what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 57 RSS Feed

Files Date: 2009-02-25

SkyPortal WebLinks 0.12 Contents Change
Posted Feb 25, 2009
Authored by ByALBAYX | Site c4team.org

SkyPortal WebLinks version 0.12 suffers from a contents change vulnerability.

tags | exploit
SHA-256 | 7aafa1da61786fb87d31bac8d19d6a7dd5136f8a146ddb6992543af25db888e7
SkyPortal Picture Manager 0.11 Contents Change
Posted Feb 25, 2009
Authored by ByALBAYX | Site c4team.org

SkyPortal Picture Manager version 0.11 suffers from a contents change vulnerability.

tags | exploit
SHA-256 | daa3082a33f397255d1a05615bc0033abd58f185c852100f563b9153e9e2bff2
SkyPortal Classifieds System 0.12 Contents Change
Posted Feb 25, 2009
Authored by ByALBAYX | Site c4team.org

SkyPortal Classifieds System version 0.12 suffers from a contents change vulnerability.

tags | exploit
SHA-256 | b25fdfd2ccbd25222985fc7fc6f708edb1fb59202cbb317a9067228e0e579af0
Secunia - ksquirrel-libs Radiance RGBE Buffer Overflows
Posted Feb 25, 2009
Authored by Stefan Cornelius | Site secunia.com

Secunia Research has discovered some buffer overflows ksquirrel-libs, which can be exploited by malicious people to compromise an application using the library. The vulnerabilities are caused due to boundary errors within the "mt_codec::getHdrHead()" function in kernel/kls_hdr/fmt_codec_hdr.cpp, which can be exploited to cause stack-based buffer overflows by e.g. tricking a user into opening a specially crafted Radiance RGBE (*.hdr) file. Version 0.8.0 is affected.

tags | advisory, overflow, kernel, vulnerability
advisories | CVE-2008-5263
SHA-256 | eb1d8112400b196dea2591dccfd81df121f28ffaee5ad333a604b160533fee4e
Secunia - SHOUTcast DNAS Relay Buffer Overflow
Posted Feb 25, 2009
Authored by Stefan Cornelius | Site secunia.com

Secunia Research has discovered a vulnerability in SHOUTcast DNAS, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to a boundary error when receiving data from a relay master server. This can be exploited to overflow a static buffer by tricking a SHOUTcast admin into setting up a server to act as relay for a malicious server. Successful exploitation allows to e.g. overwrite the password of the web administration interface. Version 1.9.8 is affected.

tags | advisory, web, overflow
SHA-256 | 2d7b85e2f2f5d2dc651c63804b70e4fb20f7e54604685f128142095eef9b9acd
Cisco Security Advisory 20090225-anm
Posted Feb 25, 2009
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Multiple vulnerabilities exist in the Cisco Application Networking Manager (ANM) and Cisco Application Control Engine (ACE) Device Manager applications. These vulnerabilities are independent of each other. Successful exploitation of these vulnerabilities may result in unauthorized system or host operating system access.

tags | advisory, vulnerability
systems | cisco
advisories | CVE-2009-0615, CVE-2009-0616, CVE-2009-0617, CVE-2009-0618
SHA-256 | 0f16dc8eb3c4018632232f216a4fff3a707aaf6894267ca2b15a1c4bb1f339cd
Cisco Security Advisory 20090225-ace
Posted Feb 25, 2009
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - The Cisco ACE Application Control Engine Module and Cisco ACE 4710 Application Control Engine Cisco ACE Module and Cisco ACE 4710 Application Control Engine contain multiple vulnerabilities that, if exploited, can could result in administrative access, privilege escalation, and denial of service conditions.

tags | advisory, denial of service, vulnerability
systems | cisco
advisories | CVE-2009-0620, CVE-2009-0621
SHA-256 | 21613419103799fc852a5f672fc0e98ebc60990ec3ec131cb87cc6938cc64d76
Cisco Security Advisory 20090225-mtgplace
Posted Feb 25, 2009
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Cisco Unified MeetingPlace Web Conferencing servers may contain an authentication bypass vulnerability that could allow an unauthenticated user to gain administrative access to the MeetingPlace application. Cisco has released free software updates that address this vulnerability.

tags | advisory, web, bypass
systems | cisco
advisories | CVE-2009-0614
SHA-256 | 2f4ac0a59461989a540256dd74f76a1c81666efbe5df31943db981eda2c53f55
Debian Linux Security Advisory 1726-1
Posted Feb 25, 2009
Authored by Debian | Site debian.org

Debian Security Advisory 1726-1 - Mike Wiacek discovered that a buffer overflow in the ARC2 implementation of Python Crypto, a collection of cryptographic algorithms and protocols for Python allows denial of service and potentially the execution of arbitrary code.

tags | advisory, denial of service, overflow, arbitrary, crypto, protocol, python
systems | linux, debian
advisories | CVE-2009-0544
SHA-256 | ba165e0a0e50093403abd4d48c8645ca1d66ff27f61ea2a6a3e92f78fb2caa4d
Apple Safari 4 Beta feeds: Denial Of Service
Posted Feb 25, 2009
Authored by Trancer | Site rec-sec.com

Apple Safari 4 Beta suffers from a NULL pointer dereference denial of service vulnerability in relation to the feeds handler.

tags | exploit, denial of service
systems | apple
SHA-256 | 2a2602ebbdda5234530d8b159eb8732d4ae55700178e1a03437137bc29fb4961
Mandriva Linux Security Advisory 2009-055
Posted Feb 25, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-055 - Stack-based buffer overflow in the String_parse::get_nonspace_quoted function in lib-src/allegro/strparse.cpp in Audacity 1.2.6 and other versions before 1.3.6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a.gro file containing a long string. The updated packages have been patched to prevent this.

tags | advisory, remote, denial of service, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2009-0490
SHA-256 | ae1f1654d4936b7ec0e959946a7bb87bac1fc867b7d2764838172b46977fcb54
Enye LKM Rookit Modified For Ubuntu 8.04
Posted Feb 25, 2009
Authored by RaiSe | Site enye-sec.org

LKM rootkit for Linux x86 with the 2.6 kernel. It inserts salts inside system_call and sysenter_entry handlers, so it does not modify sys_call_table, or IDT content. It hide files, directories, and processes. Hides chunks inside of files, gives remote reverse_shell access, local root, etc. This version of the rootkit is specifically ported to work on Ubuntu 8.04 with the 2.6.24 kernel. No backwards compatibility is provided. The modified rootkit was simply meant as a proof of concept for a book. The documentation was not updated to reflect the changes and this was submitted to the site anonymously. Use are your own risk.

tags | tool, remote, x86, kernel, local, root, rootkit, proof of concept
systems | linux, unix, ubuntu
SHA-256 | 4328023a68a04ed6b7e159bb91a29b0c38de5eb14dda0d149ea8a62073244c4d
Mandos Encrypted File System Unattended Reboot Utility
Posted Feb 25, 2009
Authored by Teddy | Site fukt.bsnet.se

The Mandos system allows computers to have encrypted root file systems and at the same time be capable of remote or unattended reboots. The computers run a small client program in the initial RAM disk environment which will communicate with a server over a network. All network communication is encrypted using TLS. The clients are identified by the server using an OpenPGP key that is unique to each client. The server sends the clients an encrypted password. The encrypted password is decrypted by the clients using the same OpenPGP key, and the password is then used to unlock the root file system.

Changes: Bug fix release.
tags | remote, root
systems | linux
SHA-256 | e80b5d0eb3331fc5a2b7bc3a0206cbfc52e68b0ae09ad7d5789d5655275a662c
libaosc 1.0.2 Randomizing Shellcode Library
Posted Feb 25, 2009
Authored by Ronald Huizer | Site libaosc.sourceforge.net

libaosc is a library for converting x86 shellcode into randomized ASCII-only shellcode.

Changes: Added x86-64 support.
tags | x86, shellcode, library
SHA-256 | 7936ef2befe0286195d1550bf335ecf775a0fea75bdcab763e2f4930de121a89
JOnAS Cross Site Scripting
Posted Feb 25, 2009
Site dsecrg.com

JOnAS version 4.10.3 suffers from multiple linked cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | afaea5fdb0d376744371773e337421514069179b0a7143706b6fb2a2558a6b31
HP Security Bulletin HPSBMA02384 SSRT071465
Posted Feb 25, 2009
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin - Potential security vulnerabilities have been identified with HP OpenView Network Node Manager (OV NNM). The vulnerabilities could be exploited remotely to gain unauthorized access or to create a Denial of Service (DoS).

tags | advisory, denial of service, vulnerability
advisories | CVE-2007-3698, CVE-2007-3922
SHA-256 | d37b09bcab75b8427f588b5b4b8642558b4a16897f76f295aef185f0b48fd683
SEC-T 2009 Call For Papers
Posted Feb 25, 2009
Site sec-t.org

The call for papers for SEC-T 2009 has been announced. It will be held in Stockholm, Sweden.

tags | paper, conference
SHA-256 | 08e3bd9dd1314c77ac1df1221a2d87bac1b9b0d9c0c1009ad3197e85e1a4c2c3
PenPal SQL Injection
Posted Feb 25, 2009
Authored by ByALBAYX | Site c4team.org

PenPal version 2.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
SHA-256 | c8e1b1bf9c7f037e4e6dabb7b7ead53cf3ee460ed1dcc4ad90c3997245b0831c
Secunia - Orbit Downloader Buffer Overflow
Posted Feb 25, 2009
Authored by Stefan Cornelius | Site secunia.com

Secunia Research has discovered a vulnerability in Orbit Downloader, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error when generating the "Connecting" log message for HTTP downloads. This can be exploited to cause a stack-based buffer overflow by e.g. tricking a user into downloading from a malicious HTTP server or opening a specially crafted HTTP URL containing an overly long host name. Successful exploitation allows execution of arbitrary code. Orbit Downloader versions 2.8.2 and 2.8.3 are vulnerable.

tags | advisory, web, overflow, arbitrary
advisories | CVE-2009-0187
SHA-256 | c0fec1b2b959aed07156096d8dc79baf656806760da36812f1bc48b1d551b693
Apple Mac OS X Memory Disclosure
Posted Feb 25, 2009
Authored by mu-b | Site digit-labs.org

Apple Mac OSX xnu versions 1228.x and below local kernel memory disclosure exploit.

tags | exploit, kernel, local
systems | apple
SHA-256 | bf24b33b436c0d960a5473f70ddae9cd44c63c4bed675b467c03b9f89013530c
FZEM MUA Fuzzing Utility
Posted Feb 25, 2009
Authored by Jeremy Brown | Site krakowlabs.com

fzem is a MUA (mail user agent) fuzzer that fuzzes MAIL/MIME email headers as well as how clients handle SMTP, POP and IMAP responses.

tags | imap, fuzzer
SHA-256 | 599f60cea508535311603dca6768627d03bd9bcd767d3a2b1e4e869a9ece418a
Blue Moon Security Advisory 2009-03
Posted Feb 25, 2009
Authored by Nam Nguyen | Site bluemoon.com.vn

OpenSite CMS version 2.1 suffers from multiple remote SQL injection vulnerabilities.

tags | advisory, remote, vulnerability, sql injection
SHA-256 | c722fda3e8d9046bc13f4a29deb7de00b07b0eb7f9f064bf5b3d32603fe3a893
CodeGate 2009 - Hacking Contest
Posted Feb 25, 2009
Authored by CodeGate 2009 | Site codegate.org

The CodeGate 2009 hacking and defense contest has been announced. It will be held in Seoul, South Korea and has 40 million Korea Won in prizes (about $26,500 USD).

tags | paper, conference
SHA-256 | 89a7f70973776f5f4cbc49b18077e92efbb3ee7965f3de8f66733f9f223258ce
Secunia Security Advisory 34010
Posted Feb 25, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Nam Nguyen has discovered some vulnerabilities in OpenSite, which can be exploited by malicious users to conduct SQL injection attacks.

tags | advisory, vulnerability, sql injection
SHA-256 | b0071ceed9a7aecc653d3af2d2decea06035ebe3c29ba9266cb508619b48caad
Secunia Security Advisory 34028
Posted Feb 25, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fedora has issued an update for gstreamer-plugins-good. This fixes some vulnerabilities, which can potentially be exploited by malicious people to compromise a vulnerable system.

tags | advisory, vulnerability
systems | linux, fedora
SHA-256 | 1fec7015b9b709d9a0063c23d81b2f53986f7bf8820887538ffeddee40524c7f
Page 1 of 3
Back123Next

File Archive:

December 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    2 Files
  • 2
    Dec 2nd
    12 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close