Secunia Security Advisory - GeFORC3 has reported a vulnerability in RapidShare Database, which can be exploited by malicious people to conduct cross-site scripting attacks.
13d62bc3f361b07d84fbfdbcb17f828a8e8f0b1ab11fcf7d9cb675394484c8a6Secunia Security Advisory - Some vulnerabilities have been reported in Xerox ESS/Network Controller, which can be exploited by malicious users or malicious people to compromise a vulnerable system.
02191091eac90dc746e608be88af7a304077cbe0646f0261efd8972444c4bc20Secunia Security Advisory - KiNgOfThEwOrLd has reported a vulnerability in SineCMS, which can be exploited by malicious people to disclose sensitive information or to compromise a vulnerable system.
4556e77c38bd317623856f908be27aa37799010b88d2d5304a46ec03a00cf103Secunia Security Advisory - hadihadi and S.W.A.T. have discovered some vulnerabilities in NetRisk, which can be exploited by malicious people to conduct SQL injection attacks and to compromise a vulnerable system.
f799457cba7e80b7b9a9d5a13d1af366be12a2a8449116a75f2e24c65848e3b9Secunia Security Advisory - Eugene Minaev has discovered a vulnerability in Strawberry, which can be exploited by malicious people to compromise a vulnerable system.
83a5310a057eeed7c3886bccdedc8c33a9d95f8a69d9c40f6352b4d43ca40d45Apache mod_rewrite escape_absolute_uri() off-by-one buffer overflow Metasploit exploit module. This affects Apache versions 1.3.28 through 1.3.36, 2.0.46 through 2.0.58, and 2.2.1 through 2.2.2.
503139768b0cda278959c2bc8df18f7cb0aee2077db8a28468990531d48c3000Secunia Security Advisory - Sun has acknowledged a vulnerability in Solaris, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise an application using the FreeType library.
6a74711b0efe708765ccd148f999a64e7184f660178dd06e1e6f634ae6b58303iDefense Security Advisory 01.07.08 - Local exploitation of a privilege escalation vulnerability in Motorola Inc.'s netOctopus could allow an attacker to execute arbitrary code in kernel context. iDefense has confirmed the existence of this vulnerability in version 5.0.0.115 of the nantsys.sys driver as included with netOctopus version 5.1.2 build 1011. Previous versions may also be affected.
8c1d1e8dc48c46909722b81670b93c2a3e9c3a8a5803f30b9a78e760c2b94d3eSecunia Security Advisory - A security issue has been reported in Aruba Mobility Controller, which can be exploited by malicious people to bypass certain security restrictions.
e2585a381d38194f2d978cc181ecdcc6ebbe31775375e1e5caa8d019ebbe620eCore Security Technologies Advisory - The vdccm daemon from SynCE version 0.92 is susceptible to a remote command injection vulnerability. Proof of concept code included.
686f2cf42763970f2eb071d3ad0b8654108f0faa3334bc4f61de9ff5409255ccPWDumpX version 1.1 allows a user with administrative privileges to retrieve the domain password cache, password hashes and LSA secrets from a Windows system. This tool can be used on the local system or on one or more remote systems. If an input list of remote systems is supplied, PWDumpX will attempt to obtain the domain password cache, the password hashes and the LSA secrets from each remote Windows system in a multi-threaded fashion (up to 64 systems simultaneously). The domain password cache, password hashes and LSA secrets from remote Windows systems are encrypted as they are transfered over the network. No data is sent over the network in clear text. This tool is a completely re-written version of CacheDump, PWDump3e and LSADump2 which integrates suggestions/bug fixes for PWDump3e and LSADump2 found on various web sites, etc. Source code included.
21b007f246e12a73e716385390d30923a19d359c42aec9b012653ebcd27303f1The PWDumpX tool allows a user with administrative privileges to retrieve the encrypted password hashes and LSA secrets from a Windows system. This tool can be used on the local system or on one or more remote systems.
