Whitepaper titled 'Web Application Auditing and Exploitation'. It concentrates on the exploitation of PHP based web applications examining various functions and how they can be manipulated.
a0857d2f39f7010028385268c7142969653c55870ace87a7b29d7747338937e4Remote 'CLIENT-IP' SQL injection / create new admin exploit for MyBulletinBoard (MyBB) versions 1.1.5 and below.
ef6d3cdf56b16ae8f852111b57787f5ddefb30111d30ec58052a42e409597bb0Webmin / Usermin arbitrary file disclosure exploit for versions below 1.290.
afc54ea99c84485e040b225373c421f91d929ffee60b37a21b28014919831ae8Microsoft Power Point memory corruption vulnerability proof of concept exploit.
65fd6f8bc187b864082e797e19e3965a2e265769b6a79e436180a4b277e42fdcMicrosoft Power Point mso.dll vulnerability proof of concept exploit.
e1c9501bb0e5d6beeb05f2888c0a35e96867b0961d6919ccb3941a3eaf2835deMicrosoft Power Point unspecified vulnerability proof of concept exploit.
d616889a216fd28638bdf991c3aa27322f8a005b0978fc48ecf951331734cbcceEye Digital Security has discovered a serious flaw within the Framework Service component of the McAfee EPO management console. The Framework service is enabled and running by default on all servers and agents. The framework service listens by default on port 8081 and accepts requests over the HTTP protocol. The framework service allows for remotely submitting configuration and update changes. Each request is encrypted, SHA-1 hashed and DSA signed, and written to a file on disk. Due to a directory traversal attack, it is possible to write any file with any contents to anywhere on the remote system. This flaw allows a remote attacker to anonymously compromise an affected system and execute code within the SYSTEM context. Systems affected are McAfee Common Management (EPO) Agent versions below version 3.5.5.438.
e8932eda7f9807583c185c48202c7d94d5af0ec25e49315aa830489d37bd37edProof of concept exploits that demonstrate denial of service and buffer overrun vulnerabilities in Microsoft Works Spreadsheet (wksss.exe). Affected by the denial of service condition are Microsoft Works versions 6.0 through 8.x, 4.x/2000, Works for Windows 3.0, Works for Windows 2.0, Works for DOS, Excel 4.0, and Lotus 1-2-3. Affected by the buffer overrun condition are Excel 97 through 2000 and Excel 5.0/95.
12f8ea8f57c8475f71a4646bfa039fb24279e511a4897b4e4208529c4cd37988Microsoft Works Spreadsheet (wksss.exe) fails to handle specially crafted files allows for denial of service and buffer overrun conditions. Affected by the denial of service condition are Microsoft Works versions 6.0 through 8.x, 4.x/2000, Works for Windows 3.0, Works for Windows 2.0, Works for DOS, Excel 4.0, and Lotus 1-2-3. Affected by the buffer overrun condition are Excel 97 through 2000 and Excel 5.0/95.
9c46ac9f46d7da3d3a37c864079b4089a79a55364bb70588820733f2dd6555f8Internet Explorer Versions less than or equal to 6 suffer from a DOS vulnerability. POC code included.
459d488e0c50ba1831db7327c976a64f1574d3321274249222f45e6781be44e7HPSBUX02120 SSRT051057 rev.2 - HP-UX Local Denial of Service (DoS): A potential security vulnerability has been identified in the HP-UX kernel. The potential vulnerability could be exploited by a local authorized user to create a Denial of Service (DoS).
f32d6db732fad5cd9057109f11986bf072d9c1b4efd2f8db873243774ed0cc6c
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed