exploit the possibilities
Showing 1 - 25 of 62 RSS Feed

Files Date: 2009-08-11

Zero Day Initiative Advisory 09-056
Posted Aug 11, 2009
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 09-056 - This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Microsoft Office. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific vulnerability exists in the OWC10.Spreadsheet.10 ActiveX control installed by Microsoft Office. By accessing specific methods in a certain order heap corruption occurs leading to remote code execution. If exploited, complete control of the affected system can be achieved under the rights of the currently logged in user.

tags | advisory, remote, arbitrary, code execution, activex
advisories | CVE-2009-2496
MD5 | 9f1bb4da2bbbbddc9db305a544b56fd3
Easy Music Player 1.0.0.2 Buffer Overflow
Posted Aug 11, 2009
Authored by ThE g0bL!N | Site h4ckf0ru.com

Easy Music Player version 1.0.0.2 universal local buffer overflow exploit that creates a malicious wav file.

tags | exploit, overflow, local
MD5 | 63d68ab16d1c5c04c4a1ab90af14696e
Easy Music Player 1.0.0.2 Buffer Overflow
Posted Aug 11, 2009
Authored by ahwak2000

Easy Music Player version 1.0.0.2 universal local buffer overflow exploit that creates a malicious wav file.

tags | exploit, overflow, local
MD5 | 85a269ab68f1781076f86aaaa472763a
Microsoft Windows 2003 EOT File BSOD Crash Exploit
Posted Aug 11, 2009
Authored by webDEViL

Microsoft Windows 2003 EOT file BSOD crash exploit.

tags | exploit
systems | windows
MD5 | 8bf3d7dc709725179f6f0c6a049f8848
Zero Day Initiative Advisory 09-057
Posted Aug 11, 2009
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 09-057 - This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Microsoft's Remote Desktop Client. Authentication is not required to exploit this vulnerability. The specific flaw exists within mstscax.dll when parsing packets from an RDP server. A design flaw in the client allows a malicious RDP server to write to arbitrary memory inside the connecting processes memory space. By hosting a malicious RDP server, an attacker can execute arbitrary code on any client that attempts to connect to it. Privileges gained depend on which user is running the client.

tags | advisory, remote, arbitrary
advisories | CVE-2009-1133
MD5 | f922ef1e5f598c95cb2fdcbadde62ed0
Zero Day Initiative Advisory 09-055
Posted Aug 11, 2009
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 09-055 - This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Microsoft Office. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists when loading and unloading the vulnerable control (0002E543-0000-0000-C000-000000000046) and results in transfer of control to unallocated memory. This issue can be exploited to execute arbitrary code under the context of the currently logged in user user.

tags | advisory, arbitrary
advisories | CVE-2009-0562
MD5 | 08a5cd87ce15d5505b31257a7dc6900f
Zero Day Initiative Advisory 09-054
Posted Aug 11, 2009
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 09-054 - This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Microsoft Office. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists during the processing of malicious parameters to the routine msDataSourceObject() and results in transfer of control to unallocated memory. This issue can be exploited to execute arbitrary code under the context of the currently logged in user.

tags | advisory, arbitrary
advisories | CVE-2009-1136
MD5 | e4842eaf4cb7b8faafbf92b716ebfa2e
Zero Day Initiative Advisory 09-053
Posted Aug 11, 2009
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 09-053 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. Authentication is not required to exploit this vulnerability. The specific flaw exists within the WINS.exe process which provides name resolution services for NetBIOS networks. While parsing a push request the WINS service copies packet data to a static heap buffer while within a controlled loop. By providing a specially crafted request an attacker can overflow this heap buffer leading to arbitrary code execution under the SYSTEM context.

tags | advisory, remote, overflow, arbitrary, code execution
systems | windows
advisories | CVE-2009-1923
MD5 | c60da01e1b0e77149a14d483525757e1
Technical Cyber Security Alert 2009-223A
Posted Aug 11, 2009
Authored by US-CERT | Site us-cert.gov

Technical Cyber Security Alert TA09-223A - Microsoft has released updates to address vulnerabilities in Microsoft Windows, Windows Server, Office Web Components and Remote Desktop Connection for Mac.

tags | advisory, remote, web, vulnerability
systems | windows
MD5 | b3adba6562119167e3d6b8b610b0c6d9
Ubuntu Security Notice 815-1
Posted Aug 11, 2009
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice USN-815-1 - It was discovered that libxml2 did not correctly handle root XML document element DTD definitions. If a user were tricked into processing a specially crafted XML document, a remote attacker could cause the application linked against libxml2 to crash, leading to a denial of service. It was discovered that libxml2 did not correctly parse Notation and Enumeration attribute types. If a user were tricked into processing a specially crafted XML document, a remote attacker could cause the application linked against libxml2 to crash, leading to a denial of service. It was discovered that libxml2 did not correctly handle long entity names. If a user were tricked into processing a specially crafted XML document, a remote attacker could execute arbitrary code with user privileges or cause the application linked against libxml2 to crash, leading to a denial of service.

tags | advisory, remote, denial of service, arbitrary, root
systems | linux, ubuntu
advisories | CVE-2008-3529, CVE-2009-2414, CVE-2009-2416
MD5 | 2c0e58afc2a1001a98879fa93cdb91d6
IPS Building Script
Posted Aug 11, 2009
Authored by Augusto Pereyra | Site code.google.com

This script provides an all-in-one easy installation of Snort in a box in bridge mode with a complex configuration.

tags | tool, sniffer
MD5 | d556a7ef731a9f01143ebecb0ca0ac33
Elicio Idea Management Software SQL Injection
Posted Aug 11, 2009
Authored by S3T4N | Site sux0r.net

Elicio Idea Manager Software suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | b286e84635eb0278ace49b7b5a1ec278
OCS Inventory NG Server 1.2.1 SQL Injection
Posted Aug 11, 2009
Authored by Guilherme Marinheiro

The OCS Inventory NG Server version 1.2.1 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 7773fcd2e32243f4457e6ffe80432483
NetrGetJoinInformation Heap Corruption
Posted Aug 11, 2009
Authored by Cody Pierce | Site tippingpoint.com

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. Valid user credentials are required to exploit this vulnerability. The specific flaw exists in the Workstation RPC Service. When handling the arguments for the NetrGetJoinInformation function, memory is improperly freed and can lead to remote code execution. Successful exploitation can lead to a remote system compromise under SYSTEM credentials.

tags | advisory, remote, arbitrary, code execution
systems | windows
advisories | CVE-2009-1544
MD5 | 3e898b79f108a4e33b941ece0865a7a7
Asterisk Project Security Advisory - Driver Crash
Posted Aug 11, 2009
Authored by Tilghman Lesher | Site asterisk.org

Asterisk Project Security Advisory - On certain implementations of libc, the scanf family of functions uses an unbounded amount of stack memory to repeatedly allocate string buffers prior to conversion to the target type. Coupled with Asterisk's allocation of thread stack sizes that are smaller than the default, an attacker may exhaust stack memory in the SIP stack network thread by presenting excessively long numeric strings in various fields.

tags | advisory
advisories | CVE-2009-2726
MD5 | d599b2be22e611b0ac0c869fe1d6a39e
HP Security Bulletin HPSBUX02450 SSRT090141
Posted Aug 11, 2009
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin - A potential security vulnerability have been identified with HP-UX programs using the ttrace(2) system call. The vulnerability could be exploited locally to create a Denial of Service (DoS).

tags | advisory, denial of service
systems | hpux
advisories | CVE-2009-1427
MD5 | 73e505e02c68c280ac863f4ed261269d
/bin/sh Polymorphic Shellcode For Linux/x86
Posted Aug 11, 2009
Authored by Jonathan Salwan | Site shell-storm.org

48 bytes small /bin/sh polymorphic shellcode for Linux/x86.

tags | x86, shellcode
systems | linux
MD5 | f92199343d759ca4a17763f7fd0e01e8
killall5 Polymorphic Shellcode For Linux/x86
Posted Aug 11, 2009
Authored by Jonathan Salwan | Site shell-storm.org

61 bytes small killall5 polymorphic shellcode for Linux/x86.

tags | x86, shellcode
systems | linux
MD5 | 75f545836047abffaa87a2eeb53a2409
Embedthis Appweb 3.0b.2-4 Buffer Overflow
Posted Aug 11, 2009
Authored by fl0 fl0w | Site fl0-fl0w.docspages.com

Embedthis Appweb remote stack buffer overflow proof of concept exploit.

tags | exploit, remote, overflow, proof of concept
MD5 | 173d24c7283ebdcaa7d207af097cd48a
Ubuntu Security Notice 814-1
Posted Aug 11, 2009
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice USN-814-1 - A substantial amount of vulnerabilities in openjdk-6 have been addressed and fixed. These issues range from denial of service to code execution vulnerabilities.

tags | advisory, denial of service, vulnerability, code execution
systems | linux, ubuntu
advisories | CVE-2009-0217, CVE-2009-2475, CVE-2009-2476, CVE-2009-2625, CVE-2009-2670, CVE-2009-2671, CVE-2009-2672, CVE-2009-2673, CVE-2009-2674, CVE-2009-2675, CVE-2009-2676, CVE-2009-2690
MD5 | a4f38bbfa2b4df638e8463c790b0c110
Joomla IDOBlog 1.1b30 SQL Injection
Posted Aug 11, 2009
Authored by kkr

The Joomla IDOBlog component version 1.1b30 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | e4f8ef193617cd3ac3a57c1a94086f01
Secunia Security Advisory 36266
Posted Aug 11, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in GnuTLS, which can be exploited by malicious people to conduct spoofing attacks.

tags | advisory, spoof
MD5 | d5917e9c3417a71dca28a2036453059a
Secunia Security Advisory 36229
Posted Aug 11, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in Microsoft Windows and Microsoft Remote Desktop Connection Client for Mac, which can be exploited by malicious people to compromise a user's system.

tags | advisory, remote, vulnerability
systems | windows
MD5 | d6d4957ac6a374cd9c74346c85cbf9ed
Secunia Security Advisory 36187
Posted Aug 11, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in various Windows components, which can be exploited by malicious people to bypass security features or compromise a user's system.

tags | advisory, vulnerability
systems | windows
MD5 | 1aa9e018be440020704ad2128fa77e44
Secunia Security Advisory 36206
Posted Aug 11, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in Microsoft Windows, which can be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability
systems | windows
MD5 | 9b2ac59d9ce6a6ba299b114b50b22fcf
Page 1 of 3
Back123Next

File Archive:

October 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    25 Files
  • 2
    Oct 2nd
    13 Files
  • 3
    Oct 3rd
    1 Files
  • 4
    Oct 4th
    1 Files
  • 5
    Oct 5th
    15 Files
  • 6
    Oct 6th
    15 Files
  • 7
    Oct 7th
    15 Files
  • 8
    Oct 8th
    11 Files
  • 9
    Oct 9th
    3 Files
  • 10
    Oct 10th
    1 Files
  • 11
    Oct 11th
    1 Files
  • 12
    Oct 12th
    8 Files
  • 13
    Oct 13th
    12 Files
  • 14
    Oct 14th
    23 Files
  • 15
    Oct 15th
    4 Files
  • 16
    Oct 16th
    13 Files
  • 17
    Oct 17th
    1 Files
  • 18
    Oct 18th
    1 Files
  • 19
    Oct 19th
    27 Files
  • 20
    Oct 20th
    41 Files
  • 21
    Oct 21st
    18 Files
  • 22
    Oct 22nd
    16 Files
  • 23
    Oct 23rd
    2 Files
  • 24
    Oct 24th
    1 Files
  • 25
    Oct 25th
    1 Files
  • 26
    Oct 26th
    17 Files
  • 27
    Oct 27th
    19 Files
  • 28
    Oct 28th
    29 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close