exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 44 RSS Feed

Files Date: 2009-03-05

Mandriva Linux Security Advisory 2009-066
Posted Mar 5, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-066 - PHP 4.4.4, 5.1.6, and other versions, when running on Apache, allows local users to modify behavior of other sites hosted on the same web server by modifying the mbstring.func_overload setting within.htaccess, which causes this setting to be applied to other virtual hosts on the same server. The updated packages have been patched to correct these issues.

tags | advisory, web, local, php
systems | linux, mandriva
advisories | CVE-2009-0754
SHA-256 | ca933f1a927d0df3b27c6a1b7eeda71f826379ed09c2498ed13db80970312993
Mandriva Linux Security Advisory 2009-065
Posted Mar 5, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-065 - A vulnerability in the cURL library in PHP allowed context-dependent attackers to bypass safe_mode and open_basedir restrictions and read arbitrary files using a special URL request. Improved mbfl_filt_conv_html_dec_flush() error handling in ext/mbstring/libmbfl/filters/mbfilter_htmlent.c. PHP 4.4.4, 5.1.6, and other versions, when running on Apache, allows local users to modify behavior of other sites hosted on the same web server by modifying the mbstring.func_overload setting within.htaccess, which causes this setting to be applied to other virtual hosts on the same server. The updated packages have been patched to correct these issues.

tags | advisory, web, arbitrary, local, php
systems | linux, mandriva
advisories | CVE-2007-4850, CVE-2008-5557, CVE-2009-0754
SHA-256 | 81600b7210442d8910e0548f3b3b74df0d0b40a044f36901a7a75ad77feb28fc
Zero Day Initiative Advisory 09-013
Posted Mar 5, 2009
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 09-013 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists during the browsers garbage collection process. When multiple DOM elements are cloned and linked to one another and the browser is reloaded, a memory corruption occurs resulting in a double free. This can be leveraged to execute arbitrary code under the context of the current user.

tags | advisory, remote, arbitrary
advisories | CVE-2009-0775
SHA-256 | 0bb471f99cb66d2fc4546dadd4aae02b2dace0754a8ccc7acff4816edca47a99
libc:fts_*() Denial Of Service
Posted Mar 5, 2009
Authored by Maksymilian Arciemowicz | Site securityreason.com

libc:fts_*() suffers from a denial of service vulnerability. This affects multiple vendors.

tags | advisory, denial of service
advisories | CVE-2009-0537
SHA-256 | f1f7b02d628966dda851d771301cd67c0c164e16441e34b7ea9c6101aecb9818
CelerBB 0.0.2 SQL Injection / Authentication Bypass
Posted Mar 5, 2009
Authored by Salvatore Fresta

CelerBB version 0.0.2 suffers from information disclosure, remote SQL injection, and authentication bypass vulnerabilities.

tags | exploit, remote, vulnerability, sql injection, info disclosure
SHA-256 | 0c342572d915e21b74cfb7c2197aa40577eb1cccf57a7196c439f8d999413940
Amoot Web Directory SQL Injection
Posted Mar 5, 2009
Authored by Pouya Server

Amoot Web Directory suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, web, sql injection
SHA-256 | f0c557dca5195c66b5b216ea2029e3057a78cd2578305378a0b02d8e522b2c93
TippingPoint IPS Signature Evasion Through Packet Fragmentation
Posted Mar 5, 2009
Authored by Chaitanya Sharma

Whitepaper called TippingPoint IPS Signature Evasion through Packet Fragmentation.

tags | paper
SHA-256 | fb443bf9924fe8e7be65e5ed6fa20814c640898d19822ad5151f928081513346
Compilation And Interpretation Of Exploits
Posted Mar 5, 2009
Authored by Cygog

Whitepaper called Compilation and interpretation of exploit in Perl, PHP, Python, C, and C++. Written in Spanish.

tags | paper, perl, php, python
SHA-256 | 9ed32ef51af5089ba0487b867388896bad2a6f52c94dad8b84338fc35e87a10b
Security In Computer Science Systems
Posted Mar 5, 2009
Authored by Cygog

Whitepaper called Security in the Computer Science Systems, or Seguridad en los sistemas informaticos. Written in Spanish.

tags | paper
SHA-256 | 62c4ffb7dc3222cb78d7a9f4619266a925e0b5dd226d6d1a0e2fd69aadcd8d2a
Internet Explorer 8 Spoof
Posted Mar 5, 2009
Authored by Lostmon | Site lostmon.blogspot.com

Internet Explorer 8 beta RC1 has a flaw that allows for domain name spoofing.

tags | exploit, spoof
SHA-256 | 18a9e3ecbc14c0c76b54cf49a03ddc3677e5d291ef28940276dc506adef42519
SupportSoft DNA Editor Module Code Execution
Posted Mar 5, 2009
Authored by Nine:Situations:Group | Site retrogod.altervista.org

SupportSoft DNA Editor module code execution exploit that leverages dnaedit.dll.

tags | exploit, code execution
SHA-256 | b4f171a5e1092d8dd52b815a5ccb43eebcf3330cbda106d95b211bbf4af57c9b
Debian Linux Security Advisory 1734-1
Posted Mar 5, 2009
Authored by Debian | Site debian.org

Debian Security Advisory 1734-1 - b.badrignans discovered that OpenSC, a set of smart card utilities, could store private data on a smart card without proper access restrictions.

tags | advisory
systems | linux, debian
advisories | CVE-2009-0368
SHA-256 | 1b75cb3c932d0a9639d9ae1c209e4d5e96fc0e363b607bced179a41b05e1c063
Joomla iJoomla Archive SQL Injection
Posted Mar 5, 2009
Authored by Stack | Site v4-team.com

