Avira AntiVirus local proof of concept exploit that creates a malicious QUA file.
e2ef3c0258d84a42617b7cddadf0129c7b654cd36d3ad3612bbf696e8749f11fNikto is an Open Source web server scanner which performs comprehensive tests against web servers for multiple items, including over 3500 potentially dangerous files/CGIs, versions on over 900 servers, and version specific problems on over 250 servers.
4d46cb9a03faca3b79fdbdb3c2a634031460c93e07750c58bc398ba8a0043c4cHP Security Bulletin HPSBUX02628 SSRT090183 - A potential security vulnerability has been identified with HP-UX running CDE Calendar Manager. The vulnerability could be exploited remotely to execute arbitrary code. Revision 1 of this advisory.
e23524d75371622d94a1139c07279983bcab41ccf37c863bcb305725889a81f5Mandriva Linux Security Advisory 2011-031 - Django 1.1.x before 1.1.4 and 1.2.x before 1.2.5 does not properly validate HTTP requests that contain an X-Requested-With header, which makes it easier for remote attackers to conduct cross-site request forgery attacks via forged AJAX requests that leverage a combination of browser plugins and redirects, a related issue to CVE-2011-0447. Cross-site scripting vulnerability in Django 1.1.x before 1.1.4 and 1.2.x before 1.2.5 might allow remote attackers to inject arbitrary web script or HTML via a filename associated with a file upload. Directory traversal vulnerability in Django 1.1.x before 1.1.4 and 1.2.x before 1.2.5 on Windows might allow remote attackers to read or execute files via a / character in a key in a session cookie, related to session replays. The updated packages have been upgraded to the 1.1.4 version which is not vulnerable to these issues.
35b66525c38b4cc2dbc7f00656d49770e63010bc4caa8000a032054d2a571b32Mandriva Linux Security Advisory 2011-030 - Multiple vulnerabilities has been found and corrected in tomcat5. When running under a SecurityManager, access to the file system is limited but web applications are granted read/write permissions to the work directory. This directory is used for a variety of temporary files such as the intermediate files generated when compiling JSPs to Servlets. The location of the work directory is specified by a ServletContect attribute that is meant to be read-only to web applications. However, due to a coding error, the read-only setting was not applied. Therefore, a malicious web application may modify the attribute before Tomcat applies the file permissions. This can be used to grant read/write permissions to any area on the file system which a malicious web application may then take advantage of. This vulnerability is only applicable when hosting web applications from untrusted sources such as shared hosting environments. The HTML Manager interface displayed web application provided data, such as display names, without filtering. A malicious web application could trigger script execution by an administrative user when viewing the manager pages.
050a770d28cff5d52b04cda5bec92927819bf2986938b64d3f0e874bd76b8b05This Python script is a tool that can be used to check windows workstations and servers if they have accessible shared resources.
50f0cef89cbe41efc8027f56d96fd61b7164ec2daabfe90f151d7876f0f60c47IBM Lotus Domino LDAP bind request remote code execution exploit.
46402f3ac39ee9e15c00c1a55880febf3a51331ae26d8997f960f98c07fdb606Novell ZenWorks versions 10 and 11 tftpd remote code execution exploit.
78181683877a61639444c420aefed5f9d978da3b270235598031a80ebca21bb4Novell Iprint LPD remote code execution exploit.
ae058abd9f7bac1e4a5b8fbb2d5aed21a602a517a2bb70ef19c5bca552bb9b15Creepy is an application that allows you to gather geolocation related information about users from social networking platforms and image hosting services. The information is presented in a map inside the application where all the retrieved data is shown, accompanied with relevant information (i.e. what was posted from that specific location) to provide context to the presentation.
f05620ee06971ff7ba55228bd0ff9e1c17acf57e5679f4084953cc64d4615773This Metasploit module exploits a code execution vulnerability in Mozilla Firefox caused by interleaved calls to document.write and appendChild. This exploit is a metasploit port of the in-the-wild exploit.
843b760650dc1cd9d6f9a955b96d33b37fdcdd2f3d930a4d123bada5cd1bffd1
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed