< Back to JetLib.com

jetlib.sec » Packet Storm Security Recent Files

Feeds

167854 items (5283 unread) in 27 feeds

1337day (was: Inj3ct0r, 1337db) (722 unread)
OSVDB Vulnerabilities
Exploit-DB (374 unread)
SecurityFocus Vulnerabilities (1683 unread)
Bugtraq (560 unread)
Full Disclosure (915 unread)
XSSed (3 unread)
Packet Storm Security Headlines (546 unread)
Packet Storm Security Advisories (323 unread)
Packet Storm Security Exploits (115 unread)
Packet Storm Security Recent Files (2 unread)
Packet Storm Security Tools
Packet Storm Security Misc. Files
Sophos security news
Sophos product advisories
Penetration Testing (24 unread)
SecuriTeam (16 unread)
BackTrack Linux Forums
Threatpost
SecDocs
carnal0wnage.attackresearch.com
Carnal0wnage
Kernel Fun
Darknet
The Exploitant
Hack a Day
Wirevolution

« Expand/Collapse

Packet Storm Security Recent Files (2 unread)

Skip to page: 1 2 3 ... 66

February 08, 2013
19:41
TP-LINK Admin Panel Cross Site Request Forgery
» ‎ Packet Storm Security Recent Files

The TP-LINK administrative panel in WR2543ND with firmware version 3.13.6 build 110923 release 53137n suffers from a cross site request forgery.
Tags:
19:35
Manipulating Memory For Fun And Profit
» ‎ Packet Storm Security Recent Files

Memory analysis and manipulation can provide security analysts with formidable weapons. During his talk at Information Security Day for ISACA Luxembourg Chapter, Frederic BOURLA presented most memory manipulation tricks from both offensive and defensive angles. The talk first dealt with the attacker’s layer, from pivoting attacks to IEEE1394 issues through in-memory fuzzing, which permits auditors to bypass built-in features, network limitations and encryption to remain able to uncover security vulnerabilities in a running application. In a second stage, the talk focused on the benefits of memory manipulation in computer forensics and malware analysis fields, especially when facing sophisticated malcode, such as kernel rootkits or heavily encrypted reverse trojans. Basically, this talk aimed to open the doors to a fascinating world which could easily allow security analysts to save lots of time during their recurrent duties. These are the slides from the talk.
Tags:
January 04, 2013
16:51
Nexpose Security Console Session Capture
» ‎ Packet Storm Security Recent Files

Nexpose Security Console versions prior to 5.5.3 suffer from a session capture issue due to logging session IDs in log files.
Tags: session nexpose security session-ids
16:49
Nexpose Security Console Cross Site Request Forgery
» ‎ Packet Storm Security Recent Files

Nexpose Security Console versions prior to 5.5.3 suffer from multiple cross site request forgery vulnerabilities.
Tags: console nexpose security forgery
15:48
Enterasys NetSight nssyslogd.exe Buffer Overflow
» ‎ Packet Storm Security Recent Files

This Metasploit module exploits a stack buffer overflow in Enterasys NetSight. The vulnerability exists in the Syslog service (nssylogd.exe) when parsing a specially crafted PRIO from a syslog message. The module has been tested successfully on Enterasys NetSight 4.0.1.34 over Windows XP SP3 and Windows 2003 SP2.
Tags: exe netsight enterasys windows-xp-sp3 stack-buffer buffer-overflow
15:33
pfSense 2.0.1 XSS / CSRF / Command Execution
» ‎ Packet Storm Security Recent Files

pfSense version 2.0.1 suffers from cross site request forgery and cross site scripting vulnerabilities. The cross site request forgery proof of concept also demonstrates a remote command execution vulnerability.
Tags: cross pfsense site command-execution cross-site-scripting proof-of-concept
15:33
TomatoCart 1.x Unrestricted File Creation
» ‎ Packet Storm Security Recent Files

TomatoCart 1.x versions are susceptible to an unrestricted file creation vulnerability.
Tags: file tomatocart creation creation-vulnerability x-versions
14:22
ICEstate SQL Injection
» ‎ Packet Storm Security Recent Files

ICEstate (Real Estate Marketplace) suffers from a remote SQL injection vulnerability.
Tags: injection sql icestate real-estate-marketplace sql-injection vulnerability
13:11
Nova: Network Anti-Reconnaissance Tool 12.12
» ‎ Packet Storm Security Recent Files

Nova is a software application for preventing and detecting hostile network reconnaissance (such as nmap scans). It does this by first creating the Haystack: a large collection of low interaction honeypots using an updated version of Honeyd. Finding real machines on the network becomes like finding a needle in a haystack of fake machines. Second, Nova uses machine learning algorithms to automatically detect and classify attempts at hostile reconnaissance, so there's no need to go searching manually through your honeypot's log files. It provides an easy to use Web-based interface powered by Node.js to configure itself and Honeyd instances.
Tags: reconnaissance network haystack nova needle-in-a-haystack machine-learning-algorithms hostile-network
12:22
Eye-Fi Helper Directory Traversal
» ‎ Packet Storm Security Recent Files

Eye-Fi Helper versions prior to 3.4.23 suffer from a directory traversal vulnerability. Exploit included in eyepwn.zip.
Tags: directory helper traversal directory-traversal-vulnerability
4:22
Elastix 2.3 PHP Code Injection
» ‎ Packet Storm Security Recent Files

Elastix versions prior to 2.4 php code injection exploit.
Tags: code php elastix
2:11
160By2 / Way2SMS Cross Site Request Forgery
» ‎ Packet Storm Security Recent Files

160By2.com and Way2SMS.com suffer from a cross site request forgery vulnerability.
Tags: sms cross way forgery vulnerability
2:11
MyBB Profile Wii Friend Code 1.0 Cross Site Scripting / SQL Injection
» ‎ Packet Storm Security Recent Files

MyBB Profile Wii Friend Code version 1.0 suffers from cross site scripting and remote SQL injection vulnerabilities.
Tags: wii mybb profile
January 03, 2013
18:03
Nova: Network Anti-Reconnaissance Tool 12.11
» ‎ Packet Storm Security Recent Files

Nova is a software application for preventing and detecting hostile network reconnaissance (such as nmap scans). It does this by first creating the Haystack: a large collection of low interaction honeypots using an updated version of Honeyd. Finding real machines on the network becomes like finding a needle in a haystack of fake machines. Second, Nova uses machine learning algorithms to automatically detect and classify attempts at hostile reconnaissance, so there's no need to go searching manually through your honeypot's log files. It provides an easy to use Web-based interface powered by Node.js to configure itself and Honeyd instances.
Tags: reconnaissance network haystack nova needle-in-a-haystack machine-learning-algorithms hostile-network
17:43
Aastra IP Telephone Crypto Failure
» ‎ Packet Storm Security Recent Files

The Aastra 6753i IP telephone uses 3DES encrypted payloads in ECB mode to pass configuration files, allowing for modification to the phone's set up.
Tags: crypto telephone aastra ip-telephone payloads configuration-files
17:25
Red Hat Security Advisory 2013-0005-01
» ‎ Packet Storm Security Recent Files

Red Hat Security Advisory 2013-0005-01 - Apache Tomcat is a servlet container. It was found that when an application used FORM authentication, along with another component that calls request.setUserPrincipal() before the call to FormAuthenticator#authenticate(), it was possible to bypass the security constraint checks in the FORM authenticator by appending "/j_security_check" to the end of a URL. A remote attacker with an authenticated session on an affected application could use this flaw to circumvent authorization controls, and thereby access resources not permitted by the roles associated with their authenticated session.
Tags: hat red security red-hat-security apache-tomcat servlet-container
17:25
Red Hat Security Advisory 2013-0004-01
» ‎ Packet Storm Security Recent Files

Red Hat Security Advisory 2013-0004-01 - Apache Tomcat is a servlet container. It was found that when an application used FORM authentication, along with another component that calls request.setUserPrincipal() before the call to FormAuthenticator#authenticate(), it was possible to bypass the security constraint checks in the FORM authenticator by appending "/j_security_check" to the end of a URL. A remote attacker with an authenticated session on an affected application could use this flaw to circumvent authorization controls, and thereby access resources not permitted by the roles associated with their authenticated session.
Tags: hat red security red-hat-security apache-tomcat servlet-container
17:01
Ratbox IRCd Denial Of Service
» ‎ Packet Storm Security Recent Files

This exploit demonstrates a remotely trigger-able crash in ircd-ratbox version 2.0. It affects Shadowircd version 6.3.3 and Charybdis version 3.4.2.
Tags: version ircd ratbox denial-of-service charybdis version-6
16:22
WordPress Valums Uploader Shell Upload
» ‎ Packet Storm Security Recent Files

The WordPress Valums Uploader plugin suffers from a remote shell upload vulnerability. Note that this finding houses site-specific data.
Tags: uploader valums wordpress remote-shell vulnerability-note
15:32
Allied Telesis AT-MCF2000M 3.0.2 Local Root
» ‎ Packet Storm Security Recent Files

Allied Telesis AT-MCF2000M version 3.0.2 suffers from a local root-level privilege escalation vulnerability.
Tags: at-mcf allied telesis allied-telesis privilege-escalation-vulnerability root-level
15:03
Simple Webserver 2.3-rc1 Directory Traversal
» ‎ Packet Storm Security Recent Files

PM Software Simple Webserver version 2.3-rc1 suffers from a directory traversal vulnerability.
Tags: webserver directory simple directory-traversal-vulnerability webserver-version
9:22
WHMCS 5.x Authentication Bypass
» ‎ Packet Storm Security Recent Files

WHMCS version 5.x suffers from an authentication bypass vulnerability that leverages the cache.
Tags: authentication whmcs bypass vulnerability
4:11
Indrajith Mini Shell 2.0
» ‎ Packet Storm Security Recent Files

This is a mini-php backdoor shell. It has a PHP encoder/decoder, mail bombing functionality, reverse shell, cPanel cracker, and more.
Tags: mini shell indrajith mail-bombing mini-shell cracker
3:23
Simple Machines Forum 2.0.3 Path Disclosure
» ‎ Packet Storm Security Recent Files

Simple Machines Forum versions 2.0.3 and below suffer from a path disclosure vulnerability.
Tags: path forum simple simple-machines vulnerability disclosure
January 02, 2013
21:43
WordPress Advanced Custom Fields Remote File Inclusion
» ‎ Packet Storm Security Recent Files

This Metasploit module exploits a remote file inclusion flaw in the WordPress blogging software plugin known as Advanced Custom Fields. The vulnerability allows for remote file inclusion and remote code execution via the export.php script. The Advanced Custom Fields plug-in versions 3.5.1 and below are vulnerable. This exploit only works when the php option allow_url_include is set to On (Default Off).
Tags: custom fields advanced blogging-software code-execution vulnerability
21:32
WordPress Xerte Online 0.32 Shell Upload
» ‎ Packet Storm Security Recent Files

WordPress Xerte Online plugin version 0.32 suffers from a remote shell upload vulnerability.
Tags: xerte online wordpress remote-shell vulnerability
21:31
WordPress Uploader 1.0.4 Shell Upload
» ‎ Packet Storm Security Recent Files

WordPress Uploader plugin version 1.0.4 suffers from a remote shell upload vulnerability.
Tags: uploader shell wordpress remote-shell vulnerability
21:29
WordPress ReFlex Gallery 1.3 Shell Upload
» ‎ Packet Storm Security Recent Files

WordPress ReFlex Gallery plugin version 1.3 suffers from a remote shell upload vulnerability.
Tags: gallery reflex wordpress remote-shell gallery-1
21:25
WordPress Shopping Cart 8.1.14 Shell Upload / SQL Injection
» ‎ Packet Storm Security Recent Files

WordPress Shopping Cart version 8.1.14 from Level Four Store Front suffers from remote SQL injection and shell upload vulnerabilities.
Tags: cart wordpress shopping shopping-cart shell
16:06
Asterisk Project Security Advisory - AST-2012-015
» ‎ Packet Storm Security Recent Files

Asterisk Project Security Advisory - Asterisk maintains an internal cache for devices. The device state cache holds the state of each device known to Asterisk, such that consumers of device state information can query for the last known state for a particular device, even if it is not part of an active call. The concept of a device in Asterisk can include things that do not have a physical representation. One way that this currently occurs is when anonymous calls are allowed in Asterisk. A device is automatically created and stored in the cache for each anonymous call that occurs; this is possible in the SIP and IAX2 channel drivers and through channel drivers that utilize the res_jabber/res_xmpp resource modules (Gtalk, Jingle, and Motif). Attackers exploiting this vulnerability can attack an Asterisk system configured to allow anonymous calls by varying the source of the anonymous call, continually adding devices to the device state cache and consuming a system's resources.
Tags: state device asterisk internal-cache active-call project-security
16:05
Asterisk Project Security Advisory - AST-2012-014
» ‎ Packet Storm Security Recent Files

Asterisk Project Security Advisory - Asterisk has several places where messages received over various network transports may be copied in a single stack allocation. In the case of TCP, since multiple packets in a stream may be concatenated together, this can lead to large allocations that overflow the stack. In the case of SIP, it is possible to do this before a session is established. Keep in mind that SIP over UDP is not affected by this vulnerability. With HTTP and XMPP, a session must first be established before the vulnerability may be exploited. The XMPP vulnerability exists both in the res_jabber.so module in Asterisk 1.8, 10, and 11 as well as the res_xmpp.so module in Asterisk 11.
Tags: vulnerability xmpp asterisk network-transports stack-allocation project-security
16:04
Mandriva Linux Security Advisory 2013-001
» ‎ Packet Storm Security Recent Files

Mandriva Linux Security Advisory 2013-001 - Versions of GnuPG less than or equal to 1.4.12 are vulnerable to memory access violations and public keyring database corruption when importing public keys that have been manipulated. An OpenPGP key can be fuzzed in such a way that gpg segfaults when importing the key. The updated packages have been patched to correct this issue.
Tags: mandriva security linux mandriva-linux database-corruption linux-security
15:48
GNU Transport Layer Security Library 3.1.6
» ‎ Packet Storm Security Recent Files

GnuTLS is a secure communications library implementing the SSL and TLS protocols and technologies around them. It provides a simple C language application programming interface (API) to access the secure communications protocols, as well as APIs to parse and write X.509, PKCS #12, OpenPGP, and other required structures. It is intended to be portable and efficient with a focus on security and interoperability.
Tags: library gnu security application-programming-interface transport-layer-security communications-protocols
15:03
osTicket 1.7 DPR3 XSS / Disclosure / Redirect / SQL Injection
» ‎ Packet Storm Security Recent Files

osTicket version 1.7 DPR3 suffers from cross site scripting, path disclosure, open redirection, and remote blind SQL injection vulnerabilities.
Tags: osticket disclosure dpr redirection
15:01
osTicket 1.7 RC2 CSRF / Disclosure / XSS / Redirect
» ‎ Packet Storm Security Recent Files

osTicket version 1.7 RC2 suffers from cross site request forgery, cross site scripting, path disclosure, and open redirection vulnerabilities.
Tags: cross osticket disclosure cross-site-scripting forgery redirection
15:01
osTicket 1.6 ST CSRF / SQL Injection
» ‎ Packet Storm Security Recent Files

osTicket version 1.6 stable suffers from cross site request forgery and remote blind SQL injection vulnerabilities.
Tags: osticket injection sql sql-injection csrf forgery
12:26
Microsoft Internet Explorer CButton Object Use-After-Free
» ‎ Packet Storm Security Recent Files

This Metasploit module exploits a vulnerability found in Microsoft Internet Explorer. A use-after-free condition occurs when a CButton object is freed, but a reference is kept and used again during a page reload, an invalid memory that's controllable is used, and allows arbitrary code execution under the context of the user. Please note: This vulnerability has been exploited in the wild targeting mainly China/Taiwan/and US-based computers.
Tags: internet microsoft explorer taiwan arbitrary-code-execution cbutton china-taiwan
10:58
Remote System Over IRC (And For Fun And Profit)
» ‎ Packet Storm Security Recent Files

RSOI, or Remote System over IRC, is a whitepaper about a feature adopted by the MpTcp software. This tool executes this action in order to delegate partial use (or total) of resources of a system to a remote entity. In this document, the action of using RSOI is dependently associated with the use of MpTcp. Therefore, manipulating RSOI here means to use MpTcp directly to implement this action, and nothing more.
Tags: system mptcp rsoi whitepaper irc
8:31
Packet Storm New Exploits For 2012
» ‎ Packet Storm Security Recent Files

Complete comprehensive archive of all 3,418 exploits added to Packet Storm in 2012.
Tags: storm new packet packet-storm exploits
8:16
Packet Storm New Exploits For December, 2012
» ‎ Packet Storm Security Recent Files

This archive contains all of the 190 exploits added to Packet Storm in December, 2012.
Tags: december storm packet packet-storm exploits
5:33
Astium VoIP PBX 2.1 Denial Of Service
» ‎ Packet Storm Security Recent Files

Astium VoIP PBX versions 2.1 build 25399 and below remote crash proof of concept exploit that causes astiumd to crash when sent a large buffer.
Tags: voip pbx astium crash-proof voip-pbx proof-of-concept
4:22
Astium VoIP PBX 2.1 Remote Root
» ‎ Packet Storm Security Recent Files

Astium is prone to multiple vulnerabilities. This exploit uses SQL injection to bypass authentication on the login page and get access as an administrator. After that it uploads and executes a PHP script that will modify the "/usr/local/astium/web/php/config.php" script with a reverse shell and run a "sudo /sbin/service astcfgd reload". Version 2.1 build 25399 is affected.
Tags: script php astium voip-pbx php-script sudo
3:11
Post Exploitation With Railgun
» ‎ Packet Storm Security Recent Files

This is a whitepaper that discusses how to use Railgun, the extension for Meterpreter Ruby, in order to further exploitation.
Tags: exploitation post railgun ruby whitepaper
2:22
Drupal 6.x / 7.18 Information Disclosure
» ‎ Packet Storm Security Recent Files

Drupal versions 6.x through 7.18 suffer from getimagesize() path and information disclosure vulnerabilities.
Tags: disclosure drupal information information-disclosure
2:11
NFC - Near Field Communication
» ‎ Packet Storm Security Recent Files

This whitepaper discusses NFC, or Near Field Communication, and explains the related security implications.
Tags: nfc communication field field-communication related-security security-implications
January 01, 2013
19:33
Digital Whisper Electronic Magazine #38
» ‎ Packet Storm Security Recent Files

Digital Whisper Electronic Magazine issue 38. Written in Hebrew.
Tags: digital whisper electronic electronic-magazine hebrew
11:22
AthCon 2013 Call For Papers
» ‎ Packet Storm Security Recent Files

The AthCon 2013 Call For Papers has been announced. It will take place in Athens, Greece on June 6th through the 7th, 2013.
Tags: athcon papers call athens greece athens-greece call-for-papers
11:01
WordPress Sahifa 2.4.0 Cross Site Request Forgery / Path Disclosure
» ‎ Packet Storm Security Recent Files

WordPress Sahifa theme version 2.4.0 suffers from cross site request forgery and path disclosure vulnerabilities.
Tags: cross sahifa wordpress forgery
10:22
e107 1.0.1 Administrator Cross Site Request Forgery
» ‎ Packet Storm Security Recent Files

e107 version 1.0.1 suffers from a cross site request forgery vulnerability that results in arbitrary javascript execution.
Tags: cross request site javascript-execution forgery vulnerability
10:22
CubeCart 5.x Cross Site Scripting
» ‎ Packet Storm Security Recent Files

CubeCart version 5.x suffers from a cross site scripting vulnerability.
Tags: cross cubecart site cross-site-scripting vulnerability
9:22
e107 1.0.2 Administrator Cross Site Request Forgery
» ‎ Packet Storm Security Recent Files

e107 version 1.0.2 suffers from a cross site request forgery vulnerability that results in SQL injection.
Tags: cross request site forgery vulnerability
9:22
ShakaCon 2013 Call For Papers
» ‎ Packet Storm Security Recent Files

The Shakacon 2013 Call For Papers has been announced. It will take place June 25th through the 28st, 2013 in Honolulu, Hawaii.
Tags: shakacon papers call honolulu hawaii honolulu-hawaii call-for-papers
9:22
CubeCart 5.x Cross Site Request Forgery
» ‎ Packet Storm Security Recent Files

CubeCart version 5.x suffers from a cross site request forgery vulnerability.
Tags: cross cubecart site forgery vulnerability
7:55
Introduction To ARM Linux Exploiting
» ‎ Packet Storm Security Recent Files

This is a whitepaper called Introduction to ARM Linux Exploiting. Written in Turkish.
Tags: ARM introduction linux arm-linux
December 31, 2012
8:58
GnuPG 1.4.12 Database Corruption
» ‎ Packet Storm Security Recent Files

GnuPG versions 1.4.12 and below are vulnerable to memory access violations and public keyring database corruption when importing public keys that have been manipulated.
Tags: corruption gnupg database database-corruption memory-access public-keys
8:54
Debian Security Advisory 2596-1
» ‎ Packet Storm Security Recent Files

Debian Linux Security Advisory 2596-1 - Thorsten Glaser discovered that the RSSReader extension for mediawiki, a website engine for collaborative work, does not properly escape tags in feeds. This could allow a malicious feed to inject JavaScript into the mediawiki pages.
Tags: advisory debian security thorsten-glaser malicious-feed linux-security debian-linux
6:44
Grep Integer Overflow
» ‎ Packet Storm Security Recent Files

Grep versions prior to 2.11 suffer from an integer overflow vulnerability.
Tags: integer grep overflow integer-overflow-vulnerability
December 30, 2012
19:17
Microsoft Internet Explorer CDwnBindInfo Object Use-After-Free
» ‎ Packet Storm Security Recent Files

This Metasploit module exploits a vulnerability found in Microsoft Internet Explorer. A use-after-free condition occurs when a CButton object is freed, but a reference is kept and used again during a page reload, an invalid memory that's controllable is used, and allows arbitrary code execution under the context of the user. Please note: This vulnerability has been exploited in the wild targeting mainly China/Taiwan/and US-based computers.
Tags: internet microsoft explorer taiwan arbitrary-code-execution cbutton china-taiwan
19:17
Microsoft Internet Explorer CDwnBindInfo Object Use-After-Free
» ‎ Packet Storm Security Recent Files

This Metasploit module exploits a vulnerability found in Microsoft Internet Explorer. A use-after-free condition occurs when a CButton object is freed, but a reference is kept and used again during a page reload, an invalid memory that's controllable is used, and allows arbitrary code execution under the context of the user. Please note: This vulnerability has been exploited in the wild targeting mainly China/Taiwan/and US-based computers.
Tags: internet microsoft explorer taiwan arbitrary-code-execution cbutton china-taiwan
19:17
IBM Lotus QuickR qp2 ActiveX Buffer Overflow
» ‎ Packet Storm Security Recent Files

This Metasploit module exploits a buffer overflow vulnerability on the UploadControl ActiveX. The vulnerability exists in the handling of the "Attachment_Times" property, due to the insecure usage of the _swscanf. The affected ActiveX is provided by the qp2.dll installed with the IBM Lotus Quickr product. This Metasploit module has been tested successfully on IE6-IE9 on Windows XP, Vista and 7, using the qp2.dll 8.1.0.1800. In order to bypass ASLR the no aslr compatible module msvcr71.dll is used. This one is installed with the qp2 ActiveX.
Tags: dll activex module activex-buffer-overflow buffer-overflow-vulnerability msvcr71-dll
19:17
IBM Lotus QuickR qp2 ActiveX Buffer Overflow
» ‎ Packet Storm Security Recent Files

This Metasploit module exploits a buffer overflow vulnerability on the UploadControl ActiveX. The vulnerability exists in the handling of the "Attachment_Times" property, due to the insecure usage of the _swscanf. The affected ActiveX is provided by the qp2.dll installed with the IBM Lotus Quickr product. This Metasploit module has been tested successfully on IE6-IE9 on Windows XP, Vista and 7, using the qp2.dll 8.1.0.1800. In order to bypass ASLR the no aslr compatible module msvcr71.dll is used. This one is installed with the qp2 ActiveX.
Tags: dll activex module activex-buffer-overflow buffer-overflow-vulnerability msvcr71-dll
19:16
IBM Lotus iNotes dwa85W ActiveX Buffer Overflow
» ‎ Packet Storm Security Recent Files

This Metasploit module exploits a buffer overflow vulnerability on the UploadControl ActiveX. The vulnerability exists in the handling of the "Attachment_Times" property, due to the insecure usage of the _swscanf. The affected ActiveX is provided by the dwa85W.dll installed with the IBM Lotus iNotes ActiveX installer. This Metasploit module has been tested successfully on IE6-IE9 on Windows XP, Vista and 7, using the dwa85W.dll 85.3.3.0 as installed with Lotus Domino 8.5.3. In order to bypass ASLR the no aslr compatible module dwabho.dll is used. This one is installed with the iNotes ActiveX.
Tags: lotus dwa module w-activex domino activex-buffer-overflow buffer-overflow-vulnerability lotus-inotes
19:16
IBM Lotus iNotes dwa85W ActiveX Buffer Overflow
» ‎ Packet Storm Security Recent Files

This Metasploit module exploits a buffer overflow vulnerability on the UploadControl ActiveX. The vulnerability exists in the handling of the "Attachment_Times" property, due to the insecure usage of the _swscanf. The affected ActiveX is provided by the dwa85W.dll installed with the IBM Lotus iNotes ActiveX installer. This Metasploit module has been tested successfully on IE6-IE9 on Windows XP, Vista and 7, using the dwa85W.dll 85.3.3.0 as installed with Lotus Domino 8.5.3. In order to bypass ASLR the no aslr compatible module dwabho.dll is used. This one is installed with the iNotes ActiveX.
Tags: lotus dwa module w-activex domino activex-buffer-overflow buffer-overflow-vulnerability lotus-inotes
19:12
Debian Security Advisory 2595-1
» ‎ Packet Storm Security Recent Files

Debian Linux Security Advisory 2595-1 - Marc Schoenefeld discovered that an integer overflow in the ICC parsing code of Ghostscript can lead to the execution of arbitrary code.
Tags: advisory debian security marc-schoenefeld integer-overflow linux-security debian-linux
19:12
Debian Security Advisory 2595-1
» ‎ Packet Storm Security Recent Files

Debian Linux Security Advisory 2595-1 - Marc Schoenefeld discovered that an integer overflow in the ICC parsing code of Ghostscript can lead to the execution of arbitrary code.
Tags: advisory debian security marc-schoenefeld integer-overflow linux-security debian-linux
19:11
Debian Security Advisory 2594-1
» ‎ Packet Storm Security Recent Files

Debian Linux Security Advisory 2594-1 - halfdog discovered that incorrect interrupt handling in Virtualbox, a x86 virtualization solution, can lead to denial of service.
Tags: advisory debian security denial-of-service linux-security debian-linux
19:11
Debian Security Advisory 2594-1
» ‎ Packet Storm Security Recent Files

Debian Linux Security Advisory 2594-1 - halfdog discovered that incorrect interrupt handling in Virtualbox, a x86 virtualization solution, can lead to denial of service.
Tags: advisory debian security denial-of-service linux-security debian-linux
19:11
Ubuntu Security Notice USN-1680-1
» ‎ Packet Storm Security Recent Files

Ubuntu Security Notice 1680-1 - It was discovered that MoinMoin did not properly sanitize its input when processing AnyWikiDraw and TWikiDraw actions. A remote attacker with write access could exploit this to overwrite arbitrary files and execute arbitrary code with the privileges of the web server (user 'www-data'). It was discovered that MoinMoin also did not properly sanitize its input when processing the AttachFile action. A remote attacker could exploit this to overwrite files via directory traversal. Various other issues were also addressed.
Tags: ubuntu notice security web-server-user arbitrary-files directory-traversal
19:11
Ubuntu Security Notice USN-1680-1
» ‎ Packet Storm Security Recent Files

Ubuntu Security Notice 1680-1 - It was discovered that MoinMoin did not properly sanitize its input when processing AnyWikiDraw and TWikiDraw actions. A remote attacker with write access could exploit this to overwrite arbitrary files and execute arbitrary code with the privileges of the web server (user 'www-data'). It was discovered that MoinMoin also did not properly sanitize its input when processing the AttachFile action. A remote attacker could exploit this to overwrite files via directory traversal. Various other issues were also addressed.
Tags: ubuntu notice security web-server-user arbitrary-files directory-traversal
19:11
Debian Security Advisory 2593-1
» ‎ Packet Storm Security Recent Files

Debian Linux Security Advisory 2593-1 - It was discovered that missing input validation in the twikidraw and anywikidraw actions can result in the execution of arbitrary code. This security issue in being actively exploited.
Tags: advisory debian security input-validation linux-security debian-linux
19:11
Debian Security Advisory 2593-1
» ‎ Packet Storm Security Recent Files

Debian Linux Security Advisory 2593-1 - It was discovered that missing input validation in the twikidraw and anywikidraw actions can result in the execution of arbitrary code. This security issue in being actively exploited.
Tags: advisory debian security input-validation linux-security debian-linux
14:22
Zykeys Wireless Tool
» ‎ Packet Storm Security Recent Files

Zykeys demonstrates how default wireless settings are derived on some models of ZyXEL routers.
Tags: zykeys Wireless tool wireless-tool routers models
14:22
Zykeys Wireless Tool
» ‎ Packet Storm Security Recent Files

Zykeys demonstrates how default wireless settings are derived on some models of ZyXEL routers.
Tags: zykeys Wireless tool wireless-tool routers models
9:22
BlazeDVD 6.1 PLF Exploit DEP/ASLR Bypass
» ‎ Packet Storm Security Recent Files

This Metasploit module updates an existing MSF module originally written for BlazeDVD 5.1. The new module will bypass DEP and ASLR on version 6. The original vulnerability is due to the handling of specially crafted PLF files. Exploiting this allows us to execute arbitrary code running under the context of the user.
Tags: plf blazedvd module module-updates msf arbitrary-code
9:22
BlazeDVD 6.1 PLF Exploit DEP/ASLR Bypass
» ‎ Packet Storm Security Recent Files

This Metasploit module updates an existing MSF module originally written for BlazeDVD 5.1. The new module will bypass DEP and ASLR on version 6. The original vulnerability is due to the handling of specially crafted PLF files. Exploiting this allows us to execute arbitrary code running under the context of the user.
Tags: plf blazedvd module module-updates msf arbitrary-code
6:44
WordPress SB Uploader 3.9 Shell Upload
» ‎ Packet Storm Security Recent Files

WordPress SB Uploader version 3.9 suffers from an arbitrary file upload vulnerability.
Tags: upload uploader wordpress file-upload vulnerability
6:44
WordPress RocketTheme Content Spoofing / Cross Site Scripting
» ‎ Packet Storm Security Recent Files

33 new themes for WordPress that are made by RocketTheme suffer from cross site scripting, path disclosure, and content spoofing vulnerabilities.
Tags: content wordpress rockettheme disclosure
6:44
WordPress SB Uploader 3.9 Shell Upload
» ‎ Packet Storm Security Recent Files

WordPress SB Uploader version 3.9 suffers from an arbitrary file upload vulnerability.
Tags: upload uploader wordpress file-upload vulnerability
6:44
WordPress RocketTheme Content Spoofing / Cross Site Scripting
» ‎ Packet Storm Security Recent Files

33 new themes for WordPress that are made by RocketTheme suffer from cross site scripting, path disclosure, and content spoofing vulnerabilities.
Tags: content wordpress rockettheme disclosure
3:11
WordPress Photo Plus / Photo Search XSS / CSRF
» ‎ Packet Storm Security Recent Files

WordPress Photo Plus / Photo Search version 4.8.11 suffers from cross site request forgery and cross site scripting vulnerabilities.
Tags: search-version photo-search forgery
3:11
WordPress Photo Plus / Photo Search XSS / CSRF
» ‎ Packet Storm Security Recent Files

WordPress Photo Plus / Photo Search version 4.8.11 suffers from cross site request forgery and cross site scripting vulnerabilities.
Tags: photo wordpress plus search-version photo-search forgery
2:11
Enterprise Resource Planning SQL Injection
» ‎ Packet Storm Security Recent Files

The ERP (Enterprise Resource Planning) system from Sida University System suffers from a remote SQL injection vulnerability.
Tags: planning resource enterprise enterprise-resource-planning-system vulnerability
2:11
Enterprise Resource Planning SQL Injection
» ‎ Packet Storm Security Recent Files

The ERP (Enterprise Resource Planning) system from Sida University System suffers from a remote SQL injection vulnerability.
Tags: planning resource enterprise enterprise-resource-planning-system vulnerability
December 29, 2012
10:04
Bluelog Bluetooth Scanner/Logger 1.1.0
» ‎ Packet Storm Security Recent Files

Bluelog is a Bluetooth scanner/logger written with speed in mind. It is intended to be used as a site survey tool, concerned more about accurately detecting the number of discoverable Bluetooth devices than individual device specifics. Bluelog also includes the unique "Bluelog Live" mode, which puts discovered devices into a constantly updating live webpage which you can serve up with your HTTP daemon of choice.
Tags: bluetooth scanner bluelog bluetooth-devices survey-tool site-survey
10:04
Bluelog Bluetooth Scanner/Logger 1.1.0
» ‎ Packet Storm Security Recent Files

Bluelog is a Bluetooth scanner/logger written with speed in mind. It is intended to be used as a site survey tool, concerned more about accurately detecting the number of discoverable Bluetooth devices than individual device specifics. Bluelog also includes the unique "Bluelog Live" mode, which puts discovered devices into a constantly updating live webpage which you can serve up with your HTTP daemon of choice.
Tags: bluetooth scanner bluelog bluetooth-devices survey-tool site-survey
10:00
Bing.com Hostname / IP Enumerator 0.3
» ‎ Packet Storm Security Recent Files

This tool enumerates hostnames from Bing.com for an IP address. Bing.com is Microsoft's search engine which has an IP: search parameter. Written in Bash for Linux. Requires wget.
Tags: hostname search com bing ip-search search-parameter enumerator
10:00
Bing.com Hostname / IP Enumerator 0.3
» ‎ Packet Storm Security Recent Files

This tool enumerates hostnames from Bing.com for an IP address. Bing.com is Microsoft's search engine which has an IP: search parameter. Written in Bash for Linux. Requires wget.
Tags: hostname search com bing ip-search search-parameter enumerator
9:54
Stegano 0.4
» ‎ Packet Storm Security Recent Files

Stegano is a basic Python Steganography module. Stegano implements two methods of hiding: using the red portion of a pixel to hide ASCII messages, and using the Least Significant Bit (LSB) technique. It is possible to use a more advanced LSB method based on integers sets. The sets (Sieve of Eratosthenes, Fermat, Carmichael numbers, etc.) are used to select the pixels used to hide the information.
Tags: lsb python stegano sieve-of-eratosthenes carmichael-numbers ascii-messages
9:54
Stegano 0.4
» ‎ Packet Storm Security Recent Files

Stegano is a basic Python Steganography module. Stegano implements two methods of hiding: using the red portion of a pixel to hide ASCII messages, and using the Least Significant Bit (LSB) technique. It is possible to use a more advanced LSB method based on integers sets. The sets (Sieve of Eratosthenes, Fermat, Carmichael numbers, etc.) are used to select the pixels used to hide the information.
Tags: lsb python stegano sieve-of-eratosthenes carmichael-numbers ascii-messages
8:43
Debian Security Advisory 2592-1
» ‎ Packet Storm Security Recent Files

Debian Linux Security Advisory 2592-1 - Marko Myllynen discovered that elinks, a powerful text-mode browser, incorrectly delegates user credentials during GSS-Negotiate.
Tags: advisory debian security linux-security debian-linux debian-security
8:43
Debian Security Advisory 2592-1
» ‎ Packet Storm Security Recent Files

Debian Linux Security Advisory 2592-1 - Marko Myllynen discovered that elinks, a powerful text-mode browser, incorrectly delegates user credentials during GSS-Negotiate.
Tags: advisory debian security linux-security debian-linux debian-security
2:11
Ubiquiti AirOS 5.5.2 Command Execution
» ‎ Packet Storm Security Recent Files

Ubiquiti AirOS versions 5.5.2 and below suffer from a remote post-authentication root-level command execution vulnerability.
Tags: ubiquiti airos command command-execution root-level
2:11
Ubiquiti AirOS 5.5.2 Command Execution
» ‎ Packet Storm Security Recent Files

Ubiquiti AirOS versions 5.5.2 and below suffer from a remote post-authentication root-level command execution vulnerability.
Tags: ubiquiti airos command command-execution root-level
December 28, 2012
20:53
Google Talk Decoder
» ‎ Packet Storm Security Recent Files

Google Talk decoder tool that demonstrates recovering passwords from accounts.
Tags: decoder google talk recovering-passwords
20:53
Google Talk Decoder
» ‎ Packet Storm Security Recent Files

Google Talk decoder tool that demonstrates recovering passwords from accounts.
Tags: decoder google talk recovering-passwords
20:52
Chrome Web Browser Decoder
» ‎ Packet Storm Security Recent Files

Chrome web browser decoder tool that demonstrates recovering passwords.
Tags: chrome web browser recovering-passwords web-browser
20:52
Chrome Web Browser Decoder
» ‎ Packet Storm Security Recent Files

Chrome web browser decoder tool that demonstrates recovering passwords.
Tags: chrome web browser recovering-passwords web-browser
19:32
Skype Hash Dumper 1.0
» ‎ Packet Storm Security Recent Files

This is a tool that demonstrates dumping MD5 password hashes from the configuration file in Skype.
Tags: dumper Skype hash hashes configuration-file
19:32
Skype Hash Dumper 1.0
» ‎ Packet Storm Security Recent Files

This is a tool that demonstrates dumping MD5 password hashes from the configuration file in Skype.
Tags: dumper Skype hash hashes configuration-file
15:44
tcgetkey 0.1
» ‎ Packet Storm Security Recent Files

tcgetkey is a set of tools that deal with acquiring physical memory dumps via FireWire and then scan the memory dump to locate TrueCrypt keys and finally decrypt the encrypted TrueCrypt container using the keys. It is a proof of concept and only works against TrueCrypt running on Linux hosts.
Tags: memory tcgetkey truecrypt linux-hosts physical-memory proof-of-concept
15:44
CubeCart 5.0.7 Insecure Backup Handling
» ‎ Packet Storm Security Recent Files

CubeCart versions 5.0.7 and below suffer from an insecure backup file handling vulnerability.
Tags: insecure cubecart handling backup-file vulnerability
15:44
CubeCart 5.0.7 Insecure Backup Handling
» ‎ Packet Storm Security Recent Files

CubeCart versions 5.0.7 and below suffer from an insecure backup file handling vulnerability.
Tags: insecure cubecart handling backup-file vulnerability
15:44
tcgetkey 0.1
» ‎ Packet Storm Security Recent Files

tcgetkey is a set of tools that deal with acquiring physical memory dumps via FireWire and then scan the memory dump to locate TrueCrypt keys and finally decrypt the encrypted TrueCrypt container using the keys. It is a proof of concept and only works against TrueCrypt running on Linux hosts.
Tags: memory tcgetkey truecrypt linux-hosts physical-memory proof-of-concept
15:33
WordPress TwentyTen Shell Upload
» ‎ Packet Storm Security Recent Files

The WordPress TwentyTen theme suffers from a remote shell upload vulnerability.
Tags: shell wordpress twentyten remote-shell vulnerability
15:33
WordPress TwentyTen Shell Upload
» ‎ Packet Storm Security Recent Files

The WordPress TwentyTen theme suffers from a remote shell upload vulnerability.
Tags: shell wordpress twentyten remote-shell vulnerability
December 27, 2012
19:42
RealPlayer RealMedia File Handling Buffer Overflow
» ‎ Packet Storm Security Recent Files

This Metasploit module exploits a stack based buffer overflow on RealPlayer versions 15.0.6.14 and below. The vulnerability exists in the handling of real media files, due to the insecure usage of the GetPrivateProfileString function to retrieve the URL property from an InternetShortcut section. This Metasploit module generates a malicious rm file which must be opened with RealPlayer via drag and drop or double click methods. It has been tested successfully on Windows XP SP3 with RealPlayer 15.0.5.109.
Tags: realplayer file handling realplayer-versions windows-xp-sp3 based-buffer-overflow
19:42
RealPlayer RealMedia File Handling Buffer Overflow
» ‎ Packet Storm Security Recent Files

This Metasploit module exploits a stack based buffer overflow on RealPlayer versions 15.0.6.14 and below. The vulnerability exists in the handling of real media files, due to the insecure usage of the GetPrivateProfileString function to retrieve the URL property from an InternetShortcut section. This Metasploit module generates a malicious rm file which must be opened with RealPlayer via drag and drop or double click methods. It has been tested successfully on Windows XP SP3 with RealPlayer 15.0.5.109.
Tags: realplayer file handling realplayer-versions windows-xp-sp3 based-buffer-overflow
19:40
WordPress Asset-Manager PHP File Upload
» ‎ Packet Storm Security Recent Files

This Metasploit module exploits a vulnerability found in WordPress plugin Asset-Manager versions 2.0 and below. By abusing the upload.php file, a malicious user can upload a file to a temp directory without authentication, which results in arbitrary code execution.
Tags: upload wordpress manager arbitrary-code-execution asset-manager malicious-user
19:32
Mptcp Packet Manipulator 1.9.0
» ‎ Packet Storm Security Recent Files

Mpctp is a tool for manipulation of raw packets that allows a large number of options. Its primary purpose is to diagnose and test several scenarios that involving the use of the types of TCP/IP packets. It is able to send certain types of packets to any specific target and manipulations of various fields at runtime. These fields can be modified in its structure as the the Source/Destination IP address and Source/Destination MAC address.
Tags: destination mptcp source mac destination-ip-address source-destination ip-packets
19:29
SonicWall Email Security 7.4.1.x Cross Site Scripting
» ‎ Packet Storm Security Recent Files

SonicWall Email Security version 7.4.1.x suffers from a persistent cross site scripting vulnerability.
Tags: sonicwall email security email-security security-version
19:27
Log Analyzer 3.6.0 Cross Site Scripting
» ‎ Packet Storm Security Recent Files

Log Analyzer version 3.6.0 suffers from a cross site scripting vulnerability.
Tags: cross log analyzer vulnerability log-analyzer
19:09
Malheur Malware Analyzer 0.5.3
» ‎ Packet Storm Security Recent Files

Malheur is a tool for automatic analysis of program behavior recorded from malicious software (malware). It is designed to support the regular analysis of malicious software and the development of detection and defense measures. It allows for identifying novel classes of malware with similar behavior and assigning unknown malware to discovered classes. It can be applied to recorded program behavior of various formats as long as monitored events are separated by delimiter symbols, e.g. as in reports generated by the popular malware sandboxes CWSandbox, Anubis, Norman Sandbox, and Joebox.
Tags: malheur behavior malware norman-sandbox program-behavior malicious-software
19:03
Polycom HDX Video End Points Cross Site Scripting
» ‎ Packet Storm Security Recent Files

The Polycom HDX Video End Points web management interface suffers from a cross site scripting vulnerability.
Tags: video hdx polycom management-interface web-management vulnerability
18:58
Debian Security Advisory 2591-1
» ‎ Packet Storm Security Recent Files

Debian Linux Security Advisory 2591-1 - Multiple security issues have been found in Mahara, an electronic portfolio, weblog, and resume builder, which can result in cross-site scripting, clickjacking or arbitrary file execution.
Tags: advisory debian security resume-builder electronic-portfolio linux-security
16:11
Insecure Authentication Control In J2EE
» ‎ Packet Storm Security Recent Files

This is a whitepaper discussing insecure authentication control in J2EE implemented using sendRedirect().
Tags: insecure control authentication j2ee whitepaper
10:46
THC-IPv6 Attack Tool 2.1
» ‎ Packet Storm Security Recent Files

THC-IPv6 is a toolkit that attacks the inherent protocol weaknesses of IPv6 and ICMP6 and it includes an easy to use packet factory library.
Tags: thc-ipv attack tool tool-2 IPv6 thc
8:59
Mandriva Linux Security Advisory 2012-184
» ‎ Packet Storm Security Recent Files

Mandriva Linux Security Advisory 2012-184 - A stack-based buffer overflow was found in the way libtiff handled DOTRANGE tags. An attacker could use this flaw to create a specially-crafted TIFF file that, when opened, would cause an application linked against libtiff to crash or, possibly, execute arbitrary code. The updated packages have been patched to correct this issue.
Tags: mandriva security linux tiff mandriva-linux based-buffer-overflow tiff-file
8:51
AnonTwi 1.0
» ‎ Packet Storm Security Recent Files

AnonTwi is a free software python client designed to navigate anonymously on social networks. It supports Identi.ca and Twitter.com. It can leverages proxying, randomization of header values, send fake geolocation data, and more.
Tags: anontwi Software python header-values randomization social-networks
8:39
Hook Analyser Whitepaper
» ‎ Packet Storm Security Recent Files

Hook Analyser is a freeware project, started in 2011, to analyse an application during the run-time. The project can be potentially useful in analysing malwares (static and run time), and for performing application crash analysis. This paper breaks down the features and functionality of the tools and provides guidance on usage.
Tags: analyser hook project application-crash crash-analysis freeware-project
8:38
Another File Integrity Checker 3.3
» ‎ Packet Storm Security Recent Files

afick is another file integrity checker, designed to be fast and fully portable between Unix and Windows platforms. It works by first creating a database that represents a snapshot of the most essential parts of your computer system. Then a user can run the script to discover all modifications made since the snapshot was taken (i.e. files added, changed, or removed). The configuration syntax is very close to that of aide or tripwire, and a graphical interface is provided.
Tags: file checker integrity integrity-checker configuration-syntax windows-platforms
8:37
Guru Auction 2.0 SQL Injection
» ‎ Packet Storm Security Recent Files

Guru Auction version 2.0 suffers from multiple remote SQL injection vulnerabilities.
Tags: guru auction sql
8:30
NVidia Display Driver Buffer Overflow
» ‎ Packet Storm Security Recent Files

This is an exploit for a stack buffer overflow in the NVidia Display Driver Service. The service listens on a named pipe (\pipe\nsvr) which has a NULL DACL configured, which should mean that any logged on user or remote user in a domain context (Windows firewall/file sharing permitting) should be able to exploit this vulnerability.
Tags: nvidia display driver stack-buffer buffer-overflow dacl
7:30
Debian Security Advisory 2590-1
» ‎ Packet Storm Security Recent Files

Debian Linux Security Advisory 2590-1 - Bjorn Mork and Laurent Butti discovered crashes in the PPP and RTPS2 dissectors, which could potentially result in the execution of arbitrary code.
Tags: advisory debian security laurent-butti bjorn-mork butti linux-security debian-linux
December 26, 2012
23:22
WHM editfilter.html Cross Site Scripting
» ‎ Packet Storm Security Recent Files

WHM suffers from a persistent cross site scripting vulnerability in editfilter.html.
Tags: whm cross editfilter vulnerability
18:22
cPanel / WHM 11.34.0 Cross Site Scripting
» ‎ Packet Storm Security Recent Files

C-Panel / WHM version 11.34.0 suffer from a cross site scripting vulnerability.
Tags: whm cross cpanel vulnerability
11:22
C-Panel dir.html Cross Site Scripting
» ‎ Packet Storm Security Recent Files

C-Panel suffers from a reflective cross site scripting vulnerability in dir.html.
Tags: cross dir c-panel vulnerability
9:22
Open-Realty CMS 3.x Cross Site Scripting
» ‎ Packet Storm Security Recent Files

Open-Realty CMS version 3.x suffers from a cross site scripting vulnerability.
Tags: cross realty cms vulnerability
4:12
Open-Realty CMS 3.x Cross Site Request Forgery
» ‎ Packet Storm Security Recent Files

Open-Realty CMS version 3.x suffers from a cross site request forgery vulnerability.
Tags: cross realty cms forgery vulnerability
3:11
Joomla Aclassif Cross Site Scripting
» ‎ Packet Storm Security Recent Files

Joomla Aclassif component suffers from a cross site scripting vulnerability. Note that this finding houses site-specific data.
Tags: cross aclassif joomla vulnerability-note
1:22
Joomla Bch / Content Shell Upload
» ‎ Packet Storm Security Recent Files

Joomla content and bch components suffer from a remote shell upload vulnerability.
Tags: content bch joomla remote-shell vulnerability
December 24, 2012
16:06
Hook Analyser Malware Tool 2.2
» ‎ Packet Storm Security Recent Files

Hook Analyser is a hook tool which can be potentially helpful in reversing applications and analysing malware. It can hook to an API in a process and search for a pattern in memory or dump the buffer.
Tags: analyser hook malware hook-tool tool-2 analysing
16:03
Mandriva Linux Security Advisory 2012-183
» ‎ Packet Storm Security Recent Files

Mandriva Linux Security Advisory 2012-183 - A vulnerability has been discovered and corrected in ModSecurity versions 2.6.8 and below. These versions are vulnerable to multipart/invalid part ruleset bypass and were fixed in 2.7.0. The updated packages have been patched to correct this issue.
Tags: mandriva security linux mandriva-linux linux-security security-advisory
15:56
Exploit Next Generation SQL Fingerprint 1.42.24-102144
» ‎ Packet Storm Security Recent Files

The Exploit Next Generation® SQL Fingerprint tool uses a combination of crafted packets for SQL Server Resolution Protocol (SSRP) and Tabular Data Stream Protocol (TDS) (protocols natively used by Microsoft SQL Server) to accurately perform version fingerprinting and determine the exact Microsoft SQL Server version.
Tags: server exploit sql tabular-data-stream sql-server-version microsoft-sql-server
15:52
CubeCart 4.x / 5.x Privilege Escalation
» ‎ Packet Storm Security Recent Files

CubeCart versions 4.x and 5.x suffer from a setup reinstallation privilege escalation vulnerability.
Tags: escalation privilege cubecart privilege-escalation-vulnerability
15:50
CubeCart 4.4.6 Local File Inclusion
» ‎ Packet Storm Security Recent Files

CubeCart versions 4.4.6 and below suffer from a local file inclusion vulnerability.
Tags: inclusion cubecart file vulnerability
15:49
CubeCart 4.4.6 SQL Injection
» ‎ Packet Storm Security Recent Files

CubeCart versions 4.4.6 and below suffer from a remote SQL injection vulnerability.
Tags: injection cubecart sql vulnerability
15:32
WordPress W3 Total Cache Data Disclosure
» ‎ Packet Storm Security Recent Files

This is an exploit for W3 Total Cache called W3 Total Fail that works by attempting to guess SQL queries that might contain important password hashes.
Tags: total cache wordpress password-hashes cache-data sql-queries
15:30
Netransfers 2.1 XSS / LFI / Traversal
» ‎ Packet Storm Security Recent Files

Netransfers version 2.1 suffers from cross site scripting, local file inclusion, and directory traversal vulnerabilities.
Tags: xss netransfers traversal directory-traversal inclusion
15:27
PHP-CGI Argument Injection Remote Code Execution
» ‎ Packet Storm Security Recent Files

This exploits abuses an argument injection in the PHP-CGI wrapper to execute code as the PHP user/webserver user.
Tags: injection argument php-cgi code-execution exploits
15:25
Mandriva Linux Security Advisory 2012-182
» ‎ Packet Storm Security Recent Files

Mandriva Linux Security Advisory 2012-182 - Multiple vulnerabilities has been discovered and corrected in ModSecurity before 2.6.6, when used with PHP, does not properly handle single quotes not at the beginning of a request parameter value in the Content-Disposition field of a request with a multipart/form-data Content-Type header, which allows remote attackers to bypass filtering rules and perform other attacks such as cross-site scripting attacks.
Tags: mandriva security linux mandriva-linux linux-security multipart-form-data
15:24
CubeCart 4.4.6 Cross Site Scripting
» ‎ Packet Storm Security Recent Files

CubeCart versions 4.4.6 and below suffer from multiple cross site scripting vulnerabilities.
Tags: cross cubecart site
15:22
CubeCart 4.4.6 Cross Site Request Forgery
» ‎ Packet Storm Security Recent Files

CubeCart versions 4.4.6 and below suffer from a cross site request forgery vulnerability.
Tags: cross cubecart site forgery vulnerability
15:16
Troopers 13 Call For Papers
» ‎ Packet Storm Security Recent Files

Call For Papers for Troopers 2013 - The conference will be held in Heidelberg, Germany from March 13th through the 14th, 2013.
Tags: troopers papers call germany heidelberg heidelberg-germany call-for-papers
15:14
EMC Data Protection Advisor Information Disclosure
» ‎ Packet Storm Security Recent Files

A vulnerability exists in EMC Data Protection Advisor that can be potentially exploited to gain unauthorized access to files and directories. The DPA Web UI contains directory traversal vulnerability that could allow a remote unauthenticated malicious user to copy and read files from the affected system. The vulnerability does not allow an attacker to modify existing or upload new files to the affected system. If recommended practice is followed and the DPA server processes run as an unprivileged user, these files will be limited to the DPA installation directory. The DPA installation directory may contain files with sensitive system information.
Tags: vulnerability directory dpa directory-traversal-vulnerability sensitive-system information-disclosure
15:13
HP Security Bulletin HPSBUX02835 SSRT100763
» ‎ Packet Storm Security Recent Files

HP Security Bulletin HPSBUX02835 SSRT100763 - A potential security vulnerability has been identified with HP-UX running BIND. This vulnerability could be exploited remotely as a domain name revalidation. Revision 1 of this advisory.
Tags: hpsbux bulletin security potential-security-vulnerability hp-ux security-bulletin
15:07
MyBB AwayList SQL Injection
» ‎ Packet Storm Security Recent Files

MyBB AwayList plugin suffers from a remote SQL injection vulnerability.
Tags: mybb awaylist sql sql-injection vulnerability
15:03
CubeCart 5.0.7 Open URL Redirection
» ‎ Packet Storm Security Recent Files

CubeCart versions 5.0.7 and below suffer from an open URL redirection vulnerability.
Tags: url cubecart redirection open-url vulnerability url-redirection
15:01
CubeCart 4.4.6 Open URL Redirection
» ‎ Packet Storm Security Recent Files

CubeCart versions 4.4.6 and below suffer from an open URL redirection vulnerability.
Tags: url cubecart redirection open-url vulnerability url-redirection
14:59
WordPress Rokbox Themes Content Spoofing / XSS
» ‎ Packet Storm Security Recent Files

Multiple WordPress themes by RocketTheme suffer from cross site scripting, path disclosure, and content spoofing vulnerabilities.
Tags: content wordpress rokbox wordpress-themes disclosure
14:56
Uploadify jQuery Generic File Upload
» ‎ Packet Storm Security Recent Files

This Metasploit module an arbitrary file upload and code execution vulnerability in Uploadify.
Tags: upload uploadify file code-execution metasploit file-upload
14:54
Feindura CMS 2.0.4 Shell Upload
» ‎ Packet Storm Security Recent Files

Feindura CMS version 2.0.4 suffers from a remote PHP shell upload vulnerability.
Tags: shell feindura cms php-shell vulnerability
14:53
City Directory Review And Rating Script SQL Injection
» ‎ Packet Storm Security Recent Files

City Directory Review and Rating Script suffers from a remote SQL injection vulnerability.
Tags: directory review rating city injection script-sql city-directory vulnerability
14:50
Siemens SIMATIC S7-1200 PLCs Denial Of Service
» ‎ Packet Storm Security Recent Files

Siemens SIMATIC S7-1200 PLCs, version 2 and higher, allow device management over TCP port 102 (ISO-TSAP) and retrieving status information over UDP port 161 (SNMP). It is possible to cause the device to go into defect mode by sending specially crafted packets to these ports.
Tags: siemens plcs simatic siemens-simatic-s7 port-102 port-161
14:43
Microsoft SQL Server Database Link Crawling Command Execution
» ‎ Packet Storm Security Recent Files

This Metasploit module can be used to crawl MS SQL Server database links and deploy Metasploit payloads through links configured with sysadmin privileges using a valid SQL Server Login. If you are attempting to obtain multiple reverse shells using this module we recommend setting the "DisablePayloadHandler" advanced option to "true", and setting up a multi/handler to run in the background as a job to support multiple incoming shells. If you are interested in deploying payloads to specific servers this module also supports that functionality via the "DEPLOYLIST" option. Currently, the module is capable of delivering payloads to both 32bit and 64bit Windows systems via powershell memory injection methods based on Matthew Graeber's work. As a result, the target server must have powershell installed. By default, all of the crawl information is saved to a CSV formatted log file and MSF loot so that the tool can also be used for auditing without deploying payloads.
Tags: server sql module matthew-graeber sql-server-database ms-sql-server microsoft-sql-server
14:42
IBM Lotus Notes Client URL Handler Command Injection
» ‎ Packet Storm Security Recent Files

This Metasploit modules exploits a command injection vulnerability in the URL handler for for the IBM Lotus Notes Client
Tags: lotus ibm notes lotus-notes-client vulnerability
14:42
Netwin SurgeFTP Remote Command Execution
» ‎ Packet Storm Security Recent Files

This Metasploit module exploits a vulnerability found in Netwin SurgeFTP, version 23c8 or prior. In order to execute commands via the FTP service, please note that you must have a valid credential to the web-based administrative console.
Tags: netwin remote surgeftp command-execution ftp-service vulnerability
14:41
WordPress WP-Property PHP File Upload
» ‎ Packet Storm Security Recent Files

This Metasploit module exploits a vulnerability found in WP-Property
Tags: wp-property wordpress php vulnerability
14:41
Foswiki MAKETEXT Remote Command Execution
» ‎ Packet Storm Security Recent Files

This Metasploit module exploits a vulnerability in the MAKETEXT Foswiki variable. By using a specially crafted MAKETEXT, a malicious user can execute shell commands since the input is passed to the Perl "eval" command without first being sanitized. The problem is caused by an underlying security issue in the CPAN:Locale::Maketext module. Only Foswiki sites that have user interface localization enabled (UserInterfaceInternationalisation variable set) are vulnerable. If USERNAME and PASSWORD aren't provided, anonymous access will be tried. Also, if the FoswikiPage option isn't provided, the module will try to create a random page on the SandBox space. The modules has been tested successfully on Foswiki 1.1.5 as distributed with the official Foswiki-1.1.5-vmware image.
Tags: module foswiki maketext perl-eval command-execution shell-commands
14:40
TWiki MAKETEXT Remote Command Execution
» ‎ Packet Storm Security Recent Files

This Metasploit module exploits a vulnerability in the MAKETEXT Twiki variable. By using a specially crafted MAKETEXT, a malicious user can execute shell commands since user input is passed to the Perl "eval" command without first being sanitized. The problem is caused by an underlying security issue in the CPAN:Locale::Maketext module. This works in TWiki sites that have user interface localization enabled (UserInterfaceInternationalisation variable set). If USERNAME and PASSWORD aren't provided, anonymous access will be tried. Also, if the 'TwikiPage' option isn't provided, the module will try to create a random page on the SandBox space. The modules has been tested successfully on TWiki 5.1.2 as distributed with the official TWiki-VM-5.1.2-1 virtual machine.
Tags: twiki module maketext perl-eval command-execution shell-commands
2:11
C-Panel Cross Site Scripting
» ‎ Packet Storm Security Recent Files

C-Panel suffers from a reflective cross site scripting vulnerability in manage.html.
Tags: cross site c-panel cross-site-scripting vulnerability
December 23, 2012
6:17
Hydra Network Logon Cracker 7.4
» ‎ Packet Storm Security Recent Files

THC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.
Tags: logon network hydra cisco-aaa socks pcnfs network-logon vnc
December 22, 2012
12:48
GNUnet P2P Framework 0.9.5
» ‎ Packet Storm Security Recent Files

GNUnet is a peer-to-peer framework with focus on providing security. All peer-to-peer messages in the network are confidential and authenticated. The framework provides a transport abstraction layer and can currently encapsulate the network traffic in UDP (IPv4 and IPv6), TCP (IPv4 and IPv6), HTTP, or SMTP messages. GNUnet supports accounting to provide contributing nodes with better service. The primary service build on top of the framework is anonymous file sharing.
Tags: framework gnunet ipv p-framework smtp-messages abstraction-layer ipv4-and-ipv6
12:47
Entropy Broker RNG 2.1
» ‎ Packet Storm Security Recent Files

Entropy Broker is an infrastructure for distributing cryptographically secure random numbers (entropy data) from one or more servers to one or more clients. Entropy Broker allows you to distribute entropy data (random values) to /dev/random devices from other systems (real servers or virtualised systems). It helps preventing that the /dev/random device gets depleted; an empty /dev/random-device can cause programs to hang (waiting for entropy data to become available). This is useful for systems that need to generate encryption keys, run VPN software or run a casino website.
Tags: entropy broker dev random-values casino-website encryption-keys
12:42
Bluefog 0.0.2
» ‎ Packet Storm Security Recent Files

Bluefog is a tool that can generate an essentially unlimited number of phantom Bluetooth devices. It can be used to test Bluetooth scanning and monitoring systems, make it more difficult for attackers to lock onto your devices, or otherwise complicate the normal operation of Bluetooth devices. Technically, Bluefog can work with just one Bluetooth adapter, but it works much better when you connect multiple adapters. Up to four radios are currently supported simultaneously.
Tags: tool bluetooth bluefog bluetooth-devices bluetooth-adapter monitoring-systems
12:36
CubeCart 3.0.20 SQL Injection
» ‎ Packet Storm Security Recent Files

CubeCart version 3.0.20 suffers from multiple remote SQL injection vulnerabilities.
Tags: injection cubecart sql
12:35
CubeCart 3.0.20 Shell Upload
» ‎ Packet Storm Security Recent Files

CubeCart versions 3.0.20 and below suffer from a remote shell upload vulnerability.
Tags: upload shell cubecart remote-shell vulnerability
12:33
CubeCart 3.0.20 Cross Site Scripting
» ‎ Packet Storm Security Recent Files

CubeCart versions 3.0.20 and below suffer from multiple cross site scripting vulnerabilities.
Tags: cross cubecart site
12:29
Username Anarchy 0.2
» ‎ Packet Storm Security Recent Files

