Whitepaper called DNS Service Oriented Denial of Service / Distributed Denial of Service Attacks. Written in Turkish.
65e8a925c1f765f5b5d447b24ea5fde3This whitepaper analyzes the MIDI remote code execution vulnerability found in the Windows Multimedia Library. Written in Turkish.
86b73a0bd44eecf2f0ae4fc449aeb170PHP version 5.4.0RC6 64-bit denial of service proof of concept exploit.
22912a3e52687fee6a2c7f5901009265Edraw Diagram Component 5 active-x buffer overflow proof of concept denial of service exploit.
5a3099601a2eb1fa3965cbeb5638f7cdThis is a brief whitepaper discussing how to set up QT Mobile Hotspot and YAMAS applications to man in the middle connections using your phone.
6756a8aa5d75c60ab30be7b7312b4fc3ObjectLabs Forum System suffers from a remote SQL injection vulnerability.
6f794c08bfadefeee3d6486eb7e95c53Conduit Wibiya Toolbar suffers from a persistent cross site scripting vulnerability.
5dbea2ad4c901a0dc3a075a7b2fa50b4XWiki Enterprise version 3.4 suffers from a cross site scripting vulnerability.
6a5e8225b4f92eba49e6576a7cc5d19dInsideChannel Web Design suffers from a remote SQL injection vulnerability.
de354d93595af0ce2de3e5dd906d6354This is a bash script to use in conjunction with Backtrack that simplifies the spawning of various sniffers.
4313e26c58755c8944e0086357c8c482Zanjan Azad University suffers from a remote SQL injection vulnerability.
991a554e3b8702f4b04c006a9b07a966Debian Linux Security Advisory 2384-2 - It was discovered that the last security update for cacti, DSA-2384-1, introduced a regression in lenny.
2b562edca928d44931c946b9675957b1Mandriva Linux Security Advisory 2012-013 - Security issues were identified and fixed in mozilla firefox and thunderbird. Use-after-free vulnerability in Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 might allow remote attackers to execute arbitrary code via vectors related to incorrect AttributeChildRemoved notifications that affect access to removed nsDOMAttribute child nodes. Mozilla Firefox before 3.6.26 and 4.x through 6.0, Thunderbird before 3.1.18 and 5.0 through 6.0, and SeaMonkey before 2.4 do not properly enforce the IPv6 literal address syntax, which allows remote attackers to obtain sensitive information by making XMLHttpRequest calls through a proxy and reading the error messages. Various other issues were also addressed.
8440ddc6266c7f42154730c51559597bUbuntu Security Notice 1355-1 - It was discovered that if a user chose to export their Firefox Sync key the "Firefox Recovery Key.html" file is saved with incorrect permissions, making the file contents potentially readable by other users. Nicolas Gregoire and Aki Helin discovered that when processing a malformed embedded XSLT stylesheet, Firefox can crash due to memory corruption. If the user were tricked into opening a specially crafted page, an attacker could exploit this to cause a denial of service via application crash, or potentially execute code with the privileges of the user invoking Firefox. Various other issues were also addressed.
21014e7685b2de0234ac75fd2b4a5509Ubuntu Security Notice 1355-2 - USN-1355-1 fixed vulnerabilities in Firefox. This update provides an updated Mozvoikko package for use with the latest Firefox. It was discovered that if a user chose to export their Firefox Sync key the "Firefox Recovery Key.html" file is saved with incorrect permissions, making the file contents potentially readable by other users. Nicolas Gregoire and Aki Helin discovered that when processing a malformed embedded XSLT stylesheet, Firefox can crash due to memory corruption. If the user were tricked into opening a specially crafted page, an attacker could exploit this to cause a denial of service via application crash, or potentially execute code with the privileges of the user invoking Firefox. Various other issues were also addressed.
8791de077f5bd63d5d9c170bf7739905Ubuntu Security Notice 1355-3 - USN-1355-1 fixed vulnerabilities in Firefox. This update provides updated ubufox and webfav packages for use with the latest Firefox. It was discovered that if a user chose to export their Firefox Sync key the "Firefox Recovery Key.html" file is saved with incorrect permissions, making the file contents potentially readable by other users. Nicolas Gregoire and Aki Helin discovered that when processing a malformed embedded XSLT stylesheet, Firefox can crash due to memory corruption. If the user were tricked into opening a specially crafted page, an attacker could exploit this to cause a denial of service via application crash, or potentially execute code with the privileges of the user invoking Firefox. Various other issues were also addressed.
89b0a01e7c3a96dcdd52016aac1b682dConduit Wibiya Login Toolbar suffers from a cross site scripting vulnerability.
829118b7d499d7679e3e051f6a58a91bConduit Wibiya Password Recovery Toolbar suffers from a cross site scripting vulnerability.
08fb2a09c22520dcd558560108ec7578Conduit Image Search Engine suffers from a cross site scripting vulnerability.
771f2feeb18384483f1f7bed70e69293EMC Documentum xPlore contains an information disclosure vulnerability that may allow unauthorized users, under certain circumstances, to see certain information on protected objects in an xPlore search result. They will not, however, be allowed to view the objects themselves, or any associated content. Versions 1.0, 1.1 and 1.2 are affected.
47766ee4538f434cc83fdd7864e8341fSimkom suffers from a cross site scripting vulnerability.
47a7d97ba8b92d125ba12845dbd500b4Douglass Media suffers from a remote SQL injection vulnerability.
43ce577af5ef8e3acfeaffcf663025b6Anfibia suffers from a remote command execution vulnerability.
8ee734f210e0fc429ebfe6f8e39e2a73Raw CMS suffers from a cross site scripting vulnerability.
f6950e8a6b392a2a6748831b7a518a66PHP-Fusion version 7.02.04 suffers from a remote SQL injection vulnerability in weblinks.php.
c7b7077619c230bbd6d7ca48f9c40db8
© 2011 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed