Home

Feed aggregator

The Decade's 10 Most Dastardly Cybercrimes

Packetstorm Security Headlines - Fri, 12/31/2010 - 01:00
Categories: News

sagem-reset.txt

Packet Storm Security Exploits - Fri, 03/05/2010 - 14:16
Sagem routers remote reset exploit. It affects F@ST router models 1200/1240/1400/1400W/1500/1500-WG/2404.
Categories: Exploits

chilkat_crypt_writefile.rb.txt

Packet Storm Security Exploits - Fri, 03/05/2010 - 14:16
This Metasploit module allows attackers to execute code via the 'WriteFile' unsafe method of Chilkat Software Inc's Crypt ActiveX control. This exploit is based on shinnai's exploit that uses an hcp:// protocol URI to execute our payload immediately. However, this method requires that the victim user be browsing with Administrator. Additionally, this method will not work on newer versions of Windows. NOTE: This vulnerability is still unpatched. The latest version of Chilkat Crypt at the time of this writing includes ChilkatCrypt2.DLL version 4.4.4.0.
Categories: Exploits

ultraoffice_httpupload.rb.txt

Packet Storm Security Exploits - Fri, 03/05/2010 - 14:16
This Metasploit module exploits a stack-based buffer overflow in Ultra Shareware's Office Control. When processing the 'HttpUpload' method, the arguments are concatenated together to form a command line to run a bundled version of cURL. If the command fails to run, a stack-based buffer overflow occurs when building the error message. This is due to the use of sprintf() without proper bounds checking. NOTE: Due to input restrictions, this exploit uses a heap-spray to get the payload into memory unmodified.
Categories: Exploits

webex_ucf_newobject.rb.txt

Packet Storm Security Exploits - Fri, 03/05/2010 - 14:16
This Metasploit module exploits a stack-based buffer overflow in WebEx's WebexUCFObject ActiveX Control. If an long string is passed to the 'NewObject' method, a stack- based buffer overflow will occur when copying attacker-supplied data using the sprintf function. It is noteworthy that this vulnerability was discovered and reported by multiple independent researchers.
Categories: Exploits

opera1050-overflow.txt

Packet Storm Security Exploits - Fri, 03/05/2010 - 14:16
Opera versions 10.10 through 10.50 integer overflow exploit.
Categories: Exploits

smartplugs-sql.txt

Packet Storm Security Exploits - Fri, 03/05/2010 - 14:16
Smart Plugs version 1.3 suffers from a remote SQL injection vulnerability.
Categories: Exploits

minbank-exec.txt

Packet Storm Security Exploits - Fri, 03/05/2010 - 14:16
Micronation Banking System suffers from a remote command execution vulnerability.
Categories: Exploits

dosyayuklescripti-shell.txt

Packet Storm Security Exploits - Fri, 03/05/2010 - 14:16
Dosya Yukle Scripti version 1.0 suffers from a remote shell upload vulnerability.
Categories: Exploits

ms09_043_owc_htmlurl.rb.txt

Packet Storm Security Exploits - Fri, 03/05/2010 - 14:16
This Metasploit module exploits a buffer overflow in Microsoft's Office Web Components. When passing an overly long string as the HTMLURL parameter an attacker can execute arbitrary code.
Categories: Exploits

gnattgp-rfi.txt

Packet Storm Security Exploits - Fri, 03/05/2010 - 14:16
Gnat-TGP versions 1.2.20 and below suffer from a remote file inclusion vulnerability.
Categories: Exploits

Risky Business #142 -- Special guest H D Moore talks fun with NTP

Risky Business - Fri, 03/05/2010 - 07:46
Tagline:  "Mostly pointless" research yields interesting results... Media URL:  http://media.risky.biz/RB142.mp3 Content Headers Content Length:  33350208 Content Type:  audio/mpeg

Risky Business is hosted by the team at Virtual.Offis in Sydney but sponsored, this week, by Tenable Network Security.

This week's feature guest is H D Moore, who'll be joining us to talk about some fun stuff he's been doing with NTP. Believe it or not you can use NTP to do massive recon on the Intertubez. H D has built a database of millions of hosts by querying NTP boxens. It's cool.

Tenable Network Security CEO Ron Gula joins us in this week's sponsor interview, and Adam "Beardy McUNIXguy" Boileau drops in to discuss the week's news.

Forum Topic:  Risky Business #142 -- Special guest H D Moore talks fun with NTP
Categories: Security Podcasts

wishinet: working on my blog article regarding #Dspam (correcting stuff) and a new article about some fancy #windbg stuff :)

wishi's Twitter - Thu, 03/04/2010 - 23:03
wishinet: working on my blog article regarding #Dspam (correcting stuff) and a new article about some fancy #windbg stuff :)
Categories: netclash

wishinet: creating DBs from #Google Speadsheets: http://bit.ly/daEfKp via the API with #Python. Sounds good for personal cloudy mini apps. :-)

wishi's Twitter - Thu, 03/04/2010 - 23:02
wishinet: creating DBs from #Google Speadsheets: http://bit.ly/daEfKp via the API with #Python. Sounds good for personal cloudy mini apps. :-)
Categories: netclash

wishinet: the #splunk interface with the interactive graphs is a full-win ;)

wishi's Twitter - Thu, 03/04/2010 - 22:26
wishinet: the #splunk interface with the interactive graphs is a full-win ;)
Categories: netclash

wishinet: mhh, rolling out splunk at my root box. Free version, iptables... long live the logs: http://bit.ly/9uKIqX

wishi's Twitter - Thu, 03/04/2010 - 21:11
wishinet: mhh, rolling out splunk at my root box. Free version, iptables... long live the logs: http://bit.ly/9uKIqX
Categories: netclash

Can some one give me some advice about how to start

OpenRCE forum - Thu, 03/04/2010 - 15:17
Categories: netclash

wishinet: matasano wants to check my fw: http://bit.ly/bhGT7z - *g* makes my day.

wishi's Twitter - Thu, 03/04/2010 - 12:15
wishinet: matasano wants to check my fw: http://bit.ly/bhGT7z - *g* makes my day.
Categories: netclash

wishinet: mh, that cybertroll on IRC has got the wrong person ;). Never troll security people. Never argue with root.

wishi's Twitter - Thu, 03/04/2010 - 11:12
wishinet: mh, that cybertroll on IRC has got the wrong person ;). Never troll security people. Never argue with root.
Categories: netclash

Problem debuggin DirectX game...

OpenRCE forum - Thu, 03/04/2010 - 10:14
Categories: netclash
Syndicate content

Ihr Browser versucht gerade eine Seite aus dem sogenannten Internet auszudrucken. Das Internet ist ein weltweites Netzwerk von Computern, das den Menschen ganz neue Möglichkeiten der Kommunikation bietet.

Da Politiker im Regelfall von neuen Dingen nichts verstehen, halten wir es für notwendig, sie davor zu schützen. Dies ist im beidseitigen Interesse, da unnötige Angstzustände bei Ihnen verhindert werden, ebenso wie es uns vor profilierungs- und machtsüchtigen Politikern schützt.

Sollten Sie der Meinung sein, dass Sie diese Internetseite dennoch sehen sollten, so können Sie jederzeit durch normalen Gebrauch eines Internetbrowsers darauf zugreifen. Dazu sind aber minimale Computerkenntnisse erforderlich. Sollten Sie diese nicht haben, vergessen Sie einfach dieses Internet und lassen uns in Ruhe.

Die Umgehung dieser Ausdrucksperre ist nach §95a UrhG verboten.

Mehr Informationen unter www.politiker-stopp.de.