78b4ff5e1bbac4a8bde265705a5c6e36b41bb2a9170f8f060a09bb1552549af2Thumbnail steganography creates a thumbnail from a source image and stores data in it by altering the color channels. To decipher the data, a new thumbnail is made from the original image and the differences between the pixels are calculated. This is intended to increase complexity of automated deciphering of images containing extra (steganographied) data. It requires both the original and the thumbnail to decipher. The original works like a key to unlock the thumbnail.
f3845a5cdf01a87f7ef86b7326e8f66fc02245079f6e4398dbe07ec9cfa4442ePWDumpX allows a user with administrative privileges to retrieve the domain password cache, password hashes and LSA secrets from a Windows system. This tool can be used on the local system or on one or more remote systems. If an input list of remote systems is supplied, PWDumpX will attempt to obtain the domain password cache, the password hashes and the LSA secrets from each remote Windows system in a multi-threaded fashion (up to 64 systems simultaneously). The domain password cache, password hashes and LSA secrets from remote Windows systems are encrypted as they are transfered over the network. No data is sent over the network in clear text. This tool is a completely re-written version of CacheDump, PWDump3e and LSADump2 which integrates suggestions/bug fixes for PWDump3e and LSADump2 found on various web sites, etc. Source code included.
38d449a11af56e57d1ca2b8bd6d718ffb60c28e19d2f99481dbeb583c28a1e0dLayerOne 2008 Information Technology Conference Call for Papers - The fifth annual LayerOne information technology conference is now accepting submissions for topic and speaker selection. This conference will be held May 17 and 18, 2008 in Los Angeles, California.
7d5ea1a08151759e1609b9e0cf4ea775174564e94335ed9bacd23489020ce9bbDebian Security Advisory 1454-1 - Greg MacManus discovered an integer overflow in the font handling of libfreetype, a FreeType 2 font engine, which might lead to denial of service or possibly the execution of arbitrary code if a user is tricked into opening a malformed font.
3c6caa2944e02ca65c3e653bcaf92d5dda00f4c2edf646e7e2d0742c711ed1c0Debian Security Advisory 1453-1 - Several remote vulnerabilities have been discovered in the Tomcat servlet and JSP engine.
f0058027bd81c3df7af449fda82679ec96ba240bf2e3ddb5747c63b2d40e77c2Million Dollar Script version 2.0.14 suffers from a remote file disclosure vulnerability.
b6de7988bd2bbe4a2e566fdd0f290d08723a6161610f767d9c7969418aaaa0baThe PostgreSQL Global Development Group has released updated versions which patch five security vulnerabilities. These releases update all current PostgreSQL versions, including 8.2, 8.1, 8.0, 7.4 and 7.3.
fe9ceda5324b25e5aca3e65f7f3906c213a45895c6e151fe1c884caa9627e579K-Plugin for Kartoffel that exploits WDM Audio Drivers.
042ebae1315d13a3c95adcddabacc43987a422b3e6eef43023174235e2f8c7bbWhitepaper called Exploiting WDM Audio Drivers. This paper explains an attack vector inherent to certain WDM audio drivers running on Windows Vista, XP, 2000 and 2003. Successful exploitation could lead to local escalation of privileges.
9cbca45b4be7edc8ff733bf3de9195c2f60ed5817c5be356604c988f2adb213fSocialURL suffers from a cross site scripting vulnerability during the login sequence.
fc4567720a2a7d2f5aa14eaf65bc1ebafedfc347117e13168887a7e28cd8ae3cTUTOS version 1.3 is susceptible to a remote command execution vulnerability leveraging cmd.php.
8da0cb82ac555ee1877c9557497db786d9954fedff7136778014d4115f1a2f49Secunia Security Advisory - A vulnerability with an unknown impact has been reported in IBM AIX.
820d83e59275435957e184648880a015291be416657f39667fd59cd9cba8a3a8Secunia Security Advisory - Crackers_Child has discovered a vulnerability in the samPHPweb template included in SAM Broadcaster, which can be exploited by malicious people to compromise a vulnerable system.
85632192a3d428943de9cf2b35433da1fd04158443bd65885e6c1736c8caff2d
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed