This tool lets you search your gadgets on your binaries (ELF format) to facilitate your ROP exploitation. The gadgets are found on executable segments.
a3c3ec6b1802094e54da93c80785e1f8daf941d0b55ab312515a20eaca92d966Mandriva Linux Security Advisory 2012-110 - Security issues were identified and fixed in mozilla firefox and thunderbird. Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Security researcher Mario Gomes and research firm Code Audit Labs reported a mechanism to short-circuit page loads through drag and drop to the address bar by canceling the page load. Google security researcher Abhishek Arya used the Address Sanitizer tool to uncover four issues. Various other security issues have also been addressed.
fc759a56d0fd0415fcdc1530461fc3a3b4be19990db69c21c30eed023857e0e8Mandriva Linux Security Advisory 2012-119 - High numbers of queries with DNSSEC validation enabled can cause an assertion failure in named, caused by using a bad cache data structure before it has been initialized. The updated packages have been upgraded to bind 9.7.6-P2 and 9.8.3-P2 which is not vulnerable to this issue.
13ac256eb5b1283087978ae8aac5de7235f982e7fb811a2395d8e53457110415This Metasploit module exploits a vulnerability found in SharePoint Server 2007 SP2. The software contains a directory traversal, that allows a remote attacker to write arbitrary files to the filesystem, sending a specially crafted SOAP ConvertFile request to the Office Document Conversions Launcher Service, which results in code execution under the context of 'SYSTEM'. The module uses uses the Windows Management Instrumentation service to execute an arbitrary payload on vulnerable installations of SharePoint on Windows 2003 Servers. It has been successfully tested on Office SharePoint Server 2007 SP2 over Windows 2003 SP2.
7ad8e7d26bc7d8213c68e74fdb77fb2a0f223d16965a4e6425e8d2f9797435cdSecunia Security Advisory - A vulnerability has been reported in OpenTTD, which can be exploited by malicious users to cause a DoS (Denial of Service).
b1093ff03b881484f7ef23d176dcd8bea0bc4ed2aa7ba0b19eb386af95cb445fSecunia Security Advisory - A vulnerability has been reported in keepalived, which can be exploited by malicious, local users to potentially gain escalated privileges.
61593106aa10eee48b2efa681b1416003e5ed1886576a6a9126e8981348d4951Secunia Security Advisory - Multiple vulnerabilities have been reported in Empire Server, which can be exploited by malicious people to compromise a vulnerable system.
d0aad30b9d00e472de8191a1e69b08a3028db792bf07624b30711ba316a6c193Secunia Security Advisory - A vulnerability has been reported in GraphicsMagick, which can be exploited by malicious people to cause a DoS (Denial of Service).
ce2d96febab9d285a0c7b8898d763fbe22798cc34f246e7ea8c4d5c34500afe6Secunia Security Advisory - A vulnerability has been reported in ImageMagick, which can be exploited by malicious people to cause a DoS (Denial of Service).
4ebd911b7f0d07f7c8b39f83d40ce67c313c4db5583902f6e273c95e9918aedcSecunia Security Advisory - Ariko-Security has discovered multiple vulnerabilities in Oxwall, which can be exploited by malicious people to conduct cross-site scripting attacks.
00286008cd16723ae2c456e159eb0a2e194ce0d1b9ffa251393b1de6817cc685Secunia Security Advisory - Multiple vulnerabilities have been reported in OpenStack Keystone, which can be exploited by malicious users to bypass certain security restrictions.
5da36ef2ec5995e55c7bfb5b0ce975c8674fa0953da01429ccee19b66da84cf3Secunia Security Advisory - SUSE has issued an update for rocksndiamonds. This fixes a security issue, which can be exploited by malicious, local users to perform certain actions with escalated privileges.
d4dcb5f1765c32d05dcf8132aca2d99a6c98c9df435c577f7f3d29aaf6dfd93eSecunia Security Advisory - Some vulnerabilities have been reported in Libxml2, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise an application using the library.
bdf135833bed489209c95f7ed260ddd7c2e55e7af0b20b2c6e36f7aa766da0fbSecunia Security Advisory - A vulnerability with an unknown impact has been reported in VStar Blog Engine.
530eeef54ad5b207dab3e0bd2e64eff11afbb1443a8a3bcc84dc2d6279af8b3dSecunia Security Advisory - Brendan Coles has discovered multiple vulnerabilities in CuteFlow, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks, bypass certain security restrictions, and compromise a vulnerable system.
c1b7fdbb91a204033bacc97437f755eb111a95b8d2cb7dff260fd950c726df81This is a whitepaper called Bypassing Spam Filter Using Homographs. Some generation code is also included.
53ce87d77ad354d381340e51d46995bbf63257ebb4dd4ce48fd728ce00168df1Develoweb suffers from a remote SQL injection vulnerability. Note that this finding houses site-specific data.
6a3655c254cff4a03fae3e9155f4657898b1623a1a5fd6720aa5ea21005d67ed
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed