what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 16 of 16 RSS Feed

Files Date: 2012-12-20

WordPress 3.4.2 Failed Session Invalidation
Posted Dec 20, 2012
Authored by Christopher Emerson | Site whiteoaksecurity.com

WordPress version 3.4.2 fails to invalidate a user's session upon logout. Although it clears the cookie in the browser, the system will still accept it.

tags | advisory, bypass
advisories | CVE-2012-5868
SHA-256 | c014ef129a0b5317177cb784c0dcd2c87090fa4bcf013947908df791f86d533a
HackMiami 2013 Call For Papers
Posted Dec 20, 2012
Site hackmiami.com

The HackMiami 2013 Hackers Conference seeks to bring together the brightest minds within the information security industry and the digital underground. This conference will showcase cutting edge tools, techniques, and methodologies that are at the forefront of the global threatscape. The call for papers has been announced. It will take place in Miami, FL, USA in May of 2013.

tags | paper, conference
SHA-256 | 037e52c6e0c240b15e127427207f01f44080e62a26a0e4f7d45311d25fc31ff7
Sony PC Companion 2.1 WebServices.dll Unicode Buffer Overflow
Posted Dec 20, 2012
Authored by LiquidWorm | Site zeroscience.mk

Sony PC Companion version 2.1 suffers from a boundary error in WebServices.dll when handling the value assigned to the 'bstrFile' item in the DownloadURLToFile function and can be exploited to cause a stack-based buffer overflow via an overly long string which may lead to execution of arbitrary code on the affected machine.

tags | exploit, overflow, arbitrary
SHA-256 | 1b8f58d27bd44514aecfb7474faee685aaf87184b0f3d5a43bd93fe64016f4b9
Topera IPv6 Port Scanner 0.0.2
Posted Dec 20, 2012
Authored by Daniel Garcia, Rafa Sanchez | Site code.google.com

Topera is a brand new TCP port scanner under IPv6, with the particularity that these scans are not detected by Snort.

Changes: Various bug fixes.
tags | tool, scanner, tcp
systems | unix
SHA-256 | 591c744698ada00f812cd2bae062173152d060dc4796b746a1157dcf07e16e57
Loganalyzer 3.6.0 Cross Site Scripting
Posted Dec 20, 2012
Authored by Mohd Izhar Ali | Site johncrackernet.blogspot.com

LogAnalyzer version 3.6.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | f890d7408490ef8e73e0a6ba7b407973a7e773f86abfa93c95a1a275450e27db
ELBA 5 5.5.0 SQL Injection / Default Credentials
Posted Dec 20, 2012
Authored by Kestutis Gudinavicius | Site sec-consult.com

ELBA 5 version 5.5.0 R00006 build 0796 suffers from remote SQL injection, unencrypted password storage, default credential use, and buffer overflow vulnerabilities.

tags | exploit, remote, overflow, vulnerability, sql injection
SHA-256 | c54c52eb248b249e3839005d54ed6fc24cfcb0ceb545a988aa2b640cf7a7f90c
Ubuntu Security Notice USN-1678-1
Posted Dec 20, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1678-1 - A flaw was discovered in the Linux kernel's handling of new hot-plugged memory. An unprivileged local user could exploit this flaw to cause a denial of service by crashing the system.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2012-5517
SHA-256 | 62559927b001f06481765ac7e9c771cf97440110a3dd22f0c4c919628b52f57b
Ubuntu Security Notice USN-1677-1
Posted Dec 20, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1677-1 - A flaw was discovered in the Linux kernel's handling of new hot-plugged memory. An unprivileged local user could exploit this flaw to cause a denial of service by crashing the system.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2012-5517
SHA-256 | f053bc96da70219f1b99c0984721e7dd77a8eeb7a01f01020630e78647d3c322
Ubuntu Security Notice USN-1679-1
Posted Dec 20, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1679-1 - A flaw was discovered in the Linux kernel's handling of new hot-plugged memory. An unprivileged local user could exploit this flaw to cause a denial of service by crashing the system.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2012-5517
SHA-256 | 27aff78fdab40a5c82b425af7c841c60f44a428c2a5eeeaa70447276ad850440
Banana Dance B.2.6 Inclusion / Access Control / SQL Injection
Posted Dec 20, 2012
Authored by High-Tech Bridge SA | Site htbridge.com

Banana Dance version B.2.6 suffers from local file inclusion, remote SQL injection, and improper access control vulnerabilities.

tags | exploit, remote, local, vulnerability, sql injection, file inclusion
advisories | CVE-2012-5242, CVE-2012-5243, CVE-2012-5244
SHA-256 | 7e95cf4e35b826da73323e2068340d1504e654b6cf48268f922653b2f7de6e3a
FireFly Mediaserver 1.0.0.1359 NULL Pointer Dereference
Posted Dec 20, 2012
Authored by High-Tech Bridge SA | Site htbridge.com

FireFly Mediaserver version 1.0.0.1359 suffers from a denial of service vulnerability that can be triggered by a NULL pointer dereference.

tags | exploit, denial of service
advisories | CVE-2012-5875
SHA-256 | 32f710929128a837905de7371632750aecfb1f0c76e6463bedec86ca624602c7
Elite Bulletin Board 2.1.21 SQL Injection
Posted Dec 20, 2012
Authored by High-Tech Bridge SA | Site htbridge.com

Elite Bulletin Board version 2.1.21 suffers from multiple remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
advisories | CVE-2012-5874
SHA-256 | f6238bc2858a2e64a1c3b85e0997dc653e553e7e8701b8064c8c0e6b3ad71bbb
Drupal Context 6.x / 7.x Information Disclosure
Posted Dec 20, 2012
Authored by hefox | Site drupal.org

Drupal Context third party module versions 6.x and 7.x suffer from an information disclosure vulnerability.

tags | advisory, info disclosure
SHA-256 | f06667b228bcba53ad2f30367c79694b35f335e41b9198c4bc20852347027fd1
Drupal Core 6.x / 7.x Access Bypass / Code Execution
Posted Dec 20, 2012
Authored by Derek Wright, Damien Tournoud, Simon Rycroft | Site drupal.org

Drupal core versions 6.x and 7.x suffer from access bypass and arbitrary PHP code execution vulnerabilities.

tags | advisory, arbitrary, php, vulnerability, code execution
SHA-256 | 863826bea3efe1f645f1de1e0773a3829b8f2f16709021caf44a55976aa6599f
SurgeFTP Remote Command Execution
Posted Dec 20, 2012
Authored by Spencer McIntyre | Site metasploit.com

This Metasploit module exploits a flaw in the SurgeFTP server's web-based administrative console to execute arbitrary commands.

tags | exploit, web, arbitrary
SHA-256 | 9c5497a6325d67d7f481c7eb716e3d3140096da4260b045df2ab7396b276dad6
GNU Debugger 7.5.1 NULL Pointer Dereference
Posted Dec 20, 2012
Authored by nitr0us

gdb (GNU debugger) versions 7.5.1 and below ELF anti-debugging / reversing patcher that causes a NULL pointer dereference to trigger.

tags | exploit
SHA-256 | 15210b5f30b75a27a8fe6e678bec4c924fc5aef2e3e9c1327f048ca3f2e13b9f
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    0 Files
  • 8
    Nov 8th
    0 Files
  • 9
    Nov 9th
    0 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    0 Files
  • 12
    Nov 12th
    0 Files
  • 13
    Nov 13th
    0 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    0 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close