exploit the possibilities
Showing 1 - 25 of 42 RSS Feed

Files Date: 2009-07-29

PunBB Reputation.php Module 2.0.4 LFI
Posted Jul 29, 2009
Authored by Dante90 | Site warwolfz.org

PunBB Reputation.php module versions 2.0.4 and below local file inclusion exploit.

tags | exploit, local, php, file inclusion
SHA-256 | 9b905651956bf3ef8fc6ad8e52464b6673ee71ec5b6dac79ea9a8d252ba8b44c
Mandriva Linux Security Advisory 2009-177
Posted Jul 29, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-177 - The BigDecimal library in Ruby 1.8.6 before p369 and 1.8.7 before p173 allows context-dependent attackers to cause a denial of service (application crash) via a string argument that represents a large number, as demonstrated by an attempted conversion to the Float data type. This update corrects the problem.

tags | advisory, denial of service, ruby
systems | linux, mandriva
advisories | CVE-2009-1904
SHA-256 | 0fd98c4ebc36f2cd2987b88dc0bb1f02ad698ffd6f931d8903d8e2f37cd345ee
TOR Virtual Network Tunneling Tool 0.2.1.19
Posted Jul 29, 2009
Authored by Roger Dingledine | Site tor.eff.org

Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).

Changes: This release makes hidden services work correctly again on 0.2.1.x.
tags | tool, remote, local, peer2peer
SHA-256 | cb4f88ad30d6ba4c015734f3058a6e35151cff586f7708691d52d289ee78d183
Article Publisher PRO 2.0.3 SQL Injection
Posted Jul 29, 2009
Authored by MizoZ

Article Publisher PRO version 2.0.3 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 815180c8a428ae010fa0450f09a2482a2af50bef931bb1b6e5c889fa36322514
Mandriva Linux Security Advisory 2009-176
Posted Jul 29, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-176 - git-daemon in git 1.4.4.5 through 1.6.3 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a request containing extra unrecognized arguments. This update provides fixes for this vulnerability.

tags | advisory, remote, denial of service
systems | linux, mandriva
advisories | CVE-2009-2108
SHA-256 | 8e6d8e09960d48b01040ac3367fd7b20b5a9b2dfe8356f578a79e6c45a70a746
Mandriva Linux Security Advisory 2009-175
Posted Jul 29, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-175 - Integer overflow in the pango_glyph_string_set_size function in pango/glyphstring.c in Pango before 1.24 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long glyph string that triggers a heap-based buffer overflow. This update corrects the issue.

tags | advisory, denial of service, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2009-1194
SHA-256 | 4e780c1e782e5ecde92c1ce83219f27bf2da9d87929572324bedf3d1cad1b37e
Mandriva Linux Security Advisory 2009-174
Posted Jul 29, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-174 - Off-by-one error in the inflate function in Zlib.xs in Compress::Raw::Zlib Perl module before 2.017, as used in AMaViS, SpamAssassin, and possibly other products, allows context-dependent attackers to cause a denial of service (hang or crash) via a crafted zlib compressed stream that triggers a heap-based buffer overflow, as exploited in the wild by Trojan.Downloader-71014 in June 2009. This update provides fixes for this vulnerability.

tags | advisory, denial of service, overflow, trojan, perl
systems | linux, mandriva
advisories | CVE-2009-1391
SHA-256 | 8a5c2997c6caac6c46e1dac877a304bdafdc0dd8e5243223b58c435f4e7ca6c5
Mandriva Linux Security Advisory 2009-173
Posted Jul 29, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-173 - Buffer overflow in the XMPP SOCKS5 bytestream server in Pidgin (formerly Gaim) before 2.5.6 allows remote authenticated users to execute arbitrary code via vectors involving an outbound XMPP file transfer. Buffer overflow in the decrypt_out function in Pidgin (formerly Gaim) before 2.5.6 allows remote attackers to cause a denial of service (application crash) via a QQ packet. The PurpleCircBuffer implementation in Pidgin (formerly Gaim) before 2.5.6 does not properly maintain a certain buffer, which allows remote attackers to cause a denial of service (memory corruption and application crash) via vectors involving the (1) XMPP or (2) Sametime protocol. Multiple integer overflows in the msn_slplink_process_msg functions in the MSN protocol handler in (1) libpurple/protocols/msn/slplink.c and (2) libpurple/protocols/msnp9/slplink.c in Pidgin (formerly Gaim) before 2.5.6 on 32-bit platforms allow remote attackers to execute arbitrary code via a malformed SLP message with a crafted offset value, leading to buffer overflows.

tags | advisory, remote, denial of service, overflow, arbitrary, protocol
systems | linux, mandriva
advisories | CVE-2009-1373, CVE-2009-1374, CVE-2009-1375, CVE-2009-1376
SHA-256 | 2b59c2d42635d453fe9cfa37545cf630aad2deaed3ed8ca7ed76ad685147da46
Debian Linux Security Advisory 1847-1
Posted Jul 29, 2009
Authored by Debian | Site debian.org

Debian Security Advisory 1847-1 - It was discovered that the BIND DNS server terminates when processing a specially crafted dynamic DNS update. This vulnerability affects all BIND servers which serve at least one DNS zone authoritatively, as a master, even if dynamic updates are not enabled. The default Debian configuration for resolvers includes several authoritative zones, too, so resolvers are also affected by this issue unless these zones have been removed.

tags | advisory
systems | linux, debian
advisories | CVE-2009-0696
SHA-256 | d960652c458b82724cffc42f08caf5a2da1661b518fb338a1238b9264835e4e6
x10 MP3 Search Engine 1.6.5 XSS
Posted Jul 29, 2009
Authored by Moudi

x10 MP3 Search Engine version 1.6.5 suffers from cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | f654977c679f709863c2ac41fd12b1dc09fd6c077a4613372617ab3c5cf764a1
x10 Media Adult Script 1.7 SQL Injection / XSS
Posted Jul 29, 2009
Authored by Moudi

The x10 Media Adult Script version 1.7 suffers from SQL injection and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, sql injection
SHA-256 | 9c48f4cc74ae078a038f56cebff526ab7a10bf2c99f49b972d38c86192e444e9
WebStatCaffe Cross Site Scripting
Posted Jul 29, 2009
Authored by Moudi

WebStatCaffe suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | f44f98ec6b3a7e202f9185ecad7f850025cc3ceb29371a91f1e29c32318ad522
Miniweb 2.0 Survey Pro SQL Injection / XSS
Posted Jul 29, 2009
Authored by Moudi

The Survey Pro module for Miniweb version 2.0 suffers from remote blind SQL injection and cross site scripting vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
SHA-256 | febd0ea389547f9f801ee64b1c70eb81a02d71df4a151fa25b92b5c1e433308c
Miniweb 2.0 Publisher SQL Injection / XSS
Posted Jul 29, 2009
Authored by Moudi

The Publisher module for Miniweb version 2.0 suffers from remote blind SQL injection and cross site scripting vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
SHA-256 | 8461f817f9b8ff904042ee9e060041b928def3477fcb1b54b909bc5479c14224
Miniweb 2.0 Social Networking XSS
Posted Jul 29, 2009
Authored by Moudi

The Social Networking module for Miniweb version 2.0 suffers from cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 98baef41f7eefeace1dd3db5e69f88490b30dddecfad2f974d5419b204e09759
Miniweb 2.0 Site Builder XSS
Posted Jul 29, 2009
Authored by Moudi

The Site Builder module for Miniweb version 2.0 suffers from cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 3eabfab165927d4ce31d11aa7d31b010056c5584798f21d4c40820af6fb9dd00
Miniweb 2.0 Publisher XSS
Posted Jul 29, 2009
Authored by Moudi

The Publisher module for Miniweb version 2.0 suffers from cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | aa40acfe59598d4d614bf0168080795b937d25adea6cbef8e1a41e95c98c20a0
Miniweb 2.0 Online Store XSS
Posted Jul 29, 2009
Authored by Moudi

The Online Store module for Miniweb version 2.0 suffers from cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 5ff32473453186a403d91f2041cb86e4c291fcdd9e2ad87f60c2da61be5095c7
Miniweb 2.0 My Amazon XSS
Posted Jul 29, 2009
Authored by Moudi

The My Amazon module for Miniweb version 2.0 suffers from cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 385371ec31263351a6cc1e14579a30e4ab296777a528a74c5e1a4a59903b56da
Miniweb 2.0 Media Album XSS
Posted Jul 29, 2009
Authored by Moudi

The Media Album module for Miniweb version 2.0 suffers from cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 8d2dda377cc164458829432c5df50722bf6d011b8be9cf645e715a3b0aed7a2b
Miniweb 2.0 Job Board XSS
Posted Jul 29, 2009
Authored by Moudi

The Job Board module for Miniweb version 2.0 suffers from cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 922fc217ada3bca727a498785fe7aef1c6de9725dc80945a3345799cd7ee44c1
Miniweb 2.0 Forum XSS
Posted Jul 29, 2009
Authored by Moudi

The Forum module for Miniweb version 2.0 suffers from cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 29e6b8a0a16d2e7031dcfdf10c18fdbf7d4ab991e313f75471ff5e5f753b709d
Ubuntu Security Notice 808-1
Posted Jul 29, 2009
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice USN-808-1 - Micha Krause discovered that Bind did not correctly validate certain dynamic DNS update packets. An unauthenticated remote attacker could send specially crafted traffic to crash the DNS server, leading to a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2009-0696
SHA-256 | 321adf8642de15d5ade0593a9fc17f483a670db20ed3b6b6722571deb78f5934
Debian Linux Security Advisory 1846-1
Posted Jul 29, 2009
Authored by Debian | Site debian.org

Debian Security Advisory 1846-1 - Matt T. Yourst discovered an issue in the kvm subsystem. Local users with permission to manipulate /dev/kvm can cause a denial of service (hang) by providing an invalid cr3 value to the KVM_SET_SREGS call.

tags | advisory, denial of service, local
systems | linux, debian
advisories | CVE-2009-2287
SHA-256 | b94adbef572be3d44e0873584f7f7586c9c04d22eb8bc147d2906e2ff0190454
Miniweb 2.0 FAQ Manager XSS
Posted Jul 29, 2009
Authored by Moudi

The FAQ Manager module for Miniweb version 2.0 suffers from cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | c67161a57e4dcd8e1bffe24875c6cf44dc5bee095970b1f2b0875173e00c42a1
Page 1 of 2
Back12Next

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    26 Files
  • 18
    May 18th
    4 Files
  • 19
    May 19th
    0 Files
  • 20
    May 20th
    0 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close