Real World Attacks Against 3G Networks Using Subscriber Devices - Cellular networks, like any other data network, requires careful attention to network design such as proper segmentation of subscriber generated traffic from network management and signaling traffic. This presentation discusses an attack penetration method using only standard subscriber equipment to compromise an operator network.
c2b5f9e80c71804ccb26604ad9550c6930b0b9297f7d33af74c0487029f4cf46RedDot CMS versions 7.5 Build 7.5.0.48 and below full database enumeration exploit that takes advantage of a remote SQL injection vulnerability in ioRD.asp.
3425a7a46022a1d5c00c940d64eb2be9302b2e7ef356f8e16b7bbc1869f47731RedDot CMS versions 7.5 Build 7.5.0.48 and below suffer from a remote SQL injection vulnerability in ioRD.asp.
b97bd24c53768c65b163383bb33684f6375c1f7cb5294f4c72c3f30ea93c2ed8Adobe Photoshop Album Starter, Adobe After Effects CS3, and Adobe Photoshop CS3 all suffer from a local buffer overflow vulnerability. Included is an exploit for Album Starter version 3.2 on Microsoft Windows SP2 that launches calc.exe.
b9d39af85285018f275769b36f2ed7800d54726f4a9f858f9a4302a44dc409f9Metagoofil is an information gathering tool designed for extracting the Meta-Data of public documents (pdf,doc,xls,ppt,etc) available on target/victim websites. It will generate a html page with the results of the Meta-Data extracted, plus a list of potential usernames.
609b999c777eaefa1a6f699b9382a29688351d4b790e6939a48541f3e48bf378Mandriva Linux Security Advisory - A heap overflow was discovered in OpenOffice.org's EMF parser. An attacker could create a carefully crafted EMF file that could cause OpenOffice.org to crash or potentially execute arbitrary code if the malicious EMF image was added to a document or if a document containing such an EMF file was opened. A heap overflow was discovered in the OLE Structured Storage file parser, a format used by Microsoft Office documents. An attacker could create a carefully crafted OLE file that could cause OpenOffice.org to crash or potentially execute arbitrary code.
2bb62176a085dc23e9d3bc3f1257d1be460d854adc482799532c6dd747d71fc0TR News version 2.1 suffers from a remote SQL injection vulnerability.
a08d90e45037ca25bc2be57ae78e00af2e7494748364244ce1d49906deb39784Tool that demonstrates the breaking of Simple Machine Forum's audio CAPTCHA.
4f20ba1d9a129152b8734b2e97bf6cddea6a9ca57ba17b3256a30b29ccdcf527Tool that demonstrates how the CAPTCHA used in PHP-Nuke version 8.1 can be deciphered with 100% accuracy.
b6a2d80689a601a1e69a0dc8960bbdc9c3765dfc74c229767bceb218d7547adaCrazy Goomba version 1.2.1 suffers from a remote SQL injection vulnerability.
56b69b614bc70cceae174f76646e091651a70987bc529127216a80949c706723Whitepaper discussing token kidnapping on Microsoft Windows.
3aa72e11552701698d4dc68d94e3923dd75717343681d1d9ed97c4867016095aAcidcat CMS version 3.4.1 suffers from multiple vulnerabilities including SQL injection, arbitrary upload, and cross site scripting flaws.
70cc4c780fa6f9637e4830c96b6152f324e0bc1ce4da670a4128dc20933d34a9Incognito is a tool for manipulating windows access tokens and is intended for use by penetration testers, security consultants and system administrators.
5f9d0055d62788b46aef7bd2f7dfdf9bd0dc129a2629983a18937bdacc378f28This whitepaper discusses the security exposures that can occur due to the manner in which access tokens are implemented in the Microsoft Windows Operating System. A brief overview of the intended function, design and implementation of Windows access tokens is given, followed by a discussion of the relevant security consequences of their design. More specific technical details are then given on how the features of Windows access tokens can be used to perform powerful post-exploitation functions during penetration testing, along with a basic methodology for including an assessment of the vulnerabilities exposed through tokens in a standard penetration test.
f23fe0277430389cbdd97c8c16d8eedd6520a0745f8fdc08b7c96f87a6131bf1Kubelance suffers from a local file inclusion vulnerability in ipn.php.
fa907df03c8948245c074f0065f524dc31ed079d9c8793f924496c5fb1ef1339HostDirectory Pro suffers from an insecure handling of cookies vulnerability.
a7039f5ff1f1e2be78d5fcf3ef5d1d3c327bbe2bf90e95865a334409d4ee15fbThe Apartment Search Script suffers from a SQL injection vulnerability in listtest.php.
969bfa473f12c3c41ff9f81056eee1d277c8275d2740be6355ee8d65f6cafe6eBlogWorx version 1.0 suffers from a SQL injection vulnerability in view.asp.
af234ab103394b88d1bd0178b78a97f831462e70b8041247d7e74524caaf32a1W1L3D4 Philboard version 1.0 suffers from a SQL injection vulnerability in philboard_reply.asp.
447406c4b09f1524c1aa9c43c2bf0a8abc607bb62f91ec93bbd5e558a95bcc50Debian Security Advisory 1553-1 - It has been discovered that ikiwiki, a Wiki implementation, does not guard password and content changes against cross-site request forgery (CSRF) attacks.
84ceb6a428c173e3b4ce5ef0be96c6948470967c187a5c6be1e09a6ad6dd8025Debian Security Advisory 1552-1 - It was discovered that the MPlayer movie player performs insufficient input sanitising on SDP session data, leading to potential execution of arbitrary code through a malformed multimedia stream.
8f580fd68f6db72ed316696a7c779cf425c03dcd6f12fa9f4cd9cd9f62eb917dDebian Security Advisory 1551-1 - Several vulnerabilities have been discovered in the interpreter for the Python language.
125dbdc0245dce606427e75fa210615b2106ce661d3fa39ee19cc66bf7d20012strongSwan is a complete IPsec and IKEv1 implementation for Linux 2.4 and 2.6 kernels. It interoperates with most other IPsec-based VPN products. It is a descendant of the discontinued FreeS/WAN project. The focus of the strongSwan project is on strong authentication mechanisms using X.509 public key certificates and optional secure storage of private keys on smartcards through a standardized PKCS#11 interface. A unique feature is the use of X.509 attribute certificates to implement advanced access control schemes based on group memberships.
b31e5513aa5c6894cdc197d95f6ac1c2cc223109a32533d34f5d34179f9ea5dcAtter version 0.9.1 suffers from a local file inclusion vulnerability.
2d2dccfa5f445e15142a7ea66d61ecdcb18ed3477e4f49da0d2013566422ed83XOOPS remote blind SQL injection exploit that takes advantage of Article.PHP.
ef2b0e4990596a7d54e3366d8ad7e69d19bcc4933091aa90f27ea595bca9c123
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed