what you don't know can hurt you
Showing 1 - 25 of 50 RSS Feed

Files Date: 2009-03-10

Socket Capable Browser Plugins Result In Transparent Proxy Abuse
Posted Mar 10, 2009
Authored by Robert Auger

Whitepaper called Socket Capable Browser Plugins Result In Transparent Proxy Abuse.

tags | paper
MD5 | 8a1b7b05c19798bb29360892d1597edc
Gentoo Linux Security Advisory 200903-24
Posted Mar 10, 2009
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200903-24 - An insecure temporary file usage in Shadow may allow local users to gain root privileges. Paul Szabo reported a race condition in the login executable when setting up tty permissions. Versions less than 4.1.2.2 are affected.

tags | advisory, local, root
systems | linux, gentoo
advisories | CVE-2008-5394
MD5 | ef089db69b29d37e447eef11187ba158
commerce35.pair.com Cross Site Scripting
Posted Mar 10, 2009
Authored by Max Dietz

commerce35.pair.com suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 5274691a18091f890cc4f46bbea30adc
WordPress MU Cross Site Scripting
Posted Mar 10, 2009
Authored by Juan Galiana Lara

WordPress MU versions below 2.7 suffer from a Host HTTP header cross site scripting vulnerability.

tags | exploit, web, xss
MD5 | 9e0e3f247d074d30f62c10d6a99a749d
RoomPHPlanning 1.5 Create User Exploit
Posted Mar 10, 2009
Authored by Jonathan Salwan | Site shell-storm.org

RoomPHPlanning version 1.5 remote administrative user creation exploit.

tags | exploit, remote
MD5 | 19c2481ffb354493f17b6897cbc7f578
WeBid 0.7.3 Remote File Inclusion
Posted Mar 10, 2009
Authored by M.Hasran Addahroni | Site advisories.echo.or.id

WeBid versions 0.7.3 RC9 and below suffer from multiple remote file inclusion vulnerabilities.

tags | exploit, remote, vulnerability, file inclusion
MD5 | 8cd9b2f1c920f663d259daa31ff7e5bf
Asterisk Project Security Advisory - AST-2009-002
Posted Mar 10, 2009
Site asterisk.org

Asterisk Project Security Advisory - A remote crash vulnerability exists in the SIP channel driver allow for a denial of service condition.

tags | advisory, remote, denial of service
MD5 | c21066b5904a6cb5852a2580725a407c
Joomla Djice Shoutbox 1.0 XSS
Posted Mar 10, 2009
Authored by XaDoS

Joomla Djice Shoutbox version 1.0 suffers from a permanent cross site scripting vulnerability.

tags | exploit, xss
MD5 | cd5ef251a8259a2fe74148ff20ebedff
Mandriva Linux Security Advisory 2009-071
Posted Mar 10, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-071 - Some vulnerabilities were discovered and corrected in the Linux 2.6 kernel.

tags | advisory, kernel, vulnerability
systems | linux, mandriva
advisories | CVE-2009-0675, CVE-2009-0676
MD5 | 3cb59335b29e96ed5a63668bed0646e7
Debian Linux Security Advisory 1735-1
Posted Mar 10, 2009
Authored by Debian | Site debian.org

Debian Security Advisory 1735-1 - It was discovered that znc, an IRC proxy/bouncer, does not properly sanitize input contained in configuration change requests to the webadmin interface. This allows authenticated users to elevate their privileges and indirectly execute arbitrary commands (CVE-2009-0759).

tags | advisory, arbitrary
systems | linux, debian
advisories | CVE-2009-0759
MD5 | 0574c00305bf9f1fe2f621309bdc8d44
Technical Cyber Security Alert 2009-69A
Posted Mar 10, 2009
Authored by US-CERT | Site us-cert.gov

Technical Cyber Security Alert TA09-069A - Microsoft has released updates that address vulnerabilities in Microsoft Windows and Windows Server.

tags | advisory, vulnerability
systems | windows
MD5 | 7f5f4831b566147884e1d5d3b0056ab6
Ubuntu Security Notice 732-1
Posted Mar 10, 2009
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice USN-732-1 - Wolfgang M. Reimer discovered that dash, when invoked as a login shell, would source .profile files from the current directory. Local users may be able to bypass security restrictions and gain root privileges by placing specially crafted .profile files where they might get sourced by other dash users.

tags | advisory, shell, local, root
systems | linux, ubuntu
advisories | CVE-2009-0854
MD5 | 6d556089bce792a5b60e42528ddd64ee
Ubuntu Security Notice 731-1
Posted Mar 10, 2009
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice USN-731-1 - Various cross site scripting and cross site request forgery issues have been addressed in the Apache2 package.

tags | advisory, xss, csrf
systems | linux, ubuntu
advisories | CVE-2007-6203, CVE-2007-6420, CVE-2008-1678, CVE-2008-2168, CVE-2008-2364, CVE-2008-2939
MD5 | e670ed375b04a6647fdd25c9dbdbdc9e
Circumference WebAuth Client
Posted Mar 10, 2009
Authored by Jan Engelhardt | Site circum.sourceforge.net

Circumference is an implementation of a WebAuth client and server to supplement the recently-written specification for the WebAuth Diameter Application, complete with an extensible Diameter server and base library. Diameter is specified in RFC3588 and its updates.

Changes: Implemented changes stemming from the RFC3588bis16 update. A couple of other changes.
tags | tool
systems | unix
MD5 | c851ed7ea53604537d7f935f816cb23b
PHP-Fusion Book Panel SQL Injection
Posted Mar 10, 2009
Authored by SuB-ZeRo | Site dz-security.com

The PHP-Fusion Book Panel module suffers from a remote SQL injection vulnerability.

tags | exploit, remote, php, sql injection
MD5 | c95f1313a6a5c225bfb5010f70df738e
Mandriva Linux Security Advisory 2009-070
Posted Mar 10, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-070 - senddoc uses temporary files (/tmp/log.obr.4043) in an insecure way which enables local attackers to overwrite arbitrary files by using a symlink attack. This update provides a fix for that vulnerability. Also, this update is a rebuild against (latest) xulrunner 1.9.0.6.

tags | advisory, arbitrary, local
systems | linux, mandriva
advisories | CVE-2008-4937
MD5 | 4db65472683b501697cb938cc89d8284
RainbowPlayer 0.91 SEH Overwrite
Posted Mar 10, 2009
Authored by His0k4

RainbowPlayer version 0.91 playlist related universal SEH overwrite exploit.

tags | exploit
MD5 | f8d5d7e973bbf86b528332743db8ca32
Gentoo Linux Security Advisory 200903-22
Posted Mar 10, 2009
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200903-22 - A buffer-overflow in Ganglia's gmetad might lead to the execution of arbitrary code. Spike Spiegel reported a stack-based buffer overflow in the process_path() function when processing overly long pathnames in gmetad/server.c. Versions less than 3.1.1-r2 are affected.

tags | advisory, overflow, arbitrary
systems | linux, gentoo
advisories | CVE-2009-0241
MD5 | ba5096b7045f479ce78426f45e2fb9c5
CMS WEBjump! SQL Injection
Posted Mar 10, 2009
Authored by M3NW5

CMS WEBjump! suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 9acebdf8395e47f2b122b19214e0e2cd
IBM Director Privilege Escalation
Posted Mar 10, 2009
Authored by Bernhard Mueller | Site sec-consult.com

SEC Consult Security Advisory 20090305-2 - IBM Director for Windows versions 5.20.3 Service Update 2 and below suffer from a local privilege escalation vulnerability.

tags | exploit, local
systems | windows
MD5 | af11a26010b5a7a75bd41039776595d8
IBM Directory CIM Denial Of Service
Posted Mar 10, 2009
Authored by Bernhard Mueller | Site sec-consult.com

SEC Consult Security Advisory 20090305-1 - IBM Director for Windows versions 5.20.3 Service Update 2 and below suffer from a remote denial of service vulnerability.

tags | advisory, remote, denial of service
systems | windows
MD5 | 9b19c268da73ec46103cd32a1bcd09ce
NextApp Echo XML Injection
Posted Mar 10, 2009
Site sec-consult.com

SEC Consult Security Advisory 20090305-0 - NextApp Echo2 versions below 2.1.1 suffer from a XML injection vulnerability.

tags | exploit, xxe
MD5 | ca9364873f44fb3b4e253663e3a3ab5d
VUPlayer 2.49 .cue File Overflow
Posted Mar 10, 2009
Authored by Stack | Site v4-team.com

VUPlayer versions 2.49 and below .cue file universal buffer overflow exploit. Win32 bindshell code that ties to port 5555.

tags | exploit, overflow
systems | windows
MD5 | 5d7e876d18f707906361bce6d1fac232
Secunia Security Advisory 34222
Posted Mar 10, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in Mahara, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss
MD5 | 34ce43e50ea6b0010ca9e9977c06d236
Secunia Security Advisory 34210
Posted Mar 10, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fedora has issued an update for libpng10. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) or to potentially compromise an application using the library.

tags | advisory, denial of service
systems | linux, fedora
MD5 | 671d3014305f9c149714c133a0ebf89f
Page 1 of 2
Back12Next

File Archive:

September 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    20 Files
  • 2
    Sep 2nd
    15 Files
  • 3
    Sep 3rd
    15 Files
  • 4
    Sep 4th
    4 Files
  • 5
    Sep 5th
    1 Files
  • 6
    Sep 6th
    1 Files
  • 7
    Sep 7th
    15 Files
  • 8
    Sep 8th
    27 Files
  • 9
    Sep 9th
    7 Files
  • 10
    Sep 10th
    16 Files
  • 11
    Sep 11th
    9 Files
  • 12
    Sep 12th
    0 Files
  • 13
    Sep 13th
    0 Files
  • 14
    Sep 14th
    25 Files
  • 15
    Sep 15th
    15 Files
  • 16
    Sep 16th
    15 Files
  • 17
    Sep 17th
    15 Files
  • 18
    Sep 18th
    12 Files
  • 19
    Sep 19th
    0 Files
  • 20
    Sep 20th
    0 Files
  • 21
    Sep 21st
    0 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close