Username-Anarchy is for generating usernames when penetration testing. It is useful for user enumeration and username/password brute forcing. Features include format-style style username formats, common first and lastnames from countries around the world, the facebook names lists, and substitution of common names when details aren't known, e.g. when you know a user's initial. Common aliases or self chosen usernames scraped from forums, and a name extractor are also included.
Tags: user anarchy username common-aliases format-style common-names
12:27
Smoke Loader SQL Injection
» ‎ Packet Storm Security Recent Files

The Smoke Loader HTTP-based exploit kit suffers from a remote SQL injection vulnerability.
Tags: loader sql smoke vulnerability exploit
12:21
Security Notice For CA IdentityMinder
» ‎ Packet Storm Security Recent Files

CA Technologies Support is alerting customers to two potential risks in CA IdentityMinder (formerly known as CA Identity Manager). Two vulnerabilities exist that can allow a remote attacker to execute arbitrary commands, manipulate data, or gain elevated access. CA Technologies has issued patches to address the vulnerability. The first vulnerability allows a remote attacker to execute arbitrary commands or manipulate data. The second vulnerability allows a remote attacker to gain elevated access.
Tags: vulnerability attacker identityminder arbitrary-commands security-notice
12:19
Microsoft Security Bulletin Re-Release For December, 2012
» ‎ Packet Storm Security Recent Files

This bulletin summary lists two re-released Microsoft security bulletins for December, 2012.
Tags: microsoft bulletin security microsoft-security-bulletins microsoft-security-bulletin
12:15
In Memory Fuzzing In Java
» ‎ Packet Storm Security Recent Files

Nowadays, a wide range of techniques can be used to find vulnerabilities and bugs in binaries applications. The aim of this paper is to introduce the main concepts of In-Memory Fuzzing, to summarize its advantages and drawbacks and to present the debugging library which is currently developed by High-Tech Bridge to help building in-memory fuzzers.
Tags: java memory fuzzing vulnerabilities Bugs bridge
7:45
Zero Day Initiative Advisory 12-203
» ‎ Packet Storm Security Recent Files

Zero Day Initiative Advisory 12-203 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Honeywell HMIWeb. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the ActiveX control defined within the HSCDSPRenderDll.dll file. The RequestDSPLoad method does not properly verify the length of a supplied argument before copying it into a fixed-length heap buffer. A remote attacker can abuse this to execute arbitrary code under the context of the user running the browser.
Tags: day zero initiative zero-day arbitrary-code target
7:44
Zero Day Initiative Advisory 12-202
» ‎ Packet Storm Security Recent Files

Zero Day Initiative Advisory 12-202 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable products utilizing the Oracle Outside In technology. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of WordPerfect files. When parsing font records the code within vswp5.dll does not validate the datasize value prior to performing arithmetic on it. The result is used to make a heap allocation that can be undersized which can be leveraged to corrupt memory leading to arbitrary code execution under the context of the user running the application.
Tags: day zero code arbitrary-code-execution heap-allocation wordperfect-files
7:44
Zero Day Initiative Advisory 12-201
» ‎ Packet Storm Security Recent Files

Zero Day Initiative Advisory 12-201 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office Word. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within how the application parses a PAPX FKP sections. When parsing a PAPX FKP section, the application will store a calculation. However, when repairing a damaged document, the application will explicitly trust this calculation in a loop that is used to index into an array of objects. This will allow for an out-of-bounds access of an object which can lead to code execution under the context of the application.
Tags: day zero application microsoft-office-word word-user zero-day
7:44
Zero Day Initiative Advisory 12-200
» ‎ Packet Storm Security Recent Files

Zero Day Initiative Advisory 12-200 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way Internet Explorer handles CTreeNode objects. By manipulating a document's elements an attacker can force a dangling pointer to be reused after it has been freed. The issue lies in a possible type confusion between a CTreeNode object and an ISpanQualifier instance during the layout of a document being performed. An attacker can leverage this vulnerability to execute code under the context of the current process.
Tags: day zero vulnerability internet-explorer-user dangling-pointer zero-day
7:43
Zero Day Initiative Advisory 12-198
» ‎ Packet Storm Security Recent Files

Zero Day Initiative Advisory 12-198 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way Internet Explorer handles CMarkup objects. By manipulating a document's elements an attacker can force a dangling pointer to be reused after it has been freed. An attacker can leverage this vulnerability to execute code under the context of the current process.
Tags: day zero vulnerability internet-explorer-user dangling-pointer zero-day
7:43
Zero Day Initiative Advisory 12-197
» ‎ Packet Storm Security Recent Files

Zero Day Initiative Advisory 12-197 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Java. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the java.beans.Expression class. Due to unsafe handling of reflection of privileged classes inside the Expression class it is possible for untrusted code to gain access to privileged methods and properties. This can result in remote code execution under the context of the current process.
Tags: day zero code oracle-java code-execution privileged-classes
7:42
Zero Day Initiative Advisory 12-196
» ‎ Packet Storm Security Recent Files

Zero Day Initiative Advisory 12-196 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell Groupwise. Authentication is not required to exploit this vulnerability. The flaw exists within the Groupwise Internet Agent component, specifically the optional LDAP server which listens on tcp port 389. When parsing a BER encoded parameter the specified size is used to allocate a destination buffer. A properly encoded BER chunk could cause an integer size value to wrap before buffer allocation. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the SYSTEM account.
Tags: day zero vulnerability novell-groupwise ldap-server destination-buffer
7:42
Zero Day Initiative Advisory 12-195
» ‎ Packet Storm Security Recent Files

Zero Day Initiative Advisory 12-195 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of RealNetworks Real Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists when the application attempts to decode an audio sample that is encoded with the ATRAC codec. While parsing sample data, the application will explicitly trust 2-bits as a loop counter which can be used to write outside the bounds of the target buffer. This can lead to code execution under the context of the application.
Tags: day zero application atrac-codec zero-day arbitrary-code
7:42
Zero Day Initiative Advisory 12-194
» ‎ Packet Storm Security Recent Files

Zero Day Initiative Advisory 12-194 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way Internet Explorer handles the onbeforedeactivate callback function for certain elements. During the execution of the onbeforedeactivate callback function it is possible to alter the DOM tree of the page which can lead to a use-after-free vulnerability when the function returns. This can result in remote code execution under the context of the current process.
Tags: function zero vulnerability dom internet-explorer-user code-execution dom-tree
7:41
Zero Day Initiative Advisory 12-193
» ‎ Packet Storm Security Recent Files

Zero Day Initiative Advisory 12-193 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way Internet Explorer handles repeated calls to insertAdjacentText. When the size of the element reaches a certain threshold Internet Explorer fails to correctly relocate key elements. An initialized variable in one of the function can cause memory corruption. This can lead to remote code execution under the context of the program.
Tags: internet zero explorer internet-explorer-user memory-corruption code-execution
7:39
Sony PC Companion 2.1 Admin_RemoveDirectory() Unicode Buffer Overflow
» ‎ Packet Storm Security Recent Files

Sony PC Companion version 2.1 suffers from a boundary error in PluginManager.dll when handling the value assigned to the 'Path' item in the Admin_RemoveDirectory function and can be exploited to cause a stack-based buffer overflow via an overly long string which may lead to execution of arbitrary code on the affected machine.
Tags: admin removedirectory sony pc-companion based-buffer-overflow sony-pc
7:36
Sony PC Companion 2.1 CheckCompatibility() Unicode Buffer Overflow
» ‎ Packet Storm Security Recent Files

Sony PC Companion version 2.1 suffers from a boundary error in PimData.dll when handling the value assigned to the 'OrgHeartBeat' item in the CheckCompatibility function and can be exploited to cause a stack-based buffer overflow via an overly long string which may lead to execution of arbitrary code on the affected machine.
Tags: buffer sony checkcompatibility pc-companion based-buffer-overflow sony-pc
7:33
Sony PC Companion 2.1 Load() Unicode Buffer Overflow
» ‎ Packet Storm Security Recent Files

Sony PC Companion version 2.1 suffers from a boundary error in PimData.dll when handling the value assigned to the 'File' item in the Load function and can be exploited to cause a stack-based buffer overflow via an overly long string which may lead to execution of arbitrary code on the affected machine.
Tags: buffer sony load pc-companion based-buffer-overflow sony-pc
3:11
Windows Hacking For Newbies
» ‎ Packet Storm Security Recent Files

This is a brief whitepaper discussing hacking Microsoft Windows. Written in Turkish.
Tags: newbies hacking windows hacking-microsoft whitepaper microsoft-windows
December 21, 2012
20:10
VMware Security Advisory 2012-0018
» ‎ Packet Storm Security Recent Files

VMware Security Advisory 2012-0018 - VMware has updated vCenter Server Appliance (vCSA) and ESX to address multiple security vulnerabilities
Tags: vmware advisory security vcsa server-appliance esx
20:04
Red Hat Security Advisory 2012-1604-01
» ‎ Packet Storm Security Recent Files

Red Hat Security Advisory 2012-1604-01 - Fuse ESB Enterprise, based on Apache ServiceMix, provides an integration platform. This release of Fuse ESB Enterprise 7.1.0 serves as a replacement for Fuse ESB Enterprise 7.0.2, and includes bug fixes and enhancements.
Tags: esb fuse enterprise red-hat-security integration-platform security-advisory
20:04
Red Hat Security Advisory 2012-1605-01
» ‎ Packet Storm Security Recent Files

Red Hat Security Advisory 2012-1605-01 - Fuse MQ Enterprise, based on Apache ActiveMQ, is a standards compliant messaging system that is tailored for use in mission critical applications. This release of Fuse MQ Enterprise 7.1.0 serves as a replacement for Fuse MQ Enterprise 7.0.2, and includes bug fixes and enhancements.
Tags: fuse red enterprise red-hat-security activemq security-advisory
20:03
Red Hat Security Advisory 2012-1606-01
» ‎ Packet Storm Security Recent Files

Red Hat Security Advisory 2012-1606-01 - The Fuse Management Console is used for managing Fuse ESB Enterprise and Fuse MQ Enterprise deployments. This release of Fuse Management Console 7.1.0 serves as a replacement for Fuse Management Console 1.0.2, and includes bug fixes and enhancements.
Tags: console fuse management red-hat-security enterprise-deployments security-advisory
15:59
Zero Day Initiative Advisory 12-192
» ‎ Packet Storm Security Recent Files

Zero Day Initiative Advisory 12-192 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way Internet Explorer handles consecutive calls to insertRow. When the number of rows reaches a certain threshold the program fails to correctly relocate certain key objects. This can lead to a use-after-free vulnerability which can result in remote code execution under the context of the current process.
Tags: day zero vulnerability internet-explorer-user code-execution zero-day
15:58
Zero Day Initiative Advisory 12-191
» ‎ Packet Storm Security Recent Files

Zero Day Initiative Advisory 12-191 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari Webkit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the library's implementation of a HTMLMedia element. After a source element is created, an attacker can catch the beforeLoad event before the element is used, and delete the element. The pointer to the source element will then be referenced causing a use-after-free condition, which can lead to code execution under the context of the application.
Tags: day zero element apple-safari source-element zero-day
15:57
Zero Day Initiative Advisory 12-190
» ‎ Packet Storm Security Recent Files

Zero Day Initiative Advisory 12-190 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists in the 'onpropertychange' user callback function for the document.title. If the function changes the document in the callback function by using, for example, a document.write call, this can result in a use-after-free vulnerability. This can lead to remote code execution under the context of the program.
Tags: function vulnerability document internet-explorer-user code-execution zero-day
15:56
Zero Day Initiative Advisory 12-189
» ‎ Packet Storm Security Recent Files

Zero Day Initiative Advisory 12-189 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Java. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists because it is possible to change system properties through trusted JNLP files. If a JNLP file requests "" and only references signed, trusted JAR files, it can set all System properties. By referencing a trusted JNLP file from an untrusted one it is possible to change System Properties that can lead to remote code execution under the context of the current user.
Tags: jnlp zero system oracle-java code-execution zero-day
15:55
Zero Day Initiative Advisory 12-188
» ‎ Packet Storm Security Recent Files

Zero Day Initiative Advisory 12-188 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way Internet Explorer handles 'onrowsinserted' callback functions for certain elements. It is possible to alter the document DOM tree in a onrowsinserted callback function which can lead to a use-after-free condition when the function returns. This can result in remote code execution under the context of the current process.
Tags: day zero initiative dom internet-explorer-user code-execution dom-tree
15:44
YeaLink IP Phone 9.70.0.100 CSRF / Default Credentials
» ‎ Packet Storm Security Recent Files

YeaLink IP Phone SIP TxxP firmware versions 9.70.0.100 and below suffer from default credential and cross site request forgery vulnerabilities.
Tags: yealink phone default firmware-versions ip-phone forgery
15:22
4psa VoipNow 2.x Remote Command Execution
» ‎ Packet Storm Security Recent Files

4psa VoipNow versions prior to 2.x suffer from a remote command execution vulnerability.
Tags: psa voipnow command command-execution vulnerability
15:01
WordPress BuddyPress Cross Site Scripting / Content Spoofing
» ‎ Packet Storm Security Recent Files

WordPress BuddyPress plugin suffers from cross site scripting and content spoofing vulnerabilities.
Tags: cross wordpress buddypress
December 19, 2012
16:30
Banana Dance B.2.6 Inclusion / Access Control / SQL Injection
» ‎ Packet Storm Security Recent Files

Banana Dance version B.2.6 suffers from local file inclusion, remote SQL injection, and improper access control vulnerabilities.
Tags: banana inclusion dance dance-version access-control
16:27
FireFly Mediaserver 1.0.0.1359 NULL Pointer Dereference
» ‎ Packet Storm Security Recent Files

FireFly Mediaserver version 1.0.0.1359 suffers from a denial of service vulnerability that can be triggered by a NULL pointer dereference.
Tags: null mediaserver firefly null-pointer service-vulnerability
16:24
Elite Bulletin Board 2.1.21 SQL Injection
» ‎ Packet Storm Security Recent Files

Elite Bulletin Board version 2.1.21 suffers from multiple remote SQL injection vulnerabilities.
Tags: board elite bulletin bulletin-board
16:21
Drupal Context 6.x / 7.x Information Disclosure
» ‎ Packet Storm Security Recent Files

Drupal Context third party module versions 6.x and 7.x suffer from an information disclosure vulnerability.
Tags: drupal context information information-disclosure-vulnerability third-party
16:18
Drupal Core 6.x / 7.x Access Bypass / Code Execution
» ‎ Packet Storm Security Recent Files

Drupal core versions 6.x and 7.x suffer from access bypass and arbitrary PHP code execution vulnerabilities.
Tags: access drupal core code-execution php-code
16:13
SurgeFTP Remote Command Execution
» ‎ Packet Storm Security Recent Files

This Metasploit module exploits a flaw in the SurgeFTP server's web-based administrative console to execute arbitrary commands.
Tags: remote surgeftp command command-execution arbitrary-commands
16:01
GNU Debugger 7.5.1 NULL Pointer Dereference
» ‎ Packet Storm Security Recent Files

gdb (GNU debugger) versions 7.5.1 and below ELF anti-debugging / reversing patcher that causes a NULL pointer dereference to trigger.
Tags: null debugger gnu gnu-debugger null-pointer gdb
15:59
IDA Pro 6.3 ELF Anti-Debugging / Reversing Patcher
» ‎ Packet Storm Security Recent Files

IDA Pro 6.3 ELF anti-debugging / reversing patcher that causes a crash.
Tags: anti patcher elf ida-pro debugging crash
15:57
Ubuntu Security Notice USN-1676-1
» ‎ Packet Storm Security Recent Files

Ubuntu Security Notice 1676-1 - Dan Rosenberg discovered that the example AppArmor profile for chromium-browser could be escaped by calling xdg-settings with a crafted environment.
Tags: ubuntu notice security dan-rosenberg security-notice usn rosenberg
11:05
Mandriva Linux Security Advisory 2012-181
» ‎ Packet Storm Security Recent Files

Mandriva Linux Security Advisory 2012-181 - Multiple host header poisoning flaws were found and fixed in Django. The updated packages have been upgraded to the 1.3.5 version which is not affected by these issues.
Tags: mandriva security linux mandriva-linux linux-security security-advisory
10:53
Ubuntu Security Notice USN-1675-1
» ‎ Packet Storm Security Recent Files

Ubuntu Security Notice 1675-1 - It was discovered that FFmpeg incorrectly handled certain malformed media files. If a user were tricked into opening a crafted media file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program.
Tags: ubuntu notice security application-crash denial-of-service arbitrary-code
10:53
Ubuntu Security Notice USN-1674-1
» ‎ Packet Storm Security Recent Files

Ubuntu Security Notice 1674-1 - It was discovered that Libav incorrectly handled certain malformed media files. If a user were tricked into opening a crafted media file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program.
Tags: ubuntu notice security application-crash denial-of-service arbitrary-code
10:51
Free Hosting Manager 2.0.2 Cross Site Scripting
» ‎ Packet Storm Security Recent Files

Free Hosting Manager version 2.0.2 suffers from a persistent cross site scripting vulnerability.
Tags: free manager hosting vulnerability manager-2 manager-version
10:49
DIMIN Viewer 5.4.0 Crash
» ‎ Packet Storm Security Recent Files

DIMIN Viewer version 5.4.0 suffers from a GIF decode crash vulnerability.
Tags: crash viewer dimin vulnerability viewer-version
10:44
Kiwi Syslog Web Access 1.4.4 SQL Injection
» ‎ Packet Storm Security Recent Files

Kiwi Syslog Web Access version 1.4.4 suffers from remote SQL injection and blind SQL injection vulnerabilities.
Tags: injection kiwi sql kiwi-syslog web-access
10:22
Joomla ZtAutoLink Local File Inclusion
» ‎ Packet Storm Security Recent Files

Joomla ZtAutoLink component suffers from a local file inclusion vulnerability.
Tags: inclusion from suffers vulnerability
7:55
Joomla Bit Local File Inclusion
» ‎ Packet Storm Security Recent Files

Joomla Bit component suffers from a local file inclusion vulnerability.
Tags: inclusion from suffers vulnerability
6:44
EMC Avamar 6.1.100-402 File Overwrite
» ‎ Packet Storm Security Recent Files

EMC Avamar version 6.1.100-402 suffers from a world-writable cache file vulnerability that leverages /tmp.
Tags: emc avamar file world-writable
4:11
Cerberus FTP Server Cross Site Scripting
» ‎ Packet Storm Security Recent Files

Cerberus FTP server suffers from a cross site scripting vulnerability in the web administration interface.
Tags: server ftp cerberus web-administration-interface cross-site-scripting ftp-server
3:11
Microsoft Internet Explorer 9.x Stack Overflow
» ‎ Packet Storm Security Recent Files

Microsoft Internet Explorer 9.x suffers from a remote stack exhaustion vulnerability.
Tags: internet microsoft explorer stack-overflow overflow-vulnerability internet-explorer
December 18, 2012
22:24
InduSoft Web Studio ISSymbol.ocx InternationalSeparator() Heap Overflow
» ‎ Packet Storm Security Recent Files

This Metasploit module exploits a heap overflow found in InduSoft Web Studio
Tags: web indusoft studio web-studio heap overflow
22:16
Haveged 1.6a
» ‎ Packet Storm Security Recent Files

haveged is a daemon that feeds the /dev/random pool on Linux using an adaptation of the HArdware Volatile Entropy Gathering and Expansion algorithm invented at IRISA. The algorithm is self-tuning on machines with cpuid support, and has been tested in both 32-bit and 64-bit environments. The tarball uses the GNU build mechanism, and includes self test targets and a spec file for those who want to build an RPM.
Tags: algorithm haveged bit irisa expansion-algorithm random-pool test-targets
21:37
Ubuntu Security Notice USN-1673-1
» ‎ Packet Storm Security Recent Files

Ubuntu Security Notice 1673-1 - A flaw was discovered in the Linux kernel's handling of new hot-plugged memory. An unprivileged local user could exploit this flaw to cause a denial of service by crashing the system.
Tags: ubuntu notice security linux-kernel denial-of-service security-notice
21:37
Ubuntu Security Notice USN-1671-1
» ‎ Packet Storm Security Recent Files

Ubuntu Security Notice 1671-1 - A flaw was discovered in the Linux kernel's handling of new hot-plugged memory. An unprivileged local user could exploit this flaw to cause a denial of service by crashing the system.
Tags: ubuntu notice security linux-kernel denial-of-service security-notice
21:36
Ubuntu Security Notice USN-1670-1
» ‎ Packet Storm Security Recent Files

Ubuntu Security Notice 1670-1 - A flaw was discovered in the Linux kernel's handling of new hot plugged memory. An unprivileged local user could exploit this flaw to cause a denial of service by crashing the system.
Tags: ubuntu notice security linux-kernel denial-of-service security-notice
21:36
Red Hat Security Advisory 2012-1589-01
» ‎ Packet Storm Security Recent Files

Red Hat Security Advisory 2012-1589-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issue: A flaw was found in the way the Linux kernel's dl2k driver, used by certain D-Link Gigabit Ethernet adapters, restricted IOCTLs. A local, unprivileged user could use this flaw to issue potentially harmful IOCTLs, which could cause Ethernet adapters using the dl2k driver to malfunction.
Tags: kernel security linux kernel-packages red-hat-security linux-kernel
21:36
Red Hat Security Advisory 2012-1594-01
» ‎ Packet Storm Security Recent Files

Red Hat Security Advisory 2012-1594-01 - JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. This release serves as a replacement for JBoss Enterprise Application Platform 6.0.0, and includes bug fixes and enhancements.
Tags: platform jboss application red-hat-security application-platform security-advisory
21:36
Red Hat Security Advisory 2012-1591-01
» ‎ Packet Storm Security Recent Files

Red Hat Security Advisory 2012-1591-01 - JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. This release serves as a replacement for JBoss Enterprise Application Platform 6.0.0, and includes bug fixes and enhancements.
Tags: platform jboss application red-hat-security application-platform security-advisory
21:35
Red Hat Security Advisory 2012-1593-01
» ‎ Packet Storm Security Recent Files

Red Hat Security Advisory 2012-1593-01 - JBoss Enterprise SOA Platform is the next-generation ESB and business process automation infrastructure. JBoss Enterprise SOA Platform allows IT to leverage existing, modern, and future integration methodologies to dramatically improve business process execution speed and quality. This roll up patch serves as a cumulative upgrade for JBoss Enterprise SOA Platform 5.3.0. It includes various bug fixes. The following security issue is also fixed with this release: A flaw was found in the way Apache CXF verified that XML elements were signed or encrypted by a particular Supporting Token. Apache CXF checked to ensure these elements were signed or encrypted by a Supporting Token, but not whether the correct token was used. A remote attacker could use this flaw to transmit confidential information without the appropriate security, and potentially circumvent access controls on web services exposed via Apache CXF.
Tags: jboss enterprise security business-process-automation red-hat-security apache-cxf
21:34
Red Hat Security Advisory 2012-1590-01
» ‎ Packet Storm Security Recent Files

Red Hat Security Advisory 2012-1590-01 - The libtiff packages contain a library of functions for manipulating Tagged Image File Format files. A heap-based buffer overflow flaw was found in the way libtiff processed certain TIFF images using the Pixar Log Format encoding. An attacker could create a specially-crafted TIFF file that, when opened, could cause an application using libtiff to crash or, possibly, execute arbitrary code with the privileges of the user running the application. A stack-based buffer overflow flaw was found in the way libtiff handled DOTRANGE tags. An attacker could use this flaw to create a specially-crafted TIFF file that, when opened, would cause an application linked against libtiff to crash or, possibly, execute arbitrary code.
Tags: libtiff application flaw tiff based-buffer-overflow tiff-images tiff-file
21:34
Red Hat Security Advisory 2012-1592-01
» ‎ Packet Storm Security Recent Files

Red Hat Security Advisory 2012-1592-01 - JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. This release serves as a replacement for JBoss Enterprise Application Platform 6.0.0, and includes bug fixes and enhancements.
Tags: platform jboss application red-hat-security application-platform security-advisory
21:34
Red Hat Security Advisory 2012-1580-01
» ‎ Packet Storm Security Recent Files

Red Hat Security Advisory 2012-1580-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. It was found that the RHSA-2012:0862 update did not correctly fix the CVE-2011-4131 issue. A malicious Network File System version 4 server could return a crafted reply to a GETACL request, causing a denial of service on the client. A divide-by-zero flaw was found in the TCP Illinois congestion control algorithm implementation in the Linux kernel. If the TCP Illinois congestion control algorithm were in use, a local, unprivileged user could trigger this flaw and cause a denial of service.
Tags: kernel red linux illinois control-algorithm-implementation congestion-control-algorithm kernel-packages
21:33
Ubuntu Security Notice USN-1669-1
» ‎ Packet Storm Security Recent Files

Ubuntu Security Notice 1669-1 - A flaw was discovered in the Linux kernel's handling of new hot plugged memory. An unprivileged local user could exploit this flaw to cause a denial of service by crashing the system.
Tags: ubuntu notice security linux-kernel denial-of-service security-notice
15:55
WordPress Clockstone Theme File Upload
» ‎ Packet Storm Security Recent Files

The Clockstone WordPress theme appears to suffer from a remote shell upload vulnerability.
Tags: clockstone wordpress theme remote-shell file-upload vulnerability
15:44
Centrify Deployment Manager 2.1.0.283 Local Root
» ‎ Packet Storm Security Recent Files

Centrify Deployment Manager version 2.1.0.283 local root exploit that leverages a race condition in /tmp.
Tags: deployment centrify manager deployment-manager root-exploit
15:43
Enterpriser16 LB 7.1 Cross Site Scripting
» ‎ Packet Storm Security Recent Files

Enterpriser16 LB version 7.1 suffers from multiple cross site scripting vulnerabilities.
Tags: cross enterpriser site
14:22
FS-InitRandMAC 1.0
» ‎ Packet Storm Security Recent Files

This is a simple tool to set your NIC MAC address on boot to a random value generated by OpenSSL.
Tags: nic tool fs-initrandmac mac random-value mac-address
14:22
SonicWall SonicOS 5.8.1.8 WAF Cross Site Scripting
» ‎ Packet Storm Security Recent Files

SonicWall SonicOS version 5.8.1.8 suffers from a POST-based cross site scripting vulnerability.
Tags: cross sonicwall sonicos vulnerability
11:22
MyBB MyYoutube Cross Site Scripting
» ‎ Packet Storm Security Recent Files

MyBB MyYoutube plugin suffers from a stored cross site scripting vulnerability.
Tags: cross mybb myyoutube vulnerability
10:22
MyBB Xbox Live ID Cross Site Scripting
» ‎ Packet Storm Security Recent Files

MyBB Xbox Live ID plugin suffers from a stored cross site scripting vulnerability.
Tags: mybb live xbox cross-site-scripting xbox-live vulnerability
3:11
Address Application Layer Attacks With Mod Security
» ‎ Packet Storm Security Recent Files

This article sheds some light concepts pertaining to the WAF-like feature functionality of mod_security in Apache.
Tags: address mod security feature-functionality address-application waf
December 17, 2012
18:03
Crystal Reports CrystalPrintControl ActiveX ServerResourceVersion Property Overflow
» ‎ Packet Storm Security Recent Files

This Metasploit module exploits a heap based buffer overflow in the CrystalPrintControl ActiveX, while handling the ServerResourceVersion property. The affected control can be found in the PrintControl.dll component as included with Crystal Reports 2008. This Metasploit module has been tested successfully on IE 6, 7 and 8 on Windows XP SP3 and IE 8 on Windows 7 SP1. The module uses the msvcr71.dll library, loaded by the affected ActiveX control, to bypass DEP and ASLR.
Tags: activex crystalprintcontrol module crystal-reports based-buffer-overflow dll-library
18:00
Haveged 1.6
» ‎ Packet Storm Security Recent Files

haveged is a daemon that feeds the /dev/random pool on Linux using an adaptation of the HArdware Volatile Entropy Gathering and Expansion algorithm invented at IRISA. The algorithm is self-tuning on machines with cpuid support, and has been tested in both 32-bit and 64-bit environments. The tarball uses the GNU build mechanism, and includes self test targets and a spec file for those who want to build an RPM.
Tags: algorithm haveged bit irisa expansion-algorithm random-pool test-targets
17:56
Security / Robustness Assessment Of IPv6 ND Implementations
» ‎ Packet Storm Security Recent Files

Recent security research seems to indicate that a number of IPv6 Neighbor Discovery implementations fail to implement basic sanity checks on received packets and/or fail to properly manage protocol data structures, being subject of trivial Denial of Service (DoS) attacks. Additionally, some IPv6 protocol features allow a number of attacks, ranging from man-in-the-middle to Denial of Service (DoS). This document discusses how to conduct a security/robustness assessment of Neighbor Discovery implementations by means of the SI6 Networks' IPv6 toolkit - a free, portable, and fully-featured IPv6 security assessment and trouble-shooting toolkit. Additionally, it provides pointers to ongoing work in this area, such that the aforementioned issues can be mitigated where appropriate.
Tags: ipv security assessment neighbor-discovery sanity-checks protocol-features
17:54
Security Assessment Of Neighbor Discovery (ND) For IPv6
» ‎ Packet Storm Security Recent Files

Neighbor Discovery is one of the core protocols of the IPv6 suite, and provides in IPv6 similar functions to those provided in the IPv4 protocol suite by the Address Resolution Protocol (ARP) and the Internet Control Message Protocol (ICMP). Its increased flexibility implies a somewhat increased complexity, which has resulted in a number of bugs and vulnerabilities found in popular implementations. This document provides guidance in the implementation of Neighbor Discovery, and documents issues that have affected popular implementations, in the hopes that the same issues do not repeat in other implementations.
Tags: discovery neighbor ipv address-resolution-protocol internet-control-message-protocol neighbor-discovery
17:29
phpwcms 1.5.4.6 Remote Code Execution
» ‎ Packet Storm Security Recent Files

phpwcms versions 1.5.4.6 and below preg_replace remote code execution exploit.
Tags: code remote execution code-execution
16:58
Ubuntu Security Notice USN-1668-1
» ‎ Packet Storm Security Recent Files

Ubuntu Security Notice 1668-1 - Dan Rosenberg discovered that an application running under an AppArmor profile that allowed unconfined execution of apport-bug could escape confinement by calling apport-bug with a crafted environment. While not a vulnerability in apport itself, this update mitigates the issue by sanitizing certain variables in the apport-bug shell script.
Tags: ubuntu notice security dan-rosenberg shell-script security-notice usn
16:57
Red Hat Security Advisory 2012-1577-01
» ‎ Packet Storm Security Recent Files

Red Hat Security Advisory 2012-1577-01 - IBM J2SE version 1.4.2 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. As of October 1 2012, IBM J2SE 1.4.2 is no longer supported for use with SAP products. All SAP users should migrate to SAP JVM 4 provided by SAP as the only supported Java Virtual Machine. Refer to "SAP Note 1495160 - SAP JVM replacement for Partner JDKs 1.4.2" for additional details. These java-1.4.2-ibm-sap packages provide the last SAP certified IBM J2SE 1.4.2 release, SR13-FP13.
Tags: ibm red sap java-runtime-environment java-software-development red-hat-security
16:57
Debian Security Advisory 2589-1
» ‎ Packet Storm Security Recent Files

Debian Linux Security Advisory 2589-1 - The tiff library for handling TIFF image files contained a stack-based buffer overflow, potentially allowing attackers who can submit such files to a vulnerable system to execute arbitrary code.
Tags: advisory debian security tiff based-buffer-overflow tiff-library tiff-image
16:57
Ubuntu Security Notice USN-1667-1
» ‎ Packet Storm Security Recent Files

Ubuntu Security Notice 1667-1 - Julius Plenz discovered that bogofilter incorrectly handled certain invalid base64 code. By sending a specially crafted email, a remote attacker could exploit this and cause bogofilter to crash, resulting in a denial of service, or possibly execute arbitrary code.
Tags: ubuntu notice security julius-plenz denial-of-service arbitrary-code security-notice
16:57
Debian Security Advisory 2588-1
» ‎ Packet Storm Security Recent Files

Debian Linux Security Advisory 2588-1 - Multiple vulnerabilities have been found in Icedove, Debian's version of the Mozilla Thunderbird mail and news client.
Tags: advisory debian security mozilla-thunderbird-mail linux-security debian-linux
16:56
Ubuntu Security Notice USN-1666-1
» ‎ Packet Storm Security Recent Files

Ubuntu Security Notice 1666-1 - It was discovered that Aptdaemon incorrectly validated PPA GPG keys when importing from a keyserver. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could be exploited to install altered package repository GPG keys.
Tags: ubuntu notice security gpg-keys keyserver man-in-the-middle-attack

Skip to page: 1 2 3 ... 66

← Packet Storm Security Exploits Packet Storm Security Tools →

jetlib.sec » Packet Storm Security Recent Files

Feeds

Packet Storm Security Recent Files (2 unread)

Tags:

Tags:

Tags: session nexpose security session-ids

Tags: console nexpose security forgery

Tags: exe netsight enterasys windows-xp-sp3 stack-buffer buffer-overflow

Tags: cross pfsense site command-execution cross-site-scripting proof-of-concept

Tags: file tomatocart creation creation-vulnerability x-versions

Tags: injection sql icestate real-estate-marketplace sql-injection vulnerability

Tags: reconnaissance network haystack nova needle-in-a-haystack machine-learning-algorithms hostile-network

Tags: directory helper traversal directory-traversal-vulnerability

Tags: code php elastix

Tags: sms cross way forgery vulnerability

Tags: wii mybb profile

Tags: reconnaissance network haystack nova needle-in-a-haystack machine-learning-algorithms hostile-network

Tags: crypto telephone aastra ip-telephone payloads configuration-files

Tags: hat red security red-hat-security apache-tomcat servlet-container

Tags: hat red security red-hat-security apache-tomcat servlet-container

Tags: version ircd ratbox denial-of-service charybdis version-6

Tags: uploader valums wordpress remote-shell vulnerability-note

Tags: at-mcf allied telesis allied-telesis privilege-escalation-vulnerability root-level

Tags: webserver directory simple directory-traversal-vulnerability webserver-version

Tags: authentication whmcs bypass vulnerability

Tags: mini shell indrajith mail-bombing mini-shell cracker

Tags: path forum simple simple-machines vulnerability disclosure

Tags: custom fields advanced blogging-software code-execution vulnerability

Tags: xerte online wordpress remote-shell vulnerability

Tags: uploader shell wordpress remote-shell vulnerability

Tags: gallery reflex wordpress remote-shell gallery-1

Tags: cart wordpress shopping shopping-cart shell

Tags: state device asterisk internal-cache active-call project-security

Tags: vulnerability xmpp asterisk network-transports stack-allocation project-security

Tags: mandriva security linux mandriva-linux database-corruption linux-security

Tags: library gnu security application-programming-interface transport-layer-security communications-protocols

Tags: osticket disclosure dpr redirection

Tags: cross osticket disclosure cross-site-scripting forgery redirection

Tags: osticket injection sql sql-injection csrf forgery

Tags: internet microsoft explorer taiwan arbitrary-code-execution cbutton china-taiwan

Tags: system mptcp rsoi whitepaper irc

Tags: storm new packet packet-storm exploits

Tags: december storm packet packet-storm exploits

Tags: voip pbx astium crash-proof voip-pbx proof-of-concept

Tags: script php astium voip-pbx php-script sudo

Tags: exploitation post railgun ruby whitepaper

Tags: disclosure drupal information information-disclosure

Tags: nfc communication field field-communication related-security security-implications

Tags: digital whisper electronic electronic-magazine hebrew

Tags: athcon papers call athens greece athens-greece call-for-papers

Tags: cross sahifa wordpress forgery

Tags: cross request site javascript-execution forgery vulnerability

Tags: cross cubecart site cross-site-scripting vulnerability

Tags: cross request site forgery vulnerability

Tags: shakacon papers call honolulu hawaii honolulu-hawaii call-for-papers

Tags: cross cubecart site forgery vulnerability

Tags: ARM introduction linux arm-linux

Tags: corruption gnupg database database-corruption memory-access public-keys

Tags: advisory debian security thorsten-glaser malicious-feed linux-security debian-linux

Tags: integer grep overflow integer-overflow-vulnerability

Tags: internet microsoft explorer taiwan arbitrary-code-execution cbutton china-taiwan

Tags: internet microsoft explorer taiwan arbitrary-code-execution cbutton china-taiwan

Tags: dll activex module activex-buffer-overflow buffer-overflow-vulnerability msvcr71-dll

Tags: dll activex module activex-buffer-overflow buffer-overflow-vulnerability msvcr71-dll

Tags: lotus dwa module w-activex domino activex-buffer-overflow buffer-overflow-vulnerability lotus-inotes

Tags: lotus dwa module w-activex domino activex-buffer-overflow buffer-overflow-vulnerability lotus-inotes

Tags: advisory debian security marc-schoenefeld integer-overflow linux-security debian-linux

Tags: advisory debian security marc-schoenefeld integer-overflow linux-security debian-linux

Tags: advisory debian security denial-of-service linux-security debian-linux

Tags: advisory debian security denial-of-service linux-security debian-linux

Tags: ubuntu notice security web-server-user arbitrary-files directory-traversal

Tags: ubuntu notice security web-server-user arbitrary-files directory-traversal

Tags: advisory debian security input-validation linux-security debian-linux

Tags: advisory debian security input-validation linux-security debian-linux

Tags: zykeys Wireless tool wireless-tool routers models

Tags: zykeys Wireless tool wireless-tool routers models