Malware Analyser is freeware tool to perform static and dynamic analysis on malwares.
f349bdbbeafc34f1e51d0e1bafb7ebaade4f4140aa0d2c8365eae7c7b00ab480Ashampoo Burning Studio Elements version 10.0.9 suffers from a heap overflow vulnerability. It fails to properly sanitize user supplied input when parsing .ashprj project file formats resulting in a crash corrupting the heap-based memory. The attacker can use this scenario to lure unsuspecting users to open malicious crafted .ashprj files with a potential for arbitrary code execution on the affected system.
f75aa6cbf3a17f5685e22633550ca4c85791c38d464e76137942ed86c5fbeea8Phorum version 5.2.8 suffers from a cross site scripting vulnerability.
b777ae0e0e689165893e4be610d34f449797aefcebf13a1cd39e3b65fb2607efNetvolution CMS version 2.5.8 suffers from a remote blind SQL injection vulnerability via the HTTP referer header.
4f44a47ab87874ced4484f0eb85ac74d9c2673b9445def8cfc6979a55d36a55aMetropolis Technologies OfficeWatch enables a web server on TCP port 80 that is susceptible to a directory traversal. An attacker may send a ../ (dot-dot-slash) sequence to traverse out of the web root and access arbitrary files on the host.
4aba0388d8f62c4675129cd9356d9b16ec2a4a24eaf06d3eacdd7b61b4eeec3bMultiple Cybele Software, Inc. products are vulnerable to arbitrary file retrieval and directory traversal vulnerabilities including ThinVNC, ThinRDP, and ThinVNC Access Point 2.0. An unauthenticated remote attacker can submit requests for files that are located outside the root of the web server that is distributed with these Cybele Software, Inc. products.
56804b5d4ec38a09363d2aa6c3a1d09a4a45a1dc896ccd35b22b89d77e0552cfTHC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.
551ef1f72848dab19f6a1ff9fe31f08143c8cef26f638d93e7110b4bce49d0a4Debian Linux Security Advisory 2314-1 - Multiple security issues have been discovered in puppet, a centralized configuration management system.
4d61f7d2040b18a2d84536e900279ffbe5494482305020352fafcdf6f331a86bThis article will show how to use Hydra to check for weak passwords. Hydra tries all possible password combination against a server on the Internet until one valid one is found to log in to the server. It is a powerful tool for hackers and network administrators alike.
56171bc530902f8968a9598509262077fabc677e9035e86cc837313228edf75bRed Hat Security Advisory 2011-1349-01 - The RPM Package Manager is a command line driven package management system capable of installing, uninstalling, verifying, querying, and updating software packages. Multiple flaws were found in the way the RPM library parsed package headers. An attacker could create a specially-crafted RPM package that, when queried or installed, would cause rpm to crash or, potentially, execute arbitrary code. Note: Although an RPM package can, by design, execute arbitrary code when installed, this issue would allow a specially-crafted RPM package to execute arbitrary code before its digital signature has been verified. Package downloads from the Red Hat Network remain secure due to certificate checks performed on the secure connection.
cd4cf859a3f4de5d858f9eb9b426cab9223d94eb4ca30c0bdda789361f169e39Ubuntu Security Notice 1224-1 - It was discovered that rsyslog had an off-by-two error when parsing legacy syslog messages. An attacker could potentially exploit this to cause a denial of service via application crash.
a148d87e10c395bed74c26136c803512ac4ffbb49c4e522a424f33cc1ca2188dThis is a proof of concept exploit that leverages the addUrl method in the DeploymentScanner module on an exposed JBoss JMX console.
3b14a4e6aa14ccbdd211ed14a974885f5bc04e420e7ba32e5ebbbb4652200efbQtWeb Internet Browser version 3.7.3 suffers from a URL spoofing vulnerability that can allow for phishing attacks.
3dadd430edb5cb322c0dc220dd1cf2a7a018bd53c1897a5b76b46611c3b6e067This archive contains all of the 286 exploits added to Packet Storm in September, 2011.
04979eedfdf25cc074c7f7dd09f122d8854ea74b3b2522b606e702aced4b5443Browser Exploit Against SSL/TLS, or BEAST, is a proof of concept tool that demonstrates a weakness in the SSL protocol. It allows attackers to silently decrypt data that's passing between a webserver and an end-user browser.
8526928f509f97d7e0834f717c78107205e579fe4ff0afe98df28f0c90da1eca
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed