The initial observation was, that the linux vm86 syscall, which allows to use the virtual-8086 mode from userspace for emulating of old 8086 software as done with dosemu, was prone to trigger FPU errors. Closer analysis showed, that in general, the handling of the FPU control register and unhandled FPU-exception could trigger CPU-exceptions at unexpected locations, also in ring-0 code. Proof of concept code included.
c0d7b7b3940841dcb9f666f46a4adb35352ef1442a9a3e3f3fde132e5689e1efSpamina Email Firewall version 3.3.1.1 suffers from multiple directory traversal vulnerabilities.
c2e61c56d5fe28f5d6fee6b4c1a3e0cc6c2f56409908e471f9bd8fd501c9d352GetSimple CMS versions 3.1.2 and 3.2.3 suffer from persistent cross site scripting vulnerabilities.
673085354c1aa7a5d4988c8b7f096e0d825a07b9c4a4d58be0153ed65f72251dDredge School Administration System version 1.0 suffers from backup disclosure, account disclosure, cross site request forgery, cross site scripting, and remote SQL injection vulnerabilities.
eaa701db8fbc9aa704db6e8e1be81611fe3f74c47f614015cbb7b7a87085e20eMiddle School Homework Page version 1.3 Beta 1 suffers from cross site scripting and remote SQL injection vulnerabilities.
fcd3ad9c7685362a7f5ddb3ff01ea249fd41a62d27a1e24dce1b1576f9bd6707Command School Student Management System version 1.06.01 suffers from cross site request forgery, cross site scripting, and remote SQL injection vulnerabilities.
f21fadfba66ed93c307bc2f7a2247cee0d8a016bcb82c7f40566e62dc5b4bc10Digital Whisper Electronic Magazine issue 48. Written in Hebrew.
c748dd0a6267a1a3e08c20f93993e12845f13ee32d72463eaa00cb58a68b0971The Joomla Aclsfgpl component suffers from a remote shell upload vulnerability.
ffdc2dca430359bb550c7f9e7de6df509bff1d997c0bf10e1f18cee2fa5e16f0HITB Magazine Volume 4 Issue 10 - Topics include TCP Idle Scans in IPv6, You Can Be Anything You Want To Be, and more.
50cfbbcf7deacef2c4378690b5e16d7bfaaee94a8a5e0d5c9d30a98824a75c6eTor-ramdisk is an i686 uClibc-based micro Linux distribution whose only purpose is to host a Tor server in an environment that maximizes security and privacy. Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. Security is enhanced by employing a monolithically compiled GRSEC/PAX patched kernel and hardened system tools. Privacy is enhanced by turning off logging at all levels so that even the Tor operator only has access to minimal information. Finally, since everything runs in ephemeral memory, no information survives a reboot, except for the Tor configuration file and the private RSA key which may be exported/imported by FTP. x86_64 version.
f262d9d4e30f00b9c21d25b430a6d1ba20e3d76c897a5079541ffee7453bc9eeTor-ramdisk is an i686 uClibc-based micro Linux distribution whose only purpose is to host a Tor server in an environment that maximizes security and privacy. Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. Security is enhanced by employing a monolithically compiled GRSEC/PAX patched kernel and hardened system tools. Privacy is enhanced by turning off logging at all levels so that even the Tor operator only has access to minimal information. Finally, since everything runs in ephemeral memory, no information survives a reboot, except for the Tor configuration file and the private RSA key which may be exported/imported by FTP. x86 version.
44be22bf97825e0e955f61b5ea9b904e798468040fba6b9cec9c5ec189a4f454vTiger CRM allows an user to bypass authentication when requesting SOAP services. In addition, arbitrary file upload is possible through the AddEmailAttachment SOAP service. By combining both vulnerabilities an attacker can upload and execute PHP code. This Metasploit module has been tested successfully on vTiger CRM v5.4.0 over Ubuntu 10.04 and Windows 2003 SP2.
096231674c8f8b909aa615a43b74ff7759a1a02e9d084e43958295c8fdccd15fXplico is an open source Network Forensic Analysis Tool (NFAT) that allows for data extraction from traffic captures. It supports extraction of mail from POP, IMAP, and SMTP, can extract VoIP streams, etc. This is the version that has a GUI allowing you to view photos, texts and videos contained in MMS messages.
3e0854ca7338efe0a0688525ac09c015a0cf8cc16db0840fa5c65351038594ac
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed