Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).
cb15f152ccc1f939a7c0eac42411090f339e33b30563d16e0de7d3f3b84ce011Call For Papers for the DA (Drone Armies) Workshop. This workshop is for the purpose of bringing together members of the DA and MWP operational communities to share information, as well as plan future operations. It will be held August 10, 2006 in San Jose, California.
e2a57bdc99e80e91623c9bb37e2017701d3921b22f69fc2b33c8de6399226425RW::Download is susceptible to a remote file inclusion flaw via stats.php.
33087d3e6184e6f2bbd1e00f1a220a7507b77772fd80e7ab892255beb2ef0016ATutor version 1.5.3 is susceptible to cross site scripting and SQL injection attacks.
0929602cf98e9545bb7cf4dfa3a6a2bc8ffeff38417c5b9cdb90237eb45af373AjaxPortal version 3.0 is susceptible to a SQL injection flaw.
68241d394a552ba41f23ec3ea7e58f91c6e6a5456c5dd76262766a6dfc3bd014PAPOO versions 3_RC3 and below remote SQL injection and administrative credential disclosure exploit.
4db4c9c8617e6c3c6862cf952e38ef4364d3f71f445b39292eb92715efafeba3Mandriva Linux Security Advisory MDKSA-2006-118 - OpenOffice.org versions 1.1.x up to 1.1.5 and 2.0.x before 2.0.3 allows user-complicit attackers to conduct unauthorized activities via an OpenOffice document with a malicious BASIC macro, which is executed without prompting the user. An unspecified vulnerability in Java Applets in OpenOffice.org versions 1.1.x up to 1.1.5 and 2.0.x before 2.0.3 allows user-complicit attackers to escape the Java sandbox and conduct unauthorized activities via certain applets in OpenOffice documents. Heap-based buffer overflow in OpenOffice.org versions 1.1.x up to 1.1.5 and 2.0.x before 2.0.3 allows user-complicit attackers to execute arbitrary code via a crafted OpenOffice XML document that is not properly handled by (1) Calc, (2) Draw, (3) Impress, (4) Math, or (5) Writer, aka "File Format / Buffer Overflow Vulnerability."
5a8c64eba7a3889e3f7530ca9a0952ea5c82032ff3c72dc7da55a76a5bf3ff7fMicrosoft Word exploit that produces a .doc file that demonstrates a memory access violation. Affected are versions 2003, 2002, 2000.
b0cfb3e8375c4af5f551d8e0b66b9c572d830bae8db6cdfa5abad1876a3df85aExtCalendar versions 2 and below suffer from a remote file inclusion vulnerability.
975d41af136f4311ff0f0b704f71c6fca8549caa8d60c6b430194a802981d638rPath Security Advisory: 2006-0122-1 - Multiple kernel vulnerabilities have been address in rPath Linux.
f289ce55b2831694808c76e2e3e4b4ebaa36572769a708e68d81845d8e7829e4PBL Guestbook versions 1.32 and below suffer from cross site scripting and SQL injection vulnerabilities.
2e9d3de56f178204c6a9560fe34e9b79011e61e8164840fb764c3e9a279cb5c2Pivot versions 1.30 RC2 and below privilege escalation and remote command execution exploit.
0c4c52a4920d47c66f14e28cf25eac7641a8b20be15d5965ec2de2350e8e816bHosting Controller version 6.1 Hotfix (versions 3.2 and below) suffer from flaws that allow an attacker the ability to gain reseller privileges and administrative privileges.
c29498cc33bfddaabd14004ef369823d808759f1e695df756330be008e94b882ExtCalendar versions 2.0 and below suffer from a remote file inclusion vulnerability.
eb6e5f66cb0452899748ddd347344fc669e2d293e6b8564d152441d06b77b32dTrustix Secure Linux Security Advisory #2006-0040: SCTP conntrack (ip_conntrack_proto_sctp.c) in netfilter allows remote attackers to cause a denial of service (crash) via a packet without any chunks, which causes a variable to contain an invalid value that is later used to dereference a pointer.
d316dab38203d31e0d63c87286a8aef0c2a6e3a801a4cbbd588988864dd3a035FreeWebShop version 2.1 is susceptible to cross site scripting and SQL injection vulnerabilities.
3e87ac2f88e52c545c0cad93e91903f566e40d7348959519f17d8be8071e1a5fATutor version 1.5.3RC2 is susceptible to cross site scripting flaws.
c6605d6060c990aaa3d602daddb6f39914c9876bd87f76ff31150990517d620dDebian Security Advisory 1105-1 - Federico L. Bossi Bonin discovered a buffer overflow in the HTTP Plugin in xine-lib, the xine video/media player library, that could allow a remote attacker to cause a denial of service.
ee065aec0def92b5b6a012dcf7eca6d13db821b8f04c19dede7852569589e831PHP-Blogger version 2.2.5 is susceptible to cross site scripting flaws.
dd57251e85845b8f6b954c43e269ca9262c39ed34c7f2cd85cfebff7588e0e4eMcAfee VirusScan Enterprise version 8.0.0 suffers from a denial of service condition.
bb0d7fb363fe04b7843f91a1d326ee5794e4ce318e123b9a020d453caa2f493aMandriva Linux Security Advisory MDKSA-2006-117 - Stack-based buffer overflow in MiMMS 0.0.9 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via the (1) send_command, (2) string_utf16, (3) get_data, and (4) get_media_packet functions, and possibly other functions. Libmms uses the same vulnerable code.
aa9e2b1b98168a24ebda41a1074843e882c493cd050298e534bccafec8a16004The WebEx Downloader Plug-in suffers from a flaw that exists due to the lack of input validation on various ActiveX/Java control parameters and configuration directives. The "GpcUrlRoot" and "GpcIniFileName" ActiveX/Java control parameters allow an attacker to specify the location of a configuration file containing further control directives. This allows an attacker to transfer arbitrary files and executables to the target. The attacker can then leverage available configuration directives to execute the newly created executables thereby compromising the underlying system.
df97c810e9ba3027f49ff7c049482a9cad0431bc73b56f6b6a9067ce7a985129Advanced Guestbook version 1.0 suffers from a cross site scripting flaw.
c19873d1074bd3250ddc2d4667a0eb32aba86a2570bb2de17caf5bba0b6c3f55MICO versions 2.3.12 and 2.3.12RC3 crash when contacted with wrong object key resulting in a denial of service condition.
ae2abc4507b3ddc089bf1384ce6845473d3afb0dc993d7b8cae0055ef41f3c1cProof of concept test exploit for AdPlug versions 2.0 and below (and CVS version 04 and below) which suffer from multiple heap and buffer overflows.
7db14c0ab5317f67a3a754c63ead81dd62bdb3b74b5842b13367905db90a2219
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed