what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 45 RSS Feed

Files Date: 2012-02-03

PHP-Fusion 7.02.04 SQL Injection
Posted Feb 3, 2012
Authored by Am!r | Site irist.ir

PHP-Fusion version 7.02.04 suffers from a remote SQL injection vulnerability in weblinks.php.

tags | exploit, remote, php, sql injection
SHA-256 | 336cf42e8dc8faa6b50900fe87f736405e406fd222446974eea37d4c2c4ef253
Port Tester 0.1
Posted Feb 3, 2012
Authored by localh0t

This is a simple little port scanning script written in python.

tags | tool, scanner, python
systems | unix
SHA-256 | ad34cb9d3975247aeac90686a80c09eb62fbcb41dbb7d953b4454b12630d2829
RFC6528 - Defending Against Sequence Number Attacks
Posted Feb 3, 2012
Authored by Fernando Gont

This document specifies an algorithm for the generation of TCP Initial Sequence Numbers (ISNs), such that the chances of an off-path attacker guessing the sequence numbers in use by a target connection are reduced. This document revises (and formally obsoletes) RFC 1948, and takes the ISN generation algorithm originally proposed in that document to Standards Track, formally updating RFC 793.

tags | paper, tcp
SHA-256 | 1de02139d839860eb49ea553acf75e16b93a6326e4b0eda1ef0daa56433b89da
Torrent-Stats Denial Of Service
Posted Feb 3, 2012
Authored by otr

Torrent-Stats suffers from a denial of service vulnerability in httpd.c.

tags | exploit, denial of service
SHA-256 | 800bc0f63fdba947738b01388e1c4834532ab1fc95c5b2912e467da4293d8011
PHP 5.4 Buffer Overflow
Posted Feb 3, 2012
Authored by cataphract

PHP 5.4SVN-2012-02-03 htmlspecialchars/entities buffer overflow proof of concept exploit.

tags | exploit, overflow, php, proof of concept
SHA-256 | 7d9d68a3f64eb85daf94cd1428c3c855c5f69e5d8dbbbe3c5757e334382bf46d
BSides Detroit 12 Call For Papers
Posted Feb 3, 2012
Site bit.ly

BSides Detroit 12 has announced its Call For Presenters. It will take place June 1st through the 2nd in Detroit, Michigan.

tags | paper, conference
SHA-256 | 8ddd8b0bbb67c58efd7b496ba3179e010c0cf7b0a207d86528e511c8e938a61c
HP Security Bulletin HPSBGN02740 SSRT100741
Posted Feb 3, 2012
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN02740 SSRT100741 - A potential security vulnerability has been identified with HP Operations Manager, Operations Agent, Performance Agent, Service Health Reporter, Service Health Optimizer, and Performance Manager. The vulnerability can be remotely exploited to execute arbitrary code. Revision 1 of this advisory.

tags | advisory, arbitrary
advisories | CVE-2010-3864
SHA-256 | 7418d0451f1e1ba87babd8bf10bf3d28de3cfec8b7511fa6ad1c92a85606ed86
NASA Subdomains Shell Upload / SQL Injection
Posted Feb 3, 2012
Authored by K0242, Vulnerability Laboratory | Site vulnerability-lab.com

Various NASA subdomains suffer from shell upload and remote SQL injection vulnerabilities.

tags | exploit, remote, shell, vulnerability, sql injection
SHA-256 | f9277411d31f74135b7d8b55cd469dc0ee2d8891392968c97818206a6817974a
Debian Security Advisory 2403-1
Posted Feb 3, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2403-1 - Stefan Esser discovered that the implementation of the max_input_vars configuration variable in a recent PHP security update was flawed such that it allows remote attackers to crash PHP or potentially execute code.

tags | advisory, remote, php
systems | linux, debian
advisories | CVE-2012-0830
SHA-256 | bbcaf9bacde93e6ba6e9cb4dfce9298a5d4f4801092f02f18b73ed6239c2c48d
Secunia Security Advisory 47868
Posted Feb 3, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - HP has acknowledged a vulnerability in multiple HP products, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise an application using the library.

tags | advisory, denial of service
SHA-256 | 2510d6ae95783ffa7bd0b8173f4b30d6e218e7258e1ab2b4351fd67963b9a155
Secunia Security Advisory 47842
Posted Feb 3, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in the RTG Files extension for TYPO3, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks.

tags | advisory, vulnerability, xss, sql injection
SHA-256 | f2b0180fd7675b6dd2e6e1558565e1948b10ad8372e6cb748e64f1afe860cef4
Secunia Security Advisory 47657
Posted Feb 3, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Andrea Micalizzi has discovered a vulnerability in 2X ApplicationServer TuxSystem ActiveX Control, which can be exploited by malicious people to manipulate certain data.

tags | advisory, activex
SHA-256 | 2ab0d932da86c475d4acc8a45fe1deeddb2a2401320ad2435c2f50b5398124af
Secunia Security Advisory 47809
Posted Feb 3, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for usbmuxd. This fixes a vulnerability, which potentially can be exploited by malicious people with physical access to compromise a vulnerable system.

tags | advisory
systems | linux, ubuntu
SHA-256 | 3680690ce0b9ba4cac5019935e645cdabb7d8527110030be38445277e2b9fe5c
Secunia Security Advisory 47770
Posted Feb 3, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for iceape. This fixes a weakness and multiple vulnerabilities, which can be exploited by malicious people to disclose certain sensitive information and compromise a user's system.

