Uninformed is pleased to announce the release of its tenth volume which is composed of 4 articles: Can you find me now? Unlocking the Verizon Wireless xv6800 (HTC Titan), Using dual-mappings to evade automated unpacker, Analyzing local privilege escalations in win32k, and Exploiting Tomorrow's Internet Today: Penetration testing with IPv6.
e88f63b59cd99b5222f1427aefd7f83c0b9a99bc49ee4a80852eb736c8296ba6Secunia Security Advisory - Debian has issued an update for mon. This fixes a vulnerability, which can be exploited by malicious, local users to perform certain actions with escalated privileges.
3a94520b14e9046999712f245d5cccd9be0d4980cfe641a9834ce9ba20bdf3cbSecunia Security Advisory - A security issue has been reported in Apache Tomcat, which potentially can be exploited by malicious people to bypass certain security restrictions.
20606b4ab31a588c89659e08c43bdb881cbd707cb94d34a5ecf7e1fda8828b83Secunia Security Advisory - Debian has issued an update for openldap. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
efea1de6c4a64ec201f849288882c2dbfd729dd8ca823b31d0eba751bfae9f44Secunia Security Advisory - Debian has issued an update for ruby1.9. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions or cause a DoS (Denial of Service).
2157726b45f988d0887d557a893c251d6648e14255c6d886878692ddf25863a2Secunia Security Advisory - Debian has issued an update for ruby1.8. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions or cause a DoS (Denial of Service).
1bedd515e46a3683bc571a55ef0d6d6ab4ba8e9812d9fa64d1714ab0730e7dd8Debian Security Advisory 1653-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or privilege escalation.
51feee12105362895af7d75faa8099507a11e88fe4815b2f8d435d8d823ee3baIndexScript version 3.0 suffers from a remote SQL injection vulnerability in sug_cat.php.
8a06de796f9af2f26218de6e9ae0f7e769c332a657653a3445d4ed28f919e598The wireless drivers in some Wi-Fi access points (such as the MARVELL-based Linksys WAP4400N) do not correctly parse some malformed 802.11 frames, allowing for denial of service and possible code execution.
1a181ff342a3f2e4a532d4f63245f3886efc056a407e5ba031eaab9f54c9e7ffGlobsy versions 1.0 and below remote file rewriting exploit.
6cf02c8dc6a61740e88d1d92395867b0a322d9a40d12443319a4a92951d7df18Proof of concept code that demonstrates how an Oracle DB user which has been granted CREATE ANY DIRECTORY can use that system privilege to grant themselves the SYSDBA system privilege by creating a DIRECTORY pointing to the password file location on the OS and then overwriting it with a previously prepared known binary password file using UTL_FILE.PUT_RAW from within the DB.
e5b9d81d9e3e453e88ecc084ad1516012f5e333ec7dcdbb2dbe569b1350618e0An Oracle DB user which has been granted CREATE ANY DIRECTORY can use that system privilege to grant themselves the SYSDBA system privilege by creating a DIRECTORY pointing to the password file location on the OS and then overwriting it with a previously prepared known binary password file using UTL_FILE.PUT_RAW from within the DB. This paper will show how the issue can be exploited and most importantly how to secure against it.
d831e6ebd8c7df2437915b869b9d31a97fd007d4363bebebfe908afab3c60f97LokiCMS versions 0.3.4 and below remote command execution exploit.
80595446863befacbff02165f9b101243a867c06247ccd3102473d3240f56088Loki CMS version 0.3.4 create local file inclusion exploit that uses admin.php.
26574cf08b78d7b4b1d9512248aa5c98ed4456f006a5e6c112bc386894965525Loki CMS versions 0.3.4 and below arbitrary check file exploit that uses index.php.
be67f43384df6c25801eed843addc07a10d6839ec99575f2f587cb95fb6e88a4My PHP Indexer version 1.0 suffers from a local file download vulnerability in index.php.
a1392038b1e69def84ab2acba7afbdd1e3dfc80d35f0416d38bd9ccccf451a21Real Estate Scripts 2008 suffers from a remote SQL injection vulnerability in index.php.
c3c3c80087e75a4543a08e0a1f1ba1fcf778ccb8489bfe67266c46d6610d4aecSecunia Security Advisory - Hakxer has reported a vulnerability in Real Estates Classifieds, which can be exploited by malicious people to conduct SQL injection attacks.
d1e1ae669ab60b067cd1c42e5c8729598dbb3c32da104fa0082af9f6b1f64702Secunia Security Advisory - H!tm@N has discovered a vulnerability in the OwnBiblio component for Joomla!, which can be exploited by malicious people to conduct SQL injection attacks.
9f93fd5ad33f87349be417eeffa47ecc85303dcc181e30ecf113ad809b9c225bSecunia Security Advisory - LUPUS has reported a vulnerability in MunzurSoft Wep Portal W3, which can be exploited by malicious people to conduct SQL injection attacks.
d346ed65832a35bdb36c7b8d9283cbb5a260227f01ce31a24bb7f3f696cf8d09Secunia Security Advisory - H!tm@N has reported a vulnerability in the Mad4Joomla Mailforms component for Joomla!, which can be exploited by malicious people to conduct SQL injection attacks.
6dacbc94a390eaec5f5777a9c45630078f28cbcf12d1711530fd1bdfb585b198Secunia Security Advisory - H!tm@N has reported a vulnerability in the Ignite Gallery component for Joomla!, which can be exploited by malicious people to conduct SQL injection attacks.
bb4b8abcb44d61651d54a3c0167b1eb07caa1328ce1ee2107c3667755a06b042Secunia Security Advisory - Crackers_Child has reported a vulnerability in Ayco Okul, which can be exploited by malicious people to conduct SQL injection attacks.
26b9eb65ac85cb0d2d0e4893397ba5fce33755f0bd6073668c32fbee64a6b091Zomplog version 3.9 suffers from a cross site scripting vulnerability.
4e1a5194115849b5c655c7c3ae48ce7fe16f14e60f2285a128ec095590bc511bWeb Vulnerabilities To Gain Access To The System - A paper that goes into detail on the exploitation of local/remote file inclusion and blind SQL injection vulnerabilities.
6b544ae8700af98ccaefa3500f771e5ee3f3cec3278cfa6a9e4a1618c9d74d11
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed