what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 62 RSS Feed

Files Date: 2009-07-06

Technical Cyber Security Alert 2009-187A
Posted Jul 6, 2009
Authored by US-CERT | Site us-cert.gov

Technical Cyber Security Alert TA09-187A - An unpatched vulnerability in the Microsoft Video ActiveX control is being used in attacks.

tags | advisory, activex
SHA-256 | 1a102bd7a40bbb8ca60abb765053806e63288e7f77f3bce55c8c5ebc9f6902f6
Photo DVD Maker Professional Buffer Overflow
Posted Jul 6, 2009
Authored by SVRT | Site security.bkis.vn

Photo DVD Maker Professional versions 8.02 and below suffer from a buffer overflow vulnerability.

tags | advisory, overflow
SHA-256 | 8c36687687ab63088a901e8037aeeba720eccb666f36a7815c5c7c225ba1805b
Whitepaper Called From 0 To 0 Day On Symbian
Posted Jul 6, 2009
Authored by Bernhard Mueller | Site sec-consult.com

Whitepaper called From 0 To 0 Day On Symbian - Finding Low Level Vulnerabilities On Symbian Smartphones.

tags | paper, vulnerability
SHA-256 | 9f84cc111e30835b5b7e8fbc5e38e756d4e282500b242481eca7fe284fc5a2df
Ubuntu Security Notice 797-1
Posted Jul 6, 2009
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice USN-797-1 - It was discovered that the TIFF library did not correctly handle certain malformed TIFF images. If a user or automated system were tricked into processing a malicious image, a remote attacker could cause an application linked against libtiff to crash, leading to a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2009-2285
SHA-256 | 7a72370d5fd4910515c0a0d165701f1585e989a74655c1eb76451cd4ddb6b631
Ubuntu Security Notice 796-1
Posted Jul 6, 2009
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice USN-796-1 - Yuriy Kaminskiy discovered that Pidgin did not properly handle certain messages in the ICQ protocol handler. A remote attacker could send a specially crafted message and cause Pidgin to crash.

tags | advisory, remote, protocol
systems | linux, ubuntu
advisories | CVE-2009-1889
SHA-256 | e9d236e58486d787e4f1439f5a9222d5b450347d97a026eb8d4c6826b1ac3968
Disable Shadowing Shellcode
Posted Jul 6, 2009
Authored by vlan7 | Site vlan7.blogspot.com

This shellcode disables shadowing on Linux sending all passwords to /etc/passwd.

tags | shellcode
systems | linux
SHA-256 | efc0efd9feadbafc48fa0b35a0aa5538a00d019eb428a3387ae2c12b99c3f28b
27 Bytes setuid/execve Shellcode
Posted Jul 6, 2009
Authored by vlan7 | Site vlan7.blogspot.com

27 bytes small Linux/x86 setuid(0) and execve("/bin/sh",0,0) shellcode.

tags | x86, shellcode
systems | linux
SHA-256 | bdc78449c1f635f062ade25df0e45d95aa1798aa892eac87fb644cc407eeb707
Juice For Restaurants SQL Injection
Posted Jul 6, 2009
Authored by Cru3l.b0y | Site deltahacking.ir

The Juice for Restaurants script suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 5853b23bf8d99c0214eb477e59019090226dd91111a256d4ae9304231cde2fac
CakePHP 1.1.20 Local File Inclusion
Posted Jul 6, 2009
Authored by Cru3l.b0y | Site deltahacking.ir

CakePHP version 1.1.20 suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
SHA-256 | 27ead6119246b29233ad633ebe43ea62de1a3b3bd2aacf040b1811027299d69e
TekRADIUS Privilege Escalation
Posted Jul 6, 2009
Authored by Tim Brown | Site nth-dimension.org.uk

The TekRADIUS radius server for Windows suffers from a SQL injection vulnerability that allows for privilege escalation. Details provided.

tags | exploit, sql injection
systems | windows
SHA-256 | 04e03394380b7c464a8bd6dabc94060b07b1420c44f813a363aca9d1aa17f13d
NullLogic Groupware Flaws
Posted Jul 6, 2009
Authored by Tim Brown | Site nth-dimension.org.uk

NullLogic Groupware suffers from account compromise, denial of service, and possibly remote code execution vulnerabilities.

tags | advisory, remote, denial of service, vulnerability, code execution
SHA-256 | c36c4bc118817c73caa7e27e4882f82a005ab7e206e99a27d5d2b690d6443b2a
xscreensaver Symlink Attack
Posted Jul 6, 2009
Authored by Kingcope

xscreensaver version 5.01 suffers from a symlink attack vulnerability that allows for arbitrary file disclosure.

tags | exploit, arbitrary
SHA-256 | 76a58717d14127259b1160fa8f313e1fbd413475bd10fae05ad4fd3f3270e9fb
Sun One 6.1 JSP Source Disclosure
Posted Jul 6, 2009
Authored by Kingcope

Sun One webserver version 6.1 suffers from a remote JSP source code disclosure vulnerability.

tags | exploit, remote, info disclosure
SHA-256 | 00259bc166576fb6e6df32d2a3dd8d1fdd966e27f73e21fdb0b6899cdfa0ef50
Open Source CERT Security Advisory 2009.8
Posted Jul 6, 2009
Authored by Andrea Barisani, Open Source CERT | Site ocert.org

Dillo, an open source graphical web browser, suffers from an integer overflow which may lead to a potentially exploitable heap overflow and result in arbitrary code execution. The vulnerability is triggered by HTML pages with embedded PNG images, the Png_datainfo_callback function does not properly validate the width and height of the image. Specific PNG images with large width and height can be crafted to trigger the vulnerability. Versions 2.1 and below are affected.

tags | advisory, web, overflow, arbitrary, code execution
advisories | CVE-2009-2294
SHA-256 | 0a9bd01bbd35cd229feb029c2a84091f982b71b8dbf99cb85b892b57eae472c1
Open Source CERT Security Advisory 2009.7
Posted Jul 6, 2009
Authored by Andrea Barisani, Open Source CERT | Site ocert.org

FCKeditor, a web based open source HTML text editor, suffers from a remote file upload vulnerability. The input of several connector modules is not properly verified before being used, this leads to exposure of the contents of arbitrary directories on the server filesystem and allows file uploading to arbitrary locations. The affected code is remotely exposed before authentication. An attacker can exploit this vulnerability to install remote shells on the victim server among other things, it should be noted that this vulnerability is being actively exploited in the wild. Versions 2.6.4 and below are affected.

tags | advisory, remote, web, arbitrary, shell, file upload
advisories | CVE-2009-2265
SHA-256 | e8fb00e2c1d4004e9c9d5b6c8091560a3a8bc7b786b95c5a80061e93d79b8354
Whitepaper Called One Click Ownage
Posted Jul 6, 2009
Authored by Ferruh Mavituna

Whitepaper called One Click Ownage. It discusses getting a reverse shell through SQL injection. Related scripts are in the compressed archive.

tags | paper, shell, sql injection
SHA-256 | d9d69e301c64bdfe485895f78c59131d790f2e51060dcbca3dd44e46bee6d71a
HPP Protection Patch For ModSecurity 2.5.9
Posted Jul 6, 2009
Authored by Andi | Site void.at

HPP (HTTP Parameter Pollution) protection patch for ModSecurity version 2.5.9.

tags | web, patch
systems | unix
SHA-256 | 694e79fd6246d584e4df0972c66d14e7afca6ec28b6e3eee0d217b41d58f5786
Gentoo Linux Security Advisory 200907-3
Posted Jul 6, 2009
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200907-03 - Multiple vulnerabilities in the Apache Portable Runtime Utility Library might enable remote attackers to cause a Denial of Service or disclose sensitive information. Versions less than 1.3.7 are affected.

tags | advisory, remote, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2009-0023, CVE-2009-1955, CVE-2009-1956
SHA-256 | 4263d47d1b70e312d108199ea0389b75e3ded16f3aec80a2d0b1d0b8cf07bff9
Avax Vector 1.3 Denial Of Service
Posted Jul 6, 2009
Authored by Satan_Hackers

Avax Vector Active-X control version 1.3 proof of concept denial of service exploit that takes advantage of avPreview.ocx.

tags | exploit, denial of service, activex, proof of concept
SHA-256 | c69169d02a1890b915d3de37f255e288faeb7f272b5aa090a2d7ac024a7d5ebd
ShopCartDx 4.30 products.php Blind SQL Injection
Posted Jul 6, 2009
Authored by Dante90 | Site warwolfz.org

Remote blind SQL injection exploit for ShopCartDx version 4.30 that leverages products.php.

tags | exploit, remote, php, sql injection
SHA-256 | 1da8905f08d5b1d04b6a116f7320fea2a361ff4df354e352026f26c9b771c0b1
Debian Linux Security Advisory 1827-1
Posted Jul 6, 2009
Authored by Debian | Site debian.org

Debian Security Advisory 1827-1 - It was discovered that ipplan, a web-based IP address manager and tracker, does not sufficiently escape certain input parameters, which allows remote attackers to conduct cross-site scripting attacks.

tags | advisory, remote, web, xss
systems | linux, debian
advisories | CVE-2009-1732
SHA-256 | 00635cca24bc92600de8f93c3721c5247f197717d7229303c32358b985872512
Debian Linux Security Advisory 1826-1
Posted Jul 6, 2009
Authored by Debian | Site debian.org

Debian Security Advisory 1826-1 - Several vulnerabilities have been discovered in eggdrop, an advanced IRC robot.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2007-2807, CVE-2009-1789
SHA-256 | a8b2c212aff1ffb3827b0c945e8b7f60cc18b1a588ac272831cca100696988e7
Debian Linux Security Advisory 1825-1
Posted Jul 6, 2009
Authored by Debian | Site debian.org

Debian Security Advisory 1825-1 - It was discovered that the statuswml.cgi script of nagios, a monitoring and management system for hosts, services and networks, is prone to a command injection vulnerability. Input to the ping and traceroute parameters of the script is not properly validated which allows an attacker to execute arbitrary shell commands by passing a crafted value to these parameters.

tags | advisory, arbitrary, shell, cgi
systems | linux, debian
advisories | CVE-2009-2288
SHA-256 | 0b0c8bcd8fd8d0b6301b324a8896ae8ce2c6068e6e1a207cae7ec3151af6db50
Secunia Security Advisory 35675
Posted Jul 6, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in KVM, which can be exploited by malicious, local users to cause a DoS (Denial of Service).

tags | advisory, denial of service, local
SHA-256 | bc7a0d5ab679be36909fc429e991b2150fb857afdf8874a6aa79cd5f6745921d
Secunia Security Advisory 35692
Posted Jul 6, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for nagios2 and nagios3. This fixes a vulnerability, which can be exploited by malicious users to potentially compromise a vulnerable system.

tags | advisory
systems | linux, debian
SHA-256 | b86288e59c357dff208de0efd4aaf02d97d0464d740a19945e18e0e5c244b961
Page 1 of 3
Back123Next

File Archive:

July 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    52 Files
  • 2
    Jul 2nd
    0 Files
  • 3
    Jul 3rd
    0 Files
  • 4
    Jul 4th
    0 Files
  • 5
    Jul 5th
    0 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    0 Files
  • 9
    Jul 9th
    0 Files
  • 10
    Jul 10th
    0 Files
  • 11
    Jul 11th
    0 Files
  • 12
    Jul 12th
    0 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    0 Files
  • 16
    Jul 16th
    0 Files
  • 17
    Jul 17th
    0 Files
  • 18
    Jul 18th
    0 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close