SQL fuzzing tool that will find all table names, column names for specified table, mysql version, username of mysql, database, perform load_file() on sites vulnerable to SQL injection.
04567fd7758525a5ed5dcfa916d706b33ffcb6470163b2634fac2e099cbeb3bf
Whitepaper called Amenizando Recusa de Servico Remota. Written in Portuguese.
37dd3542ed0d013aa1dee856277fac955bafb52b3085360476b8867809aba5d2
OneOrZero Helpdesk versions 1.6.5.7 and below suffer from a local file inclusion vulnerability.
f6490042fa37ee81e03cc251d93d9bd3fe2bb0b1c79f7fe84aaac5962107450f
isiAJAX version 1 suffers from a remote SQL injection vulnerability.
ec2e5d92de99da4fd7afed2e73e6736270437334d8590f4615430bd5ab6f2c56
The calendar application for Apache Tomcat contains invalid HTML which renders the cross site scripting protection for the time parameter ineffective. An attacker can therefore perform an cross site scripting attack using the time attribute. Version affected include Tomcat 6.0.0 to 6.0.18, Tomcat 5.5.0 to 5.5.27, and Tomcat 4.1.0 to 4.1.39.
2fd4d18e046935391c0b4eb23d19aed3bf6cd14d57e11ae2522468cf694b91a4
TinX CMS versions prior to 3.5.1 suffer from a remote SQL injection vulnerability.
468028f24e6f10fadb1df14eb214b6bc7352f3b47735d731953d6082ccb0bf9c
WarVOX is a suite of tools for exploring, classifying, and auditing telephone systems. Unlike normal wardialing tools, WarVOX works with the actual audio from each call and does not use a modem directly. This model allows WarVOX to find and classify a wide range of interesting lines, including modems, faxes, voice mail boxes, PBXs, loops, dial tones, IVRs, and forwarders. WarVOX provides the unique ability to classify all telephone lines in a given range, not just those connected to modems, allowing for a comprehensive audit of a telephone system.
d6115beb3ead3b0ce8888f70154d82864a62f8183c220adde51a82ab414b4813
Presentation going over WarVOX, the new tool released by H D Moore. WarVOX is a suite of tools for exploring, classifying, and auditing telephone systems.
344a650efaa9e209f093a2ed700599e31cb378382a8f65175d5b9c95716c704b
The new Defcon Capture The Flag organizer submissions are in. Dark Tangent has requested that people read and comment on them.
bb974ffa4476f53db001f36e11cbd1fee539e3c7766311b347d4237fbc44e548
Small write up regarding a cross site scripting vulnerability on Drupal version 5.15 being used for a password change attack. Attack script included.
86d13cf8462beb1f49b6073cfa700d5ee7e151e78aed8e8844279904e36a02a9
Secunia Security Advisory - Ubuntu has issued an update for firefox. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions and compromise a user's system.
0b6d76c7c141f3525150ef5fc4df85bf2dd9bfadc908bb0cf0ba4f24b5756ce0
Secunia Security Advisory - A vulnerability has been reported in Avahi, which can be exploited by malicious people to potentially cause a DoS (Denial of Service).
690e54ae07da19a88da1073dc5aafd6472fd1e2406e18f5ecc78005b9f11c4ca
Secunia Security Advisory - Ubuntu has issued an update for libpng. This fixes some vulnerabilities, which can be exploited malicious people to cause a DoS (Denial of Service), disclose potentially sensitive information, or potentially compromise an application using the library.
feade7b7bfb93e59411b97df50ae4da55972a5d94c435f13ab4be6ae3d81e5f8
Secunia Security Advisory - Ubuntu has issued an update for firefox-3.0 and xulrunner-1.9. This fixes some vulnerabilities, which can be exploited by malicious people to conduct spoofing attacks, bypass certain security restrictions, disclose sensitive information, or compromise a user's system.
0600b18077868d7c927b1d4b6ba3ed095d176d884314d32919166e5a7cda6b74
Secunia Security Advisory - Fedora has issued an update for curl. This fixes a security issue, which can be exploited by malicious people to bypass certain security restrictions.
b82d992b67556b2ab616cad09cd42a00c5dc9dee5e1a71f56fbd1c2ab51b13a5
Secunia Security Advisory - Ubuntu has issued an update for python-crypto. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.
f88628f5290931e2e7271e667baf2daee87099f96b72f3da6c28de0df64458b6
Secunia Security Advisory - Fedora has issued an update for wireshark. This fixes some vulnerabilities, which can be exploited by malicious people to potentially compromise a user's system.
1d2b1d608a9f3546e3682ed47dd38c89cca1a46c06d0ee71edb056d50102fbd9
Secunia Security Advisory - Fedora has issued an update for dkim-milter. This fixes a vulnerability, which can be exploited by malicious people to conduct DoS (Denial of Service) attacks.
ba2bf7404c15dc63df27e89bab1af1bd78ee5ea4b91770164a389c384ef6df87
Secunia Security Advisory - Fedora has issued an update for jhead. This fixes a security issue, which can be exploited by malicious, local users to gain escalated privileges.
ca6ce46e9479c2b34cfefed3c786520926d9cc4bce00f24f8e57f0c149f4321a
Secunia Security Advisory - A vulnerability has been reported in the Search and Archive component for Joomla!, which can be exploited by malicious people to conduct SQL injection attacks.
1f3dd4199b0624856a699019bc7dcbd6eadcf3558ad88804d697b4684751f91e
Secunia Security Advisory - A vulnerability has been reported in OpenBSD, which can be exploited by malicious, local users to cause a DoS (Denial of Service).
0cdf8aeccb11c2695abb7613c4b2fd171c0131754b22c7e1ecd57edcae67e0fe
UMI.CMS versions prior to 2.7.1 build 10856 suffer from a cross site scripting vulnerability.
fa0b2b3f48f9d8c58361b5a6fa9542bde5609b33ce557556b06d5d701c902037
Ubuntu Security Notice USN-728-3 - Jesse Ruderman and Gary Kwong discovered flaws in the browser engine. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. Georgi Guninski discovered a flaw when Firefox performed a cross-domain redirect. An attacker could bypass the same-origin policy in Firefox by utilizing nsIRDFService and steal private data from users authenticated to the redirected website.
4ef712cf1de39e92be0d7f3064b1b4afcbf2ec90634bcc529138e0365648b262
Ubuntu Security Notice USN-728-2 - Jesse Ruderman and Gary Kwong discovered flaws in the browser engine. If a user were tricked into viewing a malicious website, a remote attacker could cause a denial of service or possibly execute arbitrary code with the privileges of the user invoking the program. Georgi Guninski discovered a flaw when Firefox performed a cross-domain redirect. An attacker could bypass the same-origin policy in Firefox by utilizing nsIRDFService and steal private data from users authenticated to the redirected website.
dffc45bb28c639cb7e4f7b4a0bdee5e4e444bd9114ed36756540b6200046ea0b
Ubuntu Security Notice USN-730-1 - A large amount of vulnerabilities in libpng have been addressed. These range from denial of service to remote code execution issues.
bf1668416bc0c504288cc177db2f2c946b397313a140888d671c84f861f5103d