exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 100 RSS Feed

Files

BUILD.gz
Posted Dec 21, 1999

BUILD.gz

tags | encryption
SHA-256 | 463f39e3f18a5e15dd901b2bc6640df57a3280bd5b65405c720f1b155b8fb345

Related Files

Haveged 1.5
Posted Aug 14, 2012
Site issihosts.com

haveged is a daemon that feeds the /dev/random pool on Linux using an adaptation of the HArdware Volatile Entropy Gathering and Expansion algorithm invented at IRISA. The algorithm is self-tuning on machines with cpuid support, and has been tested in both 32-bit and 64-bit environments. The tarball uses the GNU build mechanism, and includes self test targets and a spec file for those who want to build an RPM.

Changes: A run time test option has been added to haveged that enables the execution of one or both of the principle AIS-31 test suites at haveged initialization and/or continuously during subsequent output. Several other changes have also been made to make haveged work better with both the systemd and sysv init systems.
tags | tool
systems | linux, unix
SHA-256 | 6950672e88376f5de7976d0ac9e479c6a3ecdb8d2d214887347eb24f367d5d8e
Debian Security Advisory 2523-1
Posted Aug 6, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2523-1 - It was discovered that the GridFTP component from the Globus Toolkit, a toolkit used for building Grid systems and applications performed insufficient validation of a name lookup, which could lead to privilege escalation.

tags | advisory
systems | linux, debian
advisories | CVE-2012-3292
SHA-256 | b6337585790cbaa70a41e8a15f2ad98e6536faf0969ee375b41118d80a7b921e
Debian Security Advisory 2519-2
Posted Aug 4, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2519-2 - It was discovered that the recent update for isc-dhcp, did not contain the patched code included in the source package. Due to quirk in the build system those patches were deapplied during the build process.

tags | advisory
systems | linux, debian
advisories | CVE-2011-4539, CVE-2012-3571, CVE-2012-3954
SHA-256 | 56cde2d842365388e86b4e3822e43e10f8a15d275662e2a0613a84e1fe731f1c
Tormux Ruby TOR Controller 0.1
Posted Jul 21, 2012
Authored by dirtyfilthy | Site github.com

tormux.rb is a single file, zero dependency ruby tor controller for reverse multiplexing outgoing connections between tor exit nodes. By default tor only builds a single circuit, and all your traffic will travel out of a single exit node until the circuit is destroyed and a new circuit is created. but tormux.rb will build and maintain one circuit for each of the number of exit nodes you specify, and round robin your outgoing tor connections between them automatically.

tags | tool, ruby
systems | unix
SHA-256 | 527f59cc6a812254ef01ef67daeaf6d9554561605fa74a844bc39f29447d4419
Red Hat Security Advisory 2012-1057-01
Posted Jul 6, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1057-01 - RESTEasy provides various frameworks to help you build RESTful web services and RESTful Java applications. It was found that RESTEasy was vulnerable to XML External Entity attacks. If a remote attacker submitted a request containing an external XML entity to a RESTEasy endpoint, the entity would be resolved, allowing the attacker to read files accessible to the user running the application server. This flaw affected DOM Document and JAXB input.

tags | advisory, java, remote, web, xxe
systems | linux, redhat
advisories | CVE-2012-0818
SHA-256 | 5cfe82490f9e0d9ea42e665a6f4f6f6991026f15dc3ddf2d39550a062b1c56c5
Red Hat Security Advisory 2012-1059-01
Posted Jul 6, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1059-01 - RESTEasy provides various frameworks to help you build RESTful web services and RESTful Java applications. It was found that RESTEasy was vulnerable to XML External Entity attacks. If a remote attacker submitted a request containing an external XML entity to a RESTEasy endpoint, the entity would be resolved, allowing the attacker to read files accessible to the user running the application server. This flaw affected DOM Document and JAXB input.

tags | advisory, java, remote, web, xxe
systems | linux, redhat
advisories | CVE-2012-0818
SHA-256 | e3a2bf9a1dc1efec91da14d3163b81d65b43040761d051feb37bae44cdf25454
Red Hat Security Advisory 2012-1056-01
Posted Jul 6, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1056-01 - RESTEasy provides various frameworks to help you build RESTful web services and RESTful Java applications. It was found that RESTEasy was vulnerable to XML External Entity attacks. If a remote attacker submitted a request containing an external XML entity to a RESTEasy endpoint, the entity would be resolved, allowing the attacker to read files accessible to the user running the application server. This flaw affected DOM Document and JAXB input.

tags | advisory, java, remote, web, xxe
systems | linux, redhat
advisories | CVE-2012-0818
SHA-256 | 6557059760455431acac8d483403f3918f56868f81fd392dee90b7d5ddc1473c
Red Hat Security Advisory 2012-1058-01
Posted Jul 6, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1058-01 - RESTEasy provides various frameworks to help you build RESTful web services and RESTful Java applications. It was found that RESTEasy was vulnerable to XML External Entity attacks. If a remote attacker submitted a request containing an external XML entity to a RESTEasy endpoint, the entity would be resolved, allowing the attacker to read files accessible to the user running the application server. This flaw affected DOM Document and JAXB input.

tags | advisory, java, remote, web, xxe
systems | linux, redhat
advisories | CVE-2012-0818
SHA-256 | 05f9c0682e27949bf1f2becff450f31daba1cdb97b54e04910f8671124a8f236
SpecView 2.5 Build 853 Directory Traversal
Posted Jun 29, 2012
Authored by Luigi Auriemma | Site aluigi.org

SpecView versions 2.5 build 853 and below suffer from a remote directory traversal vulnerability.

tags | exploit, remote
SHA-256 | 37c481c86f91ff979c1f2a14452d4bc1fc45aaf6d60f55ae0b180aa752d19d99
LimeSurvey 1.92+ Build120620 Remote File Inclusion / Traversal
Posted Jun 23, 2012
Authored by dun

LimeSurvey version 1.92+ Build 120620 suffers from remote file inclusion and traversal vulnerabilities.

tags | exploit, remote, vulnerability, code execution, file inclusion
SHA-256 | 43b9b487eafdbab47658da07aab4f8a2286ff8e53d69af4f8c40cae632fc2132
QNAP Command Injection
Posted Jun 17, 2012
Authored by Phil Taylor, Nadeem Salim | Site senseofsecurity.com.au

QNAP Turbo NAS with firmware versions 3.6.1 Build 0302T and below suffer from a command injection vulnerability that allows for remote code execution.

tags | exploit, remote, code execution
SHA-256 | bcec74851c024f2e1466935f495fd1687810e39d50b44f12aa001bc14964e143
F5 BIG-IP Remote Root Authentication Bypass
Posted Jun 12, 2012
Authored by Florent Daigniere | Site trustmatta.com

F5 BIG-IP suffers from a remote root authentication bypass vulnerability. Version 11.1.0 build 1943.0 is affected.

tags | exploit, remote, root, bypass
advisories | CVE-2012-1493
SHA-256 | c47245f9200c1bf4bbb5365534f451ad55a2d52e535a8693e694ffc822fc7c9f
Ubuntu Security Notice USN-1467-1
Posted Jun 12, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1467-1 - It was discovered that certain builds of MySQL incorrectly handled password authentication on certain platforms. A remote attacker could use this issue to authenticate with an arbitrary password and establish a connection. MySQL has been updated to 5.5.24 in Ubuntu 12.04 LTS. Ubuntu 10.04 LTS, Ubuntu 11.04 and Ubuntu 11.10 have been updated to MySQL 5.1.63. A patch to fix the issue was backported to the version of MySQL in Ubuntu 8.04 LTS. Various other issues were also addressed.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2012-2122
SHA-256 | 52928dd0c621971574807252ccbdfb1af768836701965a6ed9bfbf0a6c13a411
Network Instruments Observer SNMP Processing Buffer Overflows
Posted Jun 8, 2012
Authored by Dmitriy Pletnev | Site secunia.com

Secunia Research has discovered two vulnerabilities in Network Instruments Observer, which can be exploited by malicious people to compromise a vulnerable system. A boundary error in the "CSnmp::DecodePacket()" method (NISNMP.DLL) when processing the community string can be exploited to cause a heap-based buffer overflow via a specially crafted SNMP datagram. An error in the "CSnmp::DecodePacket()" method (NISNMP.DLL) when processing an Object Identifier (OID) can be exploited to cause a heap-based buffer overflow via a specially crafted Trap PDU (0xA4) SNMP datagram sent to UDP port 162. Successful exploitation of the vulnerabilities allows execution of arbitrary code, but may require the attacker to enumerate or guess the SNMP port. Observer version 15.1 Build 0007.0000 is affected.

tags | advisory, overflow, arbitrary, udp, vulnerability
SHA-256 | 47406405f7fbbaf3904168e2444043931477814738fb138699f2f1cd927dab1d
Network Instruments Observer SNMP OID Processing Denial Of Service
Posted Jun 8, 2012
Authored by Dmitriy Pletnev | Site secunia.com

Secunia Research has discovered a vulnerability in Network Instruments Observer, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an error in the "CSnmp::ASN1_ReadObjIDValue()" method (NISNMP.DLL) when processing an Object Identifier (OID) within a variable binding list. This can be exploited to cause a limited stack-based buffer overflow and cause a crash only via e.g. a specially crafted SetRequest SNMP datagram. Observer version 15.1 Build 0007.0000 is affected.

tags | advisory, denial of service, overflow
advisories | CVE-2012-0274
SHA-256 | 4b19996f632b90588e6f9fdda2fe95919af4b0bd7fa7dcf8b09165f3ad0b36c0
GNUnet P2P Framework 0.9.3
Posted Jun 5, 2012
Authored by Christian Grothoff | Site ovmj.org

GNUnet is a peer-to-peer framework with focus on providing security. All peer-to-peer messages in the network are confidential and authenticated. The framework provides a transport abstraction layer and can currently encapsulate the network traffic in UDP (IPv4 and IPv6), TCP (IPv4 and IPv6), HTTP, or SMTP messages. GNUnet supports accounting to provide contributing nodes with better service. The primary service build on top of the framework is anonymous file sharing.

Changes: This release adds a few features and fixes a number of bugs. It is protocol-compatible with GNUnet 0.9.2. There were various minor changes to the C APIs and the peer-internal protocols. This is the first release that has a compatible Java API. gnunet-java 0.9.3 can be used to access many of GNUnet's services from Java. This release also contains the beginnings of a new GNUnet-based Naming System (GNS), implementing a fully decentralized, backwards-compatible replacement for DNS (many important features and documentation are still missing, but the foundations are there).
tags | tool, web, udp, tcp, peer2peer
systems | unix
SHA-256 | 0f7aa283f53e083e4e38b0c05e41083ee07953e3f7c831ffaab56f4f1a99d6d4
Webex Eshop Builder SQL Injection
Posted Jun 4, 2012
Authored by Mr.XpR

Webex Eshop Builder suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 53807b7190bca361ba569db5d63095ff3c4050f49921ae4d601370de5b411cd3
Secunia Security Advisory 49201
Posted May 23, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in the Profile Builder plugin for WordPress, where some have unknown impacts and another can be exploited by malicious people to bypass certain security restrictions.

tags | advisory, vulnerability
SHA-256 | 93d9b9e7f04728d9d1f2ea4c4562061f7cc55dae673d408c5032d7e71d6f791f
Foxit Reader 3.0 Open Execute Action Stack Based Buffer Overflow
Posted May 22, 2012
Authored by bannedit, Francisco Falcon | Site metasploit.com

This Metasploit module exploits a buffer overflow in Foxit Reader 3.0 builds 1301 and earlier. Due to the way Foxit Reader handles the input from an "Launch" action, it is possible to cause a stack-based buffer overflow, allowing an attacker to gain arbitrary code execution under the context of the user.

tags | exploit, overflow, arbitrary, code execution
advisories | OSVDB-55614
SHA-256 | 009165bbb7f39c130705ca1779b5bf21f2c3fd6f324d13329ecce60c590e0dcc
Multimedia Builder 4.9.8 Denial Of Service
Posted May 15, 2012
Authored by Ahmed Elhady Mohamed

Multimedia Builder version 4.9.8 denial of service exploit that creates a malicious .mef file.

tags | exploit, denial of service
SHA-256 | 63a67975d994e1f50ae5d8977e3410cb4b3b122a865bbea9840fb034cf5d4fb0
Debian Security Advisory 2467-1
Posted May 10, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2467-1 - It was discovered that Mahara, the portfolio, weblog, and resume builder, had an insecure default with regards to SAML-based authentication used with more than one SAML identity provider. Someone with control over one IdP could impersonate users from other IdP's.

tags | advisory
systems | linux, debian
SHA-256 | 5dee642e0bd8295239c7653b2351ced32900bd0db2c2ba222a7b00678aca31fd
SAP Netweaver 7.0 EHP1/EHP2 Buffer Overflows
Posted May 8, 2012
Authored by Core Security Technologies, Martin Gallo | Site coresecurity.com

Core Security Technologies Advisory - SAP Netweaver is a technology platform for building and integrating SAP business applications. Multiple vulnerabilities have been found in SAP Netweaver that could allow an unauthenticated, remote attacker to execute arbitrary code and lead to denial of service conditions. The vulnerabilities are triggered sending specially crafted SAP Diag packets to remote TCP port 32NN (being NN the SAP system number) of a host running the "Dispatcher" service, part of SAP Netweaver Application Server ABAP. By sending different messages, the different vulnerabilities can be triggered.

tags | exploit, remote, denial of service, arbitrary, tcp, vulnerability
advisories | CVE-2011-1516, CVE-2011-1517, CVE-2012-2511, CVE-2012-2512, CVE-2012-2513, CVE-2012-2514
SHA-256 | 84108ccf75a417b942e0291cf7c3798ea4c264ddce271305c260f4c3931d47e5
Mobipocket Reader 6.2 Build 608 Buffer Overflow
Posted Apr 23, 2012
Authored by shinnai | Site shinnai.altervista.org

Mobipocket Reader version 6.2 build 608 suffers from a buffer overflow vulnerability. Proof of concept included.

tags | exploit, overflow, proof of concept
SHA-256 | 956ac848bb2710f1365550adfff0b8787d1dfb621595612c0d1b192087b80cb7
PSFTP 1.8 Build 921 Denial Of Service
Posted Apr 23, 2012
Authored by Vulnerability Laboratory | Site vulnerability-lab.com

PSFTP version 1.8 build 921 suffers from a NULL pointer denial of service vulnerability.

tags | advisory, denial of service
SHA-256 | 6cedf29fc659f2cd0c64391437f038105fadb2a16b9f4d6f8e7ae6eccd68b0da
Oracle GlassFish Server 3.1.1 Build 12 Cross Site Scripting
Posted Apr 21, 2012
Authored by Roberto Suggi Liverani | Site security-assessment.com

Security-Assessment.com has discovered that components of the Oracle GlassFish Server administrative web interface are vulnerable to both reflected and stored cross site scripting attacks. All pages where cross site scripting vulnerabilities were discovered require authentication. Oracle GlassFish Server version 3.1.1 build 12 is affected.

tags | exploit, web, vulnerability, xss
advisories | CVE-2012-0551
SHA-256 | 483308f8a564fa501d764b451f997bd57808a2fe9a67f2ce80beea114ee97f8c
Page 1 of 4
Back1234Next

File Archive:

July 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    52 Files
  • 2
    Jul 2nd
    0 Files
  • 3
    Jul 3rd
    0 Files
  • 4
    Jul 4th
    11 Files
  • 5
    Jul 5th
    8 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    0 Files
  • 9
    Jul 9th
    0 Files
  • 10
    Jul 10th
    0 Files
  • 11
    Jul 11th
    0 Files
  • 12
    Jul 12th
    0 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    0 Files
  • 16
    Jul 16th
    0 Files
  • 17
    Jul 17th
    0 Files
  • 18
    Jul 18th
    0 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close