what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 51 - 75 of 100 RSS Feed

Files

Farsi News 3.0 Backup Disclosure
Posted Apr 1, 2010
Authored by indoushka

Farsi News version 3.0 suffers from a backup disclosure vulnerability.

tags | exploit, info disclosure
SHA-256 | 7bf3c5f4af9a1a5e769f9e2b90dc6c48294d156c321bec1d5e5b276815740703

Related Files

WordPress Meenews 5.1 Cross Site Scripting
Posted Nov 23, 2011
Authored by Am!r | Site irist.ir

WordPress Meenews plugin version 5.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 41b3810dee49681a7af5b5d43b3fb63e90fab9847e98dffff50885e5a8f91d9a
Red Hat Security Advisory 2011-1440-01
Posted Nov 9, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-1440-01 - SeaMonkey is an open source web browser, email and newsgroup client, IRC chat client, and HTML editor. A cross-site scripting flaw was found in the way SeaMonkey handled certain multibyte character sets. A web page containing malicious content could cause SeaMonkey to run JavaScript code with the permissions of a different website. All SeaMonkey users should upgrade to these updated packages, which correct this issue. After installing the update, SeaMonkey must be restarted for the changes to take effect.

tags | advisory, web, javascript, xss
systems | linux, redhat
advisories | CVE-2011-3648
SHA-256 | be943c91e86570f5afdd3ff9f206a5e3daeeed4880fe0df663aa87a0cc2bf88c
Red Hat Security Advisory 2011-1439-01
Posted Nov 9, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-1439-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. A flaw was found in the way Thunderbird handled certain add-ons. Malicious, remote content could cause an add-on to elevate its privileges, which could lead to arbitrary code execution with the privileges of the user running Thunderbird. A cross-site scripting flaw was found in the way Thunderbird handled certain multibyte character sets. Malicious, remote content could cause Thunderbird to run JavaScript code with the permissions of different remote content.

tags | advisory, remote, arbitrary, javascript, code execution, xss
systems | linux, redhat
advisories | CVE-2011-3647, CVE-2011-3648, CVE-2011-3650
SHA-256 | 6725630111957b4cce773bf3191856fea647483be273c966fc6ba69b7cb37d3c
Red Hat Security Advisory 2011-1438-01
Posted Nov 9, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-1438-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. A cross-site scripting flaw was found in the way Thunderbird handled certain multibyte character sets. Malicious, remote content could cause Thunderbird to run JavaScript code with the permissions of different remote content. Note: This issue cannot be exploited by a specially-crafted HTML mail message as JavaScript is disabled by default for mail messages. It could be exploited another way in Thunderbird, for example, when viewing the full remote content of an RSS feed.

tags | advisory, remote, javascript, xss
systems | linux, redhat
advisories | CVE-2011-3648
SHA-256 | 4935d112f7e8f6b78913afa49bf394d199e635564960c3a3b5a3abb52565bb18
TOR Virtual Network Tunneling Tool 0.2.2.34
Posted Nov 3, 2011
Authored by Roger Dingledine | Site tor.eff.org

Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).

Changes: This release fixes a critical anonymity vulnerability where an attacker can deanonymize Tor users. Everybody should upgrade. This release also fixes several vulnerabilities that allow an attacker to enumerate bridge relays.
tags | tool, remote, local, peer2peer
systems | unix
advisories | CVE-2011-2768
SHA-256 | a027a535b35e5f9ca7091e4c83a06b4be48f0f95d6906bdd467ccc0659e7e798
Secunia Security Advisory 46219
Posted Oct 31, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - kurdish hackers team has discovered multiple vulnerabilities in Magtrb MyNews, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory, vulnerability
SHA-256 | b58ed0325a818f59f2f23db48e6a5aafc20c844546a98a217edc7c18c8db80e0
Hack This Zine #13
Posted Oct 22, 2011
Authored by htz | Site hackbloc.org

Hack This Zine Issue 13 - This issue's topics include Solidarity, Hacker Profiles, Bitcoin, various news and more.

tags | magazine
SHA-256 | b1d413cc63c950285dd48246104d152c5c190ac84db4bd63908f55f26f6c5822
Packet Storm Mac OS X Widget
Posted Oct 18, 2011
Authored by Saitek

Packet Storm Widget is a Mac OS X widget that allows users to see all latest news from packetstormsecurity.org. A user can choose between different kind of news to see: All of the Latest Content, Latest News, Latest Files, Latest 0 Days, Latest Vulnerabilities and Latest Exploits. This allows a user to always keep up to date on their favorite security topics. Please note that this was *not* created by Packet Storm Security and questions should be directed to the author. This should run on Leopard, Snow Leopard, Lion and Tiger.

tags | vulnerability
systems | apple, osx
SHA-256 | 69c119dd10637e93745b7d47028577720527e2e790477da1e00cfc3d5ceebc42
Red Hat Security Advisory 2011-1344-01
Posted Sep 29, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-1344-01 - SeaMonkey is an open source web browser, email and newsgroup client, IRC chat client, and HTML editor. A flaw was found in the way SeaMonkey handled frame objects with certain names. An attacker could use this flaw to cause a plug-in to grant its content access to another site or the local file system, violating the same-origin policy. An integer underflow flaw was found in the way SeaMonkey handled large JavaScript regular expressions. A web page containing malicious JavaScript could cause SeaMonkey to access already freed memory, causing SeaMonkey to crash or, potentially, execute arbitrary code with the privileges of the user running SeaMonkey. All SeaMonkey users should upgrade to these updated packages, which correct these issues. After installing the update, SeaMonkey must be restarted for the changes to take effect.

tags | advisory, web, arbitrary, local, javascript
systems | linux, redhat
advisories | CVE-2011-2998, CVE-2011-2999
SHA-256 | 9da687a381ca20d046b5c50589b968fee6f0f6760fa5b50b72ae19d0c9de5863
Red Hat Security Advisory 2011-1343-01
Posted Sep 29, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-1343-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. A flaw was found in the way Thunderbird handled frame objects with certain names. An attacker could use this flaw to cause a plug-in to grant its content access to another site or the local file system, violating the same-origin policy. An integer underflow flaw was found in the way Thunderbird handled large JavaScript regular expressions. An HTML mail message containing malicious JavaScript could cause Thunderbird to access already freed memory, causing Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird.

tags | advisory, arbitrary, local, javascript
systems | linux, redhat
advisories | CVE-2011-2998, CVE-2011-2999
SHA-256 | 3687f8be51c9a85fd3c79f10c8bab76b7b4dafaaac4db14db59c0c0b77e3d708
Red Hat Security Advisory 2011-1342-01
Posted Sep 29, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-1342-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the processing of malformed HTML content. An HTML mail message containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. A flaw was found in the way Thunderbird processed the "Enter" keypress event. A malicious HTML mail message could present a download dialog while the key is pressed, activating the default "Open" action. A remote attacker could exploit this vulnerability by causing the mail client to open malicious web content.

tags | advisory, remote, web, arbitrary
systems | linux, redhat
advisories | CVE-2011-2372, CVE-2011-2995, CVE-2011-2998, CVE-2011-2999, CVE-2011-3000
SHA-256 | a8625a9160b247b90199ce4274aa8f6096c8d45553eb33684ffa4642f14866c3
MyNews 1.2 Remote File Inclusion
Posted Sep 28, 2011
Authored by kurdish hackers team | Site kurdteam.org

MyNews version 1.2 suffers from a remote file inclusion vulnerability.

tags | exploit, remote, code execution, file inclusion
SHA-256 | 98473dea15460cad189a1cb641d82abda2afcb65692491f9e52168e5282a1d7b
TOR Virtual Network Tunneling Tool 0.2.2.33
Posted Sep 21, 2011
Authored by Roger Dingledine | Site tor.eff.org

Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).

Changes: This release fixes several bugs and includes a slight tweak to Tor's TLS handshake which makes relays and bridges which run this new version reachable from Iran again.
tags | tool, remote, local, peer2peer
systems | unix
SHA-256 | 5af42b1cc07704fcbde8bb44380e5a02ebedc75470a132c70022ecb5f8476bcf
Bulletlink Newspaper Template SQL Injection
Posted Sep 12, 2011
Authored by easypwn

Bulletlink Newspaper Template Software suffers from a remote blind SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 527bb82149fa2030ec271de2c72a2f14ca5303161e6ee49e8b2c97cf661c157a
Red Hat Security Advisory 2011-1267-01
Posted Sep 7, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-1267-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. The RHSA-2011:1243 Thunderbird update rendered HTTPS certificates signed by a certain Certificate Authority as untrusted, but made an exception for a select few. This update removes that exception, rendering every HTTPS certificate signed by that CA as untrusted. All Thunderbird users should upgrade to this updated package, which resolves this issue. All running instances of Thunderbird must be restarted for the update to take effect.

tags | advisory, web
systems | linux, redhat
SHA-256 | 69aa7adc07bc289eb1af3b0ebabb93ca6e1a697884694c17a9a228c650adf59f
Red Hat Security Advisory 2011-1266-01.xt
Posted Sep 7, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-1266-01.xt - SeaMonkey is an open source web browser, email and newsgroup client, IRC chat client, and HTML editor. The RHSA-2011:1244 SeaMonkey update rendered HTTPS certificates signed by a certain Certificate Authority as untrusted, but made an exception for a select few. This update removes that exception, rendering every HTTPS certificate signed by that CA as untrusted. All SeaMonkey users should upgrade to these updated packages, which correct this issue. After installing the update, SeaMonkey must be restarted for the changes to take effect.

tags | advisory, web
systems | linux, redhat
SHA-256 | 65b993d94bc041a184d5a50dd74cec68450ace5a9cfd84a960c475ca090bd969
Webmodo News System SQL Injection
Posted Sep 5, 2011
Authored by Eyup CELIK

Webmodo News System suffers from a remote blind SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | dfd2b8fe24c902fe03d6d52e8be66911737b7d5609b88e5a05d62e8d7e9fb59e
Kolifa News System Cross Site Scripting / SQL Injection
Posted Sep 5, 2011
Authored by Eyup CELIK

Kolifa News System suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
SHA-256 | eea985084b2d605a5abc20cbc8acb3ba1036e58d088871e141b5c22d3339eb9a
The Hacker News Magazine Issue 04
Posted Sep 2, 2011
Authored by thehackernews | Site thehackernews.com

The Hacker News Magazine issue 04, released September, 2011. This magazine sums up recent news events in the hacker community.

tags | magazine
SHA-256 | 4e1119d2b4ecb717c9fe59628951d163a13bb6a8c74bd477c694639f22b14965
Red Hat Security Advisory 2011-1244-01
Posted Sep 1, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-1244-01 - SeaMonkey is an open source web browser, email and newsgroup client, IRC chat client, and HTML editor. It was found that a Certificate Authority issued a fraudulent HTTPS certificate. This update renders any HTTPS certificates signed by that CA as untrusted, except for a select few. The now untrusted certificates that were issued before July 1, 2011 can be manually re-enabled and used again at your own risk in SeaMonkey; however, affected certificates issued after this date cannot be re-enabled or used. All SeaMonkey users should upgrade to these updated packages, which correct this issue. After installing the update, SeaMonkey must be restarted for the changes to take effect.

tags | advisory, web
systems | linux, redhat
SHA-256 | 7df61e89a4c25927a5226cf3ad45c80b05824cabd528719ed04b620fdc009f76
TOR Virtual Network Tunneling Tool 0.2.2.32
Posted Sep 1, 2011
Authored by Roger Dingledine | Site tor.eff.org

Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).

Changes: This is the first stable release in the 0.2.2 branch. This release features improved client performance and hidden service reliability, better compatibility for Android, correct behavior for bridges that listen on more than one address, more extensible and flexible directory object handling, better reporting of network statistics, improved code security, and many other features and bugfixes.
tags | tool, remote, local, peer2peer
systems | unix
SHA-256 | 8744328c10b54950e08ee404a75a0e76865be0615cad6f7ffc8c75af7151ef4d
Red Hat Security Advisory 2011-1243-01
Posted Aug 31, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-1243-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. It was found that a Certificate Authority issued a fraudulent HTTPS certificate. This update renders any HTTPS certificates signed by that CA as untrusted, except for a select few. The now untrusted certificates that were issued before July 1, 2011 can be manually re-enabled and used again at your own risk in Thunderbird; however, affected certificates issued after this date cannot be re-enabled or used. All Thunderbird users should upgrade to this updated package, which resolves this issue. All running instances of Thunderbird must be restarted for the update to take effect.

tags | advisory, web
systems | linux, redhat
SHA-256 | a84407a2016081e8bda7c4f9f45b00c24167470f9687e5c422f4821fa7e4a5fb
Debian Security Advisory 2297-1
Posted Aug 21, 2011
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2297-1 - Several vulnerabilities have been discovered in Icedove, an unbranded version of the Thunderbird mail/news client.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2011-0084, CVE-2011-2378, CVE-2011-2981, CVE-2011-2982, CVE-2011-2983, CVE-2011-2984
SHA-256 | bf80bb2acbfee25ec2d61f3cea47b4dcc44dfe0a8b8e4b570d6578844a6e66ee
WordPress OdiHost Newsletter 1.0 SQL Injection
Posted Aug 18, 2011
Authored by Miroslav Stampar

WordPress OdiHost Newsletter plugin versions 1.0 and below suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 6a3636ad38e027bd98ada6deba08feef6d1a9f10610364218783cf6e8e50f410
Secunia Security Advisory 45643
Posted Aug 18, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Miroslav Stampar has discovered a vulnerability in the Odihost Newsletter plugin for WordPress, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, sql injection
SHA-256 | 3ab4e6eed74e17f95e5604f966c9cabcac1672efcb659d08891a1470544f89e6
Page 3 of 4
Back1234Next

File Archive:

January 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    0 Files
  • 2
    Jan 2nd
    13 Files
  • 3
    Jan 3rd
    5 Files
  • 4
    Jan 4th
    5 Files
  • 5
    Jan 5th
    9 Files
  • 6
    Jan 6th
    5 Files
  • 7
    Jan 7th
    0 Files
  • 8
    Jan 8th
    0 Files
  • 9
    Jan 9th
    18 Files
  • 10
    Jan 10th
    31 Files
  • 11
    Jan 11th
    30 Files
  • 12
    Jan 12th
    33 Files
  • 13
    Jan 13th
    25 Files
  • 14
    Jan 14th
    0 Files
  • 15
    Jan 15th
    0 Files
  • 16
    Jan 16th
    7 Files
  • 17
    Jan 17th
    25 Files
  • 18
    Jan 18th
    38 Files
  • 19
    Jan 19th
    6 Files
  • 20
    Jan 20th
    21 Files
  • 21
    Jan 21st
    0 Files
  • 22
    Jan 22nd
    0 Files
  • 23
    Jan 23rd
    24 Files
  • 24
    Jan 24th
    68 Files
  • 25
    Jan 25th
    22 Files
  • 26
    Jan 26th
    20 Files
  • 27
    Jan 27th
    17 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close