exploit the possibilities
Showing 1 - 25 of 80 RSS Feed

Files Date: 2009-08-10

SSHd Auto-Banning Script
Posted Aug 10, 2009
Site sshdautoban.coredumb.net

sshdautoban is a script intended to automatically ban, in real time, attackers that are trying to connect on your sshd service without authorization. It blocks connections from an IP address when it issues too many login errors.

Changes: The fifo was removed, and sockets are used instead. The fifo was too slow and many log lines could be missed. The documentation was updated.
systems | unix
SHA-256 | 92c99f11e9285e5115c53e480348cda76acf61d9201ab7ead7b580bd444ea898
Joomla Kunena Forums SQL Injection
Posted Aug 10, 2009
Authored by MEFISTO

Joomla Kunena Forums remote blind SQL injection exploit.

tags | exploit, remote, sql injection
SHA-256 | 4b5d078e010d6f14b8b290c7109fa8f0a07270eab29ed096e05db85a960ba0a9
CMS Made Simple 1.6.2 File Disclosure
Posted Aug 10, 2009
Authored by IHTeam | Site ihteam.net

CMS Made Simple versions 1.6.2 and below suffer from a local file disclosure vulnerability.

tags | exploit, local, info disclosure
SHA-256 | e1f75ca3639a9a2acd26c0bbe1910446e0d9fee255d4bd761931eda2c1ef8266
yPlay Player 1.0 Crash
Posted Aug 10, 2009
Authored by PLATEN

yPlay Player version 1.0 local file crash proof of concept exploit.

tags | exploit, local, proof of concept
SHA-256 | 3563eea012fdd9b1b7c8e5568fe53730e030cf1966c5f7bb3a90abd093db9f1e
Zero Day Initiative Advisory 09-052
Posted Aug 10, 2009
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 09-052 - This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Computer Associates Unicenter Software Delivery. Authentication is not required to exploit this vulnerability. The specific flaw resides in the dtscore.dll library. The vulnerability is exposed through multiple processes listening on multiple ports. The vulnerable function is a token searching routine which will copy user supplied data into a fixed length stack buffer. Exploitation of this vulnerability leads to arbitrary code execution under the context of the SYSTEM user.

tags | advisory, arbitrary, code execution
SHA-256 | 5c2c1fc9b1df8146f1cd54d5e489b53fd4f9617bc46f40661f1c2e26632c5ad7
Zero Day Initiative Advisory 09-051
Posted Aug 10, 2009
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 09-051 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the EMC Replication Manager Client. Authentication is not required to exploit this vulnerability. The specific flaw exists within the irccd.exe process which listens by default on a TCP port around 6700. The XML-based protocol this service communicates over accepts a RunProgram message. By supplying a malicious payload and requesting this functionality a remote attacker can execute arbitrary code on the remote system.

tags | advisory, remote, arbitrary, tcp, protocol
SHA-256 | 8c643db4f8ab350a79a30e94ebeb2343d48c574cfb7a3de4eb956640df9e38c9
Data Transport Services Bounds Checking
Posted Aug 10, 2009
Authored by Kevin Kotas

CA's technical support is alerting customers to a security risk with Data Transport Services. A vulnerability exists that can allow a remote attacker to execute arbitrary code. CA has issued patches to address the issue.

tags | advisory, remote, arbitrary
advisories | CVE-2009-2026
SHA-256 | 78f211144107349a0a9e2bd212649797f09f6055b037495a213771f42772cb2b
Unicenter Tomcat XSS
Posted Aug 10, 2009
Authored by Kevin Kotas

CA's technical support is alerting customers to a security risk with Unicenter Asset Portfolio Management, Unicenter Desktop and Server Management, and Unicenter Patch Management. The release of Tomcat as included with the products is potentially susceptible to a cross-site scripting vulnerability. CA has issued a solution to address the issue.

tags | advisory, xss
advisories | CVE-2008-1232
SHA-256 | 4e6ae1db6c1372dc4b1ee607383f5479a1887bf0e56983123d0dce8acdcf4d7f
iDEFENSE Security Advisory 2009-07-28.1
Posted Aug 10, 2009
Authored by iDefense Labs, Peter Vreugdenhil | Site idefense.com

iDefense Security Advisory 07.28.09 - Remote exploitation of a use after free vulnerability in Microsoft Corp.'s Internet Explorer could allow an attacker to execute arbitrary code with the privileges of the current user. iDefense has confirmed the existence of this vulnerability in Internet Explorer versions 6, 7, and 8. Internet Explorer 5 does not appear to be vulnerable.

tags | advisory, remote, arbitrary
advisories | CVE-2009-1917
SHA-256 | 917be1ed0bdfbaec473ea16724416deeb91ee19bc0f5a333157bf7af42022f27
Mini-CMS 1.0.1 SQL Injection
Posted Aug 10, 2009
Authored by Ins3t | Site arthacking.net

Mini-CMS version 1.0.1 suffers from a remote SQL injection vulnerability in page.php.

tags | exploit, remote, php, sql injection
SHA-256 | 496bcdbdc3c8184c4109f96f31af8905b7ec834834bfcee4beeb1fb3530d5a77
iDEFENSE Security Advisory 2009-07-30.1
Posted Aug 10, 2009
Authored by iDefense Labs | Site idefense.com

iDefense Security Advisory 07.30.09 - Remote exploitation of an invalid Loader object reference vulnerability in Adobe Systems Inc.'s Flash Player could allow an attacker to execute arbitrary code with the privileges of the current user. iDefense has confirmed the existence of this vulnerability in latest Flash Player version 9.0.124.0. Previous versions may also be affected.

tags | advisory, remote, arbitrary
advisories | CVE-2009-1864
SHA-256 | ba3b6f64ff3c55832b36504c20b948df07e0b8b45de5b882c9729b2d4d636714
Mandriva Linux Security Advisory 2009-196
Posted Aug 10, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-196 - Multiple format string vulnerabilities in client/client.c in smbclient in Samba 3.2.0 through 3.2.12 might allow context-dependent attackers to execute arbitrary code via format string specifiers in a filename. The acl_group_override function in smbd/posix_acls.c in smbd in Samba 3.0.x before 3.0.35, 3.1.x and 3.2.x before 3.2.13, and 3.3.x before 3.3.6, when dos filemode is enabled, allows remote attackers to modify access control lists for files via vectors related to read access to uninitialized memory. This update provides samba 3.2.13 to address these issues.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, osx, mandriva
advisories | CVE-2009-1886, CVE-2009-1888
SHA-256 | 4d74757b18f42f251a7374fa6165b6b3ccd8d6d2da369b6ee183dbf60111b97c
SmilieScript 1.0 SQL Injection
Posted Aug 10, 2009
Authored by Mr.tro0oqy

SmilieScript versions 1.0 and below suffer from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
SHA-256 | 4ff5ff90a53d54b50b74dc489311e10ee51dda4476ae7d3893284e5c924e0986
Spiceworks 3.6 Overflow
Posted Aug 10, 2009
Authored by David Kennedy | Site securestate.com

Spiceworks version 3.6 accept parameter overflow proof of concept crash exploit.

tags | exploit, overflow, proof of concept
SHA-256 | 97160280f7a39829513cfc89560d3e4076e1cd77b06e48cfb5b3bdef51b07171
Logoshows BBS 2.0 Disclosure / Handling
Posted Aug 10, 2009
Authored by ZoRLu

Logoshows BBS version 2.0 suffers from database disclosure and insecure cookie handling vulnerabilities.

tags | exploit, vulnerability, info disclosure, insecure cookie handling
SHA-256 | 1232fa95dd16407c9b7f4800b04c8696fa76fdac8c18aeb849e31d0a15c129d2
FaqRing 3.0 Cross Site Scripting
Posted Aug 10, 2009
Authored by Moudi

FaqRing version 3.0 suffers from cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 3be05c0161e2c188ea13f2596a6a4a3263ab1530161f5ebcbfb673de1f30cdaf
Debian Linux Security Advisory 1853-1
Posted Aug 10, 2009
Authored by Debian | Site debian.org

Debian Security Advisory 1853-1 - Ronald Volgers discovered that memcached, a high-performance memory object caching system, is vulnerable to several heap-based buffer overflows due to integer conversions when parsing certain length attributes. An attacker can use this to execute arbitrary code on the system running memcached (on etch with root privileges).

tags | advisory, overflow, arbitrary, root
systems | linux, debian
advisories | CVE-2009-2415
SHA-256 | f71cf554ce3885432ea696405897c37491e96e62aac0cdc2acb222f696e060be
Debian Linux Security Advisory 1852-1
Posted Aug 10, 2009
Authored by Debian | Site debian.org

Debian Security Advisory 1852-1 - It was discovered that fetchmail, a full-featured remote mail retrieval and forwarding utility, is vulnerable to the "Null Prefix Attacks Against SSL/TLS Certificates" recently published at the Blackhat conference. This allows an attacker to perform undetected man-in-the-middle attacks via a crafted ITU-T X.509 certificate with an injected null byte in the subjectAltName or Common Name fields.

tags | advisory, remote
systems | linux, debian
advisories | CVE-2009-2666
SHA-256 | b2c279e9428381b4b79febdf015211782d03ec298a3ff8b389cda567f086028b
Arab Portal 2.2 SQL Injection
Posted Aug 10, 2009
Authored by Jafer Al Zidjali | Site scorpionds.com

Arab Portal version 2.2 remote blind SQL injection exploit that provides authentication bypass.

tags | exploit, remote, sql injection
SHA-256 | a06d67bf24c568fe854bbfac13e880aab7737c67f7ee37757991816058bd505c
Logoshows BBS 2.0 SQL Injection
Posted Aug 10, 2009
Authored by Dns-Team | Site dns-team.com

Logoshows BBS version 2.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
SHA-256 | 0a1f6d3ed16deaa1dd577bdf068724edd315fc05ea058c95b3e4dafff93cde4c
Joomla PMS Component 2.0.4 SQL Injection
Posted Aug 10, 2009
Authored by M4dhead

Joomla PMS component version 2.0.4 remote SQL injection exploit.

tags | exploit, remote, sql injection
SHA-256 | c9fcec3cc2841ea3089562b6ac816a447c72f89b81aa4a5d8e922eb17ab98ac6
PHPCityPortal SQL Injection
Posted Aug 10, 2009
Authored by CoBRa_21

PHPCityPortal suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
SHA-256 | fb1e8c9fd8e8f5ab86eff066d189bab94f2a5ddd72929efc5669c830b370c125
FoxPlayer 1.1.0 Buffer Overflow
Posted Aug 10, 2009
Authored by optix hacker

FoxPlayer version 1.1.0 local buffer overflow proof of concept exploit that creates a malicious .m3u file.

tags | exploit, overflow, local, proof of concept
SHA-256 | d443561a511521f9609db6c3b17581a00a53bbeed9924142a39c867291d2b717
MediaCoder 0.7.1.4490 .m3u Universal Buffer Overflow
Posted Aug 10, 2009
Authored by hack4love

MediaCoder version 0.7.1.4490 universal buffer overflow exploit that creates a malicious .m3u file.

tags | exploit, overflow
SHA-256 | 2430f4af610c2ac76118dd88b562b10ad33a6c0cfa444d2276ea5ba00f27568a
Secunia Security Advisory 36208
Posted Aug 10, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Moudi has discovered some vulnerabilities in IsolSoft Support Center, which can be exploited by malicious people to disclose sensitive information.

tags | advisory, vulnerability
SHA-256 | a031288561eb01f75affe9548d3f5e5bfbe32c90c00b57ba2a752409c8b4d3b3
Page 1 of 4
Back1234Next

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    26 Files
  • 18
    May 18th
    4 Files
  • 19
    May 19th
    17 Files
  • 20
    May 20th
    2 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    6 Files
  • 24
    May 24th
    19 Files
  • 25
    May 25th
    5 Files
  • 26
    May 26th
    12 Files
  • 27
    May 27th
    12 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close