Phrack Magazine Issue 64 - Hijacking RDS TMC traffic information signals, Cryptanalysis of DPA-128, Autopsy of cvsxpl, and more.
00f30e4d9bef0d50250a1c8179bece264131faa95ea263cc2f74d269e82be401
Phrack Magazine Issue 65 - Stealth Hooking, Clawing holes in NAT with UPnP, phook - The PEB Hooker, and more.
5114ec6adfd66b13b36e5bc248d1590e87ccf9c9f3c48ba5aa900bbc827e3e01
Green Dam version 3.17 remote buffer overflow exploit with shellcode for Microsoft Windows XP SP2.
8064256cbb0c0234a75de1d55a45027e0398c4e93f0f7f69e95157e3db333d98
phpWebThings versions 1.5.2 and below MD5 hash retrieval and file disclosure exploit.
15525bf55b3f1630e82f9c3c6286feb059ef2099f6908c5d4e4f69a5584f68a4
Campus Virtual-LMS suffers from remote SQL injection, cross site request forgery, and cross site scripting vulnerabilities.
bb6332159cb50b38e5e2b49954b10e245a98a4aaff0da919b5c154fb4be2675a
Secunia Research has discovered a vulnerability in Firefox, which can be exploited by malicious people to potentially compromise a user's system. The vulnerability is caused due to a race condition when accessing the private data of an NPObject JS wrapper class object if navigating away from a web page while loading a Java applet. This can be exploited via a specially crafted web page to use already freed memory. Successful exploitation may allow execution of arbitrary code. Firefox versions 3.0.7, 3.0.8, and 3.0.9 for Windows with JRE 6 Update 13 are affected.
59a414dd2e58d6c33945c4e0a4203f55a583994a9ddb89946f7965278edcebe0
Apple iTunes version 8.1.1.10 itms/itcp buffer overflow exploit for Microsoft Windows.
140b17c3410e2700b0f0b0f6aba6cda0e9899e7773db6b0f7c41bb673a524261
dradis is a tool for sharing information during security testing. While plenty of tools exist to help in the different stages of the test, not so many exist to share interesting information captured. When a team of testers is working on the same set of targets, having a common repository of information is essential to avoid duplication of efforts.
56becee9922782acdeeeed9b6cfea60cfef8ff24b8ebb8aada68448d415c2dbe
4images versions 1.7.7 and below suffer from filter bypass HTML injection and cross site scripting vulnerabilities.
f48b2a32d18fb3ebdbb217bae7706e39b9f13e6d42d74b033e146ce5d844ee6a
Zip Store Chat versions 4.0 and 5.0 suffer from a remote SQL injection vulnerability that allows for authentication bypass.
e88eb6dbdd3d473e899228376ce9969ab03c58593ffbf35c5808c146e355fba2
Proof of concept code for local media file enumeration with Windows Media Player.
b348e72cfc7aac1f736188f30a7e6b02f98dee30a8a45660ee5223f6b32c6aa3
Proof of concept that demonstrates hijacking iframes in webpages where a WMP object is embedded.
c15454780c747ae7c41ce81a6bf984543719990d87b2c518b3de897b464579b5
Proof of concept code that demonstrates Windows Media Player IP scanning capabilities.
56926b2b5261fbb5eaa8ca7543ba12691ac258d6d4ae4c15c8956f1744f410a0
Secunia Security Advisory - A vulnerability has been reported in MRCGIGUY The Ticket System, which can be exploited by malicious people to bypass certain security restrictions.
0556a60bbe9a5a7f4b5958c1f05ed2a0d2aad63533c8add2a9aeeb98244acab5
Ubuntu Security Notice USN-787-1 - The apache2 packages have been patched to address flaws in apr-util, mod_proxy_ajp, configuration issues, and more.
6699a0f10c75437f8abf294f828cc14f6d1a7f0848d59e33a9b455348d35c9bb