Exploit Title: AxMan ActiveX fuzzing <== Memory Corruption PoC
Crash : http://imageshack.us/f/217/axman.jpg/
Date: July 28, 2012
Author: coolkaveh
coolka...@rocketmail.com
Https://twitter.com/coolkaveh
Vendor Homepage: http://digitaloffense.net/tools/axman/
version : 1.0.0
Tested on: windows 7 SP1
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Just a note if you need CVE's for open source security issues email
oss-secur...@lists.openwall.com
(http://oss-security.openwall.org/wiki/mailing-lists/oss-security).
Please note that these requests are completely public (anyone can sign
up to the oss
1. OVERVIEW
ocPoral CMS 7.1.5 and lower versions are vulnerable to Open URL Redirection.
2. BACKGROUND
ocPortal is the website Content Management System (a CMS) for building
and maintaining a dynamic website. ocPortal's powerful feature-set
means there's always a way to accomplish your vision.
Aswome coolkaveh look what I found
Title:Netasq UTM suffer from bypassing metacharacters filter
coolkaveh Advisory
coolka...@rocketmail.com
Https://twitter.com/coolkaveh
Product : Netasq utm
Vendor Homepage: http://netasq.com
Criticality level : High
Description : A vulnerability has been discover
On Thu, Jul 26, 2012 at 6:07 AM, Григорий Братислава
wrote:
>
> Is first MustnLive watch really good movie and is use
> quote from is movie:
Funny, I now want to watch Goldeneye for some reason...
> MusntLive is show you how you fail across many 'vertical' industries.
Everything you mention a
> I can't tell if I'm being trolled or not...
Good question.
>> Is I am on your network, good luck is find me especially in is post
>> exploitation as I am is liable to float around is piggyback from one
>> machine is to the next. You can is assume all you want about port
>> security in is in fac
Tavis Ormandy wrote:
> Justin Klein Keane wrote:
>
> > Impact - -- Clients loading a maliciously crafted .torrent file into
> > Transmission and viewing the web client could be subject to arbitrary
> > script injection, allowing an attacker to run arbitrary code in the
> > context of the vi
Justin Klein Keane wrote:
> Impact - -- Clients loading a maliciously crafted .torrent file into
> Transmission and viewing the web client could be subject to arbitrary
> script injection, allowing an attacker to run arbitrary code in the
> context of the victim's web browser. This could lea
they should not have been fixed, as when exploit has been released they
where not and looking at SVN no change has been made (
http://pligg.svn.sourceforge.net/viewvc/pligg/ )
no CVE has been asked for this vuln (at least from me), so none should has
been assigned.
And regarding your post been dele
On Sat, Jul 21, 2012 at 06:34:46PM +0200, BlackHawk wrote:
> Exploit attached, info inside. 2.0 versions could still be affected
>
> http://pastebin.com/MSXFSvzA
Do you know if these issues have been fixed in some version of Pligg and if
these have CVE-identifiers? I tried to ask this from forum
10 matches
Mail list logo