IBM Lotus Domino versions 8.5.3 and 8.5.2 FP3 suffer from an authentication bypass vulnerability.
76b18fd33ff899004aa14ab654d4beffPHP Inventory version 1.3.1 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
9c59bd82d0f4926918091ff3bd3c682aThe WordPress flash-album-gallery plugin suffers from a cross site scripting vulnerability.
9871634408b1a66d72762ada87486aefThe WordPress 1-jquery-photo-gallery-slideshow-flash plugin suffers from a cross site scripting vulnerability.
db9129c292e4ebc3122cf472a0e2a445oclHashcat+ Advanced GPU hash cracking utility that includes the World's fastest md5crypt and phpass crackers and has the first GPGPU-based rule engine. Focuses on highly iterated modern hashes, single dictionary-based attacks, and more. Linux and Windows binaries are included.
40d7543b643810030878fea6beaefeeaoclHashcat-lite Advanced GPU hash cracking utility that includes the World's fastest MD4, MD5, SHA1, and SHA256 cracker. It supports up to 16 GPUs and include binaries for both Linux and Windows.
5f6d68b6be8a60092cd96ae74a4c0396oclHashcat GPU hash cracking utility that has multi-GPU and multi-hash support. It supports dictionary-based and mask-attacks for hybrid cracking. Linux and Windows binaries are included.
fb1f9d023e4cc198daa0429733a5c206Serv-U FTP server suffers from a remote jail breaking vulnerability.
cac30d15df74a4e42c4b9609cf8772d7Remote root exploit for FreeBSD ftpd and ProFTPd on FreeBSD. It leverages the fact that /etc and /lib can be modified inside of the chroot.
2afb95522b810b098c941ae9c312a402Whitepaper called Systematic Detection of Capability Leaks in Stock Android Smartphones. It discusses a weakness in the Android operating system that allows attackers to secretly record phone conversations.
766e069fa9660b28ab6fb5de22a67e1eVoxsmart VoxRecord Control Centre version 2.7 suffers from a remote blind SQL injection vulnerability.
d8c8770aff3aae6be7bffe2c185c69feThis Metasploit module exploits a vulnerability in the Rhino Script Engine that can be used by a Java Applet to run arbitrary Java code outside of the sandbox. The vulnerability affects version 7 and version 6 update 27 and earlier, and should work on any browser that supports Java (for example: IE, Firefox, Google Chrome, etc).
cdf6369de287616478ab5150bd275d56This Metasploit module exploits an unauthenticated remote root vulnerability within CTEK SkyRouter versions 4200 and 4300.
8256b2c8aebbb5d3abf34bfe3148f788WikkaWiki versions 1.3.2 and below suffers from remote SQL injection, unrestricted file upload, arbitrary file download, arbitrary file deletion, remote code execution and cross site request forgery vulnerabilities.
14a9bc2e9391a11cdd4ba3328235c582GOM Player version 2.1.33.5071 unicode stack buffer overflow exploit that creates a malicious .asx file.
e0a140f4833d8a156f07a27f2c7b5659Bugbear FlatOut 2005 buffer overflow exploit that creates a malicious .bed file.
911ee0d32da7ef2d93cb62cf34a1a198MS11-080 privilege escalation exploit that leverages the fact that afd.sys does not properly validate user-mode input passed to kernel-mode.
0834059529bbfef600c3d2569f96973bThe AvidPhoneticIndexer.exe network daemon that ships with Avid Media Composer version 5.5 suffers from a remote stack buffer overflow. This was demonstrated at Ruxcon 2011 in the Hacking Hollywood talk. Included in this archive are the advisory and a Metasploit module.
05ba0f866778968b71f98de51b05bb15Secunia Security Advisory - SUSE has issued an update for puppet. This fixes multiple security issues and two vulnerabilities, which can be exploited by malicious, local users to perform certain actions with escalated privileges and by malicious users to conduct spoofing attacks and compromise a vulnerable system.
0db8f21d8f8a759c823f7197fbdd8ac6Secunia Security Advisory - Dr. Marian Ventuneac has reported a vulnerability in CodeIgniter, which can be exploited by malicious people to conduct cross-site scripting attacks.
8b507db665156a903f9f524f953043b8StoryBoard Quick version 6 suffers from a file format stack buffer overflow. This was demonstrated at Ruxcon 2011 in the Hacking Hollywood talk. Included in this archive are the advisory, a proof of concept and a Metasploit module.
a2936d026b1079a3ef6f8d76b49e48e5Muster Render Farm Management System version 6.1.6 suffer from an arbitrary file download issue due to a directory traversal vulnerability. This was demonstrated at Ruxcon 2011 in the Hacking Hollywood talk. The advisory in this archive includes exploitation details.
71664b4aded114d1ca22b0fa618e8420Secunia Security Advisory - Oracle has acknowledged a vulnerability in Gimp included in Solaris, which can be exploited by malicious people to potentially compromise a user's system.
8709ee8ea4284c4760d08793c68d0efbSecunia Security Advisory - Luigi Auriemma has discovered two vulnerabilities in Siemens SIMATIC WinCC Flexible, which can be exploited by malicious people to disclose potentially sensitive information and cause a DoS (Denial of Service).
5fd55fcd2bf9dfe1a7c458925dcb0aadSecunia Security Advisory - Ubuntu has issued an update for linux. This fixes a weakness and two vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and gain escalated privileges.
83ccde2721dc9a5610242d059d873cfb
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed