all things security
Showing 1 - 20 of 20 RSS Feed

Files Date: 2009-08-13

KiwiCON 2009 Call For Papers
Posted Aug 13, 2009
Site kiwicon.org

Kiwicon '09 Call For Papers - This year Kiwicon will be held from November 28th through 29th, 2009.

tags | paper, conference
MD5 | 09652a5422ee3d4f2faab6b2495d541e
Ubuntu Security Notice 816-1
Posted Aug 13, 2009
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice USN-816-1 - Moxie Marlinspike discovered that fetchmail did not properly handle certificates with NULL characters in the certificate name. A remote attacker could exploit this to perform a man in the middle attack to view sensitive information or alter encrypted communications.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2009-2666
MD5 | 0a51d00fe2ea559604ff3de4aff9e6a4
SAP NetWeaver Cross Site Scripting
Posted Aug 13, 2009
Authored by Sh2kerr | Site dsecrg.com

SAP NetWeaver Application Server version 7.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | e172bb9e94b9a7e9297d999c81578242
Solo Artist SQL Injection
Posted Aug 13, 2009
Authored by S3T4N | Site sux0r.net

Solo Artist websites suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 219f6c81e9d2e30e136db4d81d5b8e76
MS Wordpad Local Crash
Posted Aug 13, 2009
Authored by murderkey

Microsoft Wordpad on Windows XP SP3 memory exhaustion exploit.

tags | exploit
systems | windows, xp
MD5 | 3eb8df16e20b39d7e49e370ac23f8899
Shorty 0.7.1b Insecure Cookie
Posted Aug 13, 2009
Authored by Pedro Laguna

Shorty version 0.7.1 Beta suffers from an insecure cooking handling vulnerability that allows for authentication bypass.

tags | exploit
MD5 | 5235f068127373e081d1b329c803c66b
Microsoft Windows MSMQ Privilege Escalation
Posted Aug 13, 2009
Authored by Nikita Tarakanov | Site securitylab.ru

Positive Technologies Research Team has discovered a privilege escalation vulnerability in Windows Message Queuing service (MSMQ). The IOCTL handler in mqac.sys does not properly validate buffer data associated with the Irp object, which allows local users to crash the system or execute arbitrary code with SYSTEM privileges.

tags | advisory, arbitrary, local
systems | windows
advisories | CVE-2009-1922
MD5 | a789b1b7aab02f482506c80db433e8ca
Plume CMS SQL Injection
Posted Aug 13, 2009
Site senseofsecurity.com.au

Plume CMS version 1.2.3 suffers from multiple remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
MD5 | a88f2ef9baedff19011d5320e8731628
Debian Linux Security Advisory 1860-1
Posted Aug 13, 2009
Authored by Debian | Site debian.org

Debian Security Advisory 1860-1 - Several vulnerabilities have been discovered in Ruby.

tags | advisory, vulnerability, ruby
systems | linux, debian
advisories | CVE-2009-0642, CVE-2009-1904
MD5 | 1bfd519f85bdb6e2c0f36ac10784c98d
Chavoosh CMS SQL Injection
Posted Aug 13, 2009
Authored by Isfahan University of Technology

Chavoosh CMS suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | d2af5e6435a05e3a7631adbae4e6da7b
Gallarific Photo Gallery 1.0 Delete Issue
Posted Aug 13, 2009
Authored by Ilker Kandemir

Gallarific Photo Gallery versions 1.0 and below suffer from arbitrary delete and edit vulnerabilities.

tags | exploit, arbitrary, vulnerability
MD5 | 880d543232707f99029ab5edefc4778f
Mandriva Linux Security Advisory 2009-201
Posted Aug 13, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-201 - socket.c in fetchmail before 6.3.11 does not properly handle a '\\0' character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408. This update provides a solution to this vulnerability.

tags | advisory, arbitrary, spoof
systems | linux, mandriva
advisories | CVE-2009-2666
MD5 | f9878292fad795a55c61ac2876795a33
Mandriva Linux Security Advisory 2009-200
Posted Aug 13, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-200 - Stack consumption vulnerability in libxml2 2.5.10, 2.6.16, 2.6.26, 2.6.27, and 2.6.32, and libxml 1.8.17, allows context-dependent attackers to cause a denial of service (application crash) via a large depth of element declarations in a DTD, related to a function recursion, as demonstrated by the Codenomicon XML fuzzing framework. Multiple use-after-free vulnerabilities in libxml2 2.5.10, 2.6.16, 2.6.26, 2.6.27, and 2.6.32, and libxml 1.8.17, allow context-dependent attackers to cause a denial of service (application crash) via crafted (1) Notation or (2) Enumeration attribute types in an XML file, as demonstrated by the Codenomicon XML fuzzing framework. This update provides a solution to these vulnerabilities.

tags | advisory, denial of service, vulnerability
systems | linux, mandriva
advisories | CVE-2009-2414, CVE-2009-2416
MD5 | d79b39eec2168c63f93f437b8d690099
Gazelle CMS 1.0 Command Execution
Posted Aug 13, 2009
Authored by white_sheep

Gazelle CMS version 1.0 suffers from password reset, local file inclusion, cross site scripting, and remote command execution vulnerabilities.

tags | exploit, remote, local, vulnerability, xss, file inclusion
MD5 | 646bf8c17b3cc5bd02c02018cd5a164b
2WIRE Gateway Bypass / Reset
Posted Aug 13, 2009
Authored by hkm

2Wire Gateways suffer from a remote password reset vulnerability that allows for authentication bypass. Versions 2071 Gateway, 1800HW, and 1701HG are vulnerable.

tags | exploit, remote, bypass
MD5 | 7f38c15890498546582e4788b5679970
Safari 4 Top Sites Hijack
Posted Aug 13, 2009
Authored by Inferno from Secure Thoughts

Safari 4 versions prior to 4.0.3 suffer from a Top Sites hijacking vulnerability. Proof of concept code is included.

tags | exploit, proof of concept
MD5 | 6306f4f10fd63eca34eeda40a33a839e
JibberBook Disclosure / Injection
Posted Aug 13, 2009
Authored by Onur YILMAZ

JibberBook suffers from comment information disclosure and html injection vulnerabilities.

tags | exploit, vulnerability, info disclosure
MD5 | 47a86e234e38bb6501811d2a739ccc03
HP Security Bulletin HPSBTU02454 SSRT080172
Posted Aug 13, 2009
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin - A potential security vulnerability has been identified in Samba running on the Internet Express for Tru64 UNIX. The vulnerability could be exploited remotely to disclose information on the Samba server.

tags | advisory
systems | unix
advisories | CVE-2008-4314
MD5 | 5c0b803018127beed81c9f5a37fec117
MU Security Advisory 2009-08.01
Posted Aug 13, 2009
Authored by MU Dynamics, Mu Security research team | Site labs.musecurity.com

The Mu Dynamics Research team has found several vulnerabilities stemming from unsafe use of the sscanf C standard library function. Asterisk versions 1.6.1 through 1.6.1.2 are affected.

tags | advisory, vulnerability
MD5 | 8d96c60fb00500a78341b56bb9614fc5
Easy Music Player 1.0.0.2 Universal Buffer Overflow
Posted Aug 13, 2009
Authored by hack4love

Easy Music Player version 1.0.0.2 universal local buffer overflow exploit.

tags | exploit, overflow, local
MD5 | 37d5ed3f7afcfed97854a557568b72b3
Page 1 of 1
Back1Next

File Archive:

July 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    2 Files
  • 2
    Jul 2nd
    3 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    4 Files
  • 5
    Jul 5th
    15 Files
  • 6
    Jul 6th
    15 Files
  • 7
    Jul 7th
    10 Files
  • 8
    Jul 8th
    2 Files
  • 9
    Jul 9th
    10 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    15 Files
  • 12
    Jul 12th
    19 Files
  • 13
    Jul 13th
    16 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    3 Files
  • 16
    Jul 16th
    2 Files
  • 17
    Jul 17th
    8 Files
  • 18
    Jul 18th
    11 Files
  • 19
    Jul 19th
    15 Files
  • 20
    Jul 20th
    15 Files
  • 21
    Jul 21st
    15 Files
  • 22
    Jul 22nd
    7 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close