what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 37 RSS Feed

Files Date: 2010-10-01

Creating Windows Exploits With The Metasploit Framework
Posted Oct 1, 2010
Authored by pr0misc

Whitepaper called Creating Windows Exploits with the Metasploit Framework, or Criar Exploits Para o Windows com a Ajuda da Metasploit Framework. Written in Portuguese.

tags | paper
systems | windows
SHA-256 | 301bb0feb08953721be67b31cd0b765b20729b7aa35a814c8315e4c5a03eed48
Trend Micro Internet Security Pro 2010 ActiveX extSetOwner() Remote Code Execution
Posted Oct 1, 2010
Authored by Trancer | Site metasploit.com

This Metasploit module exploits a remote code execution vulnerability in Trend Micro Internet Security Pro 2010 ActiveX. When sending an invalid pointer to the extSetOwner() function of UfPBCtrl.dll an attacker may be able to execute arbitrary code.

tags | exploit, remote, arbitrary, code execution, activex
advisories | CVE-2010-3189
SHA-256 | c2a11c7983f91db8ab886e7660b02d16e3345e1caecf8da45a9e658400a2913f
Chipmunk Board 1.3 SQL Injection
Posted Oct 1, 2010
Authored by Shamus

Chipmunk Board version 1.3 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 311d67f6b84606b8b462576aae2d7cc258a4bcbfb557591d370d2d4cdd70a403
iGaming CMS 1.5 Blind SQL Injection
Posted Oct 1, 2010
Authored by plucky

iGaming CMS versions 1.5 and below remote blind SQL injection exploit.

tags | exploit, remote, sql injection
SHA-256 | 1b00329d1f8ee25a03cfcafc13ec8425e486f1d1deecb13f3ef36b5e91f00f49
PhpMyShopping 1.0.1505 Cross Site Scripting / SQL Injection
Posted Oct 1, 2010
Authored by Metropolis

PhpMyShopping version 1.0.1505 suffers from cross site scripting and remote blind SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
SHA-256 | 0cc2e1134812b389f8a59a6b6b29fb47e4397708ff1b92050462624009121ad8
jCart 1.1 Cross Site Request Forgery / Cross Site Scripting
Posted Oct 1, 2010
Authored by p0deje

jCart version 1.1 suffers from cross site request forgery, cross site scripting and open redirect vulnerabilities.

tags | exploit, vulnerability, xss, csrf
SHA-256 | 37d8fb41ceb0f28568a4e8cc0862efe009e1edaa1362ee88731eee816d27916e
Evaria Content Management System 1.1 File Disclosure
Posted Oct 1, 2010
Authored by khayeye shotor

Evaria CMS version 1.1 suffers from a file disclosure vulnerability.

tags | exploit, info disclosure
SHA-256 | 11d7bd467c1c6989bce371d3712b62e770f4b8bc1844628f2d22723fdc57e7a5
Zero Day Initiative Advisory 10-190
Posted Oct 1, 2010
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 10-190 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell iManager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the nps.jar web application exposed via the Tomcat server running by default on TCP ports 8080 and 8443. The com.novell.nps.serviceProviders.PortalModuleInstallManager servlet exposes a function called getMultiPartParameters which parses POST variables from a multipart form request. The getEntry function that the above uses can be made to write an arbitrary file to disk. An attacker can abuse this to place a malicious JSP document in a web-accessible location. By uploading a malicious script, this can be leveraged to execute remote code under the context of the Tomcat process.

tags | advisory, remote, web, arbitrary, tcp
SHA-256 | 1699605969f4f4ceb62ec6179f5c66fa538641846826a8b80255c0423b295f72
Zero Day Initiative Advisory 10-189
Posted Oct 1, 2010
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 10-189 - This vulnerability allows attackers to deny services on vulnerable installations of Novell eDirectory. Authentication is not required in order to trigger this vulnerability. The flaw exists within Novell's eDirectory Server's NCP implementation which binds, by default, to TCP port 524. While handling a malformed request, the application explicitly trusts a field when translating it to an index into a table of counters. If this index is too large, the application will set a value outside the array and the ndsd process will become unresponsive resulting in an inability to authenticate to that server.

tags | advisory, tcp
SHA-256 | e56ecb116ae51cb4e73bc7ea2b7243fadbe052600a1642ced1479adf40a5a2e4
Packet Storm New Exploits For September, 2010
Posted Oct 1, 2010
Authored by Todd J. | Site packetstormsecurity.com

This archive contains all of the 305 exploits added to Packet Storm in September, 2010.

tags | exploit
SHA-256 | 3b64922137400b6c4d599c0c0c6ea4681bde2a5c6d9413cb6538011973303ce7
Win32/XP SP3 cmd.exe Shellcode
Posted Oct 1, 2010
Authored by ZoRLu

42 bytes small Win32/XP SP3 (Tr) cmd.exe shellcode.

tags | shellcode
systems | windows
SHA-256 | a47cfd0226478f7609da02fc5721f8a3d186764a1bffb72704ee7ea44ee6f8e2
Mandriva Linux Security Advisory 2010-191
Posted Oct 1, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-191 - Multiple cross-site scripting vulnerabilities in GNU Mailman before 2.1.14rc1 allow remote authenticated users to inject arbitrary web script or HTML via vectors involving the list information field or the list description field.

tags | advisory, remote, web, arbitrary, vulnerability, xss
systems | linux, mandriva
advisories | CVE-2010-3089
SHA-256 | 69ac23bb749b1900777ce4b515706762e22cf782817709f51e127d014a70e691
Netbiter webSCADA Disclosure
Posted Oct 1, 2010
Authored by Andrej Komarov, Eugene Salov

Netbiter webSCADA suffers from file and information disclosure vulnerabilities.

tags | exploit, vulnerability, info disclosure
SHA-256 | b74d2dea0d6285c157f5bdd67ae7e60c5a0411ee3a74aa6d8b04e0d1c6fc4df6
Secunia Security Advisory 41686
Posted Oct 1, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in IBM DB2, which can be exploited by malicious users or malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system.

tags | advisory, denial of service
SHA-256 | ee96a2dc6e6bba0e13f1b3b7d00d10a83173f9403b7099f135c5c76c4eb1648d
Secunia Security Advisory 41687
Posted Oct 1, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Novell iManager, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
SHA-256 | 491ea0171f345e33e99ffc2bc463adfdfa8f407436f9c63f5ea05aaef5b2e94c
Secunia Security Advisory 41689
Posted Oct 1, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in Openswan, which can be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability
SHA-256 | eca9d01559886074c1ab9dfc19213c864abe681ed42104e8858f4c161ac7911b
Secunia Security Advisory 41609
Posted Oct 1, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Barracuda Spam & Virus Firewall, which can be exploited by malicious users to disclose sensitive information.

tags | advisory, virus
SHA-256 | 1d60774803094d83fb1c5e473f2f066dbe186d502a9d95b7021d99d0d64c5ad5
Secunia Security Advisory 41621
Posted Oct 1, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in FreeRADIUS, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service, vulnerability
SHA-256 | b241acbf02fe5e80feffacc5ba124b0283ce3129603c093a40ba9b327e42044c
Secunia Security Advisory 41666
Posted Oct 1, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in Zen Cart, which can be exploited by malicious people to conduct SQL injection and cross-site scripting attacks and to disclose sensitive information.

tags | advisory, vulnerability, xss, sql injection
SHA-256 | afef74bad63e6cb421315cd7681529ff9a2464eed1f963460f4a10be940d5d61
Secunia Security Advisory 41657
Posted Oct 1, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for libmikmod. This fixes multiple vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise an application using the library.

tags | advisory, denial of service, vulnerability
systems | linux, ubuntu
SHA-256 | bbbeea76e6fbffd5bbf7fd77754c7090087ed683fd4c992af682ad4c16721465
Secunia Security Advisory 41649
Posted Oct 1, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for mako. This fixes a vulnerability, which can be exploited by malicious people to conduct cross-site scripting or script insertion attacks.

tags | advisory, xss
systems | linux, ubuntu
SHA-256 | edab14cab87f824ad5d07a4cc0bc8eab31b4194d28638961ca31c51c3711bd39
Secunia Security Advisory 41660
Posted Oct 1, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for avahi. This fixes multiple vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service, vulnerability
systems | linux, ubuntu
SHA-256 | d686fad3f7015402a0f5f4edc29db8574e799fcf6d7ef5b17747f6b70a15fd98
Secunia Security Advisory 41633
Posted Oct 1, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for moodle. This fixes multiple vulnerabilities, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to conduct cross-site scripting, script insertion, cross-site request forgery, and SQL injection attacks.

tags | advisory, vulnerability, xss, sql injection, csrf
systems | linux, debian
SHA-256 | e41fea7be2a589aacc713f1c6b0a9499140a4cd93e6c934c6eada5ff22b942c2
Thotcon 0x2 Call For Papers
Posted Oct 1, 2010
Site thotcon.org

The Thotcon 0x2 Call For Papers is now open. The conference will take place in Chicago, IL on April 22nd, 2011.

tags | paper, conference
SHA-256 | 8b50dc40fac8305be72a83a6a7130c0b946cafe9167a7b52733fafa1d9c95efb
RouterDefense 0.5
Posted Oct 1, 2010
Authored by Francois Ropert | Site code.google.com

RouterDefense is a Cisco IOS security assessment tool. It deep dives into router and switch configurations and reports security recommendations.

systems | cisco
SHA-256 | a361d271b4e0033888d7aeee72aacad0e7cb91505c1cd513a794723bdb61b6f1
Page 1 of 2
Back12Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    0 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    0 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close