exploit the possibilities
Showing 1 - 25 of 57 RSS Feed

Files Date: 2009-07-20

DragDropCart Cross Site Scripting
Posted Jul 20, 2009
Authored by Moudi

DragDropCart suffers from remote cross site scripting vulnerabilities.

tags | exploit, remote, vulnerability, xss
MD5 | 020e53749f75472774cc0c2036362924
AdQuick 2.2.1 Cross Site Scripting
Posted Jul 20, 2009
Authored by Moudi

AdQuick version 2.2.1 suffers from a remote cross site scripting vulnerability.

tags | exploit, remote, xss
MD5 | e9ed4e83180b843e94f1a6814860fc33
Mandriva Linux Security Advisory 2009-155
Posted Jul 20, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-155 - git-daemon in git 1.4.4.5 through 1.6.3 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a request containing extra unrecognized arguments. This update provides fixes for this vulnerability.

tags | advisory, remote, denial of service
systems | linux, mandriva
advisories | CVE-2009-2108
MD5 | b89fbe78505e42fef222e6568df36f54
Small Paper On Hacking CSRF Tokens
Posted Jul 20, 2009
Authored by Inferno from Secure Thoughts

This is a small write up discussing hacking CSRF tokens using CSS history hacking.

tags | paper, csrf
MD5 | 0a81986bd41e76eff28f1b1dc95b8c1a
Gentoo Linux Security Advisory 200907-16
Posted Jul 20, 2009
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200907-16 - Multiple integer overflows in Python have an unspecified impact. Chris Evans reported multiple integer overflows in the expandtabs method, as implemented by (1) the string_expandtabs function in Objects/stringobject.c and (2) the unicode_expandtabs function in Objects/unicodeobject.c. Versions less than 2.5.4-r2 are affected.

tags | advisory, overflow, python
systems | linux, gentoo
advisories | CVE-2008-5031
MD5 | bc4ca6e08debeadbdd1bcbed9966a18b
Gentoo Linux Security Advisory 200907-15
Posted Jul 20, 2009
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200907-15 - Multiple vulnerabilities in Nagios may lead to the execution of arbitrary code. Versions less than 3.0.6-r2 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2008-5027, CVE-2008-5028, CVE-2008-6373, CVE-2009-2288
MD5 | e6238cd9dc043aa14055a32f41ac265a
Openwall Linux Kernel Patch
Posted Jul 20, 2009
Authored by Solar Designer | Site openwall.com

The Openwall Linux kernel patch is a collection of security hardening features for the Linux kernel which can stop most 'cookbook' buffer overflow exploits. The patch can also add more privacy to the system by restricting access to parts of /proc so that users may not see what others are doing. Also tightens down file descriptors 0, 1, and 2, implements process limits and shared memory destruction.

Changes: Besides being an update to the 2.4.37.3 kernel release, this revision of the patch introduces an additional security hardening measure where the kernel would no longer allow the "personality" feature (which is needed to support some program binaries from other operating systems) to be abused to bypass the vm.mmap_min_addr restriction via SUID-root programs with a certain class of design errors in them.
tags | overflow, kernel
systems | linux
MD5 | 2e9c348c8af5ff653b1efd3479e441c0
Audio Lib Player Stack Overflow
Posted Jul 20, 2009
Authored by Cyber-Zone | Site iq-ty.com

Audio Lib Player local stack overflow proof of concept exploit that creates a malicious .m3u file.

tags | exploit, overflow, local, proof of concept
MD5 | 84d9eb68eb4423dc9760c6a8a4c455c3
Tenshi Log Monitoring Program
Posted Jul 20, 2009
Authored by Andrea Barisani | Site dev.inversepath.com

Tenshi is a log monitoring program, designed to watch a log file for lines matching user defined regular expression and report on the matches. The regular expressions are assigned to queues which have an alert interval and a list of mail recipients. Queues can be set to send a notification as soon as there is a log line assigned to it, or to send periodic reports.

Changes: Multiple bug fixes and resolve feature.
tags | system logging
systems | unix
MD5 | b063f43bca3438e78a70a2f8b414007d
EpicDJ 1.3.9.1 Heap Overflow
Posted Jul 20, 2009
Authored by hack4love

EpicDJ version 1.3.9.1 heap overflow proof of concept exploit that creates a malicious .m3u file.

tags | exploit, overflow, proof of concept
MD5 | a55ce458e1d9402aced4822986e7b7eb
FreeBSD PECOFF Local Denial Of Service
Posted Jul 20, 2009
Authored by Shaun Colley

FreeBSD 7.2 PECOFF executable loader local denial of service exploit.

tags | exploit, denial of service, local
systems | freebsd
MD5 | 479461c13f0466e594f875cb6395775a
Mandriva Linux Security Advisory 2009-154
Posted Jul 20, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-154 - ISC DHCP Server is vulnerable to a denial of service, caused by the improper handling of DHCP requests. If the host definitions are mixed using dhcp-client-identifier and hardware ethernet, a remote attacker could send specially-crafted DHCP requests to cause the server to stop responding. This update provides fixes for this vulnerability.

tags | advisory, remote, denial of service
systems | linux, mandriva
advisories | CVE-2009-1892
MD5 | ad15330623367720c9f5ab6289cdd67f
EzWeb Calendar Shell Upload
Posted Jul 20, 2009
Authored by Septemb0x | Site cyber-warrior.org

EzWeb Calendar suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell, file upload
MD5 | e6d7e0815e043ccc16e85175c12b0325
Netrix CMS 1.0 SQL Injection
Posted Jul 20, 2009
Authored by Mr.tro0oqy

Netrix CMS version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
MD5 | 4da8084b14f72133721cd88654829414
Debian Linux Security Advisory 1839-1
Posted Jul 20, 2009
Authored by Debian | Site debian.org

Debian Security Advisory 1839-1 - It has been discovered that gst-plugins-good0.10, the GStreamer plugins from the "good" set, are prone to an integer overflow, when processing a large PNG file. This could lead to the execution of arbitrary code.

tags | advisory, overflow, arbitrary
systems | linux, debian
advisories | CVE-2009-1932
MD5 | 2120720a57524b35a45cfa8897de3857
Tahyeess.com Bypass Vulnerability
Posted Jul 20, 2009
Authored by ViRuS_HiMa

Tahyeess.com suffers from a user validation bypass vulnerability.

tags | exploit, bypass
MD5 | 6e791a5c3f6064980d4825285eaf7b45
Silentum Guestbook 2.0.2 SQL Injection
Posted Jul 20, 2009
Authored by Bgh7

Silentum Guestbook version 2.0.2 suffers from a remote SQL injection vulnerability in silentum_guestbook.php.

tags | exploit, remote, php, sql injection
MD5 | 1f2dd6a839478b2d5ad2dee984a94f53
Debian Linux Security Advisory 1838-1
Posted Jul 20, 2009
Authored by Debian | Site debian.org

Debian Security Advisory 1838-1 - Tavis Ormandy and Julien Tinnes discovered that the pulseaudio daemon does not drop privileges before re-executing itself, enabling local attackers to increase their privileges.

tags | advisory, local
systems | linux, debian
advisories | CVE-2009-1894
MD5 | bc263c946b1c8c110d5c8ef249b6870c
Pulse Audio setuid Privilege Escalation
Posted Jul 20, 2009

Pulse Audio setuid local privilege escalation exploit.

tags | exploit, local
MD5 | f33a645b05a0bcfa936ec565a3e6c09b
Debian Linux Security Advisory 1837-1
Posted Jul 20, 2009
Authored by Debian | Site debian.org

Debian Security Advisory 1837-1 - It was discovered that the dbus_signature_validate function in dbus, a simple interprocess messaging system, is prone to a denial of service attack. This issue was caused by an incorrect fix for DSA-1658-1.

tags | advisory, denial of service
systems | linux, debian
advisories | CVE-2009-1189
MD5 | 22a904985601ab5cfd2f3160c8861749
POP Account Check For Yahoo!/Google/Hotmail
Posted Jul 20, 2009
Authored by P47r1ck | Site darkc0de.com

POP account checking utility for Yahoo!/Google/Hotmail.

tags | tool
systems | unix
MD5 | 16b7fe2364c77466e65647b275feddc3
TOPHangman SQL Injection / XSS
Posted Jul 20, 2009
Authored by Moudi

TOPHangman suffers from remote SQL injection and cross site scripting vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
MD5 | bc9a478007a14795608c499011201037
EpicVJ 1.2.8.0 Heap Overflow
Posted Jul 20, 2009
Authored by hack4love

EpicVJ version 1.2.8.0 heap overflow proof of concept exploit that creates a malicious .m3u file.

tags | exploit, denial of service, overflow, proof of concept
MD5 | 6f355ab074618ceded5d1f6bab62411a
Riddle Depot SQL Injection / XSS
Posted Jul 20, 2009
Authored by Moudi

Riddle Depot suffers from remote SQL injection and cross site scripting vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
MD5 | c948f8a8a96580742d7fc761558d5397
MCshoutbox 1.1 SQL Injection / XSS / Shell Upload
Posted Jul 20, 2009
Authored by SirGod | Site insecurity.ro

MCshoutbox version 1.1 suffers from remote SQL injection, cross site scripting, and shell upload vulnerabilities.

tags | exploit, remote, shell, vulnerability, xss, sql injection, file upload
MD5 | 1147b7f3775386626300cc61c1b136bb
Page 1 of 3
Back123Next

File Archive:

November 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    19 Files
  • 2
    Nov 2nd
    25 Files
  • 3
    Nov 3rd
    8 Files
  • 4
    Nov 4th
    7 Files
  • 5
    Nov 5th
    24 Files
  • 6
    Nov 6th
    0 Files
  • 7
    Nov 7th
    0 Files
  • 8
    Nov 8th
    18 Files
  • 9
    Nov 9th
    9 Files
  • 10
    Nov 10th
    106 Files
  • 11
    Nov 11th
    19 Files
  • 12
    Nov 12th
    13 Files
  • 13
    Nov 13th
    0 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    18 Files
  • 16
    Nov 16th
    12 Files
  • 17
    Nov 17th
    15 Files
  • 18
    Nov 18th
    12 Files
  • 19
    Nov 19th
    4 Files
  • 20
    Nov 20th
    2 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    22 Files
  • 23
    Nov 23rd
    14 Files
  • 24
    Nov 24th
    19 Files
  • 25
    Nov 25th
    4 Files
  • 26
    Nov 26th
    1 Files
  • 27
    Nov 27th
    4 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close