exploit the possibilities
Showing 1 - 25 of 42 RSS Feed

Files Date: 2009-07-29

PunBB Reputation.php Module 2.0.4 LFI
Posted Jul 29, 2009
Authored by Dante90 | Site warwolfz.org

PunBB Reputation.php module versions 2.0.4 and below local file inclusion exploit.

tags | exploit, local, php, file inclusion
MD5 | 7f4455a9c1e7d50998d93d1b5cbd4c4b
Mandriva Linux Security Advisory 2009-177
Posted Jul 29, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-177 - The BigDecimal library in Ruby 1.8.6 before p369 and 1.8.7 before p173 allows context-dependent attackers to cause a denial of service (application crash) via a string argument that represents a large number, as demonstrated by an attempted conversion to the Float data type. This update corrects the problem.

tags | advisory, denial of service, ruby
systems | linux, mandriva
advisories | CVE-2009-1904
MD5 | 21084a66bf6cb2513c8fbbe9321b8457
TOR Virtual Network Tunneling Tool 0.2.1.19
Posted Jul 29, 2009
Authored by Roger Dingledine | Site tor.eff.org

Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).

Changes: This release makes hidden services work correctly again on 0.2.1.x.
tags | tool, remote, local, peer2peer
MD5 | 2c0ca9bf5d0cfb771f4d6bec9c4360ca
Article Publisher PRO 2.0.3 SQL Injection
Posted Jul 29, 2009
Authored by MizoZ

Article Publisher PRO version 2.0.3 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 8e0298ca5e5260cfb58db39564cb0b8a
Mandriva Linux Security Advisory 2009-176
Posted Jul 29, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-176 - git-daemon in git 1.4.4.5 through 1.6.3 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a request containing extra unrecognized arguments. This update provides fixes for this vulnerability.

tags | advisory, remote, denial of service
systems | linux, mandriva
advisories | CVE-2009-2108
MD5 | 91e2c575080a2a06ea6acd1221fb6462
Mandriva Linux Security Advisory 2009-175
Posted Jul 29, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-175 - Integer overflow in the pango_glyph_string_set_size function in pango/glyphstring.c in Pango before 1.24 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long glyph string that triggers a heap-based buffer overflow. This update corrects the issue.

tags | advisory, denial of service, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2009-1194
MD5 | abbc5b951688a7f6f92da729273f2912
Mandriva Linux Security Advisory 2009-174
Posted Jul 29, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-174 - Off-by-one error in the inflate function in Zlib.xs in Compress::Raw::Zlib Perl module before 2.017, as used in AMaViS, SpamAssassin, and possibly other products, allows context-dependent attackers to cause a denial of service (hang or crash) via a crafted zlib compressed stream that triggers a heap-based buffer overflow, as exploited in the wild by Trojan.Downloader-71014 in June 2009. This update provides fixes for this vulnerability.

tags | advisory, denial of service, overflow, trojan, perl
systems | linux, mandriva
advisories | CVE-2009-1391
MD5 | a3f8a2c1a2af0c601512ce4edfdd4065
Mandriva Linux Security Advisory 2009-173
Posted Jul 29, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-173 - Buffer overflow in the XMPP SOCKS5 bytestream server in Pidgin (formerly Gaim) before 2.5.6 allows remote authenticated users to execute arbitrary code via vectors involving an outbound XMPP file transfer. Buffer overflow in the decrypt_out function in Pidgin (formerly Gaim) before 2.5.6 allows remote attackers to cause a denial of service (application crash) via a QQ packet. The PurpleCircBuffer implementation in Pidgin (formerly Gaim) before 2.5.6 does not properly maintain a certain buffer, which allows remote attackers to cause a denial of service (memory corruption and application crash) via vectors involving the (1) XMPP or (2) Sametime protocol. Multiple integer overflows in the msn_slplink_process_msg functions in the MSN protocol handler in (1) libpurple/protocols/msn/slplink.c and (2) libpurple/protocols/msnp9/slplink.c in Pidgin (formerly Gaim) before 2.5.6 on 32-bit platforms allow remote attackers to execute arbitrary code via a malformed SLP message with a crafted offset value, leading to buffer overflows.

tags | advisory, remote, denial of service, overflow, arbitrary, protocol
systems | linux, mandriva
advisories | CVE-2009-1373, CVE-2009-1374, CVE-2009-1375, CVE-2009-1376
MD5 | 1f7428bede8c9956eee0f698cd1f3d80
Debian Linux Security Advisory 1847-1
Posted Jul 29, 2009
Authored by Debian | Site debian.org

Debian Security Advisory 1847-1 - It was discovered that the BIND DNS server terminates when processing a specially crafted dynamic DNS update. This vulnerability affects all BIND servers which serve at least one DNS zone authoritatively, as a master, even if dynamic updates are not enabled. The default Debian configuration for resolvers includes several authoritative zones, too, so resolvers are also affected by this issue unless these zones have been removed.

tags | advisory
systems | linux, debian
advisories | CVE-2009-0696
MD5 | 859f0349847e0bccad27018d1b8bbfda
x10 MP3 Search Engine 1.6.5 XSS
Posted Jul 29, 2009
Authored by Moudi

x10 MP3 Search Engine version 1.6.5 suffers from cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 58c41c2f0a2929fb4d5758ed0d7ec5f6
x10 Media Adult Script 1.7 SQL Injection / XSS
Posted Jul 29, 2009
Authored by Moudi

The x10 Media Adult Script version 1.7 suffers from SQL injection and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, sql injection
MD5 | b4819ce5d40d9743f8243073f88b3514
WebStatCaffe Cross Site Scripting
Posted Jul 29, 2009
Authored by Moudi

WebStatCaffe suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | b1722d734d60eafb565429c922abce1f
Miniweb 2.0 Survey Pro SQL Injection / XSS
Posted Jul 29, 2009
Authored by Moudi

The Survey Pro module for Miniweb version 2.0 suffers from remote blind SQL injection and cross site scripting vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
MD5 | 471e4b3efae0786deeb02c06067362b4
Miniweb 2.0 Publisher SQL Injection / XSS
Posted Jul 29, 2009
Authored by Moudi

The Publisher module for Miniweb version 2.0 suffers from remote blind SQL injection and cross site scripting vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
MD5 | aa442a77a41ede13e0a469d6b664d0ab
Miniweb 2.0 Social Networking XSS
Posted Jul 29, 2009
Authored by Moudi

The Social Networking module for Miniweb version 2.0 suffers from cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | b49972f9e3e51894b89cdcf5afe8fba0
Miniweb 2.0 Site Builder XSS
Posted Jul 29, 2009
Authored by Moudi

The Site Builder module for Miniweb version 2.0 suffers from cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | b55d2fb37540d135908296d0a34cf3d6
Miniweb 2.0 Publisher XSS
Posted Jul 29, 2009
Authored by Moudi

The Publisher module for Miniweb version 2.0 suffers from cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 6db91d11896f5a8596b09e717683ac61
Miniweb 2.0 Online Store XSS
Posted Jul 29, 2009
Authored by Moudi

The Online Store module for Miniweb version 2.0 suffers from cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | f5c08c6f4a715aa39ba8b45716d2673b
Miniweb 2.0 My Amazon XSS
Posted Jul 29, 2009
Authored by Moudi

The My Amazon module for Miniweb version 2.0 suffers from cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 603959b03cb78632c6510cbe4b5fdc14
Miniweb 2.0 Media Album XSS
Posted Jul 29, 2009
Authored by Moudi

The Media Album module for Miniweb version 2.0 suffers from cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 1b375558f35748acd13a01fad7d7b1dc
Miniweb 2.0 Job Board XSS
Posted Jul 29, 2009
Authored by Moudi

The Job Board module for Miniweb version 2.0 suffers from cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 50b2dca2f69a6324748f98eb49c94128
Miniweb 2.0 Forum XSS
Posted Jul 29, 2009
Authored by Moudi

The Forum module for Miniweb version 2.0 suffers from cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 4daf128dd6b63c741ab3e1a9be4e554f
Ubuntu Security Notice 808-1
Posted Jul 29, 2009
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice USN-808-1 - Micha Krause discovered that Bind did not correctly validate certain dynamic DNS update packets. An unauthenticated remote attacker could send specially crafted traffic to crash the DNS server, leading to a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2009-0696
MD5 | a75bca17cd57d1864b584f3783bfd3ad
Debian Linux Security Advisory 1846-1
Posted Jul 29, 2009
Authored by Debian | Site debian.org

Debian Security Advisory 1846-1 - Matt T. Yourst discovered an issue in the kvm subsystem. Local users with permission to manipulate /dev/kvm can cause a denial of service (hang) by providing an invalid cr3 value to the KVM_SET_SREGS call.

tags | advisory, denial of service, local
systems | linux, debian
advisories | CVE-2009-2287
MD5 | 66631e4c0650abb5152278bd60e2236d
Miniweb 2.0 FAQ Manager XSS
Posted Jul 29, 2009
Authored by Moudi

The FAQ Manager module for Miniweb version 2.0 suffers from cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 7e17bf38d1a7263925b19a8f84aa4007
Page 1 of 2
Back12Next

File Archive:

April 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    60 Files
  • 2
    Apr 2nd
    18 Files
  • 3
    Apr 3rd
    0 Files
  • 4
    Apr 4th
    0 Files
  • 5
    Apr 5th
    0 Files
  • 6
    Apr 6th
    0 Files
  • 7
    Apr 7th
    0 Files
  • 8
    Apr 8th
    0 Files
  • 9
    Apr 9th
    0 Files
  • 10
    Apr 10th
    0 Files
  • 11
    Apr 11th
    0 Files
  • 12
    Apr 12th
    0 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    0 Files
  • 16
    Apr 16th
    0 Files
  • 17
    Apr 17th
    0 Files
  • 18
    Apr 18th
    0 Files
  • 19
    Apr 19th
    0 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close