Complete moron at Defcon 11 performing the Magnum look.
f26beeae5b42adc59882e5ac7ffd6ae75ad7e815d641eb75a9cdcf8c3df5a878libShellCode is a library that can be included when writing linux/i386 exploits by providing functions that generate shellcode with user given parameters during runtime.
5b326563a47d6b38dab16822844291b3202ab83dac784bf2e4a5eff9e9fff6f2White paper discussing OS X (Darwin) shellcode assembly on the PowerPC 32bit architecture. It covers design considerations, system calls, eliminating NULL bytes, self modifying shellcode, and more.
302b93e116bcad5ce5620bf7d78e7d092c3331db1765871a148a0c9761f6e8c4White paper discussing stack overflows, ways to exploit them, and SIMPLESEM.
85ddc994e6b7cdd09d72c7e1a271c91908d9ccbd87b5a1ba218dbac260ff56edAn easy PowerPC shellcode generation program to extract the hex shellcode from an ASM program that has been assembled but not linked. Tested on programs assembled using the GAS (GNU Assembler) on OSX 10.2.6.
18f5f5d7bee35e7ae86717c77d8e308f29d7009587d29023536db62ca57c3053Ethereal is a GTK+-based network protocol analyzer, or sniffer, that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and to give Ethereal features that are missing from closed-source sniffers. Screenshot available here.
947cd4d2309022e7deba9d345f05022412063591c1fdb4e1e6bcfa4a90b67aafSecunia Research Advisory - Apache::Gallery module version 0.6 and below suffers from a privilege escalation vulnerability that exists due to shared libraries being created insecurely.
3e95ec7ac378c1f0069a8509e5b8aea94c9e22c01f05a5955d5f7695d710443eSecunia Research Advisory - A vulnerability has been identified in Net-SNMP that is caused due to an unspecified error. This reportedly makes it is possible for a user or community to gain access to data in MIB objects that they explicitly have been restricted from accessing.
75b4a2a5da5d69c52c7ff2aa190ab3025cf4c580fd544d378b42cf0c27d80e72Secunia Research Advisory - KokeshCMS 0.2 and below has a content editing vulnerability where the edit.php included with it does not force a remote user to be authenticated.
1ba33b1e220ef0cdd0c44479f4e3c8071fb35e31ab2440839c370ecbe0ba93e4RedHat Security Advisory - New GtkHTML packages have been released that fix a vulnerability discovered by Alan Cox. The problem discovered allowed certain malformed messages to cause the Evolution mail component to crash due to a null pointer dereference in the GtkHTML library.
687951c367693bd2cc06136f6a39fdbddaad047dbee9294ec0328820e048e077Debian Security Advisory DSA 378-1 - Two vulnerabilities have been found in the Mah-Jong server version 1.4 and below. One enables a remote attacker to gain privileges of the user running the server while the other leads to a denial of service.
e161375ef6c09ff61f2b741e2582fbe332bd1e3fe1defc1ddc1487c6dd51bda2Secunia Security Advisory - b2evolution versions 0.8.2 and prior have been found vulnerable to cross site scripting and SQL injection attacks.
59a5b8a155051613d73dfe8647ac6f7c5dac547fe83ce6caad2ad5b13bf62dbfSecunia Research Advisory - OSSIM, or Open Source Security Information Management, version 0.x is vulnerable to multiple SQL injection attacks.
8314c356a3099a783137c34457c8be16febc4795cee9980efdebc73d5864b4d5WebX 1.1 and WebX Lite 1.1 web servers are vulnerable to a directory traversal attack that allows a remote attacker to access any files outside of the web root.
7014784cf66c6d123c7d3916676819429d1d52080f19f20f5455df1029596905Remote denial of service exploit for MyServer 0.4.3.
6f3302a7429180063c9629e4dcd76ed0569671725b2912b7a5a1de9b985dee4bMyServer 0.4.3 is vulnerable to a denial of service attack when a malicious payload is sent to the web server.
18a96487b52cee3084b1e1ffafcc979a14878ee6126a4e71869ff7c8fa0610e0Winamp 2.91 uses a default plugin called IN_MIDI.DLL used to play MIDI files. Version 3.01 and below for this plugin lets an attacker execute code by simply setting the "Track data size" value of a MIDI file to 0xffffffff.
2fc9611bfeadcb58fcff68ffdc0d8096baf4de99bb06c1985fae64101ac4c175
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed
