what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 51 RSS Feed

Files Date: 2009-02-04

Cisco XSS / XSRF Vulnerabilities
Posted Feb 4, 2009
Authored by Zloss

After issuing fixes and an advisory regarding cross site scripting vulnerabilities in Cisco IOS, user input sanitization vulnerabilities still allow for more cross site scripting attacks. Proof of concept provided. Version 12.4(23) is affected.

tags | exploit, vulnerability, xss, proof of concept
systems | cisco
SHA-256 | 4b8e1bda492dbd916cff67902a9c08759123ecbc5e870b2d27afc13135780d0e
Amaya Web Browser 11 Overflow For Vista
Posted Feb 4, 2009
Authored by Rob Carter

Amaya 11 remote stack overflow exploit for Windows Vista that makes use of the bdo tag.

tags | exploit, remote, overflow
systems | windows
SHA-256 | e2a2d533c2ccd8fa575f2f8d933e131e2dc3f30b3543574bb3fb034ec5394986
Amaya Web Browser 11 Overflow For WinXP
Posted Feb 4, 2009
Authored by Rob Carter

Amaya 11 remote stack overflow exploit for Windows XP that makes use of the bdo tag.

tags | exploit, remote, overflow
systems | windows
SHA-256 | e49b4605d5ab57c5620fb675381e5a3726690a4cd9edc98d7bd070a91e4f751d
LCPlayer .qt File Denial Of Service
Posted Feb 4, 2009
Authored by Darkb0x | Site nullarea.net

LCPlayer proof of concept denial of service exploit that creates a malicious .qt file.

tags | exploit, denial of service, proof of concept
SHA-256 | 322d32d084c67fcef842b81ba6bfaf3d3e1270b57f006d85a60eb7afc17165bf
GR Blog 1.1.4 Upload / Bypass
Posted Feb 4, 2009
Authored by JosS | Site spanish-hackers.com

GR Blog versions 1.1.4 suffers from remote file upload and authentication bypass vulnerabilities.

tags | exploit, remote, vulnerability, bypass, file upload
SHA-256 | 86b378c7ae8c58c73524e90124620acde3c589ae6a2fac9156118a503ef8c8a3
Free Download Manager 2.5/3.0 Overflow
Posted Feb 4, 2009
Authored by Praveen Darshanam

Free Download Manager versions 2.5 and 3.0 stack buffer overflow proof of concept exploit.

tags | exploit, overflow, proof of concept
advisories | CVE-2009-0183
SHA-256 | 39777be1f85065badba6635c5367e461cc771629596f5bf25851de9606d5ee2c
Novell GroupWise 8.0 RCPT Off-By-One Exploit
Posted Feb 4, 2009
Authored by Praveen Darshanam

Novell GroupWise versions 8.0 and below malformed RCPT command off-by-one exploit. Affects versions 6.5x, 7.0, 7.01, 7.02, 7.03, 7.03HP1a, and 8.0.

tags | exploit
advisories | CVE-2009-0410
SHA-256 | cda22220d5d85f8227845ba12b4f38ab62b6cf123eb8fa3b922c51bdb0f2b0f1
StreamDown 6.4.3 Overflow
Posted Feb 4, 2009
Authored by Todor Donev

StreamDown version 6.4.3 local buffer overflow proof of concept exploit.

tags | exploit, overflow, local, proof of concept
SHA-256 | b8aea8bdd36d45bd058b105157c1a2525baf68768598c6f67b4570d5deb30151
YapBB 1.2 Blind SQL Injection
Posted Feb 4, 2009
Authored by darkjoker | Site darkjokerside.altervista.org

YapBB versions 1.2 and below remote blind SQL injection exploit.

tags | exploit, remote, sql injection
SHA-256 | 4f1c5776d73f7cba4a9de65aac18bd8f9ac08ec74e969296c6cffe6991b5cedd
MetaBBS 0.11 Password Changing Exploit
Posted Feb 4, 2009
Authored by make0day

MetaBBS version 0.11 change administrative password exploit.

tags | exploit
SHA-256 | 0750ac5f62d737bb542f040c016f81681900634bfb0a0e5a00c6f579bcb3db66
SQLMAP - Automatic SQL Injection Tool
Posted Feb 4, 2009
Authored by Bernardo Damele, Daniele Bellucci | Site sqlmap.org

sqlmap is an open source command-line automatic SQL injection tool developed in Python. Its goal is to detect and take advantage of SQL injection vulnerabilities on web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user's specific DBMS tables/columns, run his own SQL statement, read specific files on the file system and more.

