exploit the possibilities
Showing 1 - 25 of 62 RSS Feed

Files Date: 2009-07-06

Technical Cyber Security Alert 2009-187A
Posted Jul 6, 2009
Authored by US-CERT | Site us-cert.gov

Technical Cyber Security Alert TA09-187A - An unpatched vulnerability in the Microsoft Video ActiveX control is being used in attacks.

tags | advisory, activex
MD5 | d0c4b32b78839faf2ac0d35c94caa6bd
Photo DVD Maker Professional Buffer Overflow
Posted Jul 6, 2009
Authored by SVRT | Site security.bkis.vn

Photo DVD Maker Professional versions 8.02 and below suffer from a buffer overflow vulnerability.

tags | advisory, overflow
MD5 | ac1d229a9147b937f050f2ae013df492
Whitepaper Called From 0 To 0 Day On Symbian
Posted Jul 6, 2009
Authored by Bernhard Mueller | Site sec-consult.com

Whitepaper called From 0 To 0 Day On Symbian - Finding Low Level Vulnerabilities On Symbian Smartphones.

tags | paper, vulnerability
MD5 | c1cb013822fd2846a8426bfcb98c5d69
Ubuntu Security Notice 797-1
Posted Jul 6, 2009
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice USN-797-1 - It was discovered that the TIFF library did not correctly handle certain malformed TIFF images. If a user or automated system were tricked into processing a malicious image, a remote attacker could cause an application linked against libtiff to crash, leading to a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2009-2285
MD5 | 6764f0068e53bf3c1cabf06f73b0cd31
Ubuntu Security Notice 796-1
Posted Jul 6, 2009
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice USN-796-1 - Yuriy Kaminskiy discovered that Pidgin did not properly handle certain messages in the ICQ protocol handler. A remote attacker could send a specially crafted message and cause Pidgin to crash.

tags | advisory, remote, protocol
systems | linux, ubuntu
advisories | CVE-2009-1889
MD5 | ca4112317e66f3452f733d79e891f18c
Disable Shadowing Shellcode
Posted Jul 6, 2009
Authored by vlan7 | Site vlan7.blogspot.com

This shellcode disables shadowing on Linux sending all passwords to /etc/passwd.

tags | shellcode
systems | linux
MD5 | 60ef31086fca22f2e9270391a5c3189e
27 Bytes setuid/execve Shellcode
Posted Jul 6, 2009
Authored by vlan7 | Site vlan7.blogspot.com

27 bytes small Linux/x86 setuid(0) and execve("/bin/sh",0,0) shellcode.

tags | x86, shellcode
systems | linux
MD5 | 9523d616a246ecf8e32c52990a56f665
Juice For Restaurants SQL Injection
Posted Jul 6, 2009
Authored by Cru3l.b0y | Site deltahacking.ir

The Juice for Restaurants script suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | d94052a91c1010db537f07274ebc9f94
CakePHP 1.1.20 Local File Inclusion
Posted Jul 6, 2009
Authored by Cru3l.b0y | Site deltahacking.ir

CakePHP version 1.1.20 suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
MD5 | 75f433c22b17ba9ba2328df4da2a713a
TekRADIUS Privilege Escalation
Posted Jul 6, 2009
Authored by Tim Brown | Site nth-dimension.org.uk

The TekRADIUS radius server for Windows suffers from a SQL injection vulnerability that allows for privilege escalation. Details provided.

tags | exploit, sql injection
systems | windows
MD5 | 2d8aacd475c8f344bd22c2060938df66
NullLogic Groupware Flaws
Posted Jul 6, 2009
Authored by Tim Brown | Site nth-dimension.org.uk

NullLogic Groupware suffers from account compromise, denial of service, and possibly remote code execution vulnerabilities.

tags | advisory, remote, denial of service, vulnerability, code execution
MD5 | 5336f1e24260bdf93f64f3b8cd9c6db1
xscreensaver Symlink Attack
Posted Jul 6, 2009
Authored by Kingcope

xscreensaver version 5.01 suffers from a symlink attack vulnerability that allows for arbitrary file disclosure.

tags | exploit, arbitrary
MD5 | 5fa5be73c2547907015777c50e5bf04b
Sun One 6.1 JSP Source Disclosure
Posted Jul 6, 2009
Authored by Kingcope

Sun One webserver version 6.1 suffers from a remote JSP source code disclosure vulnerability.

tags | exploit, remote, info disclosure
MD5 | 22bacd6f3cdbd896efac569912e8033c
Open Source CERT Security Advisory 2009.8
Posted Jul 6, 2009
Authored by Andrea Barisani, Open Source CERT | Site ocert.org

Dillo, an open source graphical web browser, suffers from an integer overflow which may lead to a potentially exploitable heap overflow and result in arbitrary code execution. The vulnerability is triggered by HTML pages with embedded PNG images, the Png_datainfo_callback function does not properly validate the width and height of the image. Specific PNG images with large width and height can be crafted to trigger the vulnerability. Versions 2.1 and below are affected.

tags | advisory, web, overflow, arbitrary, code execution
advisories | CVE-2009-2294
MD5 | 828e7861ba812ab27254e74ea5809acb
Open Source CERT Security Advisory 2009.7
Posted Jul 6, 2009
Authored by Andrea Barisani, Open Source CERT | Site ocert.org

