Section: .. / Last 20 Files /
| /// File Name: | winxpcalc-shellcode.txt | Description:
| 36 bytes small Microsoft Windows XP Professional SP2 Italian calc.exe shellcode. | | Author: | Stoke | | File Size: | 494 | | Last Modified: | Mar 11 20:58:18 2010 | | MD5 Checksum: | 876b6183e3a9c1a2ab177c4d77e25567 |
|
| /// File Name: | 03.11.10-1.txt | Description:
| iDefense Security Advisory 03.11.10 - Remote exploitation of a memory corruption vulnerability in WebKit, as included with multiple vendors' browsers, could allow an attacker to execute arbitrary code with the privileges of the current user. The vulnerability occurs when a certain property of an HTML element is reset via JavaScript code. When this occurs, a C++ object is incorrectly accessed after it has been freed. This results in an attacker controlled value being used as a C++ VTABLE, which leads to the execution of arbitrary code. iDefense has confirmed the existence of this vulnerability in Google Chrome 3.0.195.38 and Safari 4.0.4. Previous versions are suspected to be vulnerable. A full list of affected Apple products can be found in Security Advisory APPLE-SA-2010-03-11-1 Safari 4.0.5. | | Author: | iDefense Labs,wushi | | Homepage: | http://www.idefense.com/ | | File Size: | 4088 | | Related CVE(s): | CVE-2010-0040 | | Last Modified: | Mar 11 20:21:21 2010 | | MD5 Checksum: | eff6f9943174490b261bb46a955f26ee |
|
| /// File Name: | joomlaparty-sql.txt | Description:
| The Joomla Party component suffers from a remote SQL injection vulnerability. | | Author: | DevilZ TM | | File Size: | 1414 | | Last Modified: | Mar 11 20:17:50 2010 | | MD5 Checksum: | ce0ae8f9f4d45eac2a4590beaa1ab368 |
|
| /// File Name: | joomlacolor-sql.txt | Description:
| The Joomla Color component suffers from a remote SQL injection vulnerability. | | Author: | DevilZ TM | | File Size: | 1449 | | Last Modified: | Mar 11 20:15:51 2010 | | MD5 Checksum: | 3c362e6cffb1716902544ae975b04d16 |
|
| /// File Name: | joomlagigfe-sql.txt | Description:
| The Joomla Gigfe component suffers from a remote SQL injection vulnerability. | | Author: | DevilZ TM | | File Size: | 1450 | | Last Modified: | Mar 11 20:15:09 2010 | | MD5 Checksum: | 0cf4a909a3dbcd6e06df2fd42a318bdf |
|
| /// File Name: | joomlaproducts-sql.txt | Description:
| The Joomla Product component suffers from a remote SQL injection vulnerability. | | Author: | N2n-Hacker | | File Size: | 1246 | | Last Modified: | Mar 11 20:13:22 2010 | | MD5 Checksum: | 3c2bc1bbd54f4f9e4464b14d056dc94a |
|
| /// File Name: | samagraph-sql.txt | Description:
| Samagraph CMS suffers from a remote SQL injection vulnerability that allows for authentication bypass. | | Author: | K053 | | File Size: | 747 | | Last Modified: | Mar 11 20:10:50 2010 | | MD5 Checksum: | a1de667bb9dd361924e1e3179944d19d |
|
| /// File Name: | nuxkeylogger0.0.1.c | Description:
| Nux Keylogger monitors keyboard activity on a Linux system. It's possible to hide and daemonize this process and it supports azerty and qwerty keyboard modes. | | Author: | Vilmain Nicolas | | File Size: | 8842 | | Last Modified: | Mar 11 20:07:37 2010 | | MD5 Checksum: | b1722e529843adb0f24d54309479dd36 |
|
| /// File Name: | dsa-2013-1.txt | Description:
| Debian Linux Security Advisory 2013-1 - Nahuel Grisolia discovered two vulnerabilities in Egroupware, a web-based may lead to the execution of arbitrary commands and a cross-site scripting vulnerability was discovered in the login page. | | Author: | Debian | | Homepage: | http://www.debian.org/security | | File Size: | 7435 | | Last Modified: | Mar 11 18:22:49 2010 | | MD5 Checksum: | 97f5f98b2702c940fec433fe369eccb6 |
|
| /// File Name: | samhain-2.6.3.tar.gz | Description:
| Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris. | | Author: | Rainer Wichmann | | Homepage: | http://samhain.sourceforge.net | | Changes: | This release fixes a regression in the email module which caused messages of the highest priority to be queued along with lower priority messages, instead of being mailed immediately. | | File Size: | 1908972 | | Last Modified: | Mar 10 15:06:36 2010 | | MD5 Checksum: | d0b25c09bad153304f4aadba4b449c0e |
|
| /// File Name: | MDVSA-2010-061.txt | Description:
| Mandriva Linux Security Advisory 2010-061 - sutil/ncpumount.c in ncpumount in ncpfs 2.2.6 produces certain detailed error messages about the results of privileged file-access attempts, which allows local users to determine the existence of arbitrary files via the mountpoint name. The (1) ncpmount, (2) ncpumount, and (3) ncplogin programs in ncpfs 2.2.6 do not properly create lock files, which allows local users to cause a denial of service (application failure) via unspecified vectors that trigger the creation of a /etc/mtab~ file that persists after the program exits. Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. The updated packages have been patched to correct these issues. | | Author: | Mandriva | | Homepage: | http://www.mandriva.com/security/ | | File Size: | 8905 | | Related CVE(s): | CVE-2010-0790, CVE-2010-0791 | | Last Modified: | Mar 11 17:30:57 2010 | | MD5 Checksum: | 8eddb3ad2d5d24403b0b99e52c566d3b |
|
| /// File Name: | ZDI-10-027.txt | Description:
| Zero Day Initiative Advisory 10-027 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Skype. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists with how the OS web-browser passes command line arguments to Skype through the registered 'skype:' protocol handler. Insufficient sanity checking to the /datapath argument allows an attacker to construct a link that will execute Skype with arbitrary arguments. This can be abused to specify a remote configuration storage directory which can be leveraged to glean target user credentials. | | Author: | TippingPoint | | Homepage: | http://www.zerodayinitiative.com/ | | File Size: | 3574 | | Last Modified: | Mar 11 17:29:44 2010 | | MD5 Checksum: | a5b3d84df1886a5f304313233a95f00f |
|
| /// File Name: | ZDI-10-028.txt | Description:
| Zero Day Initiative Advisory 10-028 - This vulnerability allows remote attackers to remove arbitrary XML files on vulnerable installations of Skype. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists in Skype's handling of the 'skype-plugin:' protocol. An attacker can specify a malicious URI, that upon clicking, will trigger the deletion of an arbitrary attacker specified XML file. | | Author: | TippingPoint | | Homepage: | http://www.zerodayinitiative.com/ | | File Size: | 3137 | | Last Modified: | Mar 11 17:29:18 2010 | | MD5 Checksum: | 793f05951ab9ec0a9302555f95d6603b |
|
| /// File Name: | eroserotikwebkat-sql.txt | Description:
| Eros Erotik Webkatalog suffers from a remote SQL injection vulnerability. | | Author: | Easy Laster | | File Size: | 1748 | | Last Modified: | Mar 11 17:27:39 2010 | | MD5 Checksum: | ae621f66ffcba455b27d5cdf9ad07b63 |
|
| /// File Name: | atutor-xss.txt | Description:
| ATutor version 1.6.4 suffers from a cross site scripting vulnerability. | | Author: | Itsecteam | | File Size: | 1001 | | Last Modified: | Mar 11 17:26:45 2010 | | MD5 Checksum: | 6eb8260401fb838bd22c79acf9a71cd6 |
|
| /// File Name: | skype-input.txt | Description:
| Skype client versions prior to 4.2.0.1.55 suffer from a URI handling input validation vulnerability that allows for remote command execution. | | Author: | Paul Craig | | Homepage: | http://www.security-assessment.com/ | | File Size: | 5783 | | Last Modified: | Mar 11 17:17:27 2010 | | MD5 Checksum: | 0a20a3178c435cdde8c2ce8645f77c7b |
|
| /// File Name: | ms10_002_aurora.rb.txt | Description:
| This Metasploit module exploits a memory corruption flaw in Internet Explorer. This flaw was found in the wild and was a key component of the "Operation Aurora" attacks that lead to the compromise of a number of high profile companies. The exploit code is a direct port of the public sample published to the Wepawet malware analysis site. The technique used by this module is currently identical to the public sample, as such, only Internet Explorer 6 can be reliably exploited. | | Homepage: | http://www.metasploit.com | | File Size: | 5377 | | Related OSVDB(s): | 61697 | | Related CVE(s): | CVE-2010-0249 | | Last Modified: | Mar 11 17:15:45 2010 | | MD5 Checksum: | e10bb1dd4089bb4b0d4a689573918f4d |
|
| /// File Name: | ane-xsrf.txt | Description:
| ANE CMS version 1 suffers from a cross site request forgery vulnerability. | | Author: | Pratul Agrawal | | File Size: | 2188 | | Last Modified: | Mar 11 11:26:29 2010 | | MD5 Checksum: | 75931499966409c4e4d5bd37b38f2270 |
|
| /// File Name: | ane-xss.txt | Description:
| ANE CMS version 1 suffers from a cross site scripting vulnerability. | | Author: | Pratul Agrawal | | File Size: | 11204 | | Last Modified: | Mar 11 11:25:29 2010 | | MD5 Checksum: | baaa652f16f1938c75702a9aace1a1d5 |
|
| /// File Name: | USN-909-1.txt | Description:
| Ubuntu Security Notice 909-1 - William Grant discovered that dpkg-source did not safely apply diffs when unpacking source packages. If a user or an automated system were tricked into unpacking a specially crafted source package, a remote attacker could modify files outside the target unpack directory, leading to a denial of service or potentially gaining access to the system. | | Author: | Ubuntu | | Homepage: | http://security.ubuntu.com/ | | File Size: | 11987 | | Related CVE(s): | CVE-2010-0396 | | Last Modified: | Mar 11 11:24:59 2010 | | MD5 Checksum: | 7d4e4c416e8850722bfebfb1f166c1df |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
