exploit the possibilities
Showing 76 - 100 of 100 RSS Feed

Files

Sphider Search Engine 1.3.6 Remote Code Execution
Posted Oct 27, 2020
Authored by Gurkirat Singh

Sphider Search Engine version 1.3.6 remote code execution exploit.

tags | exploit, remote, code execution
advisories | CVE-2014-5194
SHA-256 | 12d453d48a78bb7d7a0b6ff07688be488721af5843b001df66e28674efaec9ab

Related Files

Secunia Security Advisory 47102
Posted Dec 16, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - RedTeam Pentesting has discovered a vulnerability in Owl Intranet Engine, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory
SHA-256 | 3c45e5754b49a24f45fb2d3105beb725b16d3f752791fbced18b6320d042819f
Owl Intranet Engine 1.01 Information Disclosure / Unsalted Hashes
Posted Dec 16, 2011
Site redteam-pentesting.de

Owl Intranet Engine version 1.01 suffers from information disclosure and unsalted password hash vulnerabilities.

tags | advisory, vulnerability, info disclosure
SHA-256 | dcbbcd637364faab53f4367d19609cb5239a3d48ccaf0d7b4e8d9af17d44465e
Owl Intranet Engine 1.00 Authentication Bypass
Posted Dec 15, 2011
Site redteam-pentesting.de

Owl Intranet Engine version 1.00 suffers from multiple authentication bypass vulnerabilities.

tags | exploit, vulnerability
SHA-256 | 5304b380a361124cff3e565a933670de23c3fbfcbacba16332fe80f88e1c2995
Babylon Cross Site Scripting
Posted Dec 11, 2011
Authored by Abhinav Singh

The search engine at search.babylon.com suffers from a reflective cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | a058da3322355dea54968eb6a909522538f6f19ddac9df9320726a42c32c2df3
Apache Range Header Denial Of Service
Posted Dec 9, 2011
Authored by Ramon de C Valle

This is a reverse engineered version of the exploit by ev1lut10n that triggers a denial of service condition using a vulnerability in the Range header of Apache versions 1.3.x, 2.0.64 and below and 2.2.19 and below.

tags | exploit, denial of service
advisories | CVE-2011-3192
SHA-256 | 8924bead3b42a1c38477cea3b48584db4ab1b22693ae7553273e5f0bc044c0ff
Suricata IDPE 1.1.1
Posted Dec 8, 2011
Site openinfosecfoundation.org

Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and Barnyard2 tools.

Changes: This release fixes a crash in the SMTP parser and a problem with AF_PACKET compilation.
tags | tool, intrusion detection
systems | unix
SHA-256 | 6ff337ca71ca015d50e73a2bb90e02d894b617935482802102648d51b3876fac
oclHashcat+ Advanced GPU Hash Cracking Utility 0.06
Posted Nov 30, 2011
Authored by dropdead | Site hashcat.net

oclHashcat+ Advanced GPU hash cracking utility that includes the World's fastest md5crypt and phpass crackers and has the first GPGPU-based rule engine. Focuses on highly iterated modern hashes, single dictionary-based attacks, and more. Linux and Windows binaries are included.

Changes: Various speed changes, kernel additions, and other improvement.
tags | cracker
systems | linux, windows
SHA-256 | 16202639d6c25483fc007261064759176b375ea82302ddc9fe653bef7541bc6e
Java Applet Rhino Script Engine Remote Code Execution
Posted Nov 30, 2011
Authored by sinn3r, Michael Schierl, juan vazquez, Edward D. Teach | Site metasploit.com

This Metasploit module exploits a vulnerability in the Rhino Script Engine that can be used by a Java Applet to run arbitrary Java code outside of the sandbox. The vulnerability affects version 7 and version 6 update 27 and earlier, and should work on any browser that supports Java (for example: IE, Firefox, Google Chrome, etc).

tags | exploit, java, arbitrary
advisories | CVE-2011-3544, OSVDB-76500
SHA-256 | d91e779ec520d6b5000796fbb5510410cdd34ecb929017aa6bdbbf0c838eed04
Secunia Security Advisory 46981
Posted Nov 30, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in ExpressionEngine, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss
SHA-256 | 056ede08de3dc44886959e15aeceabba7608b018483061de3952f26855693840
ExpressionEngine 2.2.2 / CodeIgniter 2.0.3 Cross Site Scripting
Posted Nov 30, 2011
Authored by Dr. Marian Ventuneac

ExpressionEngine version 2.2.2 and CodeIgniter version 2.0.3 suffer from filter bypass and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2011-4025
SHA-256 | fdab17029ae48b80689e4ddd515edc23100d07a8f55741743dc18b289e5b7a22
Ubuntu Security Notice USN-1282-1
Posted Nov 28, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1282-1 - Yosuke Hasegawa discovered that the Mozilla browser engine mishandled invalid sequences in the Shift-JIS encoding. It may be possible to trigger this crash without the use of debugging APIs, which might allow malicious websites to exploit this vulnerability. An attacker could possibly use this flaw this to steal data or inject malicious scripts into web content. Marc Schoenefeld discovered that using Firebug to profile a JavaScript file with many functions would cause Firefox to crash. An attacker might be able to exploit this without using the debugging APIs, which could potentially remotely crash Thunderbird, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, web, denial of service, javascript
systems | linux, ubuntu
advisories | CVE-2011-3648, CVE-2011-3650, CVE-2011-3651, CVE-2011-3652, CVE-2011-3654, CVE-2011-3655
SHA-256 | 173dd2dc6e40dec5c7c9c41431ee90ad71887b768a7cbbe149bad7a87ed33359
HP Security Bulletin HPSBUX02725 SSRT100627
Posted Nov 24, 2011
Authored by HP | Site hp.com

HP Security Bulletin HPSBUX02725 SSRT100627 - Potential security vulnerabilities have been identified with HP-UX Apache Running Tomcat Servlet Engine. These vulnerabilities could be exploited remotely to disclose information, allow authentication bypass, allow cross-site scripting (XSS), gain unauthorized access, or create a Denial of Service (DoS). The Tomcat-based Servlet Engine is contained in the HP-UX Apache Web Server Suite. Revision 1 of this advisory.

tags | advisory, web, denial of service, vulnerability, xss
systems | hpux
advisories | CVE-2010-3718, CVE-2010-4476, CVE-2011-0013, CVE-2011-2204, CVE-2011-2526, CVE-2011-2729, CVE-2011-3190
SHA-256 | da0edbfa949de2b7034ad0a1fe927c5c9205a87431abdda03737962e90086071
Ubuntu Security Notice USN-1277-2
Posted Nov 24, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1277-2 - USN-1277-1 fixed vulnerabilities in Firefox. This update provides updated Mozvoikko and ubufox packages for use with Firefox 8. Yosuke Hasegawa discovered that the Mozilla browser engine mishandled invalid sequences in the Shift-JIS encoding. It may be possible to trigger this crash without the use of debugging APIs, which might allow malicious websites to exploit this vulnerability. An attacker could possibly use this flaw this to steal data or inject malicious scripts into web content. Marc Schoenefeld discovered that using Firebug to profile a JavaScript file with many functions would cause Firefox to crash. An attacker might be able to exploit this without using the debugging APIs, which could potentially remotely crash the browser, resulting in a denial of service. Various other issues were addressed as well.

tags | advisory, web, denial of service, javascript, vulnerability
systems | linux, ubuntu
advisories | CVE-2011-3648, CVE-2011-3650, CVE-2011-3651, CVE-2011-3652, CVE-2011-3654, CVE-2011-3655
SHA-256 | 28bd532ded831a89497654f782221fbde98b55af2975d73060350ebece644e3d
Ubuntu Security Notice USN-1277-1
Posted Nov 24, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1277-1 - Yosuke Hasegawa discovered that the Mozilla browser engine mishandled invalid sequences in the Shift-JIS encoding. It may be possible to trigger this crash without the use of debugging APIs, which might allow malicious websites to exploit this vulnerability. An attacker could possibly use this flaw this to steal data or inject malicious scripts into web content. Marc Schoenefeld discovered that using Firebug to profile a JavaScript file with many functions would cause Firefox to crash. An attacker might be able to exploit this without using the debugging APIs, which could potentially remotely crash the browser, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, web, denial of service, javascript
systems | linux, ubuntu
advisories | CVE-2011-3648, CVE-2011-3650, CVE-2011-3651, CVE-2011-3652, CVE-2011-3654, CVE-2011-3655
SHA-256 | 50cacdc3fc2d46a4452a7d176ace181644b756e1e80e2655e104e50a14231030
Secunia Security Advisory 46960
Posted Nov 23, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - HP has issued an update for Tomcat Servlet Engine in HP-UX. This fixes some weaknesses, a security issue, and multiple vulnerabilities, which can be exploited by malicious, local users to disclose sensitive information, bypass certain security restrictions, and cause a DoS (Denial of Service) and by malicious people to conduct cross-site scripting attacks, disclose potentially sensitive information, bypass certain security restrictions, and cause a DoS (Denial of Service).

tags | advisory, denial of service, local, vulnerability, xss
systems | hpux
SHA-256 | 5aeee214506904de7f2c6d70290bfbc61c04b765694d6d409d8cd55614f1a659
Social Engineering - The Human Factor
Posted Nov 20, 2011
Authored by Dinesh Shetty

Whitepaper called Social Engineering - The Human Factor. It documents suggested phases of the social engineering lifecycle and associated techniques for implementation.

tags | paper
SHA-256 | 461544be2738e4d8abf609851dadb8d3da3588cb53e8c180e81e7d7b8e0989c9
Debian Security Advisory 2349-1
Posted Nov 19, 2011
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2349-1 - Two vulnerabilities have been found in SPIP, a website engine for publishing, which allow privilege escalation to site administrator privileges and cross-site scripting.

tags | advisory, vulnerability, xss
systems | linux, debian
SHA-256 | 94d6f4aa841540b8240d6e3d20c3d96182ca3150a5ba105420ff901ae584d535
Zoho ManageEngine ADSelfService Plus 4.5 Cross Site Scripting
Posted Nov 17, 2011
Authored by James Webb | Site jameswebb.me

Zoho ManageEngine ADSelfService Plus version 4.5 build 4521 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 11759ad39a70c1b72eb5634f99b277ad6cdfc9e7d8b29555043fd98c549dc901
SAP NetWeaver MI 2 Information Disclosure
Posted Nov 17, 2011
Authored by Sh2kerr

SAP NetWeaver Mobile Engine suffers from an information disclosure vulnerability that discloses version and username information.

tags | advisory, info disclosure
SHA-256 | f887bedbaf6328e9e0090370a2ef1d312367550062ad97dcd452fb137b15cb06
Red Hat Security Advisory 2011-1455-01
Posted Nov 17, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-1455-01 - FreeType is a free, high-quality, portable font engine that can open and manage font files. It also loads, hints, and renders individual glyphs efficiently. The freetype packages for Red Hat Enterprise Linux 4 provide both the FreeType 1 and FreeType 2 font engines. The freetype packages for Red Hat Enterprise Linux 5 and 6 provide only the FreeType 2 font engine. Multiple input validation flaws were found in the way FreeType processed CID-keyed fonts. If a specially-crafted font file was loaded by an application linked against FreeType, it could cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application.

tags | advisory, arbitrary
systems | linux, redhat
advisories | CVE-2011-3439
SHA-256 | ec69fb3485e06068573e9dd1e5c2f4b0504da22c512e8de60d5baab2ea5e857c
Secunia Security Advisory 46061
Posted Nov 13, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue has been reported in Cisco Identity Services Engine, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory
systems | cisco
SHA-256 | fc3600706f51e1546a762079fcd2efa095d15a261086c5e9113610bb2093559c
Suricata IDPE 1.1
Posted Nov 12, 2011
Site openinfosecfoundation.org

Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and Barnyard2 tools.

Changes: Performance, accuracy, and stability were improved. Many HTTP rule keywords added. Several SSL keywords have been added. Event suppression support was added. SCTP decoding support was added. IPS mode was improved. An SMTP parser was added. Protocol detection was improved. Extended HTTP output was added. AF_PACKET support was added. PF_RING support was improved. Pcap logging was added. The stream engine was improved.
tags | tool, intrusion detection
systems | unix
SHA-256 | dc76a25ff5ca9df613a9ea69f52ad506f05aa62852c242b3450ce8b02e405a39
Ubuntu Security Notice USN-1251-1
Posted Nov 11, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1251-1 - It was discovered that CVE-2011-3004, which addressed possible privilege escalation in addons, also affected Firefox 3.6. An attacker could potentially exploit Firefox when an add-on was installed that used loadSubscript in vulnerable ways. Yosuke Hasegawa discovered that the Mozilla browser engine mishandled invalid sequences in the Shift-JIS encoding. A malicious website could possibly use this flaw this to steal data or inject malicious scripts into web content. Various other issues were also addressed.

tags | advisory, web
systems | linux, ubuntu
advisories | CVE-2011-3647, CVE-2011-3648, CVE-2011-3650, CVE-2011-3004
SHA-256 | 904393052c763c857c28523ce148e5d5f06843e53f3ab205080487b696333173
Ubuntu Security Notice USN-1258-1
Posted Nov 11, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1258-1 - Stephane Chazelas discovered the bytecode engine of ClamAV improperly handled recursion under certain circumstances. This could allow a remote attacker to craft a file that could cause ClamAV to crash, resulting in a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2011-3627
SHA-256 | 295b9f868a67ff1e5dcd4c2bd750e3710e012c5ef89f4caa1fd1db56d38f5170
Wormtrack Network IDS 0.1
Posted Nov 10, 2011
Authored by Aleksandr Brodskiy | Site code.google.com

Wormtrack is a network IDS that helps detect scanning worms on a local area network by monitoring anomalous ARP traffic. This allows detection of scanning threats on the network, without having privileged access on a switch to set up a dedicated monitor port, nor does it require a constant updating of the rules engine to address new threats.

tags | tool, worm, local, intrusion detection
systems | unix
SHA-256 | d14c1f13e9ebf372fff1196929b62f243ebe2d1b93e88472662a96e12abd305b
Page 4 of 4
Back1234Next

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    26 Files
  • 18
    May 18th
    4 Files
  • 19
    May 19th
    17 Files
  • 20
    May 20th
    2 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    6 Files
  • 24
    May 24th
    19 Files
  • 25
    May 25th
    5 Files
  • 26
    May 26th
    12 Files
  • 27
    May 27th
    12 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close