what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 53 RSS Feed

Files Date: 2009-04-01

Secunia Research - UltraISO Image Name Parsing
Posted Apr 1, 2009
Authored by Dyon Balding | Site secunia.com

Secunia Research has discovered two vulnerabilities in UltraISO, which can be exploited by malicious people to potentially compromise a user's system. A format string error when handling DAA file names can be exploited by tricking a user into opening a file with a specially crafted name containing format specifiers. A format string error when handling ISZ file names can be exploited by tricking a user into opening a file with a specially crafted name containing format specifiers. Successful exploitation may allow execution of arbitrary code. UltraISO version 9.3.1.2633 is affected.

tags | advisory, arbitrary, vulnerability
advisories | CVE-2008-3871
SHA-256 | e8b6b22234286c933c86caf76bc04d458d2b2cf5e2ee7ca1dd7d5c4daabe4ad8
Secunia Research - UltraISO Image Parsing
Posted Apr 1, 2009
Authored by Dyon Balding | Site secunia.com

Secunia Research has discovered three vulnerabilities in UltraISO, which can be exploited by malicious people to compromise a user's system. A boundary error when parsing CIF files can be exploited to overflow a global buffer by tricking a user into opening a specially crafted CIF file. A boundary error when parsing C2D files can be exploited to overflow a global buffer by tricking a user into opening a specially crafted C2D file. Insufficient validation when parsing GI files can be exploited to overflow a global buffer by tricking a user into opening a specially crafted GI file. Successful exploitation allows execution of arbitrary code. UltraISO version 9.3.1.2633 is affected.

tags | advisory, overflow, arbitrary, vulnerability
advisories | CVE-2008-4825
SHA-256 | 4f0fdc8ac2f3df91d55d57dbd2bfbf7651b26b2c441c2ffb9e376cee3ea8cb9f
Whitepaper On Google Hacking Written In Farsi
Posted Apr 1, 2009
Authored by Pouya Server

Whitepaper on Google Hacking written in Farsi.

tags | paper
SHA-256 | d5032a9f65d13006e164fa42ec4ea999228b57aaacedc449f9e3311def3ed61c
TinyPHPForum 3.61 Disclosure / Code Execution
Posted Apr 1, 2009
Authored by brain[pillow]

TinyPHPForum version 3.61 suffers from file disclosure and code execution vulnerabilities.

tags | exploit, vulnerability, code execution, info disclosure
SHA-256 | cda1dcb6105337c0ab9dc986dfd645440bc866bcfa9f14a7e53b60fc60fc958c
MyioSoft Ajax Portal 3.0 SQL Injection
Posted Apr 1, 2009
Authored by cOndemned | Site condemned.r00t.la

MyioSoft Ajax Portal version 3.0 suffers from a remote SQL injection vulnerability in ajaxp_backend.php.

tags | exploit, remote, php, sql injection
SHA-256 | 004c5129b639cfb7359b0ac23680322a6c1c57a06bfb966584af12468c39b6d5
Oracle WebLogic IIS Connector Overflow
Posted Apr 1, 2009
Authored by k'sOSe | Site pornosecurity.org

Oracle Weblogic IIS connector remote overflow exploit that relates to JSESSIONID.

tags | exploit, remote, overflow
advisories | CVE-2008-5457
SHA-256 | de5529e482413e2be9f8012fa29e6af9eacfb0d3ebb8fd6bad42b75fa2617dcb
HP Security Bulletin HPSBUX02418 SSRT090002
Posted Apr 1, 2009
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin - A potential security vulnerability has been identified with HP-UX running OpenSSL. The vulnerability could be exploited remotely to allow an unauthorized access.

tags | advisory
systems | hpux
advisories | CVE-2008-5077
SHA-256 | 32408dedc7b1bb3beef81d26777720b83a5a7e169d02098aec0b1d7b30492e3f
Koschtit Image Gallery 1.82 Local File Inclusion
Posted Apr 1, 2009
Authored by ahmadbady

Koschtit Image Gallery version 1.82 suffers from multiple local file inclusion vulnerabilities.

tags | exploit, local, vulnerability, file inclusion
SHA-256 | e0c6fccdf0451b8bce296fe4677fea5362cf8d48ee0f46e49acfd059caab7aad
Packet Storm New Exploits For March, 2009
Posted Apr 1, 2009
Authored by Todd J. | Site packetstormsecurity.com

Packet Storm new exploits for March, 2009.

tags | exploit
SHA-256 | e9f153b2931d639cb5badec0f38cdae04b6d25fab8707fc696b5deb4cad118a8
DeepBurner 1.9.0.228 Overflow
Posted Apr 1, 2009
Authored by fl0 fl0w | Site fl0-fl0w.docspages.com

DeepBurner version 1.9.0.228 stack buffer overflow proof of concept exploit.

tags | exploit, overflow, proof of concept
SHA-256 | d1737e2e36552a204d8753b7f7f41231d72da7819abb0f411576f550e2322ac9
Mandriva Linux Security Advisory 2009-084
Posted Apr 1, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-084 - Security vulnerabilities have been discovered in previous versions, and corrected in the latest Mozilla Firefox 3.x, version 3.0.8. This update provides the latest Mozilla Firefox 3.x to correct these issues. Additionally, some packages requiring it have also been rebuilt and are being provided as updates.

tags | advisory, vulnerability
systems | linux, mandriva
advisories | CVE-2009-1044, CVE-2009-1169
SHA-256 | 7337027c6d9eab4a1b99091201ccfc3d20e82590fc265a2fca649cc8d927d330
Mandriva Linux Security Advisory 2009-083
Posted Apr 1, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-083 - A number of security vulnerabilities have been discovered in previous versions, and corrected in the latest Mozilla Thunderbird program, version 2.0.0.21. This update provides the latest Thunderbird to correct these issues. Additionally, Mozilla Thunderbird released with Mandriva Linux 2009.0, when used with Enigmail extension on x86_64 architecture, would freeze whenever any Enigmail function was used. Also, when used on i586 architecture, Thunderbird would crash when sending an email, if a file with an unknown extension was attached to it. This update also fixes those issues.

tags | advisory, vulnerability
systems | linux, mandriva
advisories | CVE-2009-0040, CVE-2009-0352, CVE-2009-0353, CVE-2009-0771, CVE-2009-0772, CVE-2009-0773, CVE-2009-0774, CVE-2009-0776
SHA-256 | 8511d6a4698ceeef5b4163b72f2396b90cb854230c08895dc46332e0b785248e
QtWeb Internet Browser 2.0 Denial Of Service
Posted Apr 1, 2009
Authored by LiquidWorm | Site zeroscience.mk

QtWeb Internet Browser version 2.0 remote denial of service exploit.

tags | exploit, remote, denial of service
SHA-256 | e64c56fbb977dcb8db71cc1138721733c0f9e421bc3153c68259cb6cd11b9b12
VMware Security Advisory 2009-0004
Posted Apr 1, 2009
Authored by VMware | Site vmware.com

VMware Security Advisory - ESX patches for OpenSSL, vim and bind resolve several security issues. OpenSSL 0.9.7a-33.24 and earlier does not properly check the return value from the EVP_VerifyFinal function, which could allow a remote attacker to bypass validation of the certificate chain via a malformed SSL/TLS signature for DSA and ECDSA keys. A flaw was discovered in the way Berkeley Internet Name Domain (BIND) checked the return value of the OpenSSL DSA_do_verify function. On systems using DNSSEC, a malicious zone could present a malformed DSA certificate and bypass proper certificate validation, allowing spoofing attacks. Various vulnerabilities were discovered in vim such as format string issues and input validation problems.

tags | advisory, remote, spoof, vulnerability
advisories | CVE-2008-5077, CVE-2009-0025, CVE-2008-4101, CVE-2008-3432, CVE-2008-2712, CVE-2007-2953
SHA-256 | 6cb3c24c65b6ce75a60be81d773ffe92365d8866329c83302255f5fa55cec7f1
XBMC 8.10 GET Overflows
Posted Apr 1, 2009
Authored by n00b

XBMC version 8.10 proof of concept exploit code for multiple buffer overflows related to GET requests.

tags | exploit, overflow, proof of concept
SHA-256 | 630e1ff4c87341bbc0d442422a65b0fbbda8376d48c984df1335117845f76dab
XBMC 8.10 Tag Overflow
Posted Apr 1, 2009
Authored by n00b

XBMC version 8.10 get tag from file name remote buffer overflow exploit.

tags | exploit, remote, overflow
SHA-256 | c7b8919d2d1d3063802ac34741da2d095d10aa6076e4a9487051c26951ba38f6
XBMC 8.10 takescreenshot Overflow
Posted Apr 1, 2009
Authored by n00b

XBMC version 8.10 takescreenshot remote buffer overflow exploit for Windows.

tags | exploit, remote, overflow
systems | windows
SHA-256 | eba0bb541e3a78ea046d3e1678e22f7cb2080253e1cfabb4b322ef3d94d508c4
XBMC 8.10 GET Overflow
Posted Apr 1, 2009
Authored by n00b

XBMC version 8.10 GET request remote buffer overflow exploit for Windows.

tags | exploit, remote, overflow
systems | windows
SHA-256 | aa63b4ad5a6f2a442b6f2731b35ac6e2b862f6e0835b9f145e6cb5784cc92506
Secunia Security Advisory 34560
Posted Apr 1, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fedora has issued an update for glib2. This fixes some vulnerabilities, which can potentially be exploited by malicious people to compromise an application using the library.

tags | advisory, vulnerability
systems | linux, fedora
SHA-256 | a4354d487a63101d758fffd689379ae14c61212b22171db1c54395b602899d23
Secunia Security Advisory 34530
Posted Apr 1, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - VMware has issued an update for VMware ESX Server. This fixes some vulnerabilities and weaknesses, which can be exploited by malicious people to conduct spoofing attacks or to compromise a user's system.

tags | advisory, spoof, vulnerability
SHA-256 | 17b3b43996f9d8be9d72be35b6a457274ab13ea845fab23d57463b808844e0c2
Secunia Security Advisory 34549
Posted Apr 1, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for xulrunner. This fixes a weakness and a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.

tags | advisory, denial of service
systems | linux, debian
SHA-256 | 9ab7ddbf8f5392145d06357db2a58bbfa7dba7ab0eb68c7abf757874ba99f311
Secunia Security Advisory 34533
Posted Apr 1, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Methodman has reported a vulnerability in Turnkey Ebook Store, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
SHA-256 | 564af25ccde7a7a279d9b50284f586b99b7b90c7ea50b48b3853dbfb34ebf25a
Secunia Security Advisory 32415
Posted Apr 1, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Secunia Research has discovered multiple vulnerabilities in UltraISO, which can be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability
SHA-256 | 7249c7c996cf08e994a1c1ae2dc16e556e10cf8cfe91b0ae8e0c54ca63010b5d
Secunia Security Advisory 34528
Posted Apr 1, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in Sun Java System Calendar Server, which can be exploited by malicious people to conduct cross-site scripting attacks or to cause a DoS (Denial of Service).

tags | advisory, java, denial of service, vulnerability, xss
SHA-256 | b9ca637527ade8f11cc68aa134a155a1436ccfd2f744624e8061967c3d64b194
Secunia Security Advisory 34548
Posted Apr 1, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Avaya has acknowledged a security issue in Avaya Messaging Storage Server, which can be exploited by malicious, local users to gain escalated privileges.

tags | advisory, local
SHA-256 | ad1e90d3006b694202bc16d7fba32b68df0cd1138862aa37d7adf7856aef8a60
Page 1 of 3
Back123Next

File Archive:

September 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    261 Files
  • 2
    Sep 2nd
    17 Files
  • 3
    Sep 3rd
    38 Files
  • 4
    Sep 4th
    52 Files
  • 5
    Sep 5th
    23 Files
  • 6
    Sep 6th
    27 Files
  • 7
    Sep 7th
    0 Files
  • 8
    Sep 8th
    1 Files
  • 9
    Sep 9th
    16 Files
  • 10
    Sep 10th
    38 Files
  • 11
    Sep 11th
    21 Files
  • 12
    Sep 12th
    40 Files
  • 13
    Sep 13th
    18 Files
  • 14
    Sep 14th
    0 Files
  • 15
    Sep 15th
    0 Files
  • 16
    Sep 16th
    21 Files
  • 17
    Sep 17th
    51 Files
  • 18
    Sep 18th
    23 Files
  • 19
    Sep 19th
    0 Files
  • 20
    Sep 20th
    0 Files
  • 21
    Sep 21st
    0 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close