Blind SQL injection exploit for the Joomla iJoomla Archive component.

tags | exploit, sql injection
SHA-256 | de4fa36fc87561f1ca3be8cda3da36eb798e3a82dc96ddf4510616b6b0a22d21
Samhain File Integrity Checker 2.5.4
Posted Mar 5, 2009
Authored by Rainer Wichmann | Site samhain.sourceforge.net

Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.

tags | tool, tcp, intrusion detection
systems | linux, unix, solaris, aix, hpux, unixware
SHA-256 | 4bab09503632cca180ca6d63e9b714c2a720ca80e8534d3f1d67ce17a33ffcd7
Media Commands .m3l Buffer Overflow
Posted Mar 5, 2009
Authored by Stack | Site v4-team.com

Media Commands local buffer overflow exploit that creates a malicious .m3l file.

tags | exploit, overflow, local
SHA-256 | 7ca25845f3bb0815393b872c0f25e86a1b46d43762d96eabee23fef2aa5393a4
Media Commands Universal SEH Overwrite
Posted Mar 5, 2009
Authored by Hakxer

Media Commands universal SEH overwrite exploit that creates a malicious .m3u file.

tags | exploit
SHA-256 | fc07ad8a960e401c4030b83347ee666cbfdc0b93b2c03f893e1521e51d57a158
Winamp 5.541 Skin Buffer Overflow Exploit
Posted Mar 5, 2009
Authored by SkD

Winamp versions 5.541 and below skin universal buffer overflow exploit. Launches calc.exe.

tags | exploit, overflow
SHA-256 | 5205111a1315db28c3d3ab7879b96c792bb6fd5b57802735fb65549a6e5b8435
djbdns 1.05 AXFRed Subdomain Overwrite
Posted Mar 5, 2009
Authored by D. J. Bernstein

It has been confirmed that djbdns versions 1.05 and below lets AXFRed subdomains overwrite domains. Patch included.

tags | advisory
SHA-256 | 03f48b351a5eebe4464acf5d6ae3dc83aa3868d7065e42129d362f28db0c61cf
Secunia Security Advisory 34119
Posted Mar 5, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fedora has issued an update for psi. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | linux, fedora
SHA-256 | f0412dd6d6eeaa7cad9afb2ea9391bf729335549a9dc15e2caff968f1910fcd2
Secunia Security Advisory 34156
Posted Mar 5, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in IBM DB2, which can be exploited by malicious users or malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service, vulnerability
SHA-256 | 8d704a2bb899c0ebf6be739fbf836b6013eaddfa6f6e74e85e41d7bd826825f1
Secunia Security Advisory 34089
Posted Mar 5, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in FileZilla Server, which potentially can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
SHA-256 | 0d560d6d8da694b058e7edeee741885222b569f834b2c2dc1eb8428130111308
Secunia Security Advisory 34118
Posted Mar 5, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for curl. This fixes a vulnerability, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory
systems | linux, ubuntu
SHA-256 | f3e641a12e90a30d0274e31de9b3dbace97a299b678f414bd2004e87c6b784d2
Secunia Security Advisory 34149
Posted Mar 5, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Sun Solaris, which can be exploited by a malicious, local users to cause a DoS (Denial of Service).

tags | advisory, denial of service, local
systems | solaris
SHA-256 | 1ba8055aadf064cb1ff0bab19ed0c067cadd65e107b0f7592c75bcf4b3568393
Secunia Security Advisory 34121
Posted Mar 5, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in Easy File Sharing Web Server, which can be exploited by malicious people to disclose sensitive information.

tags | advisory, web
SHA-256 | c2383445480bc4799f4123e976e00b14b8ca7b80a1133861ed5b1cdc8a5d1e5e
Secunia Security Advisory 34144
Posted Mar 5, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for wireshark. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a user's system.

tags | advisory, denial of service, vulnerability
systems | linux, redhat
SHA-256 | 3cac7ed8fa88819a9f53d16bcb1e969803a5ddbc9275f0a2d8b6b259a1b11a9e
Page 1 of 2
Back12Next

File Archive:

January 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    0 Files
  • 2
    Jan 2nd
    13 Files
  • 3
    Jan 3rd
    5 Files
  • 4
    Jan 4th
    5 Files
  • 5
    Jan 5th
    9 Files
  • 6
    Jan 6th
    5 Files
  • 7
    Jan 7th
    0 Files
  • 8
    Jan 8th
    0 Files
  • 9
    Jan 9th
    18 Files
  • 10
    Jan 10th
    31 Files
  • 11
    Jan 11th
    30 Files
  • 12
    Jan 12th
    33 Files
  • 13
    Jan 13th
    25 Files
  • 14
    Jan 14th
    0 Files
  • 15
    Jan 15th
    0 Files
  • 16
    Jan 16th
    7 Files
  • 17
    Jan 17th
    25 Files
  • 18
    Jan 18th
    38 Files
  • 19
    Jan 19th
    6 Files
  • 20
    Jan 20th
    21 Files
  • 21
    Jan 21st
    0 Files
  • 22
    Jan 22nd
    0 Files
  • 23
    Jan 23rd
    24 Files
  • 24
    Jan 24th
    68 Files
  • 25
    Jan 25th
    22 Files
  • 26
    Jan 26th
    20 Files
  • 27
    Jan 27th
    17 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    20 Files
  • 31
    Jan 31st
    31 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close