what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 52 RSS Feed

Files Date: 2009-02-27

Mandriva Linux Security Advisory 2009-059
Posted Feb 27, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-059 - Python has a variable called sys.path that contains all paths where Python loads modules by using import scripting procedure. A wrong handling of that variable enables local attackers to execute arbitrary code via Python scripting in the current X-Chat working directory. This update provides fix for that vulnerability.

tags | advisory, arbitrary, local, python
systems | linux, mandriva
advisories | CVE-2009-0315
SHA-256 | 55eb7ee2984a0261f4e1d3e3a07fbf4f4009ab5f3c9d743c92ba52b69507a769
MS08-065, MS08-067, And MS09-001 Detection Utility
Posted Feb 27, 2009
Site securitylab.ru

Standalone MS vulnerabilities network scanner to help identify systems vulnerable to the MS08-067, MS08-065 and MS09-001 (Microsoft Bulletins) flaws. The utility operates in PenTest mode. This requires no special rights to detect network nodes without updates. System administrators and security professionals can use this utility for fast and easy discovery of vulnerable systems and install appropriate patches according to the scanning results.

tags | vulnerability
SHA-256 | 2bdf2716256a2217e4805774bd00ee7462ab93d456eb875a7c5abd1985f9bbaf
IETF TCP Urgent Data Draft
Posted Feb 27, 2009
Authored by Fernando Gont | Site ietf.org

This is the IETF Internet-Draft entitled "On the implementation of TCP urgent data". This document describes current issues relevant to the implementation and use of TCP urgent data, aims to change the IETF specifications so that they accommodate what virtually all implementations have been doing with urgent data.

tags | paper, tcp
SHA-256 | 384e21ff4feb6dfa943d320a646ab513ba681507acc08360bf5b6874ae7476f9
HTC Touch vCard Over IP Denial Of Service
Posted Feb 27, 2009
Site mseclab.com

Proof of concept denial of service exploit for the HTC Touch vCard over IP that sends vCards to port UDP/9204.

tags | exploit, denial of service, udp, proof of concept
SHA-256 | c765fa0e718759e83c56f58ce3ea7a9a7b76a3590eecefea18f32a537ef6cbe7
Drupal Protected Node Cross Site Scripting
Posted Feb 27, 2009
Authored by Justin C. Klein Keane

The Drupal Protected Node module version 5.x-1.3 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | dcd44c3b5242e68b940cdd1302aa3dbd16f87c2e5b6c95fd3fca6549fc1e4e3a
Pop Peeper 3.4.0.0 UIDL Buffer Overflow Exploit
Posted Feb 27, 2009
Authored by Jeremy Brown, Jayji | Site krakowlabs.com

POP Peeper version 3.4.0.0 UIDL command remote buffer overflow SEH overwrite exploit that spawns a win32 bindshell on port 55555.

tags | exploit, remote, overflow
systems | windows
SHA-256 | 5e1096ecb0bce0b064f117ba74b2a5a09ddcb5529a2b555bff5980f790a314d9
POP Peeper 3.4.0.0 UIDL Buffer Overflow Advisory
Posted Feb 27, 2009
Authored by Jeremy Brown | Site krakowlabs.com

POP Peeper version 3.4.0.0 suffers from an UIDL command related remote buffer overflow vulnerability in the client.

tags | advisory, remote, overflow
SHA-256 | 1e2bca809abe96062727e81100e29a2caa524e9c2a45aa5c22fef4d479395bb4
Whitepaper Called Perl Writing Exploits
Posted Feb 27, 2009
Authored by Team Ksa Girls

Whitepaper called Perl Writing Exploits. Written in Arabic.

tags | paper, perl
SHA-256 | 8b6ebd0bae043cda7951d31659e23e0a59f730f5f0df37b0be58a868eb73a141
Playing With Cookies
Posted Feb 27, 2009
Authored by Stack | Site v4-team.com

Whitepaper called Playing With Cookies (ST1). Written in Morocco darija.

tags | paper
SHA-256 | 541fa78c66c0da566d9639891ff8d89f721449423e844711b1a2cc4a9b923263
Drupal Local File Inclusion
Posted Feb 27, 2009
Authored by Bogdan Calin | Site acunetix.com

Drupal suffers from a local file inclusion when used on Windows.

tags | exploit, local, file inclusion
systems | windows
SHA-256 | 9cd8ddc53a2fc1d8ef6a9b1fa8eaf39c6f24a1d28ccd8585ce811951ee8eda6f
Shoutcast 1.9.8 Cross Site Scripting
Posted Feb 27, 2009
Authored by Joseph Puran, Ronald Gutierrez, Stephen Komal

SHOUTcast version 1.9.8 suffers from a user-agent related cross site scripting vulnerability.

tags | advisory, xss
SHA-256 | 78ef0155f1f5cd68e8fc39a592bcf28c4b6f8891eeab746f720dd6ee8148e0ec
VMware Security Advisory 2009-0003
Posted Feb 27, 2009
Authored by VMware | Site vmware.com

VMware Security Advisory - A heap-based buffer overflow was discovered in the way ed, the GNU line editor, processed long file names. An attacker could create a file with a specially-crafted name that could possibly execute an arbitrary code when opened in the ed editor.

tags | advisory, overflow, arbitrary
advisories | CVE-2008-3916
SHA-256 | e543e4b89812eead2fd7b1d444b7c2ef8891ecc6969a7a5e7ee04258d84bc0f0
Clustering Whitepaper
Posted Feb 27, 2009
Authored by Cygog

Whitepaper discussing clustering. Written in Spanish.

tags | paper
SHA-256 | a5b88fe70b00f0bf9be9f34f7ba605b8bec0c3a01d27597bd53d8c9c1d80d0a6
linux/x86 File Reader Shellcode
Posted Feb 27, 2009
Authored by certaindeath

65 bytes small linux/x86 file reader shellcode.

tags | x86, shellcode
systems | linux
SHA-256 | fd10b2fd7fbb22a457485319a83d04f6f9f26116a56e86dcef0e4f4c6aa4fb0f
win32 telnetbind Shellcode
Posted Feb 27, 2009
Authored by DATA_SNIPER

111 bytes small win32 telnetbind shellcode. Written for XP SP2 FR.

tags | shellcode
systems | windows
SHA-256 | 2e9b2d353a417870ea61f15d06c81e4efd2a3f2ece8a551ed3b68fee7d8fdd4a
Ubuntu Security Notice 725-1
Posted Feb 27, 2009
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice USN-725-1 - It was discovered that Kmail did not adequately prevent execution of arbitrary code when a user clicked on a URL to an executable within an HTML mail. If a user clicked on a malicious URL and chose to execute the file, a remote attacker could execute arbitrary code with user privileges. This update changes KMail's behavior to instead launch a helper program to view the file if the user chooses to execute such a link.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
SHA-256 | 0720b51cfb167d8912eefe611fa89ddc0715d03dc3005b9646d1dd9b7741d7ee
Debian Linux Security Advisory 1728-1
Posted Feb 27, 2009
Authored by Debian | Site debian.org

Debian Security Advisory 1728-1 - It was discovered that dkim-milter, an implementation of the DomainKeys Identified Mail protocol, may crash during DKIM verification if it encounters a specially-crafted or revoked public key record in DNS.

tags | advisory, protocol
systems | linux, debian
SHA-256 | d3a85852dfce03b4feddf0d2e3616c6cbb96a88d3f5d2e4938afa023778ebead
SkyPortal Downloads Manager 1.1 Contents Change
Posted Feb 27, 2009
Authored by ByALBAYX | Site c4team.org

SkyPortal Downloads Manager version 1.1 suffers from a contents change vulnerability.

tags | exploit
SHA-256 | 2a03e81da18dbc7cba3445084e2fdc48056791f934b463f0b52121af312e1b17
Irokez Blog 0.7.3.2 XSS / RFI / SQL Injection
Posted Feb 27, 2009
Authored by Corwin

