what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 100 RSS Feed

Files

a-WsMPdvuln.txt
Posted May 23, 2003
Authored by Xpl017Elz | Site inetcop.org

INetCop Security Advisory #2003-0x82-017.a - WsMP3d, a web server that streams MP3s much like shoutcast but is GPL, suffers from a directory traversal vulnerability that not only allows viewing of files outside of the webroot, but allows for remote command execution as well.

tags | exploit, remote, web
SHA-256 | bc72d07b2004ab7e987341e534050ec07ea4699fd37effc980c5656ccf6a0bd6

Related Files

A Review Of Fuzzing Tools And Methods
Posted Apr 8, 2017
Authored by James Fell

This paper reviews fuzzing and its context within the field of information security research. We firstly examine how vulnerabilities come to exist in software and how security researchers find them. After a brief overview of common vulnerability types and methods of static analysis, we look in more depth at the field of fuzzing. Competing approaches to fuzzing are examined, from simple random inputs all the way to using genetic algorithms and taint analysis. The importance of measuring code coverage to evaluate the completeness of a fuzzing campaign is examined. Finally, previous work on fuzz testing of web browsers is reviewed.

tags | paper, web, vulnerability
SHA-256 | 847622b4537e1334fad9504003ab57fb51baf3575e0822fba4b6117eb8be63d2
A-PDF WAV to MP3 1.0.0 Buffer Overflow
Posted Sep 19, 2013
Authored by Dr_IDE, dookie, d4rk-h4ck3r | Site metasploit.com

This Metasploit module exploits a buffer overflow in A-PDF WAV to MP3 version 1.0.0. When the application is used to import a specially crafted m3u file, a buffer overflow occurs allowing arbitrary code execution.

tags | exploit, overflow, arbitrary, code execution
advisories | OSVDB-67241
SHA-256 | c36f8e21b4b97cee5ba878b04ceb9d74b2c3487cf9055592c90c45c97711c507
A Short Guide On ARM Exploitation
Posted Feb 13, 2013
Authored by Aditya Gupta, Gaurav Kumar

This document is a short guide on ARM exploitation and architecture.

tags | paper
SHA-256 | eb11c5954a8a1ffe7fe345267174615ea26305cce19dcecad07807f79430e55d
A-PDF WAV to MP3 v1.0.0 Buffer Overflow
Posted Aug 24, 2010
Authored by Dr_IDE, dookie, d4rk-h4ck3r | Site metasploit.com

This Metasploit module exploits a buffer overflow in A-PDF WAV to MP3 v1.0.0. When the application is used to import a specially crafted m3u file, a buffer overflow occurs allowing arbitrary code execution.

tags | exploit, overflow, arbitrary, code execution
SHA-256 | 98f77271a20e935a5608bf3a7851354616670e5d252200c33c57d725a70cc30e
A Practical Message Falsification Attack On WPA
Posted Aug 26, 2009
Authored by Masakatu Morii, Toshihiro Ohigashi

Whitepaper called A Practical Message Falsification Attack on WPA.

tags | paper
SHA-256 | e4508ac705e974e5997e8f259c77fb0c5a4426a86c4bc54012872d08daa7d98d
A-comparative-study-of-anomaly-detection-schemes-in-network-intrusion-detection.pdf
Posted Nov 1, 2006

A comparative study of anomaly detection schemes in network intrusion detection.

tags | paper
SHA-256 | b9928e0c57d7fdc9212d412d47a979bfa6ae04da6fed4884e9c6313b71e3f0c1
A-Data-Mining-Framework-for-Building-IDS.pdf
Posted Nov 1, 2006

A Data Mining Framework for Building Intrusion Detection Models.

tags | paper
SHA-256 | 60d04b31fcfe448027bbb5860b8344475e331292a2f38a9c58a5f6bf8565794d
A-Framework-For-An-Adaptive-Intrusion-Detection-System.pdf
Posted Nov 1, 2006

A Framework For An Adaptive Intrusion Detection System with Data Mining.

tags | paper
SHA-256 | 8f6eb99f5161f3bdc97f1b2abc1790661385fcd2a732370cb3a64ad0d76ff3b4
A-Framework-for-Classifying-DoS-Attacks.pdf
Posted Nov 1, 2006

A Framework for Classifying Denial of Service Attacks.

tags | paper, denial of service
SHA-256 | 6bb2ae1d0f82b729c5207119d92f40b2d239e203a10af9bec1f54258ede9691e
A-Framework-for-Constructing-Features-and-Models-for-IDS.pdf
Posted Nov 1, 2006

