Mpctp is a tool for manipulation of raw packets that allows a large number of options. Its primary purpose is to diagnose and test several scenarios that involving the use of the types of TCP/IP packets. It is able to send certain types of packets to any specific target and manipulations of various fields at runtime. These fields can be modified in its structure as the the Source/Destination IP address and Source/Destination MAC address.
8e8204b70f419814270efe1a84e5a1a57379fb615a273913b02f39c00bcd3841Ubuntu Security Notice 1064-1 - Neel Mehta discovered that incorrectly formatted ClientHello handshake messages could cause OpenSSL to parse past the end of the message. This could allow a remote attacker to cause a crash and denial of service by triggering invalid memory accesses.
0363a4620aad3ba274e0d561fa4343dcb277629a86069b3850aa4b9eed29fc1cA vulnerability exists in the Tembria Server Monitor application allowing an attacker to easily decrypt usernames and passwords used to authenticate to the application. This is a second level attack that requires access to the password files stored within the application directory.
163a065cfecd676df474c29e1bd95914935a34327f5d1ac24420581f6c99a5aeAutoPlay version 1.33 local buffer overflow exploit that creates a malicious autoplay.ini file.
3d6ec4b37f5393ccc419eac3e4e7edbdd77b47c7d203d69da6130e06a397a565Zero Day Initiative Advisory 11-084 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Java Runtime Environment. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the findClass method of the sun.plugin2.applet.Applet2ClassLoader class. Due to a failure to properly validate URLs supplied by an implicitly trusted applet, it is possible to execute arbitrary code on Windows 32-bit and 64-bit, as well as Linux 32-bit platforms under the context of the SYSTEM user.
1c7151242a63212a2753302b519801eac9936ba533ed1416c16f2de270ae545bFina is a simple, robust bash script that loads iptables rules from a rules directory. As such, it isn't concerned with creating rules for you; it just helps you load them in a robust way, going back to older or safe rules when things go wrong.
1f01f9f59cd9051c233a38c73377d3066a54814024c0723704714ed3717e2246Mandriva Linux Security Advisory 2011-028 - Incorrectly formatted ClientHello handshake message could cause OpenSSL to parse past the end of the message. This allows an attacker to crash an application using OpenSSL by triggering an invalid memory access. Additionally, some applications may be vulnerable to expose contents of a parsed OCSP nonce extension.
2b7b0d41ceaac24980fc028cbc657ac4083b57ea934c5280858484dfc8348854Oracle 10/11g exp.exe param file local buffer overflow proof of concept exploit.
5bc9f0e6eb52e601de2e7868bb5965400e6367fd5d43aa95bc7a483d47042933Lingxia I.C.E CMS remote blind SQL injection proof of concept exploit.
849e822c4ad163e9f886e1f7a76b149fe0052436cccd30ddc705a2bc19428834phpMyBitTorrent version 2.0.4 suffers from a remote SQL injection vulnerability.
f9ba1987c71d6647882f802bab7f06f8b9632a0390e53bada56fb564d8b031f5QuickRecon is a python script for simple information gathering. It attempts to find subdomain names, perform zone transfers and gathers emails from Google and Bing.
883ccd44f2129e5160ea8c433f5ff98e0a5fdf077fe8afbec99020d82d17bbafOcreative Design Studio suffers from a remote SQL injection vulnerability.
c3cc8936aa3195d9f318223ce2515e0f7595cd2fb41bc4056326e3b83c573d19Gollos version 2.8 suffers from multiple cross site scripting vulnerabilities.
a1782067ff2127e84de9830e7ba8f4a03470fcb51ee84ab005798da32a839cf0Tembria Server Monitor suffers from multiple cross site scripting vulnerabilities.
bd43f55446ef0b1ec184ba04169d7ae96d5669d34c462d144c86fcb05e1fc3d3sightFACTORY suffers from a remote SQL injection vulnerability.
80493891389243700d4ffd195289728d2833efb4ceeb7e0561946ae279bcb56eZero Day Initiative Advisory 11-083 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Oracle Java Runtime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw is due to insufficient defenses against system clipboard hijacking. When in focus, a handle to the system clipboard can be retrieved without user interaction by a malicious component. The clipboard can then be arbitrarily read from or written to. By writing a TransferableProxy object to the system clipboard and then forcing a paste action, arbitrary code can be executed under the context of the user invoking the JRE.
4c46b3ec192f1d813df40166389dd74826a1e212deec18e5d0c463478a0543f9Arctic Fox CMS version 0.9.4 suffers from a remote information disclosure vulnerability.
b398edc6c051c237457fce2ca656593b776379f0cc9f4b84072c919248771a4fZero Day Initiative Advisory 11-082 - This vulnerability allows remote attackers to leak authentication details on vulnerable installations of the Oracle Java Runtime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists in the handling of NTLM authentication requested generated in the context of the Java Runtime. The Java Virtual Machine will ignore browser policies and respond to WWW-Authenticate requests from the Internet zone resulting in the leakage of NTLM authentication hashes to attackers.
200d38bc13cbe21ac99e21e9ffec606d81aa8a64514da2b0e7274815d6236e75Wikipad version 1.6.0 suffers from cross site scripting and file content disclosure vulnerabilities.
0b16e4b9e89438ed538b13599105fa55488e27f95ac46604ee12ec652377cb52Photopad version 1.2.0 suffers from a cross site scripting vulnerability.
a488c268f86be03cbb8257537eadcf26c4143a9e808a7a5e9aab3ebe260b7f2bNews Events version 1.4 suffers from a remote SQL injection vulnerability.
47f66a1220ad3508d9358680dba785fdaa04de782d43acce06a59c3cb7acf61eCentury Marketing Inc Web Development Firm suffers from a remote SQL injection vulnerability.
9577ebec7cbcb887e8d9743101524eeae6a0d7bdc3119e6aea98cb643fdaf058GetSimple CMS version 2.03 suffers from a shell upload vulnerability.
9ed94b019619b8b1467fcb8e3fe717edffd835fa6d5854d7ba75eb8d68916e40Xaraya version 2.2.0 Beta 1 suffers from a path disclosure vulnerability.
25cf2837e277ac2a10f0dcb8b79e90c2baf2d5219f0eee037896570fdb9032cfArtGK CMS suffers from a path disclosure vulnerability.
67b272ba452d861c268cd2bb0d43fa4142e0658b5e21e447de9152a6b9edfbb6
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed