian
advisories | CVE-2011-2372, CVE-2011-2995, CVE-2011-2998, CVE-2011-2999, CVE-2011-3000
SHA-256 | 1a4df24469eb25808167402b1be7d9843f78f3a3727327cd85ba4fb79fbb297a
Frontal Attacks: From Basic Compromise To Advanced Persistent Threat
Posted Oct 2, 2011
Authored by High-Tech Bridge SA | Site htbridge.ch

Nowadays, there is a renewed interest in server-side attacks for hackers. According to SANS, attacks against web applications constitute more than 60% of the total attack attempts observed on the Internet. Victims may be the website owners (e.g. intellectual property theft or loss of customer confidence), their clients (e.g. bank transfer fraud or identity theft) as well as any Internet user, since web application vulnerabilities are now widely exploited to convert trusted websites into malicious ones, thus serving client-side exploits contents to Internet users. This document addresses the major threats which face today's companies, from database exfiltration in DMZ to the Advanced Persistent Threats recently undergone in many international organizations.

tags | paper, web, vulnerability
SHA-256 | 100985142d65548380351ebd6fcc87cfd85c7f2c807b5e0adb0ae7c04271e115
TOR Virtual Network Tunneling Tool 0.2.2.33
Posted Sep 21, 2011
Authored by Roger Dingledine | Site tor.eff.org

Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).

Changes: This release fixes several bugs and includes a slight tweak to Tor's TLS handshake which makes relays and bridges which run this new version reachable from Iran again.
tags | tool, remote, local, peer2peer
systems | unix
SHA-256 | 5af42b1cc07704fcbde8bb44380e5a02ebedc75470a132c70022ecb5f8476bcf
TOR Virtual Network Tunneling Tool 0.2.2.32
Posted Sep 1, 2011
Authored by Roger Dingledine | Site tor.eff.org

Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).

Changes: This is the first stable release in the 0.2.2 branch. This release features improved client performance and hidden service reliability, better compatibility for Android, correct behavior for bridges that listen on more than one address, more extensible and flexible directory object handling, better reporting of network statistics, improved code security, and many other features and bugfixes.
tags | tool, remote, local, peer2peer
systems | unix
SHA-256 | 8744328c10b54950e08ee404a75a0e76865be0615cad6f7ffc8c75af7151ef4d
cgCraft LLC Cross Site Scripting
Posted Jul 31, 2011
Authored by Ehsan_Hp200

Websites by cgCraft LLC suffer from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 1517d86049c58f1c4d9c7db31424922bfa393e675fd31f27e8c2e4366a715374
cgCraft LLC SQL Injection
Posted Jul 30, 2011
Authored by Ehsan_Hp200

Websites by cgCraft LLC suffer from multiple remote SQL injection vulnerabilities in info.php and news_item.php.

tags | exploit, remote, php, vulnerability, sql injection
SHA-256 | 4178b3d22155a363499855382b60348d43fcb513e01b7967a54a438dacc460e4
Websitesforless SQL Injection
Posted Jun 20, 2011
Authored by N[-m0]

Sites design and developed by Websitesforless suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 704b2ff619fb0ca688b25b26b38ee4879707069293e87386769068946eea8a6c
TOR Virtual Network Tunneling Tool 0.2.1.30
Posted Mar 1, 2011
Authored by Roger Dingledine | Site tor.eff.org

Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).

Changes: This release fixes a variety of less critical bugs. The main other change is a slight tweak to Tor's TLS handshake.
tags | tool, remote, local, peer2peer
systems | unix
SHA-256 | f352a1a8ffa469ae251324f89386074074bcffef1a7c6a72caa7e4c2d12ce109
TOR Virtual Network Tunneling Tool 0.2.1.29
Posted Jan 18, 2011
Authored by Roger Dingledine | Site tor.eff.org

Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).

Changes: A remote heap overflow vulnerability that could allow remote code execution was fixed along with other issues.
tags | tool, remote, local, peer2peer
systems | unix
advisories | CVE-2011-0427
SHA-256 | 070d314effd6c08f8b5a8a1ebb4f5c3af644d48a9e38e9cba34fd3f2e981ec64
Owned And Exposed Issue 2
Posted Dec 26, 2010
Authored by one, Happy Ninjas

Owned and Exposed Issue 2 - Known websites such as carders.cc, inj3ct0r, ettercap, exploit-db, backtrack and free-hack have all been compromised.

tags | magazine
SHA-256 | fae095a21a488917f3d6ce91ad7956714b1ad83d940e1a1aa69e11e5bf955354
TOR Virtual Network Tunneling Tool 0.2.1.28
Posted Dec 20, 2010
Authored by Roger Dingledine | Site tor.eff.org

Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).

Changes: This release does some code cleanup to reduce the risk of remotely exploitable bugs. The Common Vulnerabilities and Exposures project has assigned CVE-2010-1676 to this issue.
tags | tool, remote, local, peer2peer
systems | unix
advisories | CVE-2010-1676
SHA-256 | fe9756bee3228bf01334f743b7c74dd1edc83e5489f032737ce24eb6bdb19cbf
TOR Virtual Network Tunneling Tool 0.2.1.27
Posted Nov 29, 2010
Authored by Roger Dingledine | Site tor.eff.org

Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).

Changes: This release makes relays work with OpenSSL 0.9.8p and 1.0.0.b. It fixes several crash bugs, integrates a new directory authority, and updates the bundled GeoIP database.
tags | tool, remote, local, peer2peer
systems | unix
SHA-256 | ec4d5c67231551d5ee3bf6cbccb87fccac3491fbe80f1d3fb778ad6b3d3f661c
Page 1 of 4
Back1234Next

File Archive:

October 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    10 Files
  • 2
    Oct 2nd
    0 Files
  • 3
    Oct 3rd
    0 Files
  • 4
    Oct 4th
    0 Files
  • 5
    Oct 5th
    0 Files
  • 6
    Oct 6th
    0 Files
  • 7
    Oct 7th
    0 Files
  • 8
    Oct 8th
    0 Files
  • 9
    Oct 9th
    0 Files
  • 10
    Oct 10th
    0 Files
  • 11
    Oct 11th
    0 Files
  • 12
    Oct 12th
    0 Files
  • 13
    Oct 13th
    0 Files
  • 14
    Oct 14th
    0 Files
  • 15
    Oct 15th
    0 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close