what you don't know can hurt you
Showing 1 - 25 of 773 RSS Feed

Files Date: 2009-02-01 to 2009-02-28

Mandriva Linux Security Advisory 2009-059
Posted Feb 27, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-059 - Python has a variable called sys.path that contains all paths where Python loads modules by using import scripting procedure. A wrong handling of that variable enables local attackers to execute arbitrary code via Python scripting in the current X-Chat working directory. This update provides fix for that vulnerability.

tags | advisory, arbitrary, local, python
systems | linux, mandriva
advisories | CVE-2009-0315
MD5 | 7274b4efdabde5a46185ad99bba0cb04
MS08-065, MS08-067, And MS09-001 Detection Utility
Posted Feb 27, 2009
Site securitylab.ru

Standalone MS vulnerabilities network scanner to help identify systems vulnerable to the MS08-067, MS08-065 and MS09-001 (Microsoft Bulletins) flaws. The utility operates in PenTest mode. This requires no special rights to detect network nodes without updates. System administrators and security professionals can use this utility for fast and easy discovery of vulnerable systems and install appropriate patches according to the scanning results.

tags | vulnerability
MD5 | 182b4a62d0f99f0a01e79a9e63464dee
IETF TCP Urgent Data Draft
Posted Feb 27, 2009
Authored by Fernando Gont | Site ietf.org

This is the IETF Internet-Draft entitled "On the implementation of TCP urgent data". This document describes current issues relevant to the implementation and use of TCP urgent data, aims to change the IETF specifications so that they accommodate what virtually all implementations have been doing with urgent data.

tags | paper, tcp
MD5 | 159a184cd58a0d138051732e2abf043f
HTC Touch vCard Over IP Denial Of Service
Posted Feb 27, 2009
Site mseclab.com

Proof of concept denial of service exploit for the HTC Touch vCard over IP that sends vCards to port UDP/9204.

tags | exploit, denial of service, udp, proof of concept
MD5 | e972043b77a48f18ab176344407b7900
Drupal Protected Node Cross Site Scripting
Posted Feb 27, 2009
Authored by Justin C. Klein Keane

The Drupal Protected Node module version 5.x-1.3 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | c3477d72b9fca4d975b76e9a2481a941
Pop Peeper 3.4.0.0 UIDL Buffer Overflow Exploit
Posted Feb 27, 2009
Authored by Jeremy Brown, Jayji | Site krakowlabs.com

POP Peeper version 3.4.0.0 UIDL command remote buffer overflow SEH overwrite exploit that spawns a win32 bindshell on port 55555.

tags | exploit, remote, overflow
systems | windows
MD5 | 3017edb87b1f27ccd84b722ac3eadcca
POP Peeper 3.4.0.0 UIDL Buffer Overflow Advisory
Posted Feb 27, 2009
Authored by Jeremy Brown | Site krakowlabs.com

POP Peeper version 3.4.0.0 suffers from an UIDL command related remote buffer overflow vulnerability in the client.

tags | advisory, remote, overflow
MD5 | d82d9e1b78eb2f986cdcd9e2b58b442e
Whitepaper Called Perl Writing Exploits
Posted Feb 27, 2009
Authored by Team Ksa Girls

Whitepaper called Perl Writing Exploits. Written in Arabic.

tags | paper, perl
MD5 | 9c406cd0adb7a1afca3c2e49fe280baa
Playing With Cookies
Posted Feb 27, 2009
Authored by Stack | Site v4-team.com

Whitepaper called Playing With Cookies (ST1). Written in Morocco darija.

tags | paper
MD5 | 143c5f913987635537e3077d3170db5f
Drupal Local File Inclusion
Posted Feb 27, 2009
Authored by Bogdan Calin | Site acunetix.com

Drupal suffers from a local file inclusion when used on Windows.

tags | exploit, local, file inclusion
systems | windows
MD5 | 6d8be985723bf5092b5f4d8e84f56d16
Shoutcast 1.9.8 Cross Site Scripting
Posted Feb 27, 2009
Authored by Joseph Puran, Ronald Gutierrez, Stephen Komal

SHOUTcast version 1.9.8 suffers from a user-agent related cross site scripting vulnerability.

tags | advisory, xss
MD5 | e628376b60bd850827bd0e16b6567120
VMware Security Advisory 2009-0003
Posted Feb 27, 2009
Authored by VMware | Site vmware.com

VMware Security Advisory - A heap-based buffer overflow was discovered in the way ed, the GNU line editor, processed long file names. An attacker could create a file with a specially-crafted name that could possibly execute an arbitrary code when opened in the ed editor.

tags | advisory, overflow, arbitrary
advisories | CVE-2008-3916
MD5 | 75617133ef80ad3c7604cda09531c539
Clustering Whitepaper
Posted Feb 27, 2009
Authored by Cygog

Whitepaper discussing clustering. Written in Spanish.

tags | paper
MD5 | 0dafc23a33c499929b003d1029c45f84
linux/x86 File Reader Shellcode
Posted Feb 27, 2009
Authored by certaindeath

65 bytes small linux/x86 file reader shellcode.

tags | x86, shellcode
systems | linux
MD5 | 1da28fb49a243b605d6283e5d046a8f8
win32 telnetbind Shellcode
Posted Feb 27, 2009
Authored by DATA_SNIPER

111 bytes small win32 telnetbind shellcode. Written for XP SP2 FR.

tags | shellcode
systems | windows
MD5 | 7a4f6133acb078a7cae6c6c9d3b24978
Ubuntu Security Notice 725-1
Posted Feb 27, 2009
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice USN-725-1 - It was discovered that Kmail did not adequately prevent execution of arbitrary code when a user clicked on a URL to an executable within an HTML mail. If a user clicked on a malicious URL and chose to execute the file, a remote attacker could execute arbitrary code with user privileges. This update changes KMail's behavior to instead launch a helper program to view the file if the user chooses to execute such a link.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
MD5 | 0eda36c8c9e6e1e1f71a69879a36c78f
Debian Linux Security Advisory 1728-1
Posted Feb 27, 2009
Authored by Debian | Site debian.org

Debian Security Advisory 1728-1 - It was discovered that dkim-milter, an implementation of the DomainKeys Identified Mail protocol, may crash during DKIM verification if it encounters a specially-crafted or revoked public key record in DNS.

tags | advisory, protocol
systems | linux, debian
MD5 | f17daccbfabfb3c44ec2f31e493e904d
SkyPortal Downloads Manager 1.1 Contents Change
Posted Feb 27, 2009
Authored by ByALBAYX | Site c4team.org

SkyPortal Downloads Manager version 1.1 suffers from a contents change vulnerability.

tags | exploit
MD5 | fd71ebf44db5f9aa95ba6303176b4a6f
Irokez Blog 0.7.3.2 XSS / RFI / SQL Injection
Posted Feb 27, 2009
Authored by Corwin

Irokez Blog version 0.7.3.2 suffers from remote blind SQL injection, remote file inclusion, and cross site scripting vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection, file inclusion
MD5 | d36fb32ba7645db78dc712eff8432180
Hex Workshop 6 Local Code Execution
Posted Feb 27, 2009
Authored by DATA_SNIPER

Hex Workshop versions 6 and below .hex file local code execution exploit.

tags | exploit, local, code execution
MD5 | c5d8c9b0de321f74ef7db697a47575ac
Orbit 2.4 Buffer Overflow
Posted Feb 27, 2009
Authored by JavaGuru

Orbit versions 2.4 and below long hostname remote buffer overflow exploit.

tags | exploit, remote, overflow
MD5 | 8cd2bd5c505262190be95e7ebac9be8d
Mandriva Linux Security Advisory 2009-058
Posted Feb 27, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-058 - Buffer overflow in wiretap/netscreen.c in Wireshark 0.99.7 through 1.0.5 allows user-assisted remote attackers to cause a denial of service (application crash) via a malformed NetScreen snoop file. Wireshark 0.99.6 through 1.0.5 allows user-assisted remote attackers to cause a denial of service (application crash) via a crafted Tektronix K12 text capture file, as demonstrated by a file with exactly one frame. Format string vulnerability in Wireshark 0.99.8 through 1.0.5 on non-Windows platforms allows local users to cause a denial of service (application crash) via format string specifiers in the HOME environment variable. This update provides Wireshark 1.0.6, which is not vulnerable to these issues.

tags | advisory, remote, denial of service, overflow, local
systems | linux, windows, mandriva
advisories | CVE-2009-0599, CVE-2009-0600, CVE-2009-0601
MD5 | df009a77b440818d40a16a5c4e1bd4f4
Demium CMS 0.2.1 Beta LFI / SQL Injection / Disclosure
Posted Feb 27, 2009
Authored by Osirys | Site y-osirys.com

Demium CMS version 0.2.1 Beta suffers from local file inclusion, remote SQL injection, and file disclosure vulnerabilities. Full exploits included that perform local file inclusion and remote command execution leveraging both local file inclusion and SQL injection.

tags | exploit, remote, local, vulnerability, sql injection, file inclusion, info disclosure
MD5 | dedbbf1523962b4b8c21b7c057b3cca1
Secunia Security Advisory 34081
Posted Feb 27, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in PHP, where some have an unknown impact an others can potentially be exploited by malicious people to disclose sensitive information or cause a DoS (Denial of Service).

tags | advisory, denial of service, php, vulnerability
MD5 | d9b3ce970dd4c980a5840d785fd451bf
Secunia Security Advisory 34026
Posted Feb 27, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for python-crypto. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory, crypto, python
systems | linux, debian
MD5 | 4500a0dd568da19a456801534a369810
Page 1 of 31
Back12345Next

File Archive:

September 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    5 Files
  • 2
    Sep 2nd
    5 Files
  • 3
    Sep 3rd
    3 Files
  • 4
    Sep 4th
    13 Files
  • 5
    Sep 5th
    16 Files
  • 6
    Sep 6th
    15 Files
  • 7
    Sep 7th
    20 Files
  • 8
    Sep 8th
    16 Files
  • 9
    Sep 9th
    4 Files
  • 10
    Sep 10th
    2 Files
  • 11
    Sep 11th
    15 Files
  • 12
    Sep 12th
    19 Files
  • 13
    Sep 13th
    20 Files
  • 14
    Sep 14th
    38 Files
  • 15
    Sep 15th
    31 Files
  • 16
    Sep 16th
    1 Files
  • 17
    Sep 17th
    7 Files
  • 18
    Sep 18th
    15 Files
  • 19
    Sep 19th
    40 Files
  • 20
    Sep 20th
    15 Files
  • 21
    Sep 21st
    14 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close