exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 44 RSS Feed

Files Date: 2009-03-05

Mandriva Linux Security Advisory 2009-066
Posted Mar 5, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-066 - PHP 4.4.4, 5.1.6, and other versions, when running on Apache, allows local users to modify behavior of other sites hosted on the same web server by modifying the mbstring.func_overload setting within.htaccess, which causes this setting to be applied to other virtual hosts on the same server. The updated packages have been patched to correct these issues.

tags | advisory, web, local, php
systems | linux, mandriva
advisories | CVE-2009-0754
SHA-256 | ca933f1a927d0df3b27c6a1b7eeda71f826379ed09c2498ed13db80970312993
Mandriva Linux Security Advisory 2009-065
Posted Mar 5, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-065 - A vulnerability in the cURL library in PHP allowed context-dependent attackers to bypass safe_mode and open_basedir restrictions and read arbitrary files using a special URL request. Improved mbfl_filt_conv_html_dec_flush() error handling in ext/mbstring/libmbfl/filters/mbfilter_htmlent.c. PHP 4.4.4, 5.1.6, and other versions, when running on Apache, allows local users to modify behavior of other sites hosted on the same web server by modifying the mbstring.func_overload setting within.htaccess, which causes this setting to be applied to other virtual hosts on the same server. The updated packages have been patched to correct these issues.

tags | advisory, web, arbitrary, local, php
systems | linux, mandriva
advisories | CVE-2007-4850, CVE-2008-5557, CVE-2009-0754
SHA-256 | 81600b7210442d8910e0548f3b3b74df0d0b40a044f36901a7a75ad77feb28fc
Zero Day Initiative Advisory 09-013
Posted Mar 5, 2009
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 09-013 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists during the browsers garbage collection process. When multiple DOM elements are cloned and linked to one another and the browser is reloaded, a memory corruption occurs resulting in a double free. This can be leveraged to execute arbitrary code under the context of the current user.

tags | advisory, remote, arbitrary
advisories | CVE-2009-0775
SHA-256 | 0bb471f99cb66d2fc4546dadd4aae02b2dace0754a8ccc7acff4816edca47a99
libc:fts_*() Denial Of Service
Posted Mar 5, 2009
Authored by Maksymilian Arciemowicz | Site securityreason.com

libc:fts_*() suffers from a denial of service vulnerability. This affects multiple vendors.

tags | advisory, denial of service
advisories | CVE-2009-0537
SHA-256 | f1f7b02d628966dda851d771301cd67c0c164e16441e34b7ea9c6101aecb9818
CelerBB 0.0.2 SQL Injection / Authentication Bypass
Posted Mar 5, 2009
Authored by Salvatore Fresta

CelerBB version 0.0.2 suffers from information disclosure, remote SQL injection, and authentication bypass vulnerabilities.

tags | exploit, remote, vulnerability, sql injection, info disclosure
SHA-256 | 0c342572d915e21b74cfb7c2197aa40577eb1cccf57a7196c439f8d999413940
Amoot Web Directory SQL Injection
Posted Mar 5, 2009
Authored by Pouya Server

Amoot Web Directory suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, web, sql injection
SHA-256 | f0c557dca5195c66b5b216ea2029e3057a78cd2578305378a0b02d8e522b2c93
TippingPoint IPS Signature Evasion Through Packet Fragmentation
Posted Mar 5, 2009
Authored by Chaitanya Sharma

Whitepaper called TippingPoint IPS Signature Evasion through Packet Fragmentation.

tags | paper
SHA-256 | fb443bf9924fe8e7be65e5ed6fa20814c640898d19822ad5151f928081513346
Compilation And Interpretation Of Exploits
Posted Mar 5, 2009
Authored by Cygog

Whitepaper called Compilation and interpretation of exploit in Perl, PHP, Python, C, and C++. Written in Spanish.

tags | paper, perl, php, python
SHA-256 | 9ed32ef51af5089ba0487b867388896bad2a6f52c94dad8b84338fc35e87a10b
Security In Computer Science Systems
Posted Mar 5, 2009
Authored by Cygog

Whitepaper called Security in the Computer Science Systems, or Seguridad en los sistemas informaticos. Written in Spanish.

tags | paper
SHA-256 | 62c4ffb7dc3222cb78d7a9f4619266a925e0b5dd226d6d1a0e2fd69aadcd8d2a
Internet Explorer 8 Spoof
Posted Mar 5, 2009
Authored by Lostmon | Site lostmon.blogspot.com

Internet Explorer 8 beta RC1 has a flaw that allows for domain name spoofing.

tags | exploit, spoof
SHA-256 | 18a9e3ecbc14c0c76b54cf49a03ddc3677e5d291ef28940276dc506adef42519
SupportSoft DNA Editor Module Code Execution
Posted Mar 5, 2009
Authored by Nine:Situations:Group | Site retrogod.altervista.org

SupportSoft DNA Editor module code execution exploit that leverages dnaedit.dll.

tags | exploit, code execution
SHA-256 | b4f171a5e1092d8dd52b815a5ccb43eebcf3330cbda106d95b211bbf4af57c9b
Debian Linux Security Advisory 1734-1
Posted Mar 5, 2009
Authored by Debian | Site debian.org

Debian Security Advisory 1734-1 - b.badrignans discovered that OpenSC, a set of smart card utilities, could store private data on a smart card without proper access restrictions.

tags | advisory
systems | linux, debian
advisories | CVE-2009-0368
SHA-256 | 1b75cb3c932d0a9639d9ae1c209e4d5e96fc0e363b607bced179a41b05e1c063
Joomla iJoomla Archive SQL Injection
Posted Mar 5, 2009
Authored by Stack | Site v4-team.com

Blind SQL injection exploit for the Joomla iJoomla Archive component.

tags | exploit, sql injection
SHA-256 | de4fa36fc87561f1ca3be8cda3da36eb798e3a82dc96ddf4510616b6b0a22d21
Samhain File Integrity Checker 2.5.4
Posted Mar 5, 2009
Authored by Rainer Wichmann | Site samhain.sourceforge.net

Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.

tags | tool, tcp, intrusion detection
systems | linux, unix, solaris, aix, hpux, unixware
SHA-256 | 4bab09503632cca180ca6d63e9b714c2a720ca80e8534d3f1d67ce17a33ffcd7
Media Commands .m3l Buffer Overflow
Posted Mar 5, 2009
Authored by Stack | Site v4-team.com

Media Commands local buffer overflow exploit that creates a malicious .m3l file.

tags | exploit, overflow, local
SHA-256 | 7ca25845f3bb0815393b872c0f25e86a1b46d43762d96eabee23fef2aa5393a4
Media Commands Universal SEH Overwrite
Posted Mar 5, 2009
Authored by Hakxer

Media Commands universal SEH overwrite exploit that creates a malicious .m3u file.

tags | exploit
SHA-256 | fc07ad8a960e401c4030b83347ee666cbfdc0b93b2c03f893e1521e51d57a158
Winamp 5.541 Skin Buffer Overflow Exploit
Posted Mar 5, 2009
Authored by SkD

Winamp versions 5.541 and below skin universal buffer overflow exploit. Launches calc.exe.

tags | exploit, overflow
SHA-256 | 5205111a1315db28c3d3ab7879b96c792bb6fd5b57802735fb65549a6e5b8435
djbdns 1.05 AXFRed Subdomain Overwrite
Posted Mar 5, 2009
Authored by D. J. Bernstein

It has been confirmed that djbdns versions 1.05 and below lets AXFRed subdomains overwrite domains. Patch included.

tags | advisory
SHA-256 | 03f48b351a5eebe4464acf5d6ae3dc83aa3868d7065e42129d362f28db0c61cf
Secunia Security Advisory 34119
Posted Mar 5, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fedora has issued an update for psi. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | linux, fedora
SHA-256 | f0412dd6d6eeaa7cad9afb2ea9391bf729335549a9dc15e2caff968f1910fcd2
Secunia Security Advisory 34156
Posted Mar 5, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in IBM DB2, which can be exploited by malicious users or malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service, vulnerability
SHA-256 | 8d704a2bb899c0ebf6be739fbf836b6013eaddfa6f6e74e85e41d7bd826825f1
Secunia Security Advisory 34089
Posted Mar 5, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in FileZilla Server, which potentially can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
SHA-256 | 0d560d6d8da694b058e7edeee741885222b569f834b2c2dc1eb8428130111308
Secunia Security Advisory 34118
Posted Mar 5, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for curl. This fixes a vulnerability, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory
systems | linux, ubuntu
SHA-256 | f3e641a12e90a30d0274e31de9b3dbace97a299b678f414bd2004e87c6b784d2
Secunia Security Advisory 34149
Posted Mar 5, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Sun Solaris, which can be exploited by a malicious, local users to cause a DoS (Denial of Service).

tags | advisory, denial of service, local
systems | solaris
SHA-256 | 1ba8055aadf064cb1ff0bab19ed0c067cadd65e107b0f7592c75bcf4b3568393
Secunia Security Advisory 34121
Posted Mar 5, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in Easy File Sharing Web Server, which can be exploited by malicious people to disclose sensitive information.

tags | advisory, web
SHA-256 | c2383445480bc4799f4123e976e00b14b8ca7b80a1133861ed5b1cdc8a5d1e5e
Secunia Security Advisory 34144
Posted Mar 5, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for wireshark. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a user's system.

tags | advisory, denial of service, vulnerability
systems | linux, redhat
SHA-256 | 3cac7ed8fa88819a9f53d16bcb1e969803a5ddbc9275f0a2d8b6b259a1b11a9e
Page 1 of 2
Back12Next

File Archive:

April 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    10 Files
  • 2
    Apr 2nd
    26 Files
  • 3
    Apr 3rd
    40 Files
  • 4
    Apr 4th
    6 Files
  • 5
    Apr 5th
    26 Files
  • 6
    Apr 6th
    0 Files
  • 7
    Apr 7th
    0 Files
  • 8
    Apr 8th
    22 Files
  • 9
    Apr 9th
    14 Files
  • 10
    Apr 10th
    10 Files
  • 11
    Apr 11th
    13 Files
  • 12
    Apr 12th
    14 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    30 Files
  • 16
    Apr 16th
    0 Files
  • 17
    Apr 17th
    0 Files
  • 18
    Apr 18th
    0 Files
  • 19
    Apr 19th
    0 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close