PHP version 5.3.4 on windows com_event_sink zero day exploit.
7c10651bbfba8d827368b8a19219613171b3dd6f2fc6885a3ddec4ea94d635e5This is a brief whitepaper that discusses DTMF input processing and easy denial of service attack via phone lines against banking systems.
69dbef581e13a4637e1b0aa3251b231aa329ac074cbf3ea2f4870506046ed98fThis is a proof of concept exploit for the vulnerability documented in MS11-046 for the Microsoft Windows Ancillary Function Driver (AFD).
db03166f4056e42fe514f3a64ffbe8b1395886a9e9f58f55dbe8e7302af75e70Whitepaper called Web Backdoors - Attack, Evasion and Detection. This paper provides insight on common web back doors and how simple manipulations could make them undetectable by AV and other security suits. It explains a few techniques that could be used to render undetectable and unnoticed backdoors inside web applications.
b1a5cd53ac0ba93fa6ae8a95e647a33652ee817065946819d8fc813efa6fdce6vBulletin versions 4.0.x through 4.1.3 suffer from a remote SQL injection vulnerability in messagegroupid.
f6247497c278e39673c5ca386d68ebbd647569a0f0b7ec7d68b6e4a6963a2b5cEbay in India suffered from multiple persistent cross site scripting vulnerabilities.
709722d5fee1b863f22ade779f02c3c3c899332423de1609729e54de8e1fccc0shmedia.dll in Microsoft Windows suffers from a division by zero issue that will trigger a denial of service condition. Proof of concept .avi included.
cdd293bf17d5d0ac5da1c329734f232ac9627ff6a861396bdb8bfdc5b8130196Whitepaper called A Penetration Testers Guide to Finger Print Authentication.
765d685444a69e09bb8e61d892694da54f50077d71ab630c5afd17ab4266c5c0Whitepaper called Antivirus / Firewall Evasion Techniques : Evolution of Download Deploy Shellcode.
dbb6ec4dcc2c9fc40144c8ec59fdeb2ca61452a22cb209fdf2e7903079ab80b1Whitepaper called Effectiveness of Antivirus in Detecting Web Application Backdoors.
56b496efac0e7ee46bf1f739d096e2a7faddcbb9a3266a3471e63693230b5988Whitepaper that discusses a security token prediction vulnerability in Google Scholar alerts.
3cf72288cc52a5fdca22cae1d62858b7565ad40233aa1294bce10a40253fff48Whitepaper called Bypassing A Cisco IOS Firewall.
3f77609e2014ac8480e94a23a6d9d5d055c348c80951b8a37a5c86fc6f5c30cdApache 2.2 suffers from a local denial of service issue on Windows.
a2ae731ec092009c52e197c594544de0d92bdc247403bbef73391ab3d382af0edBpowerAMP Audio Player local buffer overflow exploit (EDI overwrite method used).
b12353ad095517fa0af0fc25a33dc1565f78f2a751f623553b119e82e88733c3Whitepaper called Cracking Salted Hashes. The Do's and Don'ts of "Salt Cryptography".
2994290c21b4a94ba28fba881b3dd0dc6662a6442242e2f9b7f809a064ad0377ZKSoftware Biometric Attendance Management Hardware appears to dump user related information when improper authentication occurs over UDP port 4370.
44c78ee04a4610584c09283be6af36caf6d2c2411a90fa07784efbe98445c04cCSICE suffers from cross site request forgery and cross site scripting vulnerabilities.
740d08e10637bef23e3391f65b45c2fd3f40f91b785b063effed7c1665fab755CastRipper version 2.9.6.0 local buffer overflow exploit that creates a malicious .wvx file.
d5cea035509606ee18de1bb920ace4a6956ea1665d1ebf55f7a6e84fbb53c6c1Httpdx version 1.5 suffers from a directory traversal vulnerability.
f7f8255e2a5178282a6b3948576560ca649483e471c96c5e8c86debd4d932652Serverchk.py is a python script written to scan web applications for SQL injection vulnerabilities.
d0ddb6281fd5a4886511316dd456027446ae9f16291895b5c960f2844b37c776Whitepaper called Building Your Own Shell-codes.
86ef527d9aa10343480e09786cd1e4d1938ad0c3b246d7d5f2f5973fcf16289d43 bytes small /bin/cat /etc/passwd Linux x/86 shellcode.
de7500ae0726581b49c0f823c1ea34c0093776ca11b5329ed06e55f9179a1bf9This Metasploit module exploits a vulnerability in Easy chat server by passing an arbitrary evil buffer along with the username password. Successful attack could run arbitrary code on a victim's machine.
dfe25c0c2f33944c8516c3c48dc671a20c63a0a1203641bd813ed22147c948d1Surge-FTP suffers from an administrative web interface cross site scripting vulnerability.
3647c9dbf6a9fe304ceceda29eece4259647eb66d41dcee1ea92100a3f07a88dThis Metasploit module exploits a stack overflow in Soritong v1.0. By creating a specially crafted skin ui file making it possible to execute arbitrary code. Just replace the skin file with the new one.
4b32d44688159c58903748c1b0be928e6be3bce8ab982fc9b243fbbcf25048e7
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed