what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 51 - 75 of 100 RSS Feed

Files

Audio Editor Pro 5.0 Buffer Overflow
Posted Mar 21, 2011
Authored by anT!-Tr0J4n

Audio Editor Pro version 5.0 local buffer overflow proof of concept exploit that creates a malicious .ogg file.

tags | exploit, overflow, local, proof of concept
SHA-256 | 661b6f80b89a5b345ac887e570db5d5f0a9ce5462c163383c42b9fbfce56c724

Related Files

Ubuntu Security Notice USN-1538-1
Posted Aug 15, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1538-1 - An error was discovered in the Linux kernel's network TUN/TAP device implementation. A local user with access to the TUN/TAP interface (which is not available to unprivileged users until granted by a root user) could exploit this flaw to crash the system or potential gain administrative privileges. A flaw was found in the Linux kernel's Reliable Datagram Sockets (RDS) protocol implementation. A local, unprivileged user could use this flaw to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local, root, protocol
systems | linux, ubuntu
advisories | CVE-2012-2136, CVE-2012-2372, CVE-2012-2390, CVE-2012-2136, CVE-2012-2372, CVE-2012-2390
SHA-256 | b1621261e387c4866383d13410d8707d10ed518cc87e960bb61a013fc5ba3fed
Red Hat Security Advisory 2012-1169-01
Posted Aug 15, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1169-01 - Condor is a specialized workload management system for compute-intensive jobs. It provides a job queuing mechanism, scheduling policy, priority scheme, and resource monitoring and management. Condor installations that rely solely upon host-based authentication were vulnerable to an attacker who controls an IP, its reverse-DNS entry and has knowledge of a target site's security configuration. With this control and knowledge, the attacker could bypass the target site's host-based authentication and be authorized to perform privileged actions. Condor deployments using host-based authentication that contain no hostnames or use authentication stronger than host-based are not vulnerable.

tags | advisory
systems | linux, redhat
advisories | CVE-2012-3416
SHA-256 | 7d5b013b987ff091dd7a23fc5f576eb318a9b088700f78e918b6ba97b41e66c5
Red Hat Security Advisory 2012-1168-01
Posted Aug 15, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1168-01 - Condor is a specialized workload management system for compute-intensive jobs. It provides a job queuing mechanism, scheduling policy, priority scheme, and resource monitoring and management. Condor installations that rely solely upon host-based authentication were vulnerable to an attacker who controls an IP, its reverse-DNS entry and has knowledge of a target site's security configuration. With this control and knowledge, the attacker could bypass the target site's host-based authentication and be authorized to perform privileged actions. Condor deployments using host-based authentication that contain no hostnames or use authentication stronger than host-based are not vulnerable.

tags | advisory
systems | linux, redhat
advisories | CVE-2012-3416
SHA-256 | d2ced5174e3b3e5aa23d5bb70fe45a1a71a1a33cadc9611bc0fa7bc2e78e8c66
Secunia Security Advisory 50243
Posted Aug 14, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to compromise a user's system.

tags | advisory
systems | windows
SHA-256 | 3921be400542ad8b66f2ad3a5e76763bec88068d4951e85a0d664844d9ce23ed
Jackin' TOR Users Via Evil Proxies And The BeEF Framework
Posted Aug 14, 2012
Authored by evell | Site recursive-descent.net

This paper documents step by step instructions for intercepting TOR users via proxies and using the BeEF framework. It takes injection and proxying attacks on TOR to another level and is a very useful read.

tags | paper
SHA-256 | a9c7eed3c9863cb9f1cfe0b7e5af13778a4e6b7dd3d0709eed7757cb79cb0761
Secunia Security Advisory 50245
Posted Aug 14, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in Microsoft Windows, which can be exploited by malicious people to cause a DoS (Denial of Service) and compromise a vulnerable system.

tags | advisory, denial of service, vulnerability
systems | windows
SHA-256 | ea724ecfa139cce21a82d519e62f8208e1fc9f237c8b65f59575eb3205065962
Secunia Security Advisory 50237
Posted Aug 14, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Four vulnerabilities have been reported in Internet Explorer, which can be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability
SHA-256 | 70502b5fe87c4f29098d2c8751c89e58a22209d9389244c268fa0039fb22f885
Secunia Security Advisory 50285
Posted Aug 14, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Flash Player, which can be exploited by malicious people to compromise a user's system.

tags | advisory
SHA-256 | e0733d737d0d8ddbe3aadff8a040109e471ebf225c1b95fa19168f756675e864
Secunia Security Advisory 50281
Posted Aug 14, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in Adobe Reader and Adobe Acrobat, which can be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability
SHA-256 | 12cc9c82d1a759e826a34c897eecd35f6dc0ec6fcc84301e9699f4c77ebdbc82
Secunia Security Advisory 50283
Posted Aug 14, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in Adobe Shockwave Player, which can be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability
SHA-256 | e1e63d928727335a2cb10d40933ced7165bf829ba3b84e7308fcfec354967046
Secunia Security Advisory 50286
Posted Aug 14, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Google Chrome, which can be exploited by malicious people to compromise a user's system.

tags | advisory
SHA-256 | d6bbe46a29dc3c302794ef44df8800306ce895bfd0c34048b4b956e4c73c2316
Secunia Security Advisory 50251
Posted Aug 14, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Microsoft Office, which can be exploited by malicious people to potentially compromise a user's system.

tags | advisory
SHA-256 | e049e0b801540514dc4f36105c6d528a821ec2b23a16e48e0fdaf8849f69011a
Secunia Security Advisory 50247
Posted Aug 14, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in some Microsoft products, which can be exploited by malicious people to compromise a user's system.

tags | advisory
SHA-256 | 792a63b069aa7a3f73568e6ad5a1f0884ebbf23ffdcbd39d698fa21e085202ef
Cyclope Employee Surveillance Solution 6 SQL Injection
Posted Aug 14, 2012
Authored by loneferret, sinn3r | Site metasploit.com

This Metasploit module exploits a SQL injection found in Cyclope Employee Surveillance Solution. Because the login script does not properly handle the user-supplied username parameter, a malicious user can manipulate the SQL query, and allows arbitrary code execution under the context of 'SYSTEM'.

tags | exploit, arbitrary, code execution, sql injection
advisories | OSVDB-84517
SHA-256 | 943d1370d3c4c203bec054c6328adda12b9aa04b01b7010bb71dea9ec2bef8a7
Ubuntu Security Notice USN-1537-1
Posted Aug 14, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1537-1 - It was discovered that OpenOffice.org incorrectly handled certain encryption tags in Open Document Text (.odt) files. If a user were tricked into opening a specially crafted file, an attacker could cause OpenOffice.org to crash or possibly execute arbitrary code with the privileges of the user invoking the program.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2012-2665
SHA-256 | 732af7ab4447e86da664cb28cd27c2933227231e898ccd4393d48db0e3186698
Ubuntu Security Notice USN-1536-1
Posted Aug 14, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1536-1 - It was discovered that LibreOffice incorrectly handled certain encryption tags in Open Document Text (.odt) files. If a user were tricked into opening a specially crafted file, an attacker could cause LibreOffice to crash or possibly execute arbitrary code with the privileges of the user invoking the program.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2012-2665
SHA-256 | 4d043603529ee5cc103e3b5aee7adbaaa490fe5f2e360031f1ed03e54b0f33ca
Entropy Broker RNG 1.0.1
Posted Aug 14, 2012
Authored by Folkert van Heusden | Site vanheusden.com

Entropy Broker is an infrastructure for distributing cryptographically secure random numbers (entropy data) from one or more servers to one or more clients. Entropy Broker allows you to distribute entropy data (random values) to /dev/random devices from other systems (real servers or virtualised systems). It helps preventing that the /dev/random device gets depleted; an empty /dev/random-device can cause programs to hang (waiting for entropy data to become available). This is useful for systems that need to generate encryption keys, run VPN software or run a casino website.

Changes: This is an important bugfix release. This version replaces the ivec initializer code with something more sensible.
tags | encryption
systems | linux
SHA-256 | e505291a3ada9f1ba3928113fa70f9f79bfc771b2fe8e20560d612d5c64beb5b
ProQuiz 2.0.2 LFI / RFI / XSS / SQL Injection
Posted Aug 14, 2012
Authored by L0n3ly-H34rT

ProQuiz version 2.0.2 suffers from cross site scripting, local file inclusion, remote file inclusion, and remote SQL injection vulnerabilities.

tags | exploit, remote, local, vulnerability, code execution, xss, sql injection, file inclusion
SHA-256 | cd96527f58d918d01dbe7ff75611b1729daf91b7449eeb441565cef7115b0a2a
Pure-FTPd 1.0.21 Denial Of Service
Posted Aug 14, 2012
Authored by Kingcope

Pure-FTPd version 1.0.21 crash proof of concept exploit that leverages a NULL pointer dereference.

tags | exploit, proof of concept
SHA-256 | c2280992211c9ea41ac2e2ddf61f4ee7e7455a52f000ddfb5f9302a7a81ccbc0
Red Hat Security Advisory 2012-1166-01
Posted Aug 14, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1166-01 - mod_cluster is an Apache HTTP Server based load balancer that forwards requests from httpd to application server nodes. It can use the AJP, HTTP, or HTTPS protocols for communication with application server nodes. The RHSA-2012:0035 update for JBoss Enterprise Web Server 1.0.2 introduced a regression, causing mod_cluster to register and expose the root context of a server by default, even when "ROOT" was in the "excludedContexts" list in the mod_cluster configuration. If an application was deployed on the root context, a remote attacker could use this flaw to bypass intended access restrictions and gain access to that application.

tags | advisory, remote, web, root, protocol
systems | linux, redhat
advisories | CVE-2012-1154
SHA-256 | f780b0c2beb4f13cd5fd92b554dd4ba5fbcdbbc13f13e931837e863861773d32
Red Hat Security Advisory 2012-1165-01
Posted Aug 14, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-1165-01 - JBoss Enterprise BRMS Platform is a business rules management system for the management, storage, creation, modification, and deployment of JBoss Rules. This roll up patch serves as a cumulative upgrade for JBoss Enterprise BRMS Platform 5.3.0. It includes various bug fixes. The following security issue is also fixed with this release: It was found that the JMX Console did not protect against Cross-Site Request Forgery attacks. If a remote attacker could trick a user, who was logged into the JMX Console, into visiting a specially-crafted URL, the attacker could perform operations on MBeans, which may lead to arbitrary code execution in the context of the JBoss server process.

tags | advisory, remote, arbitrary, code execution, csrf
systems | linux, redhat
advisories | CVE-2011-2908
SHA-256 | 60f263a40e9847b3704eea8775ecc38544cbf434846d76a7dc6b54f11d8bced7
Ubuntu Security Notice USN-1531-1
Posted Aug 13, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1531-1 - An error was discovered in the Linux kernel's network TUN/TAP device implementation. A local user with access to the TUN/TAP interface (which is not available to unprivileged users until granted by a root user) could exploit this flaw to crash the system or potential gain administrative privileges. A flaw was found in the Linux kernel's Reliable Datagram Sockets (RDS) protocol implementation. A local, unprivileged user could use this flaw to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local, root, protocol
systems | linux, ubuntu
advisories | CVE-2012-2136, CVE-2012-2372, CVE-2012-2390, CVE-2012-2136, CVE-2012-2372, CVE-2012-2390
SHA-256 | 02e8241e6bf305aa37396622b58304e85b75430ea8d557a9abfcab876e316fe7
Ubuntu Security Notice USN-1530-1
Posted Aug 13, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1530-1 - Andy Adamson discovered a flaw in the Linux kernel's NFSv4 implementation. A remote NFS server (attacker) could exploit this flaw to cause a denial of service. Steve Grubb reported a flaw with Linux fscaps (file system base capabilities) when used to increase the permissions of a process. For application on which fscaps are in use a local attacker can disable address space randomization to make attacking the process with raised privileges easier. Various other issues were also addressed.

tags | advisory, remote, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2011-4131, CVE-2012-2123, CVE-2012-2136, CVE-2012-2313, CVE-2012-2319, CVE-2012-2372, CVE-2012-2375, CVE-2011-4131, CVE-2012-2123, CVE-2012-2136, CVE-2012-2313, CVE-2012-2319, CVE-2012-2372, CVE-2012-2375
SHA-256 | 1182d44ab2f37a093d4b3adc952b3b7cbf5002be8d366863ba89dea8ab42ea57
Ubuntu Security Notice USN-1527-1
Posted Aug 13, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1527-1 - It was discovered that Expat computed hash values without restricting the ability to trigger hash collisions predictably. If a user or application linked against Expat were tricked into opening a crafted XML file, an attacker could cause a denial of service by consuming excessive CPU resources. Tim Boddy discovered that Expat did not properly handle memory reallocation when processing XML files. If a user or application linked against Expat were tricked into opening a crafted XML file, an attacker could cause a denial of service by consuming excessive memory resources. This issue only affected Ubuntu 8.04 LTS, 10.04 LTS, 11.04 and 11.10. Various other issues were also addressed.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2012-0876, CVE-2012-1148, CVE-2012-0876, CVE-2012-1148
SHA-256 | c3584e3aa4d3cbb82dcc486580cc91f457a48e7ca032d71f17b0d2dc8c8edb29
Call Of Duty Cross Site Scripting
Posted Aug 13, 2012
Authored by TayfunBasoglu

The profile.callofduty.com site suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 51263e977736c214f93598fe8b0a3642fb0f7d1eef0ba388f7b6cd5f02a5503b
Page 3 of 4
Back1234Next

File Archive:

February 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    16 Files
  • 2
    Feb 2nd
    19 Files
  • 3
    Feb 3rd
    0 Files
  • 4
    Feb 4th
    0 Files
  • 5
    Feb 5th
    24 Files
  • 6
    Feb 6th
    2 Files
  • 7
    Feb 7th
    10 Files
  • 8
    Feb 8th
    25 Files
  • 9
    Feb 9th
    37 Files
  • 10
    Feb 10th
    0 Files
  • 11
    Feb 11th
    0 Files
  • 12
    Feb 12th
    17 Files
  • 13
    Feb 13th
    20 Files
  • 14
    Feb 14th
    25 Files
  • 15
    Feb 15th
    15 Files
  • 16
    Feb 16th
    6 Files
  • 17
    Feb 17th
    0 Files
  • 18
    Feb 18th
    0 Files
  • 19
    Feb 19th
    35 Files
  • 20
    Feb 20th
    25 Files
  • 21
    Feb 21st
    18 Files
  • 22
    Feb 22nd
    15 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    10 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files
  • 29
    Feb 29th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close