Irokez Blog version 0.7.3.2 suffers from remote blind SQL injection, remote file inclusion, and cross site scripting vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection, file inclusion
SHA-256 | 1ea8ca215106691168dea202db81f3f56afaa1e2eab04ad773942883417344db
Hex Workshop 6 Local Code Execution
Posted Feb 27, 2009
Authored by DATA_SNIPER

Hex Workshop versions 6 and below .hex file local code execution exploit.

tags | exploit, local, code execution
SHA-256 | 3c7173ddd241e394771edeb7a79afaf725f7dfc676e84e70b541e915bbaa6834
Orbit 2.4 Buffer Overflow
Posted Feb 27, 2009
Authored by JavaGuru

Orbit versions 2.4 and below long hostname remote buffer overflow exploit.

tags | exploit, remote, overflow
SHA-256 | 19a23b7fac23f4df28d99579e4770093121a516e730191f0f07c93a2b07b394a
Mandriva Linux Security Advisory 2009-058
Posted Feb 27, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-058 - Buffer overflow in wiretap/netscreen.c in Wireshark 0.99.7 through 1.0.5 allows user-assisted remote attackers to cause a denial of service (application crash) via a malformed NetScreen snoop file. Wireshark 0.99.6 through 1.0.5 allows user-assisted remote attackers to cause a denial of service (application crash) via a crafted Tektronix K12 text capture file, as demonstrated by a file with exactly one frame. Format string vulnerability in Wireshark 0.99.8 through 1.0.5 on non-Windows platforms allows local users to cause a denial of service (application crash) via format string specifiers in the HOME environment variable. This update provides Wireshark 1.0.6, which is not vulnerable to these issues.

tags | advisory, remote, denial of service, overflow, local
systems | linux, windows, mandriva
advisories | CVE-2009-0599, CVE-2009-0600, CVE-2009-0601
SHA-256 | ddb4006c7015936435473f87e6d8c0499a415d098158e2dbeffb532892a0eb42
Demium CMS 0.2.1 Beta LFI / SQL Injection / Disclosure
Posted Feb 27, 2009
Authored by Osirys | Site y-osirys.com

Demium CMS version 0.2.1 Beta suffers from local file inclusion, remote SQL injection, and file disclosure vulnerabilities. Full exploits included that perform local file inclusion and remote command execution leveraging both local file inclusion and SQL injection.

tags | exploit, remote, local, vulnerability, sql injection, file inclusion, info disclosure
SHA-256 | b101c63b28fd04922859e97761abeb7fbf14793b22ee253afcde294a8f958e80
Secunia Security Advisory 34081
Posted Feb 27, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in PHP, where some have an unknown impact an others can potentially be exploited by malicious people to disclose sensitive information or cause a DoS (Denial of Service).

tags | advisory, denial of service, php, vulnerability
SHA-256 | 1c7df4c023ffdd277b986027a04ca901fa798ce414a4997a5df184f6a720ac0b
Secunia Security Advisory 34026
Posted Feb 27, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for python-crypto. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory, cryptography, python
systems | linux, debian
SHA-256 | ab9ab455d2633d543a9f1edfb0effdcc1f34b8ad6e0a8716999a85d43a25bdf7
Page 1 of 3
Back123Next

File Archive:

May 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    44 Files
  • 2
    May 2nd
    5 Files
  • 3
    May 3rd
    11 Files
  • 4
    May 4th
    0 Files
  • 5
    May 5th
    0 Files
  • 6
    May 6th
    28 Files
  • 7
    May 7th
    3 Files
  • 8
    May 8th
    4 Files
  • 9
    May 9th
    54 Files
  • 10
    May 10th
    12 Files
  • 11
    May 11th
    0 Files
  • 12
    May 12th
    0 Files
  • 13
    May 13th
    17 Files
  • 14
    May 14th
    11 Files
  • 15
    May 15th
    17 Files
  • 16
    May 16th
    13 Files
  • 17
    May 17th
    22 Files
  • 18
    May 18th
    0 Files
  • 19
    May 19th
    0 Files
  • 20
    May 20th
    17 Files
  • 21
    May 21st
    18 Files
  • 22
    May 22nd
    7 Files
  • 23
    May 23rd
    111 Files
  • 24
    May 24th
    27 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close