exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 57 RSS Feed

Files Date: 2009-07-20

DragDropCart Cross Site Scripting
Posted Jul 20, 2009
Authored by Moudi

DragDropCart suffers from remote cross site scripting vulnerabilities.

tags | exploit, remote, vulnerability, xss
SHA-256 | 4ebaa71ac6ec43505ab1bd06019de28b0d12fe448804f7f71d0e31951c9f3f40
AdQuick 2.2.1 Cross Site Scripting
Posted Jul 20, 2009
Authored by Moudi

AdQuick version 2.2.1 suffers from a remote cross site scripting vulnerability.

tags | exploit, remote, xss
SHA-256 | b76020a2273e45b73b2ff4b4e529cdffc6d66b1e9361d881d7e27f631d8c398f
Mandriva Linux Security Advisory 2009-155
Posted Jul 20, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-155 - git-daemon in git 1.4.4.5 through 1.6.3 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a request containing extra unrecognized arguments. This update provides fixes for this vulnerability.

tags | advisory, remote, denial of service
systems | linux, mandriva
advisories | CVE-2009-2108
SHA-256 | 39d32aba881272a63e274ce28478c3f7508d1473676796bd725c858eb0336517
Small Paper On Hacking CSRF Tokens
Posted Jul 20, 2009
Authored by Inferno from Secure Thoughts

This is a small write up discussing hacking CSRF tokens using CSS history hacking.

tags | paper, csrf
SHA-256 | 3e6af417a275ddd4f54c378f68b635c72decc52dea98fd75f944c2507197f6a4
Gentoo Linux Security Advisory 200907-16
Posted Jul 20, 2009
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200907-16 - Multiple integer overflows in Python have an unspecified impact. Chris Evans reported multiple integer overflows in the expandtabs method, as implemented by (1) the string_expandtabs function in Objects/stringobject.c and (2) the unicode_expandtabs function in Objects/unicodeobject.c. Versions less than 2.5.4-r2 are affected.

tags | advisory, overflow, python
systems | linux, gentoo
advisories | CVE-2008-5031
SHA-256 | 83f11df9306a46ee89e4bdf5f479bc6fdfd41403a1d91c6881a4ac7ccb57d69c
Gentoo Linux Security Advisory 200907-15
Posted Jul 20, 2009
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200907-15 - Multiple vulnerabilities in Nagios may lead to the execution of arbitrary code. Versions less than 3.0.6-r2 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2008-5027, CVE-2008-5028, CVE-2008-6373, CVE-2009-2288
SHA-256 | 15854a35770c10a91cb609a48f4a7774e8d4d6d67c4cbc672de3009f5242e9cb
Openwall Linux Kernel Patch
Posted Jul 20, 2009
Authored by Solar Designer | Site openwall.com

The Openwall Linux kernel patch is a collection of security hardening features for the Linux kernel which can stop most 'cookbook' buffer overflow exploits. The patch can also add more privacy to the system by restricting access to parts of /proc so that users may not see what others are doing. Also tightens down file descriptors 0, 1, and 2, implements process limits and shared memory destruction.

Changes: Besides being an update to the 2.4.37.3 kernel release, this revision of the patch introduces an additional security hardening measure where the kernel would no longer allow the "personality" feature (which is needed to support some program binaries from other operating systems) to be abused to bypass the vm.mmap_min_addr restriction via SUID-root programs with a certain class of design errors in them.
tags | overflow, kernel
systems | linux
SHA-256 | 0c25720b101ace36c2d6e8690e52d2db9f39acb3098ead4872c97e1417281062
Audio Lib Player Stack Overflow
Posted Jul 20, 2009
Authored by Cyber-Zone | Site iq-ty.com

Audio Lib Player local stack overflow proof of concept exploit that creates a malicious .m3u file.

tags | exploit, overflow, local, proof of concept
SHA-256 | adf6280c849a7c4d9c69cbb45dcaeb3d1b0def0ee05bbd9af9276fe1004a04c9
Tenshi Log Monitoring Program
Posted Jul 20, 2009
Authored by Andrea Barisani | Site dev.inversepath.com

Tenshi is a log monitoring program, designed to watch a log file for lines matching user defined regular expression and report on the matches. The regular expressions are assigned to queues which have an alert interval and a list of mail recipients. Queues can be set to send a notification as soon as there is a log line assigned to it, or to send periodic reports.

Changes: Multiple bug fixes and resolve feature.
tags | system logging
systems | unix
SHA-256 | 68640aa0222c406ac5779aa923ff6eb803a2686f3bc9dbf6c05f30e8f42d668c
EpicDJ 1.3.9.1 Heap Overflow
Posted Jul 20, 2009
Authored by hack4love

EpicDJ version 1.3.9.1 heap overflow proof of concept exploit that creates a malicious .m3u file.

tags | exploit, overflow, proof of concept
SHA-256 | ae42c742c5a52c7d5f38c249fd54427b00eee76fdd4d700ba218edfb8e28fef9
FreeBSD PECOFF Local Denial Of Service
Posted Jul 20, 2009
Authored by Shaun Colley

FreeBSD 7.2 PECOFF executable loader local denial of service exploit.

tags | exploit, denial of service, local
systems | freebsd
SHA-256 | 6f5a0d5595aec23366df2e82623382d86a0e722426a0bc0df53b9ed926f3c18b
Mandriva Linux Security Advisory 2009-154
Posted Jul 20, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-154 - ISC DHCP Server is vulnerable to a denial of service, caused by the improper handling of DHCP requests. If the host definitions are mixed using dhcp-client-identifier and hardware ethernet, a remote attacker could send specially-crafted DHCP requests to cause the server to stop responding. This update provides fixes for this vulnerability.

tags | advisory, remote, denial of service
systems | linux, mandriva
advisories | CVE-2009-1892
SHA-256 | a5fee68b57120e41bed46b987cdbc7a95a0deafc41924ab3c7874ee821b6b438
EzWeb Calendar Shell Upload
Posted Jul 20, 2009
Authored by Septemb0x | Site cyber-warrior.org

EzWeb Calendar suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell, file upload
SHA-256 | cedee4084efb833603e32661d6e22ae7deedf823cc31ea5d7df9b25280ddffa4
Netrix CMS 1.0 SQL Injection
Posted Jul 20, 2009
Authored by Mr.tro0oqy

Netrix CMS version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
SHA-256 | 7f2263198f509825c76599f6ce24eff41adf1eef7a4089034b839c0ea26d30da
Debian Linux Security Advisory 1839-1
Posted Jul 20, 2009
Authored by Debian | Site debian.org

Debian Security Advisory 1839-1 - It has been discovered that gst-plugins-good0.10, the GStreamer plugins from the "good" set, are prone to an integer overflow, when processing a large PNG file. This could lead to the execution of arbitrary code.

tags | advisory, overflow, arbitrary
systems | linux, debian
advisories | CVE-2009-1932
SHA-256 | 020ddb2f99726ee66c9b9732bf1f93b25eb40f76f4839221462e3ab20e4797a8
Tahyeess.com Bypass Vulnerability
Posted Jul 20, 2009
Authored by ViRuS_HiMa

Tahyeess.com suffers from a user validation bypass vulnerability.

tags | exploit, bypass
SHA-256 | 7bce473c26152c91988189b9c93a54aa280e29d3f361384b1de11d7fec256e5d
Silentum Guestbook 2.0.2 SQL Injection
Posted Jul 20, 2009
Authored by Bgh7

Silentum Guestbook version 2.0.2 suffers from a remote SQL injection vulnerability in silentum_guestbook.php.

tags | exploit, remote, php, sql injection
SHA-256 | 8bdb60706184f8ce425454b11b114a5aefa0cd0f3e4b1f3141c3dcfc17c787c4
Debian Linux Security Advisory 1838-1
Posted Jul 20, 2009
Authored by Debian | Site debian.org

Debian Security Advisory 1838-1 - Tavis Ormandy and Julien Tinnes discovered that the pulseaudio daemon does not drop privileges before re-executing itself, enabling local attackers to increase their privileges.

tags | advisory, local
systems | linux, debian
advisories | CVE-2009-1894
SHA-256 | 45a80afc1cf274d6f81ee8a06edb00e8789a356accc2864d719d6ad7602ddbe6
Pulse Audio setuid Privilege Escalation
Posted Jul 20, 2009

Pulse Audio setuid local privilege escalation exploit.

tags | exploit, local
SHA-256 | f0999000ab3ea0a79806e55c0a5c67d933478e0f8285df18faae4f664ed09b5a
Debian Linux Security Advisory 1837-1
Posted Jul 20, 2009
Authored by Debian | Site debian.org

Debian Security Advisory 1837-1 - It was discovered that the dbus_signature_validate function in dbus, a simple interprocess messaging system, is prone to a denial of service attack. This issue was caused by an incorrect fix for DSA-1658-1.

tags | advisory, denial of service
systems | linux, debian
advisories | CVE-2009-1189
SHA-256 | 3a59f784c1f6132a397a122319908cb083f488ca4ee4aa00214ed8c13fedd9fe
POP Account Check For Yahoo!/Google/Hotmail
Posted Jul 20, 2009
Authored by P47r1ck | Site darkc0de.com

POP account checking utility for Yahoo!/Google/Hotmail.

tags | tool
systems | unix
SHA-256 | 1d072d13687310f60ea7f201ff7083b6ff6952037433149f9c172b8bb206365f
TOPHangman SQL Injection / XSS
Posted Jul 20, 2009
Authored by Moudi

TOPHangman suffers from remote SQL injection and cross site scripting vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
SHA-256 | d091cd1ea1b5f2f84da81c762e97b35f84ebbad41e7c59f4df8c706c71ff3fb6
EpicVJ 1.2.8.0 Heap Overflow
Posted Jul 20, 2009
Authored by hack4love

EpicVJ version 1.2.8.0 heap overflow proof of concept exploit that creates a malicious .m3u file.

tags | exploit, denial of service, overflow, proof of concept
SHA-256 | 9a0a640bde69a2dddc1c3d0f714d7fb3655665c54116770f6454476594b35747
Riddle Depot SQL Injection / XSS
Posted Jul 20, 2009
Authored by Moudi

Riddle Depot suffers from remote SQL injection and cross site scripting vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
SHA-256 | d8b42177a55142a262e86909830f35b4fb8d7d1f790e020ae71305137c002573
MCshoutbox 1.1 SQL Injection / XSS / Shell Upload
Posted Jul 20, 2009
Authored by SirGod | Site insecurity.ro

MCshoutbox version 1.1 suffers from remote SQL injection, cross site scripting, and shell upload vulnerabilities.

tags | exploit, remote, shell, vulnerability, xss, sql injection, file upload
SHA-256 | ca74e24e03d2a8e167e3f0ae5420a9f19da76cfa8265fab0f9c7f3c52ac491da
Page 1 of 3
Back123Next

File Archive:

February 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    11 Files
  • 2
    Feb 2nd
    9 Files
  • 3
    Feb 3rd
    5 Files
  • 4
    Feb 4th
    0 Files
  • 5
    Feb 5th
    0 Files
  • 6
    Feb 6th
    9 Files
  • 7
    Feb 7th
    33 Files
  • 8
    Feb 8th
    34 Files
  • 9
    Feb 9th
    0 Files
  • 10
    Feb 10th
    0 Files
  • 11
    Feb 11th
    0 Files
  • 12
    Feb 12th
    0 Files
  • 13
    Feb 13th
    0 Files
  • 14
    Feb 14th
    0 Files
  • 15
    Feb 15th
    0 Files
  • 16
    Feb 16th
    0 Files
  • 17
    Feb 17th
    0 Files
  • 18
    Feb 18th
    0 Files
  • 19
    Feb 19th
    0 Files
  • 20
    Feb 20th
    0 Files
  • 21
    Feb 21st
    0 Files
  • 22
    Feb 22nd
    0 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close