Quantcast
Channel: Files Date: 2015-09-09 to 2015-09-10 ≈ Packet Storm
Browsing all 17 articles
Browse latest View live

DirectAdmin 1.483 Cross Site Request Forgery / Cross Site Scripting

DirectAdmin web control panel version 1.483 suffers from cross site request forgery and cross site scripting vulnerabilities.

View Article



Windows win32k!NtUserSetInformationThread Type Confusion

The Windows Kernel is subject to a kernel-mode type-confusion vulnerability inside win32k!NtUserSetInformationThread due to referencing a user-mode handle via ObReferenceObjectByHandle with a "NULL"...

View Article

Autoexchanger 5.1.0 Cross Site Request Forgery

Autoexchanger version 5.1.0 suffers from a cross site request forgery vulnerability.

View Article

Qlikview 11.20 SR4 Blind XXE Injection

The Qlikview platform is vulnerable to XML External Entity (XXE) vulnerabilities. More specifically, the platform is susceptible to DTD parameter injections, which are also "blind" as the server feeds...

View Article

Mobius Forensic Toolkit 0.5.22

Mobius Forensic Toolkit is a forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined...

View Article


Zed Attack Proxy 2.4.2 Linux Release

The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security...

View Article

Bro Network Security Monitor 2.4.1

Bro is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Bro provides a comprehensive platform for more...

View Article

Zed Attack Proxy 2.4.2 Mac OS X Release

The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security...

View Article


Zed Attack Proxy 2.4.2 Windows Installer

The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security...

View Article


Linux/x86 /bin/cat /etc/passwd Shellcode

75 bytes small Linux/x86 execve("/bin/cat", ["/bin/cat", "/etc/passwd"], NULL) shellcode.

View Article

Debian Security Advisory 3354-1

Debian Linux Security Advisory 3354-1 - Frediano Ziglio of Red Hat discovered a race condition flaw in spice's worker_update_monitors_config() function, leading to a heap-based memory corruption. A...

View Article

HP Security Bulletin HPSBOV03506 1

HP Security Bulletin HPSBOV03506 1 - A potential security vulnerability has been identified with TCP/IP Services for OpenVMS running BIND. The vulnerability could be remotely exploited to cause a...

View Article

Ubuntu Security Notice USN-2737-1

Ubuntu Security Notice 2737-1 - It was discovered that an integer overflow error existed in the SCSI generic (sg) driver in the Linux kernel. A local attacker with write permission to a SCSI generic...

View Article


Ubuntu Security Notice USN-2738-1

Ubuntu Security Notice 2738-1 - It was discovered that an integer overflow error existed in the SCSI generic (sg) driver in the Linux kernel. A local attacker with write permission to a SCSI generic...

View Article

RSA Identity Management And Governance Cross Site Scripting

RSA Identity Management and Governance contains fixes for cross site scripting vulnerabilities that may potentially be exploited by malicious users to compromise the affected system. All versions are...

View Article


GNU Privacy Guard 2.0.29

GnuPG (the GNU Privacy Guard or GPG) is GNU's tool for secure communication and data storage. It can be used to encrypt data and to create digital signatures. It includes an advanced key management...

View Article

Evading All Web-Application Firewalls XSS Filters

This whitepaper documents shortcomings in various popular web application firewalls (WAFS) and how to trigger cross site scripting attacks regardless of the protections in place. Covered are F5 Big IP,...

View Article

Browsing all 17 articles
Browse latest View live




Latest Images