FCKeditor, a web based open source HTML text editor, suffers from a remote file upload vulnerability. The input of several connector modules is not properly verified before being used, this leads to exposure of the contents of arbitrary directories on the server filesystem and allows file uploading to arbitrary locations. The affected code is remotely exposed before authentication. An attacker can exploit this vulnerability to install remote shells on the victim server among other things, it should be noted that this vulnerability is being actively exploited in the wild. Versions 2.6.4 and below are affected.

tags | advisory, remote, web, arbitrary, shell, file upload
advisories | CVE-2009-2265
MD5 | 7f3b395b7d13a83c0e65efe52d9ee4e8
Whitepaper Called One Click Ownage
Posted Jul 6, 2009
Authored by Ferruh Mavituna

Whitepaper called One Click Ownage. It discusses getting a reverse shell through SQL injection. Related scripts are in the compressed archive.

tags | paper, shell, sql injection
MD5 | 5346f755b10cf7dd728a06f273277395
HPP Protection Patch For ModSecurity 2.5.9
Posted Jul 6, 2009
Authored by Andi | Site void.at

HPP (HTTP Parameter Pollution) protection patch for ModSecurity version 2.5.9.

tags | web, patch
systems | unix
MD5 | 825adef3a8be5af3cd0407fab82288e7
Gentoo Linux Security Advisory 200907-3
Posted Jul 6, 2009
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200907-03 - Multiple vulnerabilities in the Apache Portable Runtime Utility Library might enable remote attackers to cause a Denial of Service or disclose sensitive information. Versions less than 1.3.7 are affected.

tags | advisory, remote, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2009-0023, CVE-2009-1955, CVE-2009-1956
MD5 | 1ef438d70e7df958e58cfa6df3a18bf3
Avax Vector 1.3 Denial Of Service
Posted Jul 6, 2009
Authored by Satan_Hackers

Avax Vector Active-X control version 1.3 proof of concept denial of service exploit that takes advantage of avPreview.ocx.

tags | exploit, denial of service, activex, proof of concept
MD5 | 02e52e629c86683fa5d1d83cae3e1dbd
ShopCartDx 4.30 products.php Blind SQL Injection
Posted Jul 6, 2009
Authored by Dante90 | Site warwolfz.org

Remote blind SQL injection exploit for ShopCartDx version 4.30 that leverages products.php.

tags | exploit, remote, php, sql injection
MD5 | c636c0f39ac17dfd815ac9be73fe1e20
Debian Linux Security Advisory 1827-1
Posted Jul 6, 2009
Authored by Debian | Site debian.org

Debian Security Advisory 1827-1 - It was discovered that ipplan, a web-based IP address manager and tracker, does not sufficiently escape certain input parameters, which allows remote attackers to conduct cross-site scripting attacks.

tags | advisory, remote, web, xss
systems | linux, debian
advisories | CVE-2009-1732
MD5 | 65e94732d7850099f3b6a3821705ba7e
Debian Linux Security Advisory 1826-1
Posted Jul 6, 2009
Authored by Debian | Site debian.org

Debian Security Advisory 1826-1 - Several vulnerabilities have been discovered in eggdrop, an advanced IRC robot.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2007-2807, CVE-2009-1789
MD5 | 6e3579c07d6e7d35566695a160644ebb
Debian Linux Security Advisory 1825-1
Posted Jul 6, 2009
Authored by Debian | Site debian.org

Debian Security Advisory 1825-1 - It was discovered that the statuswml.cgi script of nagios, a monitoring and management system for hosts, services and networks, is prone to a command injection vulnerability. Input to the ping and traceroute parameters of the script is not properly validated which allows an attacker to execute arbitrary shell commands by passing a crafted value to these parameters.

tags | advisory, arbitrary, shell, cgi
systems | linux, debian
advisories | CVE-2009-2288
MD5 | 72e480bae243f144b9c0cfcc9c35d731
Secunia Security Advisory 35675
Posted Jul 6, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in KVM, which can be exploited by malicious, local users to cause a DoS (Denial of Service).

tags | advisory, denial of service, local
MD5 | f58c3f245832aadca9a859ffd9bbc552
Secunia Security Advisory 35692
Posted Jul 6, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for nagios2 and nagios3. This fixes a vulnerability, which can be exploited by malicious users to potentially compromise a vulnerable system.

tags | advisory
systems | linux, debian
MD5 | 23bf54cfa99eb1d1c4a5ac50f7f9857e
Page 1 of 3
Back123Next

File Archive:

September 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    20 Files
  • 2
    Sep 2nd
    15 Files
  • 3
    Sep 3rd
    15 Files
  • 4
    Sep 4th
    4 Files
  • 5
    Sep 5th
    1 Files
  • 6
    Sep 6th
    1 Files
  • 7
    Sep 7th
    15 Files
  • 8
    Sep 8th
    27 Files
  • 9
    Sep 9th
    7 Files
  • 10
    Sep 10th
    16 Files
  • 11
    Sep 11th
    9 Files
  • 12
    Sep 12th
    0 Files
  • 13
    Sep 13th
    0 Files
  • 14
    Sep 14th
    25 Files
  • 15
    Sep 15th
    15 Files
  • 16
    Sep 16th
    15 Files
  • 17
    Sep 17th
    15 Files
  • 18
    Sep 18th
    12 Files
  • 19
    Sep 19th
    1 Files
  • 20
    Sep 20th
    1 Files
  • 21
    Sep 21st
    15 Files
  • 22
    Sep 22nd
    21 Files
  • 23
    Sep 23rd
    8 Files
  • 24
    Sep 24th
    15 Files
  • 25
    Sep 25th
    4 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close