116 matches found
Cyberoam Unified Threat Management: Insecure Password Handling
Hi, Please find below the details of a vulnerability I discovered in Cyberoam UTM device. The Vendor was notified, however I did not receive any response from Vendor despite repeated email reminders. SECURITY ADVISORY: cyberoam-utm-insecure-password-handling Affected Software: Cyberoam CR50ia...
Трояним эльфов
Трояним эльфов Задача: Вставить в elf-файл возможность, при указании пароля, запуска произвольных команд. Размер и функционал исходного elf-файла остаются неизменными. Часть 1. Трояним /bin/su из BackTrack 5 R1 x86 образ VMWare BT5R1-GNOME-VM-32.7z 1. ELF и его анатомия в контексте используемой...
OllyDbg 2.01 alpha 4 released
OllyDbg 2.01 alpha 4 released Other new features in this version: - Patch manager, similar to 1.10 - Shortcut editor, supports weird things like Ctrl+Win+$ etc. Now you can customize and share your shortcuts. I haven't tested it on Win7, please report any found bugs and incompatibilities! -...
kernel: IA32 System Call Entry Point Vulnerability
The IA32 system call emulation functionality in arch/x86/ia32/ia32entry.S in the Linux kernel before 2.6.36-rc4-git2 on the x8664 platform does not zero extend the %eax register after the 32-bit entry path to ptrace is used, which allows local users to gain privileges by triggering an out-of-boun...
PHP-Nuke 8.0 - News Module Cross-Site Scripting HTML Code Injection
PHP-Nuke 8.0 - News Module Cross-Site Scripting HTML Code Injection Software Link: http://www.phpnuke.org/modules.php?name=Downloads&dop=viewdownload&cid=1 -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= note : This bug found by tampering passed data . coders don't sanitize and che...
PHP-Nuke <= 8.0 XSS & HTML Code Injection in News Module
No description provided by source. Software Link: http://www.phpnuke.org/modules.php?name=Downloads&dop=viewdownload&cid=1 -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= note : This bug found by tampering passed data . coders don't sanitize and check user entry point for news rate...
PHP-Nuke 8.0 - News Module Cross-Site Scripting / HTML Code Injection
Software Link: http://www.phpnuke.org/modules.php?name=Downloads&dop=viewdownload&cid=1 -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= note : This bug found by tampering passed data . coders don't sanitize and check user entry point for news rate...
Manual crack fast flash reduction-vulnerability warning-the black bar safety net
Information source: evil octal information security team www.eviloctal.com) Article author: monsterok(monster) Go to the cafe Internet, I downloaded a half-day things, can let I accidentally put the computer the power to kick, because the cafe machine is installed restore, reboot after everything...
SetCMS 3.6.5 (setcms.org) Remote Command Execution Exploit
Exploit for unknown platform in category web applications ========================================================== SetCMS 3.6.5 setcms.org Remote Command Execution Exploit ========================================================== !/usr/bin/perl SetCMS v3.6.5 setcms.org remote commands executio...
The Trojan uses the“free kill”evading anti-virus techniques-vulnerability warning-the black bar safety net
Today, talk about horses can be described as color change. Trojan indeed than the conventional virus more ruthless, monitoring your operation, devouring your privacy, destroy your data. We install the latest antivirus software and daily patch updates, and the firewall is always protected, but why...
HP OpenView Network Node Manager 07.50 - CGI Remote Buffer Overflow
HP OpenView Network Node Manager 07.50 - CGI Remote Buffer Overflow !/usr/bin/python HP OpenView Network Node Manager CGI Buffer Overflow Tested on NNM Release B.07.50 / Windows 2000 server SP4 http://www.zerodayinitiative.com/advisories/ZDI-07-071.html Coded by Mati Aharoni...
Not dead shellcode-exploit warning-the black bar safety net
HEE HEE,today the computer some of the things transferred to the mobile hard disk,find yourself previously voted over the few manuscript,crude see an article but there are a few articles or a little heat,simply submit to the evil eight,hope can be a friend in need some help...rookie write the dis...
Trojan free kill methods bloopers-vulnerability warning-the black bar safety net
In fact,this can not be considered original, all you are aware of the knowledge,just following some of the experience. 昤. 姲 黡 M8? Probably write some Chaos. y? 瑍 k 渄? G�o 澐 W 洘 1,Extra rare shell. �Winter�詷"$+? aspack,upx relatively famous,it is not recommended to use. 4?! Smoke ? A? U8 傺 sell Wh...
Dove gray ultimate free kill tutorial-vulnerability warning-the black bar safety net
To this station also quite a few days, learned a lot of knowledge. Here today, I also want to talk about yourself tofree to killperception. A week ago,I dofree to killby Kabbah, rising, Kingsoft, Norton, etc. files and memory. I'm very excited about thefree to killmethod in the online publication...
Winamp <= 5.06 IN_CDDA.dll Remote Buffer Overflow Exploit
Exploit for unknown platform in category remote exploits ========================================================= Winamp //File ops. //m3u File format //http://hanna.pyxidis.org/tech/m3u.html // Host info: // Name=ntdll system // File version=5.1.2600.1217 xpsp2.030429-213 //...
Loading Rootkit using SystemLoadAndCallImage
Greets, For a while there has been a thread on NTBUGTRAQ about kernel-mode protection from rootkits. This is good - the whole point of our rootkit.com project is to get people thinking about the problem. For example, there is now an ANTI-Rootkit called Integrity Protection Driver from Pedestal...