Changes: Major enhancement to make the comparison algorithm work properly. Major speed increase in DBMS basic fingerprint. Added internal support to forge CASE statements. Various other additions and improvements.
tags | web, vulnerability, sql injection, python
systems | unix
SHA-256 | deea059d31091c2d800c35dbd47b454d15ccca8ffbad0c5ba4ba9e1b58746265
QIP 2005 Denial Of Service
Posted Feb 4, 2009
Authored by ShineShadow

QIP 2005 suffers from a remote denial of service vulnerability when receiving malformed RTF messages.

tags | advisory, remote, denial of service
SHA-256 | 41563e1ce48d96ff203dbafc88910b7ea6513ec9f9389ab195e5adbe6f93681f
psoam-ddxss.txt
Posted Feb 4, 2009
Authored by Pouya Server

Power System of Article Management version 3.0 suffers from database disclosure and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | b9d0605fee5a8cc6c0f24014ea62c5527c65e94feab93643d63121ece1d8c0d9
Team Board Disclosure / XSS
Posted Feb 4, 2009
Authored by Pouya Server

Team Board suffers from database disclosure and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | fdb547a4f03315b5a1e23fb354a1bdc5522298d29d6f6a276c0dfd8906db3703
Cisco Security Advisory 20090204-wlc
Posted Feb 4, 2009
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Multiple vulnerabilities exist in the Cisco Wireless LAN Controllers (WLCs), Cisco Catalyst 6500 Wireless Services Modules (WiSMs), and Cisco Catalyst 3750 Integrated Wireless LAN Controllers. These include denial of service and privilege escalation flaws.

tags | advisory, denial of service, vulnerability
systems | cisco
advisories | CVE-2009-0058, CVE-2009-0059, CVE-2009-0061
SHA-256 | ceeba2fd08c41e8b3afe769edb0d1cb6c2f14f86ba37b2bae80efbb6831d3d2b
Digital Defense VRT Advisory 2008.19
Posted Feb 4, 2009
Authored by Digital Defense, r@b13$, Shmoov | Site digitaldefense.net

The HP-ChaiSOE/1.0 embedded web server on certain HP JetDirect printers allows a potential attacker to gain read only access to directories and files outside of the web root. An attacker can leverage this flaw to read arbitrary system configuration files, cached documents, etc. Information obtained from an affected host may facilitate further attacks against the host. Exploitation of this flaw is trivial using common web server directory traversal techniques. Verified vulnerable systems include the HP JetDirect 2420 and the HP JetDirect 4250.

tags | advisory, web, arbitrary, root
SHA-256 | be8fa162c08d4f572bcb2aef847e724d081ab534467549eef582a0eda6be899e
GRBoard 1.8 Remote File Inclusion
Posted Feb 4, 2009
Authored by make0day

GRBoard version 1.8 suffers from multiple remote file inclusion vulnerabilities.

tags | exploit, remote, vulnerability, code execution, file inclusion
SHA-256 | 54abd89d34714a2e954322e8b4ec21366e847400a2e4f97f6a510ac0b5e1c86a
rgboard 4 RFI / LFI / XSS
Posted Feb 4, 2009
Authored by make0day

rgboard version 4 5p1 (07.07.27) suffers from cross site scripting, local file inclusion, and remote file inclusion vulnerabilities.

tags | exploit, remote, local, vulnerability, code execution, xss, file inclusion
SHA-256 | 93f504f7406bef112d1c1b7cc575c5573fd377a9adf15cefe6a20ab71aff0ece
Mandriva Linux Security Advisory 2009-033
Posted Feb 4, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-033 - A vulnerability has been identified in sudo which allowed a sudo-user to execute arbitrary shell commands as root. The updated packages have been patched to prevent this.

tags | advisory, arbitrary, shell, root
systems | linux, mandriva
advisories | CVE-2009-0034
SHA-256 | 8844a007e1da129307fc0f7a7968ee532a16627ca30d81c29c81ace79c872b79
Syntax Desktop 2.7 Local File Inclusion
Posted Feb 4, 2009
Authored by ahmadbady

Syntax Desktop version 2.7 suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
SHA-256 | 0ff1a5099d31773b093269acb0731b50c0cae25e299ed3ce56d7568d6e584849
HP Security Bulletin 2009-00.5
Posted Feb 4, 2009
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin - Potential security vulnerabilities have been identified with HP-UX running Apache-based Web Server or Tomcat-based Servelet Engine. The vulnerabilities could be exploited remotely to cause a Denial of Service (DoS), cross-site scripting (XSS), execution of arbitrary code, or cross-site request forgery (CSRF). Apache-based Web Server and Tomcat-based Servelet Engine are contained in the Apache Web Server Suite.

tags | advisory, web, denial of service, arbitrary, vulnerability, xss, csrf
systems | hpux
advisories | CVE-2007-6420, CVE-2008-1232, CVE-2008-1947, CVE-2008-2364, CVE-2008-2370, CVE-2008-2938, CVE-2008-2939, CVE-2008-3658
SHA-256 | 98b02b39e8efb68d6c260ae6b528aaa0975fbbdee2d8d7324a63f20b0db19b90
PHPbbBook 1.3 Local File Inclusion
Posted Feb 4, 2009
Authored by Osirys | Site y-osirys.com

PHPbbBook version 1.3 local file inclusion exploit that leverages bbcode.php.

tags | exploit, local, php, file inclusion
SHA-256 | 91442a85468196228259433d5c88831f522791e40bccaf649cd84e9e36240704
Squid Denial Of Service
Posted Feb 4, 2009
Site squid-cache.org

Squid Proxy Cache Security Update Advisory SQUID-2009:1 - Due to an internal error Squid is vulnerable to a denial of service attack when processing specially crafted requests. Versions 2.7 up through STABLE5, 3.0 up through STABLE12, and 3.1.0.4 are affected.

tags | advisory, denial of service
SHA-256 | 35ff4b2f0ec1ca6a40c33d294aa23914b6f2ac816fc88f8652ef3a659b5fa52a
Euphonics Audio Player 1.0 XP/SP3 Exploit
Posted Feb 4, 2009
Authored by Single Eye

Euphonics Audio Player version 1.0 buffer overflow exploit that creates a malicious .pls file and was written for Windows XP SP3.

tags | exploit, overflow
systems | windows
SHA-256 | 1198ed8737a1ce7eccd302dbad114193b8d99483fba33e29c2a6c4e559486651
Euphonics Audio Player 1.0 Universal Exploit
Posted Feb 4, 2009
Authored by H-T Team | Site no-hack.fr

Euphonics Audio Player version 1.0 universal buffer overflow exploit that creates a malicious .pls file and spawns calc.exe.

tags | exploit, overflow
SHA-256 | 279931929b097b80444d5b8d9a7488114f73454042ea5eb36f60e643ca6ff669
Page 1 of 3
Back123Next

File Archive:

July 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    52 Files
  • 2
    Jul 2nd
    0 Files
  • 3
    Jul 3rd
    0 Files
  • 4
    Jul 4th
    11 Files
  • 5
    Jul 5th
    8 Files
  • 6
    Jul 6th
    8 Files
  • 7
    Jul 7th
    4 Files
  • 8
    Jul 8th
    0 Files
  • 9
    Jul 9th
    0 Files
  • 10
    Jul 10th
    0 Files
  • 11
    Jul 11th
    0 Files
  • 12
    Jul 12th
    0 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    0 Files
  • 16
    Jul 16th
    0 Files
  • 17
    Jul 17th
    0 Files
  • 18
    Jul 18th
    0 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close