Quarks PwDump is a native Win32 tool to extract credentials from Windows operating systems. It currently extracts local accounts NT/LM hashes and history, domain accounts NT/LM hashes and history, cached domain password, and Bitlocker recovery information.
8f2cf3805445690010dece3116715100Ajaxmint-Gallery version 1.0 suffers from a cross site request forgery vulnerability.
27a90c5e063f56bf4f1b2c5e882f0546Acuity CMS version 2.6.x suffers from a directory traversal vulnerability.
6a7dc29433a7c31b7b617b6e8af633f5AZ Photo Album Script suffers from a cross site scripting vulnerability.
59fe0c8f013e6f7a2c7641a9e0ea8aadDVD-Lab Studio version 1.25 DAL file denial of service exploit.
8b1c1797db08e4a804ccca08e1a0e455Concrete CMS version 5.5 suffers from shell upload and denial of service vulnerabilities.
e5d9fdde1d792cd4bab71b4d1dbfc6eeCHICCO SnoopyClub suffers from cross site scripting and remote SQL injection vulnerabilities.
11215544f6e99dfa8f0057a3fb597e29CMS-AhMeBa Professional suffers from a shell upload vulnerability.
5a5f979b206f24906f399f6bcf455f81Double Take Design CMS suffers from a remote SQL injection vulnerability.
cbd708ce42086f04d5ffc147070c429dNogod suffers from multiple remote SQL injection vulnerabilities.
19cb9a25f7f8d8dbcae2860d3cb875a1Vanilla FirstLastNames plugin version 1.3.2 suffers from a persistent cross site scripting vulnerability.
1d03ec944c81263eb0d4a946b6306853The 7th International Conference for Internet Technology and Secured Transactions (ICITST-2012) Call For Papers has been announced. It will be held December 10th through the 12th, 2012, in London, United Kingdom.
eeeda448683bda516a3f7881352dc07fPE Explorer version 1.99 R56 suffers from a heap overflow vulnerability.
de77c8df75d41f666d559049cd32e1b4Vertrigoserv version 2.27 local privilege escalation exploit.
3e31f92867d9546df9f23ff00c119ee5Concrete version 5.5.21 suffers from cross site request forgery, cross site scripting, and various other vulnerabilities.
b62d8369fc19b6e47afaa84c84bc8538Attractweb CMS suffers from a remote SQL injection vulnerability.
32b237f4e7ee1c7102d50bef4d0e13e5Vanilla version 2.0.18.4 with Latest Comment plugin version 1.1 suffers from a cross site scripting vulnerability.
e757bce29415dacf71305155a64b1c2fVanilla version 2.0.18.4 with About Me plugin version 1.1.1 suffers from a cross site scripting vulnerability.
1410506aa8649e659b6980edb275a0a7libssh2 is a library implementing the SSH2 protocol as defined by Internet Drafts: SECSH-TRANS, SECSH-USERAUTH, SECSH-CONNECTION, SECSH-ARCH, SECSH-FILEXFER, SECSH-DHGEX, SECSH-NUMBERS, and SECSH-PUBLICKEY.
42e2b3796ac07fc1dbafc7abcc002cd3Results Unlimited CMS suffers from a remote SQL injection vulnerability.
f0fa38524042a534d91395cfad574a05This Metasploit module exploits a stack based buffer overflow in the BEA Weblogic Apache plugin. The connector fails to properly handle specially crafted HTTP POST requests, resulting a buffer overflow due to the insecure usage of sprintf. Currently, this module works over Windows systems without DEP, and has been tested with Windows 2000 / XP. In addition, the Weblogic Apache plugin version is fingerprinted with a POST request containing a specially crafted Transfer-Encoding header.
906cfff187bbb0026697ce9e23a575f1This Metasploit module abuses the SVG support to execute Java Code in the Squiggle Browser included in the Batik framework 1.7 through a crafted svg file referencing a jar file. In order to gain arbitrary code execution, the browser must meet the following conditions: (1) It must support at least SVG version 1.1 or newer, (2) It must support Java code and (3) The "Enforce secure scripting" check must be disabled. The module has been tested against Windows and Linux platforms.
2c8371ebf9277f065c37c6f9a57a0aa1OpenOffice.org includes the customized libwpd version 0.8.8 library for parsing WordPerfect documents. The used version of the libwpd library suffers from a memory overwrite vulnerability when reading a specially crafted WPD file. Successful exploitation of this vulnerability could result in an arbitrary code execution within the OpenOffice.org software suite.
3ccebc2967c3d54458d31d8698a6518dThe Hackers 2 Hackers Conference (H2HC) 9th edition call for papers has been announced. It is being held in Sao Paulo, Brazil from October 18th through the 23rd, 2012.
ddc59b2f9e07687ebba9f5f9c13556d7HP Security Bulletin HPSBOV02780 SSRT100766 - A potential security vulnerability has been identified with OpenVMS ACMELOGIN when SYS$ACM system service for authentication is enabled. The vulnerability could be locally exploited to allow unauthorized access and increased privileges. Revision 1 of this advisory.
a763d5d805c244aa57548276d2b6ed5c
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed