what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 207 RSS Feed

Files

Packet Storm New Exploits For June, 2011
Posted Jul 1, 2011
Authored by Todd J. | Site packetstormsecurity.com

This archive contains all of the 206 exploits added to Packet Storm in June, 2011.

tags | exploit
systems | linux
SHA-256 | 00240cc4f79ebd969896553f5151da9048faa9fa5fcc0c80c12b31a30b63a202
OpenSSH 3.5p1 Remote Root Exploit For FreeBSD
Posted Jun 30, 2011
Authored by Kingcope

Remote root exploit for OpenSSH version 3.5p1 on FreeBSD that affects versions 4.9 and 4.11. Other versions may also be affected. The bug appears to reside in auth2-pam-freebsd.c.

tags | exploit, remote, root
systems | freebsd
SHA-256 | b0a72514bab1b654a9acc1539d19dc102efa3d5f89c49d95b1b5b7dae0a88734
Asterisk 1.8.x SIP User Enumeration
Posted Jun 30, 2011
Authored by Francesco Tornieri

The INVITE method in use by Asterisk version 1.8.4.4 allows for remote user enumeration.

tags | exploit, remote
SHA-256 | c8d09e1a6bc234ffc02445e7446b5216f7017ea2bb2d57463d5af6d921a8ff5c
Kaillera Emulation Clients Buffer Overflow
Posted Jun 30, 2011
Authored by Sil3nt_Dre4m

Multiple emulation clients that leverage Kaillera suffer from buffer overflow vulnerabilities.

tags | exploit, overflow, vulnerability
SHA-256 | 79d3121b571aa1e6fc233145d27b1fdb99bb91f00a3ce4de2fd922d7981dffbd
Core Security Technologies Advisory 2011.0606
Posted Jun 30, 2011
Authored by Core Security Technologies, Nahuel Riva | Site coresecurity.com

Core Security Technologies Advisory - HP Data Protector is an automated backup and recovery software for single-server to enterprise environments. A vulnerability in HP Data Protector could allow a remote attacker to execute arbitrary code. The vulnerability is triggered by sending a request to port 5555 of a host running the "data protector inet" service, part of HP Data Protector.

tags | exploit, remote, arbitrary
advisories | CVE-2011-1866
SHA-256 | efa1df6ff293fc879184a56101095c205856a98933d395ba652967d9bb7600a0
Tagonet Portal SQL Injection
Posted Jun 30, 2011
Authored by Net.Edit0r

Tagonet Portal suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | fd067009a97cf61041b5f28f67558f812429396380603567e630c3b7ff0e05df
Core Security Technologies Advisory 2011.0514
Posted Jun 30, 2011
Authored by Core Security Technologies, Oren Isacson | Site coresecurity.com

Core Security Technologies Advisory - HP Data Protector is an automated backup and recovery software for single-server to enterprise environments. Multiple vulnerabilities have been found in HP Data Protector that could allow a remote attacker to execute arbitrary code and lead to denial of service conditions. The vulnerabilities are triggered by sending a request to port 5555 of a host running the "data protector inet" service, part of HP Data Protector. The request has several parameters, including an opcode. By sending requests with specially crafted parameters, the different bugs can be triggered.

tags | exploit, remote, denial of service, arbitrary, vulnerability
advisories | CVE-2011-1865, CVE-2011-1514, CVE-2011-1515
SHA-256 | f98a13749e7a39ecb264fe5f8d281306487eb2c3e90b78c64ce6d9396ad34261
PHPnuke MT 8.3.5 ckfinder Shell Upload
Posted Jun 30, 2011
Authored by Net.Edit0r

PHPnuke MT version 8.3.5 suffers from a ckfinder related shell upload vulnerability.

tags | exploit, shell
SHA-256 | 5bbbecbade42cde659b1d59dacca2454d8b777cfecb32e28c9b2e431dc918a49
J Software Solutions SQL Injection
Posted Jun 30, 2011
Authored by eXeSoul

J Software Solutions suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 323a8dfd100e64a87696245ce193cbf7e6859e0ece4c863d30d4ef770c61ab41
Valve Steam Client Application v1559/1559 Local Privilege Escalation
Posted Jun 29, 2011
Authored by LiquidWorm | Site zeroscience.mk

Valve Steam Client Application version 1.0.968.628 is vulnerable to an elevation of privileges vulnerability which can be used by a simple user that can change the executable file with a binary of choice.

tags | exploit
SHA-256 | f07cacb244ba2aac638b1faad553f41232c12f69350fa60ab20117331e3e88cc
Novell ZenWorks Handheld Management 7.0.2.61213 Directory Traversal
Posted Jun 29, 2011
Authored by Luigi Auriemma | Site aluigi.org

Novell ZenWorks Handheld Management versions 7.0.2.61213 and below suffer from an upload directory traversal vulnerability.

tags | exploit, file inclusion
systems | linux
SHA-256 | 8d5f4d6d07a2a05d41dd920dfe7f872b42e04ea12490ff678d85951d089794e4
Sybase Advantage Server 10.0.0.3 Off-By-One
Posted Jun 29, 2011
Authored by Luigi Auriemma | Site aluigi.org

Sybase Advantage Server versions 10.0.0.3 and below suffer from an off-by-one vulnerability.

tags | exploit
systems | linux
SHA-256 | 5b5a3e6feccf3d2a968916d2ea23684fd5cb76da747b934fe1d89f2d7415dc68
Trixbox 2.8.0.4 User Enumeration
Posted Jun 28, 2011
Authored by Francesco Tornieri

Trixbox versions 2.8.0.4 and below suffer from a remote user enumeration vulnerability via the Flash Operator Panel.

tags | exploit, remote
SHA-256 | 5fe530b38bbe1264123805cbd691c7f4036091c2a5950c46258181987161b42a
Smallftpd 1.0.3 Denial Of Service
Posted Jun 28, 2011
Authored by Myo Soe | Site metasploit.com

This Metasploit module triggers an unauthenticated denial of service condition in Smallftpd server versions 1.0.3-fix and earlier with a few dozen connection requests.

tags | exploit, denial of service
SHA-256 | 4cafbd9967c27dd7e3374f189dbe20b767a84f155ab18c6d219c6d2a95f5aba6
Jira Atlassian File Attachment Download
Posted Jun 28, 2011
Authored by Ignacio Garrido

Jira Atlassian 3.x remote file attachment download exploit.

tags | exploit, remote
SHA-256 | 7ad8e8fab6783bce9a388662b290fbecc693cce3723ddecd0ab25d2185d18e41
RGBoard 4.2.1 SQL Injection
Posted Jun 28, 2011
Authored by hamt0ry

RGBoard version 4.2.1 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 57aa2d47fef865a72f348d580009d0555b652717cfa8d71f352148bed98e7683
Douran Portal LFI / XSS / SQL Injection
Posted Jun 28, 2011
Authored by K0242

Douran Portal suffers from local file inclusion, SQL injection, cross site scripting, and various other vulnerabilities.

tags | exploit, local, vulnerability, xss, sql injection, file inclusion
SHA-256 | c45cc4651417864ce3441187f06f72232833051414c9bd188743398d0bbbf2f5
Joomla CSVUploader SQL Injection
Posted Jun 28, 2011
Authored by pks

The Joomla CSVUploader component suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | a8af8e6faded09aa118b8557bb2432e44342784bfa5b67733eee3b99f272c42d
Drupal 6.22 Cross Site Scripting
Posted Jun 28, 2011
Authored by MustLive

Drupal versions 6.22 and below suffer from brute forcing and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 1eaf996a094a3644698c4b0c8591e44ba2fae4746290b3b7d1beca556b732e0d
2Wire Password Reset
Posted Jun 28, 2011
Authored by Travis Phillips | Site metasploit.com

This Metasploit module will reset the admin password on a 2wire wireless router. This works by using a setup wizard page that fails to check if a user is authenticated and doesn't remove or block after first access.

tags | exploit
SHA-256 | 91af7c5cfe8ce35ecd823c6e368888d7bb8600a2aae160caf061754e6ac544da
Citrix Provisioning Services 5.6 streamprocess.exe Buffer Overflow
Posted Jun 27, 2011
Authored by mog | Site metasploit.com

This Metasploit module exploits a stack buffer overflow in Citrix Provisioning Services 5.6. By sending a specially crafted packet to the Provisioning Services server, a fixed length buffer on the stack can be overflowed and arbitrary code can be executed.

tags | exploit, overflow, arbitrary
advisories | OSVDB-70597
SHA-256 | fb43ad978d094b4e0f5330487cfca72d9843827148a253d984b6ba140c463080
WordPress Pretty Link Like 1.4.56 SQL Injection
Posted Jun 27, 2011
Authored by MaKyOtOx

The WordPress Pretty Link Like plugin version 1.4.56 suffers from multiple remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
SHA-256 | 97a3bb6476b9caa1814665fb8ab0ef26f2534c995e339068c8524bc9fd02813e
Mambo CMS 4.6.5 Cross Site Scripting
Posted Jun 27, 2011
Authored by Aung Khant | Site yehg.net

Mambo CMS version 4.6.5 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 3115d8f2dda73e067544bc4308b91b5481d3aad2070d6ec661b2e00ae86dc2f6
Joomla Morfeoshow SQL Injection
Posted Jun 27, 2011
Authored by Th3.xin0x

The Joomla Morfeoshow component suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | f0513e531f01b35236a0534aabd543bb3d35bed8f9b1e51b7ed289636efb1e05
Microsoft Office Visio VISIODWG.DLL DXF File Handling Vulnerability
Posted Jun 27, 2011
Authored by Core Security Technologies, Shahin, juan vazquez | Site metasploit.com

This Metasploit module exploits a stack based overflow vulnerability in the handling of the DXF files by Microsoft Visio 2002. Revisions prior to the release of the MS bulletin MS10-028 are vulnerable. The overflow occurs when the application is used to import a specially crafted DXF file, while parsing the HEADER section of the DXF file. To trigger the vulnerability an attacker must convince someone to insert a specially crafted DXF file to a new document, go to Insert -> CAD Drawing.

tags | exploit, overflow
advisories | CVE-2010-1681, OSVDB-64446
SHA-256 | f61db5b3c647e82f60841a3bcc9f264bbf908d6398708df6e22042a47f1bc8a0
Page 1 of 9
Back12345Next

Top Authors In Last 30 Days

Recent News

News RSS Feed
Sam Bankman-Fried's Sentencing Hearing Over FTX Fraud Begins Today
Posted Mar 28, 2024

tags | headline, fraud, cryptography
Sellafield To Be Prosecuted For IT Security Offenses
Posted Mar 28, 2024

tags | headline, government, britain, flaw
These 17,000 Microsoft Exchange Servers Are A Ticking Time Bomb
Posted Mar 28, 2024

tags | headline, microsoft, email, flaw
Analyse, Hunt, And Classify Malware Using .NET Metadata
Posted Mar 27, 2024

tags | headline, hacker, malware, microsoft
VPN Apps On Google Play Turn Android Devices Into Proxies
Posted Mar 27, 2024

tags | headline, privacy, phone, flaw, google
Fortinet FortiClient EMS SQL Injection Flaw Exploited In The Wild
Posted Mar 27, 2024

tags | headline, hacker, flaw
Google Reveals 0-Day Exploits In Enterprise Tech Surged 64% Last Year
Posted Mar 27, 2024

tags | headline, flaw, google, zero day
Ray AI Framework Vulnerability Exploited To Hack Hundreds Of Clusters
Posted Mar 27, 2024

tags | headline, hacker, flaw
Justice Dept Indicts 7 Accused In 14 Year Long Hack Campaign By Chinese Government
Posted Mar 26, 2024

tags | headline, hacker, government, usa, china, cyberwar, spyware, backdoor
Ransomware Can Mean Life Or Death At Hospital, But DEF CON Hackers Have A Plan
Posted Mar 26, 2024

tags | headline, hacker, malware, conference, cryptography
View More News →
packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close