tags | advisory, vulnerability
systems | linux, debian
SHA-256 | 3dcb73e3eafa01141df2df3d127d044c68b9b47516b959d8e66088673b56ad0a
Secunia Security Advisory 47866
Posted Feb 3, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for JBoss Enterprise Portal Platform. This fixes multiple weaknesses, a security issue, and multiple vulnerabilities, which can be exploited by malicious, local users to bypass certain security restrictions and by malicious people to bypass certain security restrictions, cause a DoS (Denial of Service), and compromise a vulnerable system.

tags | advisory, denial of service, local, vulnerability
systems | linux, redhat
SHA-256 | 4d46d88fe1552e6fef5b6dc95b3fc4a042a2f4f0ea8038b01309fd5cfc6856bc
Secunia Security Advisory 47876
Posted Feb 3, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Prabhu S Angadi has discovered a vulnerability in Sphinx Mobile Web Server, which can be exploited by malicious people to conduct script insertion attacks.

tags | advisory, web
SHA-256 | c53a959f8318d131180c025a5eeb7280a7b9ac241cbdcbb9e8093e51d31d30b9
Secunia Security Advisory 47872
Posted Feb 3, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A weakness and two vulnerabilities have been reported in DotNetNuke, which can be exploited by malicious users to enumerate files on an affected system and bypass certain security restrictions and by malicious people to conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss
SHA-256 | 284bdc1cf5ff2c3f03a5ddb3699b77eb6c218d5454dada4c778ecef452cf8eb3
Secunia Security Advisory 47854
Posted Feb 3, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in project-open, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
SHA-256 | d517d5923b67a3688950ed142d0cdaebee8a221028b114cd84d654f2ec36bea0
Dradis Information Sharing Tool 2.9.0
Posted Feb 3, 2012
Authored by etd | Site dradis.nomejortu.com

dradis is a tool for sharing information during security testing. While plenty of tools exist to help in the different stages of the test, not so many exist to share interesting information captured. When a team of testers is working on the same set of targets, having a common repository of information is essential to avoid duplication of efforts.

Changes: This release added a Retina Network Security Scanner upload plugin and a Zed Attack Proxy upload plugin. The Nessus, Nikto, and Nmap upload plugins are now orders of magnitude faster. A VulnDB import plugin was added to support VulnDB HQ integration. The First Time User's Wizard was updated. Rails was upgraded to version 3.2.
tags | tool, web
systems | unix
SHA-256 | acd6962974b366615d52eda38b9efa9e28463c266a80b88cccc0bfb5f0026dea
NetSarang Xlpd Printer Daemon 4 Denial Of Service
Posted Feb 3, 2012
Authored by Prabhu S Angadi | Site secpod.com

The NetSarang Xlpd printer daemon version 4 suffers from a remote denial of service vulnerability. Proof of concept exploit included.

tags | exploit, remote, denial of service, proof of concept
systems | linux
SHA-256 | d109d13e6fc0ff37cda9997cc4f9db745daa155a93a66134074d8bbe18a8c310
Achievo 1.4.3 Cross Site Scripting / SQL Injection
Posted Feb 3, 2012
Authored by Chokri Ben Achor, Vulnerability Laboratory | Site vulnerability-lab.com

Achievo version 1.4.3 suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
SHA-256 | c5d888cc5d96ea7a0d5ed27148675da50510a9ee66be018f11fe7ca786e93b96
Foswiki Cross Site Scripting
Posted Feb 3, 2012
Authored by Sony

Foswiki suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 6be24141745459eeaf32cb631743a60b84dd0d2249f8beb4e3273f5e3033b9b9
Sunway Forcecontrol SNMP NetDBServer.exe Opcode 0x57
Posted Feb 3, 2012
Authored by Luigi Auriemma, James Fitts, Rinat Ziyayev | Site metasploit.com

This Metasploit module exploits a stack based buffer overflow found in the SNMP NetDBServer service of Sunway Forcecontrol <= 6.1 sp3. The overflow is triggered when sending an overly long string to the listening service on port 2001.

tags | exploit, overflow
SHA-256 | e52f022e2ed545bd142274261056cd28d052302e65c42387b95414958583c89b
Icona SpA C6 Messenger Downloader Arbitrary File Download / Execute
Posted Feb 3, 2012
Authored by juan vazquez, Nine:Situations:Group::SnoopyAssault | Site metasploit.com

This Metasploit module exploits a vulnerability in Icona SpA C6 Messenger version 1.0.0.1. The vulnerability is in the Downloader ActiveX Control (DownloaderActiveX.ocx). The insecure control can be abused to download and execute arbitrary files in the context of the currently logged-on user.

tags | exploit, arbitrary, activex
advisories | CVE-2008-2551, OSVDB-45960
SHA-256 | 5ff82482c6d0cc8cb96eb23172d540f4d5ded54210dbc21fe3ea60715403632a
OSCommerce 3.0.2 Cross Site Scripting
Posted Feb 3, 2012
Authored by Alexander Fuchs, Vulnerability Laboratory | Site vulnerability-lab.com

OSCommerce version 3.0.2 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 0a2520ea5c52566aba471703d7a80fc90e05ce97b35a678bdbc29dd0b250e477
Page 1 of 2
Back12Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close