what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 51 RSS Feed

Files Date: 2009-04-09

WebFileExplorer 3.1 SQL Injection
Posted Apr 9, 2009
Authored by Osirys | Site y-osirys.com

WebFileExplorer version 3.1 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
SHA-256 | e49da55861cd0f74fdaec1e380c299bbe5d9dd12d15f3a53aee92837013d1b1c
Mandriva Linux Security Advisory 2009-088
Posted Apr 9, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-088 - Multiple vulnerabilities has been identified and corrected in wireshark. These include format string and denial of service vulnerabilities.

tags | advisory, denial of service, vulnerability
systems | linux, mandriva
advisories | CVE-2009-1210, CVE-2009-1268, CVE-2009-1269
SHA-256 | e9d05a7d6d95c4d6f253e889f5fa1cf1e332b8802b9b95efbab614046fa2d975
HP Security Bulletin HPSBMA02420 SSRT071458
Posted Apr 9, 2009
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin - A potential security vulnerability has been identified in HP ProCurve Manager and HP ProCurve Manager Plus. The vulnerability could allow remote unauthorized access to data on the ProCurve Manager server. Note that this vulnerability is over a year old.

tags | advisory, remote
advisories | CVE-2007-4514
SHA-256 | 3d89ab4a511d7057406f3b4f5a98c9e7040ddabc6bb66ae9d8f786736be6dfe3
Loud Listener Packet Recorder
Posted Apr 9, 2009
Authored by Mark Osborne | Site loud-fat-bloke.co.uk

Loud Listener is a light-weight high speed voice packet recorder that can target a particular call based on SIP URL or TG, designed to satisfy regulatory lawful Intercept requirements. This proof of concept code has been designed to be pushed to an FPGA on an accelerated platform but in its current form, it will run on most versions of Linux.

tags | telephony, proof of concept
systems | linux
SHA-256 | 57e5623476d8c06864d49cb43d5ee359c127b0dbbb7a3705578f3519de6a4cef
Debian Linux Security Advisory 1754-1
Posted Apr 9, 2009
Authored by Debian | Site debian.org

Debian Security Advisory 1754-1 - It was discovered that roundup, an issue tracker with a command-line, web and email interface, allows users to edit resources in unauthorized ways, including granting themselves admin rights.

tags | advisory, web
systems | linux, debian
SHA-256 | 1d5f494eaa3899e67790d5afdfd5e0665d93ebd6b6b7f46ef5c5f087c83b53d5
Debian Linux Security Advisory 1767-1
Posted Apr 9, 2009
Authored by Debian | Site debian.org

Debian Security Advisory 1767-1 - It was discovered that multipathd of multipath-tools, a tool-chain to manage disk multipath device maps, uses insecure permissions on its unix domain control socket which enables local attackers to issue commands to multipathd prevent access to storage devices or corrupt file system data.

tags | advisory, local
systems | linux, unix, debian
advisories | CVE-2009-0115
SHA-256 | 904b1a5f03572b81de80119e0824a09e315f6e1a9e7a568558324dbb6667828c
Ghostscript jbig2dec JBIG2 Processing Buffer Overflow
Posted Apr 9, 2009
Authored by Alin Rad Pop | Site secunia.com

Secunia Research has discovered a vulnerability in Ghostscript, which can be exploited by malicious people to potentially compromise a user's system. The vulnerability is caused due to a boundary error in the included jbig2dec library while decoding JBIG2 symbol dictionary segments. This can be exploited to cause a heap-based buffer overflow via a specially crafted PDF file. Successful exploitation may allow execution of arbitrary code. Ghostscript version 8.64 is affected.

tags | advisory, overflow, arbitrary
advisories | CVE-2009-0196
SHA-256 | 3e45593976ff44163557ee1faed79a1bbf8b00a557fd8e04db7f2215e79343cc
My Dealer CMS 2.0 SQL Injection
Posted Apr 9, 2009
Authored by ThE g0bL!N | Site h4ckf0ru.com

My Dealer CMS version 2.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
SHA-256 | f28e670fc537a9bfa642b803464ee823b8e4ff9af8add0fd85155e7eaccd58db
Absolute Form Processor SQL Injection
Posted Apr 9, 2009
Authored by ThE g0bL!N | Site h4ckf0ru.com

Absolute Form Processor version XE-V 1.5 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
SHA-256 | faed5a542ed8d594dd5233d1172f9c1e962af9ced171ca6a7306f1bdfe2acca8
Simbas CMS 2.0 SQL Injection
Posted Apr 9, 2009
Authored by ThE g0bL!N | Site h4ckf0ru.com

Simbas CMS version 2.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
SHA-256 | e16cb953dd1bc093276c58b4460cb86cb2151ade7b543564472c3ec1d6bf46e1
Joomla Car Component SQL Injection
Posted Apr 9, 2009
Authored by k1ll3r_null

The Joomla Car component suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 133484801b0048d2d49478dd762a8492b07159c7a712540456c811e525e041e1
AdaptBB 1.0 Beta SQL Injection / Code Execution / File Upload
Posted Apr 9, 2009
Authored by Salvatore Fresta

AdaptBB version 1.0 Beta suffers from blind SQL injection, dynamic code execution, and arbitrary file upload vulnerabilities.

tags | exploit, arbitrary, vulnerability, code execution, sql injection, file upload
SHA-256 | 6e34e15269adcbcfb8335dfbb12dc9119688b86e5b05c0428b2a3fecae0f33da
HP Security Bulletin HPSBMA02396 SSRT080175
Posted Apr 9, 2009
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin - A potential security vulnerability has been identified with HP OpenView Performance Agent and HP Performance Agent. The vulnerability could be exploited remotely to execute arbitrary code.

tags | advisory, arbitrary
advisories | CVE-2008-4420
SHA-256 | 61b8f6223dc3ee73a57d54d19de6d87247e5bf6c3c1888a30c1cdecd097c9d47
IBM BladeCenter Advanced Management XSS/XSRF
Posted Apr 9, 2009
Authored by Henri Lindberg | Site louhi.fi

The IBM BladeCenter Advanced Management module suffers from cross site scripting, cross site request forgery, and information disclosure vulnerabilities.

tags | exploit, vulnerability, xss, info disclosure, csrf
SHA-256 | 1954725f4d86942fbaa357b00c1b82ca228d2ca128249c34312bc4346ec5b01d
RepliStor Buffer Overflow
Posted Apr 9, 2009
Authored by Zhenhua Liu | Site fortinet.com

Fortinet's FortiGuard Global Security Research Team has discovered a buffer overflow vulnerability in EMC RepliStor. Versions 6.2 SP4 and below and 6.3.SP1 and below are affected.

tags | advisory, overflow
advisories | CVE-2009-1119
SHA-256 | 3e443a3255e8c74cf07bc65e9a330033b6a706a1e28dae1653a6c10616777191
Debian Linux Security Advisory 1766-1
Posted Apr 9, 2009
Authored by Debian | Site debian.org

Debian Security Advisory 1766-1 - Several vulnerabilities have been found in the MIT reference implementation of Kerberos V5, a system for authenticating users and services on a network.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2009-0844, CVE-2009-0845, CVE-2009-0847, CVE-2009-0846
SHA-256 | 62744b0660268ab7130a3287b506316b68daa390f0f7c8054bab6ce99001b83a
Exjune Guestbook 2 Database Disclosure
Posted Apr 9, 2009
Authored by AlpHaNiX

Exjune Guestbook version 2 remote database disclosure exploit.

tags | exploit, remote, info disclosure
SHA-256 | 5a417a0f4555adc7c0aa35d05df5b057cd46756f087f13e4a6b81571e8fb7af5
Seccure Toolset
Posted Apr 9, 2009
Site point-at-infinity.org

The seccure toolset implements a selection of asymmetric algorithms based on elliptic curve cryptography (ECC). In particular, it offers public key encryption / decryption, signature generation / verification and key establishment. ECC schemes offer a much better key size to security ratio than classical systems (RSA, DSA). Keys are short enough to make direct specification of keys on the command line possible (sometimes this is more convenient than the management of PGP-like key rings). seccure builds on this feature and therefore is the tool of choice whenever lightweight asymmetric cryptography -- independent of key servers, revocation certificates, the Web of Trust, or even configuration files -- is required.

Changes: This release has a fix in secure memory allocation. Signature generation is deterministic.
tags | web, encryption
SHA-256 | 33d690a7034ee349bce4911a8b7c73e6e3cd13a140f429e9e628d5cd5a3bb955
Openwall tcb Suite
Posted Apr 9, 2009
Site openwall.com

The tcb suite implements the alternative password shadowing scheme on Openwall GNU/*/Linux (Owl) which allows many core system utilities (passwd(1) being the primary example) to operate with little privilege. It is being made available separately from Owl primarily for use by other distributions. This package contains three core components of the tcb suite: pam_tcb (a PAM module which supersedes pam_unix), libnss_tcb (the accompanying NSS module), and libtcb (a library for accessing tcb shadow files, used by the PAM and NSS modules as well as by user management tools on Owl).

Changes: Child processes spawned by pam_tcb will now always use _exit(2) rather than exit(3) to avoid triggering side effects. When changing passwords, pam_tcb will now fsync(2) the temporary file prior to renaming it over the actual shadow file, as needed on filesystems with not entirely atomic rename(2) (XFS).
systems | linux
SHA-256 | 3eda3953c5e8d3c0c6cbc0941a2bb9f6fe5a862b4cfbd01c23acf64ccbd73373
Geeklog 1.5.2 SQL Injection
Posted Apr 9, 2009
Authored by Nine:Situations:Group | Site retrogod.altervista.org

Geeklog versions 1.5.2 and below SEC_authenticate() remote SQL injection exploit.

tags | exploit, remote, sql injection
SHA-256 | 9289d8cb946255c3e09f10474f3767b6c11d5d133f66a2107765e2d20994e7ef
SWF Opener 1.3 Buffer Overflow
Posted Apr 9, 2009
Authored by Stack | Site v4-team.com

SWF Opener version 1.3 .swf file off-by-one buffer overflow proof of concept exploit.

tags | exploit, overflow, proof of concept
SHA-256 | e6b2bd514a9261b88370cfd32b848a0a83b0d411eff14f469e3f1c893f690ee7
BackendCMS 5.0 SQL Injection
Posted Apr 9, 2009
Authored by AnGeL25dZ

BackendCMS version 5.0 suffers from a remote SQL injection vulnerability in main.asp.

tags | exploit, remote, sql injection, asp
SHA-256 | 30c7fb7d2b26692d50a55414ed1f8cab4579600ab37709e3a694a4327fb92d82
Secunia Security Advisory 34607
Posted Apr 9, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in Cisco ASA and PIX appliances, which can be exploited by malicious people to bypass certain security restrictions or to cause a DoS (Denial of Service).

tags | advisory, denial of service, vulnerability
systems | cisco
SHA-256 | 80d410969c691878a709a75d5ea8afc9ece8597cb3f362f5fdd4812a529beb88
Secunia Security Advisory 34645
Posted Apr 9, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for krb5. This fixes some vulnerabilities, which can be exploited by malicious people to potentially disclose sensitive information, cause a DoS (Denial of Service), or potentially compromise a vulnerable system.

tags | advisory, denial of service, vulnerability
systems | linux, debian
SHA-256 | 1544e3fd30020c1940bd62096f45eb6fa118b113017c757c9543d8c05c3d1530
Secunia Security Advisory 34657
Posted Apr 9, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in IBM Lotus Domino, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
SHA-256 | ed873f1875b2daed2710d459bde5c8c9ee1640a117e4acbf5bc3991e6c88c477
Page 1 of 3
Back123Next

File Archive:

February 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    11 Files
  • 2
    Feb 2nd
    9 Files
  • 3
    Feb 3rd
    5 Files
  • 4
    Feb 4th
    0 Files
  • 5
    Feb 5th
    0 Files
  • 6
    Feb 6th
    9 Files
  • 7
    Feb 7th
    33 Files
  • 8
    Feb 8th
    34 Files
  • 9
    Feb 9th
    0 Files
  • 10
    Feb 10th
    0 Files
  • 11
    Feb 11th
    0 Files
  • 12
    Feb 12th
    0 Files
  • 13
    Feb 13th
    0 Files
  • 14
    Feb 14th
    0 Files
  • 15
    Feb 15th
    0 Files
  • 16
    Feb 16th
    0 Files
  • 17
    Feb 17th
    0 Files
  • 18
    Feb 18th
    0 Files
  • 19
    Feb 19th
    0 Files
  • 20
    Feb 20th
    0 Files
  • 21
    Feb 21st
    0 Files
  • 22
    Feb 22nd
    0 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close