New Version of Eleonore Exploit Kit Released With New 0-Day Exploit

The creator of the infamous Eleonore exploit pack has released a new version of the attack toolkit, adding some new exploits, including one for a zero day vulnerability. The new version of Eleonore is selling for $2,000, a premium price even in the world of high-level exploit kits. Eleonore is on...

aidSQL: A Tool to Find Vulnerable Spots in Web Sites !

aidSQL is a PHP application provided for detecting security holes in your websites. It is a modular application, meaning that you can develop your very own plugins for SQL injection detection & exploitation. Sample usage of aidsql: ./aidSQL --url=www.sample123.com We find it similar to nikto,...

[SECURITY] Fedora 13 Update: pidgin-2.7.9-1.fc13

Pidgin allows you to talk to anyone using a variety of messaging protocols including AIM, MSN, Yahoo!, Jabber, Bonjour, Gadu-Gadu, ICQ, IRC, Novell Groupwise, QQ, Lotus Sametime, SILC, Simple and Zephyr. These protocols are implemented using a modular, easy to use design. To use a protocol, just...

Default credentials

HP StorageWorks Modular Smart Array P2000 G3 firmware TS100R011, TS100R025, TS100P002, TS200R005, TS201R014, and TS201R015 installs an undocumented admin account with a default "!admin" password, which allows remote attackers to gain privileges...

CVE-2010-4115

CVE-2010-4115 affects HP StorageWorks Modular Smart Array P2000 G3 firmware TS100R011/025, TS100P002, TS200R005, TS201R014/015. It installs an undocumented admin account with the default password !admin, enabling remote attackers to gain privileged access to the management interface. HP’s securit...

CVE-2010-4115

HP StorageWorks Modular Smart Array P2000 G3 firmware TS100R011, TS100R025, TS100P002, TS200R005, TS201R014, and TS201R015 installs an undocumented admin account with a default "!admin" password, which allows remote attackers to gain privileges...

[security bulletin] HPSBST02620 SSRT100356 rev.1 - HP StorageWorks Modular Smart Array P2000 G3, Remote Unauthorized Access

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c02660754 Version: 1 HPSBST02620 SSRT100356 rev.1 - HP StorageWorks Modular Smart Array P2000 G3, Remote Unauthorized Access NOTICE: The information in this Security Bulletin should be acted upon ...

Fedora Update for selinux-policy FEDORA-2010-12281

Check for the Version of selinux-policy OpenVAS Vulnerability Test Fedora Update for selinux-policy FEDORA-2010-12281 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify ...

Arachni v0.2.1 - penetration testers Framework - latest release

"Arachni is a feature-full, modular, high-performance Ruby framework aimed towards helping penetration testers and administrators evaluate the security of web applications." This is the official change log: Major performance improvements Major system refactoring and code clean-up Major module API...

Native Instruments Reaktor 5 Player v5.5.1 Heap Memory Corruption Vulnerability

Summary REAKTOR 5 PLAYER is your free entry point to the award-winning and avant-garde audio world of REAKTOR 5 - the super-powerful modular sound studio that made Native Instruments famous. Description The NI's Reaktor 5 Player suffers from multiple file handling vulnerability when processing .e...

Fedora Update for pidgin FEDORA-2010-16629

Check for the Version of pidgin OpenVAS Vulnerability Test Fedora Update for pidgin FEDORA-2010-16629 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...

Injecting Fake Updates: Evilgrade

Evilgrade is a modular framework that allows the user to take advantage of poor upgrade implementations by injecting fake updates. It comes with pre-made binaries agents, a working default configuration for fast pentests, and has it’s own WebServer and DNSServer modules. Easy to set up new...

Metasploit Web Crawler

This auxiliary module is a modular web crawler, to be used in conjunction with wmap someday or standalone. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework Web Crawler. Author: Efrain Torres et at metasploit.com 2010...

iOffice 0.1 Remote Command Execution

iOffice 0.1 is vulnerable because it does not sanitize user input. It seems to be modular because none of the scripts are exactly the same on ones I've run across, but they all seem to be vulnerable. Command execution is possible...

Fedora Update for irssi FEDORA-2010-6612

Check for the Version of irssi OpenVAS Vulnerability Test Fedora Update for irssi FEDORA-2010-6612 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms ...

[SECURITY] Fedora 11 Update: irssi-0.8.15-1.fc11

Irssi is a modular IRC client with Perl scripting. Only text-mode frontend is currently supported. The GTK/GNOME frontend is no longer being maintained...

PHPCMS 2 0 0 7 SQL injection, and variable overwrite vulnerability-vulnerability warning-the black bar safety net

PHPCMS is a PHP-based+Mysql architecture of the web content management system, it is an open-source PHP development platform. Phpcms uses a modular approach to the development, functional and easy to use to facilitate the expansion, for medium to large sites provide heavyweight website Building...

PHPCMS2008 1 0 0 5 2 7 version website management system to download an arbitrary file vulnerability-vulnerability warning-the black bar safety net

Phpcms is a PHP-based+Mysql architecture of the web content management system, it is an open-source PHP development platform. Phpcms uses a modular approach to the development, functional and easy to use to facilitate the expansion, for medium to large sites provide heavyweight website Building...

Fedora Update for zikula FEDORA-2010-8464

Check for the Version of zikula OpenVAS Vulnerability Test Fedora Update for zikula FEDORA-2010-8464 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the term...

PHPCMS 2007网站管理系统common.inc.php页面变量覆盖漏洞

PHPCMS是一款基于 PHP+Mysql 架构的网站内容管理系统，也是一个开源的 PHP 开发平台。Phpcms 采用模块化方式开发，功能易用便于扩展，可面向大中型站点提供重量级网站建设解决方案。 在文件incude/common.inc.php中： if!defined'INADMIN' //不是管理员则进入判断 if$CONFIG'dbiscache' $dbfile .= 'cache'; if$CONFIG'phpcache' == '2' $cachefileid = md5$PHPSELF.'?'.$PHPQUERYSTRING; $cachefiledir =...