A Framework for Constructing Features and Models for Intrusion Detection Systems.

tags | paper
SHA-256 | f61527cf4af2510db8ad35437d3eb26e96999237907e12a510de0e49b2733a31
A-Geometric-Frameowkr-for-Unsupervised-Anomaly-Detection.pdf
Posted Nov 1, 2006

A Geometric Framework for Unsupervised Anomaly Detection: Detecting Intrusions in Unlabeled Data.

tags | paper
SHA-256 | 0449a5f802f6d128eb3b915c406f89489a0cd361eccb64aa70000c137ec98639
A-Learning-Based-Approach-to-the-Detection-of-SQL-Attacks.pdf
Posted Nov 1, 2006

A Learning Based Approach to the Detection of SQL Attacks.

tags | paper
SHA-256 | fb14d0903dcb142210d09d168d0e7272d143fb9ec59f4aea8414793dabf2f3d3
A-Multi-model-Approach-to-the-Detection-of-Web-based-Attacks.pdf
Posted Nov 1, 2006

A Multimodel Approach to the Detection of Web-based Attacks.

tags | paper, web
SHA-256 | 9117f01a49f372f1077722bd13c30ab099dadef91785ce47ff698440299999b1
A-Real-Time-IDS-based-on-Learning.pdf
Posted Nov 1, 2006

A RealTime Intrusion Detection System based on Learning Program Behavior.

tags | paper
SHA-256 | 0e8a47781283f6cc330dddf6e88f496211be2a23d3b455a2013438fb5378ecbb
A-Blog.txt
Posted Oct 3, 2006
Authored by Drago84

A-Blog suffers from a flaw that allows for remote file inclusion.

tags | exploit, remote, file inclusion
SHA-256 | 1077d5570f91f0cc564ced7475bf18b618b5bb275d07873b4d21b2b2e7fe39b0
A.I-Pifou.txt
Posted Oct 2, 2006
Authored by cdg393

A.I-Pifou suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
SHA-256 | f3f64ff457cc433ba6113ef296b1b67f75dd4d7a83ea037ff5f6b0b064981e72
A_Modular_Approach_to_Data_Validation_v1.0.pdf
Posted Apr 12, 2006
Authored by Stephen de Vries | Site corsaire.com

This paper presents a modular approach to performing thorough data validation in modern web applications so that the benefits of modular component based design; extensibility, portability and re-use can be released. The paper begins with an explanation of the vulnerabilities introduced through poor validation and then goes on to discuss the merits of a number of common data validation methodologies. A modular approach is introduced together with practical examples of how to implement such a scheme in a web application. It also provides information on common attack vectors, principles of validation, a modular solution and implementation of that solution.

tags | paper, web, vulnerability
SHA-256 | d6ea21e85a8e50b5eb5abc46932d07593292a7f8f5443ced84aadf093a2415ae
Trustix Secure Linux Security Advisory 2005.0
Posted Apr 18, 2005
Authored by Xpl017Elz | Site inetcop.net

INetCop Security Advisory #2005-0x82-026 - Multiple buffer overflows and a format string vulnerability live in GLD versions 1.4 and below.

tags | advisory, overflow
SHA-256 | 0955f8c245cdfd1d563ec36ffcd71eee970764667738d4bcc713e86608db5aa0
Atstake Security Advisory 04-09-13.2
Posted Sep 15, 2004
Authored by Atstake, James Vaughan | Site atstake.com

Atstake Security Advisory A091304-2 - A vulnerability in the HTTP management interface of the Pingtel Xpressa phone enables a remote authenticated attack to cause the underlying VxWorks operating system to stop.

tags | advisory, remote, web
SHA-256 | 06fd96368b13cff6c5011a555781244b333d9af19a094cd41d33e938beb1d104
Atstake Security Advisory 04-09-13.1
Posted Sep 15, 2004
Authored by Atstake, Katie Moussouris, Luis Miras | Site atstake.com

Atstake Security Advisory A091304-1 - JumpDrive Secure(tm) Version 1.0 and Lexar Safe Guard(tm) software fail to securely store the device's password. The password is located on the JumpDrive device. It can be read directly from the device without any authentication. It is stored in an XOR encrypted form and can be read directly from the device without any authentication.

tags | advisory
SHA-256 | 19e3c98687b101bb6f65531e4ac0c37464aec24b77de3b222fbb5a7d29c84e77
Atstake Security Advisory 04-07-22.1
Posted Jul 23, 2004
Authored by Atstake, Jeremy Jethro | Site atstake.com

Atstake Security Advisory A072204-1 - A buffer overflow vulnerability was discovered in HP's implementation of the DCE endpoint mapper (epmap) which listens by default on TCP port 135. Successful exploitation of this vulnerability may allow an attacker to execute arbitrary commands on the targeted system with the privileges of the DCED process which is typically run as the root user.

tags | advisory, overflow, arbitrary, root, tcp
advisories | CVE-2004-0716
SHA-256 | 758ce6bde29696c5e492573e6a282d47923e4dc99f30fa67a78d10b987b58df4
Atstake Security Advisory 04-07-13.1
Posted Jul 14, 2004
Authored by David Goldsmith, Atstake | Site atstake.com

Atstake Security Advisory A071304-1 - 4D WebSTAR versions 5.3.2 and below suffer from numerous vulnerabilities that allow for an attacker to escalate privileges or obtain access to protected resources. These include a remotely exploitable pre-authentication FTP overflow, directory indexing of any directory on the host, file disclosure of PHP.INI, and local privilege escalation and file overwrite via symbolic links.

tags | advisory, overflow, local, php, vulnerability
SHA-256 | 3687cf4f4805ebd7619c3a629f029fcea5cc0d6baf1031b38b9528d9e63c3d7c
Atstake Security Advisory 04-05-03.1
Posted May 7, 2004
Authored by David Goldsmith, Atstake, Dino Dai Zovi | Site atstake.com

Atstake Security Advisory A050304-1 - The AppleFileServer provides Apple Filing Protocol (AFP) services for both Mac OS X and Mac OS X server. AFP is a protocol used to remotely mount drives, similar to NFS or SMB/CIFS. There is a pre-authentication, remotely exploitable stack buffer overflow that allows an attacker to obtain administrative privileges and execute commands as root. Versions affected are Mac OS X 10.3.3, 10.3.2, and 10.2.8.

tags | advisory, overflow, root, protocol
systems | apple, osx
advisories | CVE-2004-0430
SHA-256 | d0a99458eaeba41776f013f6acd2684183376fa3765005d3b0854d047a21d569
Atstake Security Advisory 04-04-22.1
Posted Apr 24, 2004
Authored by Atstake, Jeremy Jethro | Site atstake.com

Atstake Security Advisory A042204-1 - The SiteMinder Affiliate Agent plugin version 4.x is susceptible to a remotely exploitable heap overflow when the SMPROFILE cookie is passed a large value. This affect the Solaris, Windows, and HP-UX platforms.

tags | advisory, overflow
systems | windows, solaris, hpux
advisories | CVE-2004-0425
SHA-256 | 147240362c1334eca1c5fd7b59f02a967e85d03c2689319c88c06052f2ca65cf
Atstake Security Advisory 04-02-23.1
Posted Feb 24, 2004
Authored by David Goldsmith, Atstake | Site atstake.com

Atstake Security Advisory A022304-1 - The ppp daemon that comes installed by default in Mac OS X is vulnerable to a format string vulnerability. It is possible to read arbitrary data out of pppd's process. Under certain circumstances, it is also possible to 'steal' PAP/CHAP authentication credentials.

tags | advisory, arbitrary
systems | apple, osx
advisories | CVE-2004-0165
SHA-256 | ac39259d91e80a21a84083dd2d5ed03a1ab274c26fa3d74162b3afe90c544152
Page 1 of 4
Back1234Next

File Archive:

August 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    20 Files
  • 2
    Aug 2nd
    4 Files
  • 3
    Aug 3rd
    6 Files
  • 4
    Aug 4th
    55 Files
  • 5
    Aug 5th
    16 Files
  • 6
    Aug 6th
    0 Files
  • 7
    Aug 7th
    0 Files
  • 8
    Aug 8th
    13 Files
  • 9
    Aug 9th
    13 Files
  • 10
    Aug 10th
    34 Files
  • 11
    Aug 11th
    16 Files
  • 12
    Aug 12th
    5 Files
  • 13
    Aug 13th
    0 Files
  • 14
    Aug 14th
    0 Files
  • 15
    Aug 15th
    25 Files
  • 16
    Aug 16th
    3 Files
  • 17
    Aug 17th
    6 Files
  • 18
    Aug 18th
    4 Files
  • 19
    Aug 19th
    7 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close