Section: .. / Last 20 Files /
| /// File Name: | dsa-1698-1.txt | Description:
| Debian Security Advisory 1698-1 - It was discovered that GForge, a collaborative development tool, insufficiently sanitizes some input allowing a remote attacker to perform SQL injection. | | Homepage: | http://www.debian.org/security | | File Size: | 7780 | | Related CVE(s): | CVE-2008-2381 | | Last Modified: | Jan 9 15:52:58 2009 | | MD5 Checksum: | 29c1b4ba2b7bdfca14d2a2b0df04b7be |
|
| /// File Name: | MDVSA-2009-001.txt | Description:
| Mandriva Linux Security Advisory 2009-001 - A vulnerability was found by the Google Security Team with how OpenSSL checked the verification of certificates. An attacker in control of a malicious server or able to effect a man-in-the-middle attack, could present a malformed SSL/TLS signature from a certificate chain to a vulnerable client, which would then bypass the certificate validation. The updated packages have been patched to prevent this issue. | | Homepage: | http://www.mandriva.com/security/ | | File Size: | 7847 | | Related CVE(s): | CVE-2008-5077 | | Last Modified: | Jan 9 15:52:12 2009 | | MD5 Checksum: | 1c6c72c0bc98167e9bf07aa33780150a |
|
| /// File Name: | vuplayerasx-overflow.txt | Description:
| VUPlayer version 2.49 local buffer overflow exploit that creates a malicious .asx file. | | Author: | H-T Team | | Homepage: | http://no-hack.fr/ | | File Size: | 7495 | | Last Modified: | Jan 9 15:50:36 2009 | | MD5 Checksum: | 5d9d5dc22051cf0bfd9c5002d2aac7bf |
|
| /// File Name: | mp3trackmaker-overflow.txt | Description:
| MP3 TrackMaker version 1.5 local heap overflow proof of concept exploit that creates a malicious .mp3 file. | | Author: | H-T Team | | Homepage: | http://no-hack.fr/ | | File Size: | 871 | | Last Modified: | Jan 9 15:49:18 2009 | | MD5 Checksum: | bb1a84c7a2d4a3d7d8a7fa0a98ca8345 |
|
| /// File Name: | USN-706-1.txt | Description:
| Ubuntu Security Notice USN-706-1 - It was discovered that Bind did not properly perform certificate verification. When DNSSEC with DSA certificates are in use, a remote attacker could exploit this to bypass certificate validation to spoof DNS entries and poison DNS caches. Among other things, this could lead to misdirected email and web traffic. | | Homepage: | http://security.ubuntu.com/ | | File Size: | 37624 | | Related CVE(s): | CVE-2009-0025 | | Last Modified: | Jan 8 19:59:32 2009 | | MD5 Checksum: | 506056264ebfe80a7eaba22a136f9c66 |
|
| /// File Name: | cupp.tar.bz2 | Description:
| CUPP is the Common User Passwords Profiler. It takes in various user about a given human target and then generates a logical dictionary for password cracking. | | Author: | Muris Kurgas | | File Size: | 14309 | | Last Modified: | Jan 8 19:55:57 2009 | | MD5 Checksum: | bd7782044e4a77d19a6893f1435d8ff5 |
|
| /// File Name: | google-insecurexss.txt | Description:
| Google Chrome appears to suffer from denial of service issues through misuse of the view-source URI. | | Author: | e.wiZz! | | File Size: | 1672 | | Last Modified: | Jan 8 19:43:59 2009 | | MD5 Checksum: | ba0b82575944b29f4ab5a0e3fa49310b |
|
| /// File Name: | ibmxs40-dos.txt | Description:
| The IBM DataPower XS40 Security Gateway automatically reboots when fed random data to TCP port 443 over SSL allowing for a remote and unauthenticated denial of service. | | Author: | Erik | | File Size: | 532 | | Last Modified: | Jan 8 19:39:48 2009 | | MD5 Checksum: | 05851714af04d19476baf44ebf62d309 |
|
| /// File Name: | lsa.zip | Description:
| Samba versions below 3.0.20 heap overflow exploit. Written for older versions of Debian, Slackware, and Mandrake. | | Author: | zuc | | File Size: | 8112 | | Last Modified: | Jan 8 19:35:11 2009 | | MD5 Checksum: | 043d719fc037091a570b1970f725c510 |
|
| /// File Name: | AST-2009-001.txt | Description:
| Asterisk Project Security Advisory - IAX2 provides a different response during authentication when a user does not exist, as compared to when the password is merely wrong. This allows an attacker to scan a host to find specific users on which to concentrate password cracking attempts. | | Author: | Tilghman Lesher | | Homepage: | http://www.asterisk.org/security | | File Size: | 10478 | | Related CVE(s): | CVE-2009-0041 | | Last Modified: | Jan 8 19:27:39 2009 | | MD5 Checksum: | 51f47441fcd4678b7c237afe816ab371 |
|
| /// File Name: | CORE-2008-1128.txt | Description:
| Core Security Technologies Advisory - Openfire is a real time collaboration (RTC) server licensed under the Open Source GPL. It uses the widely adopted open protocol for instant messaging XMPP, also called Jabber. Multiple cross-site scripting vulnerabilities have been found, which may lead to arbitrary remote code execution on the server running the application due to unauthorized upload of Java plugin code. Openfire version 3.6.2 is affected. | | Homepage: | http://www.coresecurity.com/corelabs/ | | File Size: | 10820 | | Last Modified: | Jan 8 18:52:31 2009 | | MD5 Checksum: | b9fd4563590b32ef7388cb4cfc403cf8 |
|
| /// File Name: | gomplayerasx-overflow.txt | Description:
| GOM Player version 2.0.12 stack overflow exploit that creates a malicious .ASX file which will spawn calc.exe. | | Author: | DATA_SNIPER | | File Size: | 3730 | | Last Modified: | Jan 8 17:34:42 2009 | | MD5 Checksum: | 7d19ca40734d4d1003d8de26c737a0ee |
|
| /// File Name: | layerone2009-cfp.txt | Description:
| LayerOne 2009 Information Technology Conference Call for Papers - The sixth annual LayerOne security conference is now accepting submissions for topic and speaker selection.This conference will be held May 23 and 24, 2009 in Anaheim, California. | | Homepage: | http://layerone.info/ | | File Size: | 2299 | | Last Modified: | Jan 8 17:31:18 2009 | | MD5 Checksum: | 34ca4d4e8d07fab89c563822ebb46f07 |
|
| /// File Name: | xoops232-exec.txt | Description:
| XOOPS version 2.3.2 remote php code execution exploit. | | Author: | StAkeR | | File Size: | 3244 | | Last Modified: | Jan 8 17:29:52 2009 | | MD5 Checksum: | d14a5e2a777fb2fb6ec444174efe968c |
|
| /// File Name: | intellitamperlang-overflow.txt | Description:
| IntelliTamper versions 2.07 and 2.08 Language Catalog SEH overflow exploit. | | Author: | Cn4phux | | File Size: | 2293 | | Last Modified: | Jan 8 17:28:17 2009 | | MD5 Checksum: | 48f3e884cd23b353ab70b8e5fa83fa4c |
|
| /// File Name: | USN-705-1.txt | Description:
| Ubuntu Security Notice USN-705-1 - It was discovered that NTP did not properly perform signature verification. A remote attacker could exploit this to bypass certificate validation via a malformed SSL/TLS signature. | | Homepage: | http://security.ubuntu.com/ | | File Size: | 12500 | | Related CVE(s): | CVE-2009-0021 | | Last Modified: | Jan 8 17:27:06 2009 | | MD5 Checksum: | 14a35d7392f9fb849678e1dc2fb2c6f8 |
|
| /// File Name: | phpfusionarcade-sql.txt | Description:
| The PHP-Fusion vArcade module version 1.8 suffers from a remote SQL injection vulnerability. | | Author: | IRCRASH | | Homepage: | http://ircrash.com/ | | File Size: | 1041 | | Last Modified: | Jan 8 17:24:54 2009 | | MD5 Checksum: | 0a14f1ed873453901fd8b5c6eabf2f63 |
|
| /// File Name: | cutenew-xssexec.txt | Description:
| CuteNews versions 1.4.6 and below remote cross site scripting and remote command execution exploit. | | Author: | StAkeR | | File Size: | 4614 | | Last Modified: | Jan 8 17:23:43 2009 | | MD5 Checksum: | e66dbbde1a7ce181267950221f7ed84c |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
