exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 85 RSS Feed

Files Date: 2009-01-14

KDE Konqueror 4.1.3 link href Memory Leak Exploit
Posted Jan 14, 2009
Authored by Jeremy Brown | Site jbrownsec.blogspot.com

KDE Konqueror version 4.1.3 link href memory leak exploit that causes a denial of service condition.

tags | exploit, denial of service, memory leak
SHA-256 | 52ec44898dc0b279108db1d6176b487e62c9df5937992cc4e645545e44da1e9e
KDE Konqueror 4.1.3 iframe src Memory Leak Exploit
Posted Jan 14, 2009
Authored by Jeremy Brown | Site jbrownsec.blogspot.com

KDE Konqueror version 4.1.3 iframe src memory leak exploit that causes a denial of service condition.

tags | exploit, denial of service, memory leak
SHA-256 | e19cb05ec580924d6dc19b3322ecdac3cfb55ab2b8fe843e14f0ec56776d4e01
3COM TFTP Buffer Overflow
Posted Jan 14, 2009
Authored by Jeremy Brown | Site jbrownsec.blogspot.com

3COM TFTP buffer overflow exploit that binds a shell to port 4444.

tags | exploit, overflow, shell
SHA-256 | 10a9bfc70432cab4c7496997dd07109c15d2e061794b60ef87be0e4f4ef1afd8
Oracle BEA WebLogic Server Apache Connector Buffer Overflow
Posted Jan 14, 2009
Site assurent.com

A remotely exploitable vulnerability has been discovered in the Apache Connector component of Oracle BEA WebLogic Server. Specifically, the vulnerability is due to a boundary error when processing incoming HTTP requests and can lead to a buffer overflow condition. This boundary error can lead to a Denial of Service (DoS) condition for the Apache HTTP server.

tags | advisory, web, denial of service, overflow
advisories | CVE-2008-5457
SHA-256 | c7c339b930f23c13f36b9129cc242c833a7716780cfe759fd4104eaed9ad7d62
Fwknop Port Knocking Utility
Posted Jan 14, 2009
Authored by Michael Rash | Site cipherdyne.org

fwknop implements an authorization scheme that requires only a single encrypted packet to communicate various pieces of information, including desired access through a Netfilter policy and/or specific commands to execute on the target system. The main application of this program is to protect services such as SSH with an additional layer of security in order to make the exploitation of vulnerabilities much more difficult. The authorization server works by passively monitoring authorization packets via libpcap.

Changes: Added the ability to send SPA packet over HTTP to a webserver. Added ENABLE_EXTERNAL_CMDS for fwknopd to control whether the EXTERNAL_CMD_OPEN and EXTERNAL_CMD_CLOSE directives are used. Various bug fixes.
tags | tool, scanner, vulnerability
systems | unix
SHA-256 | bb36216abec00d3f8fea30ac8e3768a249f2ee181fd05c5064ac5a94ec069781
Advisory Check Tool Version 2.20
Posted Jan 14, 2009
Authored by Stephan Schmieder | Site advchk.unixgu.ru

Advchk (Advisory Check) reads security advisories so you do not have to. Advchk gathers security advisories using RSS feeds, compares them to a list of known services, and alerts you if you are vulnerable. Since adding hosts and services by hand would be quite a boring task, advchk leverages nmap for automatic service and version discovery.

systems | unix
SHA-256 | 88c7ec2d6cf705c0fa6a5b790a67c2eb4cb0c27a76ea5b95a8986158b6dbd0a2
Joomla Fantasytournament SQL Injection
Posted Jan 14, 2009
Authored by Valon Kerolli | Site itshqip.com

The Joomla Fantasytournament component suffers from multiple remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
SHA-256 | 09f2414d8a5d52435a8ccd8239ace69f3c633ca42187125aa7d0e39b771d7937
Joomla Camelcitydb2 2.2 SQL Injection
Posted Jan 14, 2009
Authored by Valon Kerolli | Site itshqip.com

The Joomla Camelcitydb2 component version 2.2 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 395c35232d55b0666dacc49ae91637350ce1650537b4981ad17010bc6bc36c52
EDraw Office Viewer 5.4 Insecure Method
Posted Jan 14, 2009
Authored by Cyber-Zone | Site iq-ty.com

EDraw Office Viewer Component version 5.4 HttpDownloadFile() insecure method exploit.

tags | exploit
SHA-256 | a6fcb95fe9b82106e8a774d5bf373f5d7c80975c7bc3c45ff276c35c45c66315
Mandriva Linux Security Advisory 2009-010
Posted Jan 14, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-010 - A security vulnerability have been discovered and corrected in VNC server of qemu 0.9.1 and earlier, which could lead to a denial-of-service attack. The updated packages have been patched to prevent this.

tags | advisory
systems | linux, mandriva
advisories | CVE-2008-2382
SHA-256 | 831766712ac3403f70e8c9b5418151753e7bc3ee853ce30604f58dc350031225
Mandriva Linux Security Advisory 2009-009
Posted Jan 14, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-009 - Security vulnerabilities have been discovered and corrected in VNC server of kvm version 79 and earlier, which could lead to denial-of-service attacks. The updated packages have been patched to prevent this.

tags | advisory, vulnerability
systems | linux, mandriva
advisories | CVE-2008-2382, CVE-2008-5714
SHA-256 | 357e44597fbdd7c4a9865cf676aa3cb015ead34be839af689ace128ac54035a3
Mandriva Linux Security Advisory 2009-008
Posted Jan 14, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-008 - Security vulnerabilities have been discovered and corrected in VNC server of qemu version 0.9.1 and earlier, which could lead to denial-of-service attacks. The updated packages have been patched to prevent this.

tags | advisory, vulnerability
systems | linux, mandriva
advisories | CVE-2008-2382, CVE-2008-5714
SHA-256 | 2c06bbad019474c3a006d9a50adf8ed443a45761713e318d529fdaa3d5f538c8
Mandriva Linux Security Advisory 2009-007
Posted Jan 14, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-007 - A flaw was found in how NTP checked the return value of signature verification. A remote attacker could use this to bypass certificate validation by using a malformed SSL/TLS signature. The updated packages have been patched to prevent this issue.

tags | advisory, remote
systems | linux, mandriva
advisories | CVE-2009-0021
SHA-256 | c9e99a6102c7efbed61e4bae8c6ba69c917268c68c4c956a0db78af8c0f45be8
FreeBSD Security Advisory SA-09:04.bind
Posted Jan 14, 2009
Site security.freebsd.org

FreeBSD Security Advisory - The DSA_do_verify() function from OpenSSL is used to determine if a DSA digital signature is valid. When DNSSEC is used within BIND it uses DSA_do_verify() to verify DSA signatures, but checks the function return value incorrectly.

tags | advisory
systems | freebsd
advisories | CVE-2009-0025
SHA-256 | 220d4fa821366af296e126574f48d4b6710134d13644b63e90dc0e60ac9c10b8
Excel Viewer OCX 3.2 File Execution
Posted Jan 14, 2009
Authored by Stack | Site v4-team.com

Excel Viewer OCX version 3.2 remote file execution exploit.

tags | exploit, remote
SHA-256 | f8e603390a0b9c7693dcb90aedb8dbe8d65ab54dfab631a7601beebfac5812a5
PHP Photo Album 0.8b Local File Inclusion
Posted Jan 14, 2009
Authored by Osirys | Site y-osirys.com

Php Photo Album version 0.8 BETA suffers from a local file inclusion vulnerability in index.php.

tags | exploit, local, php, file inclusion
SHA-256 | 0e15eb16c449c7c2349299da0c98d704915630c6e89a00ae30a22d02fed97fd1
Phosheezy 2.0 Command Execution
Posted Jan 14, 2009
Authored by Osirys | Site y-osirys.com

Phosheezy version 2.0 remote command execution exploit.

tags | exploit, remote
SHA-256 | 0690d2be5d4675ba21109776e994be3aa467f66811c6e74cfad82a3e309304a0
AAA EasyGrid Active-X 3.51 File Overwrite
Posted Jan 14, 2009
Authored by H-T Team | Site no-hack.fr

AAA EasyGrid Active-X version 3.51 remote file overwrite exploit.

tags | exploit, remote, activex
SHA-256 | 71fd46223d940690a9e3679b911611d8904d9f33129ef110a6102d0f85c3d994
Netvolution CMS 1.0 XSS / SQL Injection
Posted Jan 14, 2009
Authored by Ellinas

Netvolution CMS version 1.0 suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
SHA-256 | bbbc28872b59abe48a1830c6d478b818b78790bf5297009b43cc464d4d312493
Syzygy CMS 0.3 SQL Injection
Posted Jan 14, 2009
Authored by darkjoker | Site darkjokerside.altervista.org

Syzygy CMS versions 0.3 and below suffer from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
SHA-256 | 3c72a751a6f689aab9ea307e93ac40dc5220eaf9345a35b82b2073ab5b34d130
TeamSpeak 2.0.23.17 File Disclosure
Posted Jan 14, 2009
Authored by c411k | Site forum.antichat.ru

TeamSpeak versions 2.0.23.17 and below suffer from a remote file disclosure vulnerability.

tags | exploit, remote, info disclosure
SHA-256 | 8894836c9f7a3fab509a99e94dc4f91689d114dd68dfe84f6e662dd15d6fad66
OTSTurntables 1.00.027 .ofl Stack Overflow
Posted Jan 14, 2009
Authored by suN8Hclf | Site dark-coders.pl

OTSTurntables version 1.00.027 local stack overflow exploit that generates a malicious .ofl file.

tags | exploit, overflow, local
SHA-256 | 3ab6837ce3d1c6dd7455af5983343f6e8191d9ca3197f8a7fc5b621d88637a02
Secunia Security Advisory 33416
Posted Jan 14, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Sun has acknowledged a vulnerability in Sun Solaris, which can be exploited by malicious people to disclose sensitive information.

tags | advisory
systems | solaris
SHA-256 | 3187f18bb74f0722a4f75b4d34fe22f2109a8ec9f22fb0b3a6c4a81825e7f828
Secunia Security Advisory 33519
Posted Jan 14, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - pfSense has acknowledged some vulnerabilities in pfSense, which can be exploited by malicious people to conduct cross-site request forgery or spoofing attacks.

tags | advisory, spoof, vulnerability, csrf
SHA-256 | 23962a980b0d69ae23dccd6415a9180f71c9fd802992bd8b50fd429c9b2db5f2
Secunia Security Advisory 33442
Posted Jan 14, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for openssl. This fixes a vulnerability, which can be exploited by malicious people to conduct spoofing attacks.

tags | advisory, spoof
systems | linux, redhat
SHA-256 | 24d1e514c137af742fb18430b95e3738a25f55d797ecb83f18f01162701dfb47
Page 1 of 4
Back1234Next

File Archive:

December 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    0 Files
  • 2
    Dec 2nd
    41 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close