what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 64 RSS Feed

Files Date: 2009-06-04

Mandriva Linux Security Advisory 2009-128
Posted Jun 4, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-128 - Multiple security vulnerabilities have been identified and fixed in libmodplug. These range from integer to buffer overflows. The updated packages have been patched to prevent this.

tags | advisory, overflow, vulnerability
systems | linux, mandriva
advisories | CVE-2009-1438, CVE-2009-1513
SHA-256 | 0571fd8d87c92d6328067f290b78f164ef29e209aaf3cb2cc002ce05d1c6f2de
Host Directory PRO 2.1.0 Password Changer
Posted Jun 4, 2009
Authored by TiGeR-Dz | Site h4ckf0u.com

Host Directory PRO version 2.1.0 remote administrative password changing exploit.

tags | exploit, remote
SHA-256 | 77ce0f56f40398d3fb015d2b9770183c570116d460ac8e21bd02841f7dabb031
Web Directory PRO Database Backup
Posted Jun 4, 2009
Authored by TiGeR-Dz | Site h4ckf0u.com

Web Directory PRO suffers from a remote database backup vulnerability.

tags | exploit, remote, web
SHA-256 | 1a033eff9b6c300112878921ac083615125db94bd23cf947fdf4f98b167fcd8f
Hi5 Brute Forcer
Posted Jun 4, 2009
Authored by P47r1ck | Site darkc0de.com

Hi5 brute forcing utility that takes in a wordlist and is written in Python.

tags | cracker, python
SHA-256 | 20cf2a5a5f41c4cfd2d4f019909b942f71a216d787588a10944ce5e0148869dd
Mandriva Linux Security Advisory 2009-127
Posted Jun 4, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-127 - It was discovered that Gaim did not properly handle certain malformed messages in the MSN protocol handler. A remote attacker could send a specially crafted message and possibly execute arbitrary code with user privileges.

tags | advisory, remote, arbitrary, protocol
systems | linux, mandriva
advisories | CVE-2008-2927
SHA-256 | c129ddafc8e6adbe84ce0db1d2f64f157d4c61e4660c21d8942f61dda334aa16
Host Directory PRO 2.1.0 Database Backup
Posted Jun 4, 2009
Authored by TiGeR-Dz | Site h4ckf0u.com

Host Directory PRO version 2.1.0 suffers from a remote database backup vulnerability.

tags | exploit, remote
SHA-256 | 9beccfca8c42efaf654629c3ab2885f8113bfc7bcb0a2869a1ff1e64447165e0
Web Directory PRO Password Changer
Posted Jun 4, 2009
Authored by TiGeR-Dz | Site h4ckf0u.com

Web Directory PRO remote administrative password changing exploit.

tags | exploit, remote, web
SHA-256 | 80efc67a1160daadcd68665b6cc47b7f81964b51fcd626416d0a485b4dbe2464
SuperCali PHP Event Calendar Password Changer
Posted Jun 4, 2009
Authored by TiGeR-Dz | Site h4ckf0u.com

SuperCali PHP Event Calendar suffers from an arbitrary administrative password changing vulnerability.

tags | exploit, arbitrary, php
SHA-256 | 3543c371e4b08076a96b7c4c00f1fc20ad7565f2528db074f9698e8c326b67f2
Apache Tomcat Information Disclosure
Posted Jun 4, 2009
Authored by Mark Thomas | Site tomcat.apache.org

Apache Tomcat suffers from a XML parser replacement related information disclosure vulnerability. Versions affected include Tomcat 6.0.0 to 6.0.18, Tomcat 5.5.0 to 5.5.27, and Tomcat 4.1.0 to 4.1.39.

tags | advisory, info disclosure
advisories | CVE-2009-0783
SHA-256 | c2b64deb31914b487990416282c15bcbf60ade318ae9adeff66567f4a45f4d69
Apache Tomcat Denial Of Service
Posted Jun 4, 2009
Authored by Mark Thomas | Site tomcat.apache.org

If Tomcat receives a request with invalid headers via the Java AJP connector, it does not return an error and instead closes the AJP connection. In case this connector is member of a mod_jk load balancing worker, this member will be put into an error state and will be blocked from use for approximately one minute. Thus the behavior can be used for a denial of service attack using a carefully crafted request. Versions affected include Tomcat 6.0.0 to 6.0.18, Tomcat 5.5.0 to 5.5.27, and Tomcat 4.1.0 to 4.1.39.

tags | advisory, java, denial of service
advisories | CVE-2009-0033
SHA-256 | c1222adcdce7d85aa41a91cfdf45704103468dc97af6d891ef3a467ed12ed3c9
Tomcat Information Disclosure
Posted Jun 4, 2009
Authored by Mark Thomas | Site tomcat.apache.org

Due to insufficient error checking in some authentication classes, Tomcat allows for the enumeration (brute force testing) of usernames by supplying illegally URL encoded passwords. Versions affected include Tomcat 6.0.0 to 6.0.18, Tomcat 5.5.0 to 5.5.27, and Tomcat 4.1.0 to 4.1.39.

tags | advisory
advisories | CVE-2009-0580
SHA-256 | 23d04996953f18e735ec39419f21aa830d1507afe0c131cb6125bc7e54f441ba
Ubuntu Security Notice 781-2
Posted Jun 4, 2009
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice USN-781-2 - It was discovered that Gaim did not properly handle certain malformed messages when sending a file using the XMPP protocol handler. If a user were tricked into sending a file, a remote attacker could send a specially crafted response and cause Gaim to crash, or possibly execute arbitrary code with user privileges. It was discovered that Gaim did not properly handle certain malformed messages in the MSN protocol handler. A remote attacker could send a specially crafted message and possibly execute arbitrary code with user privileges.

tags | advisory, remote, arbitrary, protocol
systems | linux, ubuntu
advisories | CVE-2009-1373, CVE-2009-1376
SHA-256 | 959ae8eddaf8e4c73e6210d8d6f03aa37f29790fab59d7fbeb81aa87e655ad3a
Movie PHP Script 2.0 Code Execution
Posted Jun 4, 2009
Authored by SirGod | Site insecurity.ro

Movie PHP Script version 2.0 suffers from a code execution vulnerability in init.php.

tags | exploit, php, code execution
SHA-256 | f18ca171de35377a0fdf8414f8372a7319110fff283e784fb5f9e0be9a6c919e
Ubuntu Security Notice 781-1
Posted Jun 4, 2009
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice USN-781-1 - It was discovered that Pidgin did not properly handle certain malformed messages when sending a file using the XMPP protocol handler. If a user were tricked into sending a file, a remote attacker could send a specially crafted response and cause Pidgin to crash, or possibly execute arbitrary code with user privileges. It was discovered that Pidgin did not properly handle certain malformed messages in the QQ protocol handler. A remote attacker could send a specially crafted message and cause Pidgin to crash. This issue only affected Ubuntu 8.10 and 9.04. It was discovered that Pidgin did not properly handle certain malformed messages in the XMPP and Sametime protocol handlers. A remote attacker could send a specially crafted message and cause Pidgin to crash. It was discovered that Pidgin did not properly handle certain malformed messages in the MSN protocol handler. A remote attacker could send a specially crafted message and possibly execute arbitrary code with user privileges.

tags | advisory, remote, arbitrary, protocol
systems | linux, ubuntu
advisories | CVE-2009-1373, CVE-2009-1374, CVE-2009-1375, CVE-2009-1376
SHA-256 | edcd25ea3a9efa771fd79ad6546263ae682ec7ea24fb292898ff40eeb7c0ca27
Supernews 2.6 SQL Injection
Posted Jun 4, 2009
Authored by DD3str0y3r

Supernews version 2.6 suffers from a remote SQL injection vulnerability in index.php.

tags | exploit, remote, php, sql injection
SHA-256 | a0c52c7bab931b128694918d4bf8ec6f26e1a56f209a0132c79f96b61923e0f5
Ubuntu Security Notice 780-1
Posted Jun 4, 2009
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice USN-780-1 - Anibal Sacco discovered that CUPS did not properly handle certain network operations. A remote attacker could exploit this flaw and cause the CUPS server to crash, resulting in a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2009-0949
SHA-256 | 5ed9ac751e35b04551ce6bc0ee95dbc2274f8e92c18f6df536d88f1d108fb5c0
OCS Inventory NG Directory Traversal
Posted Jun 4, 2009
Authored by Nico Leidecker

OCS Inventory NG version 1.02 suffers from a remote file disclosure vulnerability.

tags | exploit, remote, file inclusion
SHA-256 | 73e8f91b83749f97a33d287b830b4b07522b83f9752bb37c0cef2b5558ba9243
Joomla Momres Component SQL Injection
Posted Jun 4, 2009
Authored by Chip D3 Bi0s

The Joomla Momres component suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | ddb3d060e4123f70575be5914ad331d2744597b1644cf4af22071af941ece535
Joomla Omilen Photo Gallery 0.5b LFI
Posted Jun 4, 2009
Authored by ByALBAYX | Site c4team.org

The Joomla Omilen Photo Gallery version 0.5b suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
SHA-256 | 49a904680d67c59f46864154010b14131a9886c1049a11a5555e2c3e3ff79f2f
Joomla Seminar Component 1.28 SQL Injection
Posted Jun 4, 2009
Authored by ThE g0bL!N | Site h4ckf0ru.com

Joomla Seminar component version 1.28 remote blind SQL injection exploit.

tags | exploit, remote, sql injection
SHA-256 | fb819b7d311c21bcde83b9f137aa4832ad3f06db9a58f3e627c62658efcc292c
EgyPlus 7ml 1.0.1 SQL Injection
Posted Jun 4, 2009
Authored by Qabandi

EgyPlus 7ml versions 1.0.1 and below suffer from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
SHA-256 | c1cd71478a82dfaaf4acc3a16083350fc73a77351a3bbd57fd0c2b5c6bf80edc
Podcast Generator 1.2 Re-Installation
Posted Jun 4, 2009
Authored by StAkeR

Podcast Generator versions 1.2 and below unauthorized CMS re-installation exploit.

tags | exploit
SHA-256 | 47c54be78e45cbd7ca5dd7d6030665ce4149d9c12697df96113124dd02545514
Blue Collar Productions iGallery 4.1 Plus File Download
Posted Jun 4, 2009
Authored by Stefano Angaran | Site upyou.it

Blue Collar Productions iGallery version 4.1 Plus suffers from an arbitrary file download vulnerability.

tags | exploit, arbitrary
SHA-256 | ac77c07cffc3f662f1b46014ede8f9f819102ed1760a4750576a5df09aeb699b
My Mini Bill SQL Injection
Posted Jun 4, 2009
Authored by ThE g0bL!N | Site h4ckf0ru.com

My Mini Bill suffers from a remote SQL injection vulnerability in my_orders.php.

tags | exploit, remote, php, sql injection
SHA-256 | 2605700b82f8e1dd97d56df6670ee22784a7870d30580db4dd641594186d570b
VOIP Dashboard SQL Injection
Posted Jun 4, 2009
Authored by Rohit Bansal

VOIP Dashboard suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
SHA-256 | 73cf82122fabacafd807e8ae6df54bc560d7dc8292e58f616714461b16136199
Page 1 of 3
Back123Next

File Archive:

October 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    10 Files
  • 2
    Oct 2nd
    0 Files
  • 3
    Oct 3rd
    12 Files
  • 4
    Oct 4th
    15 Files
  • 5
    Oct 5th
    18 Files
  • 6
    Oct 6th
    16 Files
  • 7
    Oct 7th
    12 Files
  • 8
    Oct 8th
    0 Files
  • 9
    Oct 9th
    0 Files
  • 10
    Oct 10th
    0 Files
  • 11
    Oct 11th
    0 Files
  • 12
    Oct 12th
    0 Files
  • 13
    Oct 13th
    0 Files
  • 14
    Oct 14th
    0 Files
  • 15
    Oct 15th
    0 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close