This Metasploit module exploits a vulnerability found in Symantec Web Gateway's HTTP service. By injecting PHP code in the access log, it is possible to load it with a directory traversal flaw, which allows remote code execution under the context of 'apache'. Please note that it may take up to several minutes to retrieve access_log, which is about the amount of time required to see a shell back.
65a7306dea41b299aa10904fe0da0ef4f8feaaf8b06f2b42c12431d74226ce63
This Metasploit module exploits a vulnerability found in ispVM System 18.0.2. Due to the way ispVM handles .xcf files, it is possible to cause a buffer overflow with a specially crafted file, when a long value is supplied for the version attribute of the ispXCF tag. It results in arbitrary code execution under the context of the user.
dd306ebaa1dbb06e60f50cd822da5c809e6e45d3a3bec14bed35322b5703fd6a
Mandriva Linux Security Advisory 2012-082 - Multiple vulnerabilities has been discovered and corrected in pidgin. A series of specially crafted file transfer requests can cause clients to reference invalid memory. The user must have accepted one of the file transfer requests. Incoming messages with certain characters or character encodings can cause clients to crash. This update provides pidgin 2.10.4, which is not vulnerable to these issues.
8250736d53c4ff0aec14a41ffb644124cf6f919a74bff10c3a67955e6c661991
This is a tutorial on using THC-Hydra version 2.1. Written in Portuguese.
e71cb404f49d35223cd71a6c6a7b8232e04fe44cd4cb72204cfa8868296caaa7
This is a presentation called Security Vulnerabilities of Digital Video Broadcast Chipsets. It is from a talk given at the Hack In The Box security conference in Amsterdam in 2012.
b5085e8431fb1a7e2bbeb1de39c969addc0919c9cb22fbe8c72602adfcfcf41b
This is a presentation called Security Threats in the World of Digital Satellite Television. It is from a talk given at the Hack In The Box security conference in Amsterdam in 2012.
61103d4ce9bcf58777deab4ee4ff4c33b39828de0f9c1efaefc51fa159e8fffc
PBBoard version 2.1.4 suffers from a local file inclusion vulnerability.
840dd61912dca2230c93d865025205fb5ad12c9b2ead84a1ac7013ffa24ea103
Topics Viewer version 2.3 suffers from local file inclusion and remote SQL injection vulnerabilities.
240295b4314ae057413639f66d3ca5596b799d870b2492f4e019413946b893f4
LibreOffice version 3.5.3 suffers from a FileOpen crash denial of service condition when handling rtf files.
a71da538901bbc0fa1d8228c151e5f1dd87314a31e0dae91254b0b30fc980d29
PHP Volunteer Management System version 1.0.2 suffers from cross site scripting and shell upload vulnerabilities.
5dda1338ca319b4adddc456481f9f1b5cd07d77f0275192f85b5454e36568928
PHP Volunteer Management System 1.0.2 suffers from multiple remote SQL injection vulnerabilities.
bbef50f00f1004c0c3b40f947efc42c825c2517b868db7747f70bf88487f9451
Yamamah version 1.1.0 suffers from a database backup download vulnerability.
9ba02db21a83e5a8efab01c2d4243ac6d3bea9948f0e4020890e7d14d7469e10
WinRadius 2009 suffers from a denial of service vulnerability.
6d6ac4e2be7fb63e9e680889df21e507bc3a56f9b855b5f2704f8a6297d58047
Tftpd32 DNS server version 4.00 suffers from a denial of service vulnerability.
ae64a094bcfcc8018eb6bfa205de45c996bbf7910049e67596d1e1c0a5e3c12c
Gentoo Linux Security Advisory 201205-4 - Multiple vulnerabilities have been reported in Chromium and V8, some of which may allow execution of arbitrary code. Versions less than 19.0.1084.52 are affected.
ff3e26d594fbe9ebe0f7c6b33615b11c94efdd40088cde37f470df19d5578cc8
WHMCS appears to suffer from a remote blind SQL injection vulnerability.
ffc1a03fc3a0f290ac1373d8d574a5ef3822f230c1fccb7c08eebe2405c0db9f
Secunia Security Advisory - Multiple vulnerabilities have been reported in activeCollab, which can be exploited by malicious users to conduct SQL injection attacks and by malicious people to bypass certain security restrictions and conduct cross-site scripting attacks.
3211ab70f37249942237af9b8155774403abbde239cc63210991daf73c349fb3
Secunia Security Advisory - Two weaknesses have been reported in activeCollab, which can be exploited by malicious people to disclose sensitive information.
e10192ac30eb929306731b7e3b31fcfb16cdf2b251e11f954286a433f000d322
Secunia Security Advisory - Gentoo has issued an update for chromium and v8. This fixes multiple vulnerabilities, where some have unknown impacts and others can be exploited by malicious people to compromise a user's system.
ca3b1944abeb4290b34f68ff8de7c795d1422fd86ae146f5522af387d4b78b7d
Secunia Security Advisory - A vulnerability has been reported in VMware vMA, which can be exploited by malicious, local users to gain escalated privileges.
bad075b0c98097f9111dccbb27225e3a70c725278b9243d06d5522087ec0c044
Secunia Security Advisory - Multiple vulnerabilities have been discovered in AzDGDatingMedium, which can be exploited by malicious people to conduct cross-site scripting and request forgery attacks.
208c4c27cea86819ee8fcb4478bf68231e5eb3d6d7f71c7f0cfa678928c0e491
Secunia Security Advisory - A vulnerability has been reported in VMware vMA, which can be exploited by malicious, local users to gain escalated privileges.
9dcdfa7332f4c0c2d1c5828c5e538961406a9b0403f77482d1889052ee8546d0
Secunia Security Advisory - A security issue has been reported in Seagate BlackArmor, which can be exploited by malicious people to compromise a vulnerable system.
d189fee91f25667fce724042289faee066d9469885f2e1d3426dccbda3bdfd0d