exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 43 RSS Feed

Files Date: 2008-09-16

Secunia Security Advisory 31873
Posted Sep 16, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - JosS has reported a vulnerability in Pre Real Estate Listings, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, sql injection
SHA-256 | 40a84063ca635f859079b08c47639d53c690d921f0a267ab4530843e37668292
Debian Linux Security Advisory 1638-1
Posted Sep 16, 2008
Authored by Debian | Site debian.org

Debian Security Advisory 1638-1 - It has been discovered that the signal handler implementing the login timeout in Debian's version of the OpenSSH server uses functions which are not async-signal-safe, leading to a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, debian
advisories | CVE-2008-4109
SHA-256 | 3dcd1c93684523b379aae5ed130ab55e469f477cb01b57983baa4faa0beb27f7
shatter-db2overrrun.txt
Posted Sep 16, 2008
Authored by Ariel Sanchez | Site appsecinc.com

Team SHATTER Security Advisory - The XMLQUERY and XMLEXISTS functions are vulnerable to a stack based buffer overflow by passing an overly long parameter. The XMLQUERY and XMLEXISTS functions are installed by default. IBM DB2 Database Server versions 9.1 and 9.5 on the Windows platform are affected.

tags | advisory, overflow
systems | windows
advisories | CVE-2008-3854
SHA-256 | 5efd448731a6482ab43eb286aea980a1d038f94b64579c7415920afbcf71422a
shatter-clrstored.txt
Posted Sep 16, 2008
Authored by Martin Rakhmanov | Site appsecinc.com

Team SHATTER Security Advisory - It is possible to use the CLR stored procedure deployment feature of IBM Database add-ins for Visual Studio to produce a privilege escalation or denial of service on a DB2 server. IBM DB2 Database Server versions 9.1 and 9.5 on the Windows platform are affected.

tags | advisory, denial of service
systems | windows
advisories | CVE-2008-3852
SHA-256 | 93159e714894796764bdfc5cbc6de85425718a0e10e81c6b0e87ed2a5c4ac87b
hotelresv-sql.txt
Posted Sep 16, 2008
Authored by JosS | Site spanish-hackers.com

Hotel Reservation System suffers from a blind SQL injection vulnerability in city.asp.

tags | exploit, sql injection, asp
SHA-256 | 099d2a6a6ff181537cff7566196df27a42dd0e757128fa85df4c47a557028c73
unrealfp.zip
Posted Sep 16, 2008
Authored by Luigi Auriemma | Site aluigi.org

Server shutdown exploit for Unreal Engine which suffers from a failed assertion vulnerability.

tags | exploit
SHA-256 | b7e7f1463c21f51de7f49c1f903f44cdd78632aa54a69a21b30c8bf88a042f62
unrealfp.txt
Posted Sep 16, 2008
Authored by Luigi Auriemma | Site aluigi.org

Unreal Engine suffers from a failed assertion vulnerability that allows for server shutdown.

tags | advisory
SHA-256 | 83af6f51a1662c1603b02411ceb0ebbbaeea83057640b31febbbbed85f5c3498
Mandriva Linux Security Advisory 2008-198
Posted Sep 16, 2008
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - A symlink vulnerability was found in the javareconf script in R that allows local users to overwrite arbitrary files. The updated packages have been patched to prevent this issue.

tags | advisory, arbitrary, local
systems | linux, mandriva
advisories | CVE-2008-3931
SHA-256 | b99d99c5158b1d3ecb006714bbc150f0f8ab552425f2bd64778e1edb59aea90e
oscom-disclose.txt
Posted Sep 16, 2008
Authored by John Cobb | Site NoBytes.com

osCommerce version 2.2rc2a suffers from an information disclosure vulnerability.

tags | exploit, info disclosure
SHA-256 | e83060bf47d164489717852d1a3a79a00be142c4234277d1607a6d9bd3bcab5e
gonafish-sql.txt
Posted Sep 16, 2008
Authored by sl4xUz

Gonafish LinksCaffePRO version 4.5 suffers from a remote SQL injection vulnerability in index.php.

tags | exploit, remote, php, sql injection
SHA-256 | 1ed8d0b3ed66fdadf46f94be8e874ab1cb1f72fe01267fe740b4b1005dd5bd4c
Secunia Security Advisory 31812
Posted Sep 16, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Hussin X has reported a vulnerability in Downline Goldmine Builder and related scripts, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, sql injection
SHA-256 | 70af6bb163eaa902c4d009c0747b55657c3d6c869479181051299fddb80cbed7
Secunia Security Advisory 31871
Posted Sep 16, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - r45c4l and h4x0r have reported a vulnerability in iBoutique, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, sql injection
SHA-256 | 38b0b87c2a2ffb1d0acbeb1ce4833b95df9a1bfc836fa17db74960a02b25b8ac
CVE-2008-4042-exploit.c
Posted Sep 16, 2008
Authored by Albert Sellares, Marc Morata Fite | Site wekk.net

Denial of service exploit for Postfix versions 2.4 before 2.4.9, 2.5 before 2.5.5, and 2.6 before 2.6-20080902, when used with the Linux 2.6 kernel.

tags | exploit, denial of service, kernel
systems | linux
advisories | CVE-2008-3889, CVE-2008-4042
SHA-256 | be4de29c579743f90fbea63e452a1da0c2f608677d7e66f78cf782b3ccc6d70c
Technical Cyber Security Alert 2008-260A
Posted Sep 16, 2008
Authored by US-CERT | Site us-cert.gov

Technical Cyber Security Alert TA08-260A - Apple has released Security Update 2008-006 and Mac OS X version 10.5.5 to correct multiple vulnerabilities affecting Apple Mac OS X and Mac OS X Server. Attackers could exploit these vulnerabilities to execute arbitrary code, gain access to sensitive information, or cause a denial of service.

tags | advisory, denial of service, arbitrary, vulnerability
systems | apple, osx
SHA-256 | 6981f18fc007237448cbbcff01311de8cb7f02161d2087f761e73d95e3fb661c
installshield-exec.txt
Posted Sep 16, 2008
Authored by Brian Dowling | Site simplicity.net

The InstallShield Update Agent uses insecure methods of retrieving operational script code from unauthenticated, unverified external sources over HTTP. Arbitrary remote code execution is possible on all known product versions.

tags | advisory, remote, web, arbitrary, code execution
advisories | CVE-2008-1093
SHA-256 | 1caa2ebe74269b4c59aec52aa22dd6110a144d0f811fc378edf727096abb151f
airtel-multi.txt
Posted Sep 16, 2008
Authored by Shishir Birmiwal

The Bharti DSL modem provided by Airtel suffers from credential disclosure and various other vulnerabilities that allow for device compromise.

tags | advisory, vulnerability
SHA-256 | 5387ef2787954a632868302fa5bcce59a93d245c0de73e75ec3a8cf45382811e
attachmax-sqlrfidisclose.txt
Posted Sep 16, 2008
Authored by M.Hasran Addahroni | Site advisories.echo.or.id

Attachmax Dolphin versions 2.1.0 suffer from remote file inclusion, blind SQL injection, and file disclosure vulnerabilities.

tags | exploit, remote, vulnerability, code execution, sql injection, file inclusion, info disclosure
SHA-256 | 396f18db7ab2ae873121a9ba9406547b40cca65e257e8e23c490d2653b356560
Secunia Security Advisory 31841
Posted Sep 16, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Sun Management Center (SunMC), which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
SHA-256 | c8b1880bb39add510e2efb175189cc90e92079955e3f1b0516dc2a3e62043f34
Secunia Security Advisory 31857
Posted Sep 16, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - wins.mallow has reported a vulnerability in Nokia E90 Communicator, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
SHA-256 | 9b1a455864bd4e611fd2985682ac015e62d769943469c4ec407981c2fb1a4c84
Secunia Security Advisory 31876
Posted Sep 16, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue with an unknown impact has been reported in OSADS.

tags | advisory
SHA-256 | 8e89ca3a98861443cd56f230e90f3d8757ef8b3eeb65537b818f9bc88ec82f4b
Secunia Security Advisory 31888
Posted Sep 16, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in multiple LANDesk products, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
SHA-256 | eb9676e9967b7d3cb43a95bae52cd33056cb6f8b3c274e9106f0e271cddd3bdf
openssl-0.9.8i.tar.gz
Posted Sep 16, 2008
Site openssl.org

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.

Changes: Fixed a state transition in s3_srvr.c and d1_srvr.c. Various precautionary measures added. Support added for Local Machine Keyset attribute in PKCS#12 files. Various other additions as well.
tags | encryption, protocol
SHA-256 | e8fc5fcfb715ffe925b2982aa9ca287832a93495d7fff03f17f6449f0732718c
iscriptseasy-sql.txt
Posted Sep 16, 2008
Authored by SirGod | Site insecurity.ro

iScripts EasyIndex suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 64ea09d2a18a16f5b60b3f00b47f30df6f77a937660c6c902140a07fc9552851
TPTI-08-06.txt
Posted Sep 16, 2008
Authored by Aaron Portnoy | Site tippingpoint.com

A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of LANDesk Management Suite. Authentication is not required to exploit this vulnerability. The specific flaw exists within the QIP Server Service (qipsrvr.exe) which listens by default on TCP port 12175. The process makes a vulnerable call to MultiByteToWideChar using values obtained from packet data. A malicious 'heal' request can allow an attacker to control both the pointer to the StringToMap and the StringSize arguments. The destination buffer is either allocated on the stack or heap depending on the specified sizes. In both cases it can be overflown leading to arbitrary code execution under the context of the SYSTEM user.

tags | advisory, remote, overflow, arbitrary, tcp, code execution
advisories | CVE-2008-2468
SHA-256 | ff6889cec64d47b85818ece735464037c8c4a2e41b36d8a8b02923a7d1f1cecd
Secunia Security Advisory 31869
Posted Sep 16, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for bzip2. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | linux, redhat
SHA-256 | 12b3b9af0017e805a3e8615f2acb487ae0edbe912f03857bd3a88f3e85653aaa
Page 1 of 2
Back12Next

File Archive:

December 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    0 Files
  • 2
    Dec 2nd
    41 Files
  • 3
    Dec 3rd
    25 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close