phpPC versions 1.03 RC1 and below remote file inclusion exploit that makes use of /lib/functions.inc.php.
ad2925c57f561dbfd0854e20c1811a42d8daeaed395f59d39be3d75c890bed9cOpenSSH versions 4.3p1 and below CRC compensation attack detection remote denial of service exploit.
035a3f4969f6cc05f346536f5be5dbacdf424508e39d33b7a505c097e732871aWhitepaper titled Circumventing the VA kernel patch For Fun and Profit.
44d8fe292dd2dfdf649b23bd3d8ed9ec98592fff15344d63452c38fc5b4fec57A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Computer Associates BrightStor ARCserve Backup, Enterprise Backup, Server Protection Suite and Business Protection Suite. Authentication is not required to exploit this vulnerability and both client and servers are affected. The problem specifically exists within the discovery service which communicates initially over UDP port 41524 and then over TCP port 41523. Due to invalid bounds checking during TCP communications, a stack based buffer overflow may occur in ASBRDCST.DLL during a call to vsprintf().
882949ca006344276b63d62ca56980edfd1829bca457eebaa4fdbe01a6a66dddiDefense Security Advisory 10.05.06 - Local exploitation of a design error vulnerability in Symantec Corp. AntiVirus can allow an attacker to execute arbitrary code with kernel privileges. The vulnerability specifically exists due to improper address space validation when the NAVENG and NAVEX15 device drivers process IOCTL 0x222AD3, 0x222AD7, and 0x222ADB. An attacker can overwrite a user supplied address, including code segments, with a constant double word value by supplying a specially crafted Irp to the IOCTL handler function. iDefense has confirmed the existence of this vulnerability within version 10 of Symantec Client Security as of this writing. Previous versions, as well as relating products, which contain the NAVENG.SYS and NAVEX15.SYS drivers are suspected to be vulnerable as well.
732efba97b7ec341bff44782696cd383114b701e321b698f5802c60077ca466cInvision Power Board versions 2.1.7 and below suffer from a flaw where an admin can be redirected and forced to execute SQL commands through IPB's SQL Toolbox.
9af286fc038e6dba06765b94b931b863578243ac5223206ae4a1176681b8067eDebian Security Advisory 1191-1: Several security related problems have been discovered in Mozilla and derived products such as Mozilla Thunderbird.
cd1a5d38b6f0182ad93e11f2ee8262a43cd062490a20284f9bebb8dcfeb8658aThe Linksys SPA-921 VoIP desktop phone version 1.0.0 suffers from a denial of service condition.
eb622098ef4162103ed31cf74198e1796d5f676efb8db41d67428b05bae84695The GrandStream GXP-2000 VoIP desktop phone version 1.1.0.5 suffers from a denial of service condition.
18b593c322878bcf3da5811d46415f778b90563ce34a8ad0d53ae59d6676f5d4The PolyCom IP-301 VoIP desktop phone suffers from multiple denial of service issues.
83ca8eb0ba5bbf411ffca5edd5a2ed2427eebe674c8882486b3d029dc8bc0244The primary goal of this whitepaper is to provide analysis that studies research trends using publicly reported vulnerabilities.
39c10997c6f5094533bf1e13e89f8d785b8bce736894c854cff9c91582970db9wicrawl is a wi-fi scanner and auditor with a plugin infrastructure for implementing active checks (like nmap/dhcp/aircrack/nessus/coWPAtty, etc). It can use multiple cards (at the same time) for running plugins, and has a simple to use GUI.
7b0226bf4ae78a5191951a2e09dadb6d60b615641ea3dbaf19865d33c4ac8b1fHardened-PHP Project Security Advisory - PHP's open_basedir feature is meant to disallow scripts to access files outside a set of configured base directories. The checks for this are placed within PHP functions dealing with files before the actual open call is performed. Obviously there is a little span of time between the check and the actual open call. During this time span the checked path could have been altered and point to a file that is forbidden to be accessed due to open_basedir restrictions. PHP versions 4 and 5 are affected by this.
30b69580586034b39009158f223a863097c8ed27da275370e8a21b78400ad543phpMyProfiler suffers from a remote file inclusion vulnerability.
7e997a175e5c419a43a413ab5e35e767aa400dc7e39a0767ae09c1f9ef43782eThis is an archive of various @Stake tools that help perform vulnerability scanning and analysis, information gathering, password auditing, and forensics.
940a982de22b2a16a77c8a9239a4c129a32c00662e680f91e813279358ce0ef0Advchk (Advisory Check) reads security advisories so you do not have to. Advchk gathers security advisories using RSS feeds, compares them to a list of known services, and alerts you if you are vulnerable. Since adding hosts and services by hand would be quite a boring task, advchk leverages nmap for automatic service and version discovery.
dca71591b3861d250bd0c01f26c8f9c9301c026b9f2801122bc58d93b12a400fHITBSecConf2006 Presentation - MOSREF: Using Cryptography and Injectable Virtual Machines in Security.
6ebc0677ca036a5bb4b4aa391d01ce08011f2ef6428bbe899715080b876373fdHITBSecConf2006 Presentation - VoIPhreaking: SIPhallis Unveiled.
55819f64fc30085e3548f1fc45e1d9c7671876304111e31b58763ce476b15121HITBSecConf2006 Presentation - Smashing the Stack for Profit - Period.
cd74f7befdf12c7c088085b1801eab1d242650db7f86d39c152344ae7ac1c34bHITBSecConf2006 Presentation - The Biggest Brother.
593d5a78bfc5e29cff64ec5f6f7464f848eec1f59121378c7b9beb514ba9c92bHITBSecConf2006 Presentation - A New Approach to Cybercrime: The Hackers Profiling Project (HPP).
fe422b6eba9e7e5be46710ece591e7835f71c06b0b869e4a607fae76beccd956HITBSecConf2006 Presentation - Scapy and IPv6 networking.
432effb8942d5cd534cb10fa92aa8d8d8bdba7f14a3def904ec9cb85f3f03970HITBSecConf2006 Presentation - Finding Secrets in ISAPI.
bc0314b2e692a9f545d86a278fbf1b1fff9a3394cf2ad0abb846888a1a402087HITBSecConf2006 Presentation - Towards an Invisible Honeypot Monitoring System.
4a9b4c63d47b9b96eea0f12e6cefc0b433c2b7fae81bd20cbb93d36c468cfef6HITBSecConf2006 Presentation - Subverting the Vista Kernel For Fun And Profit.
166ba047155514bdbc82f9186d41dca4b8e72f60d2b133a6a00d0de888f89ac7
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed