what you don't know can hurt you
Showing 1 - 25 of 50 RSS Feed

Files Date: 2009-09-22

Hackers 2 Hackers Conference 6 Edition Call For Papers
Posted Sep 22, 2009
Site h2hc.com.br

Call For Papers for the Hackers to Hackers Conference - 6th Edition. It will take place in Sao Paulo, Brazil from November 28th through the 29th, 2009.

tags | paper, conference
MD5 | f1dd14e6f34a5c3b765d7bf728c1f1e3
SQL Injection Write Up In Indonesian
Posted Sep 22, 2009
Authored by Gonzhack

Brief whitepaper discussing SQL injection in MySQL. Written in Indonesian.

tags | paper, sql injection
MD5 | 27b57108848a358f9a3145c6395a539d
Mambo / Joomla Tupinambis SQL Injection
Posted Sep 22, 2009
Authored by Don Tukulesto | Site indonesiancoder.com

The Tupinambis component for Joomla and Mambo suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | c154b25bd848cd01cc00581e772d2721
Joomla Facebook SQL Injection
Posted Sep 22, 2009
Authored by kaMtiEz | Site indonesiancoder.com

The Joomla Facebook component suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 698bb35a3e043a8e7547a7d168e155a5
Share Zone SQL Injection
Posted Sep 22, 2009
Authored by OoN_Boy | Site oonboy.blogspot.com

Share Zone suffers from a remote blind SQL injection vulnerability in view_news.php.

tags | exploit, remote, php, sql injection
MD5 | 31bc6ca06f1f5e0e3873f3a64ec40857
Mandriva Linux Security Advisory 2009-242
Posted Sep 22, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-242-1 - Multiple stack-based buffer overflows in the Sieve plugin in Dovecot 1.0 before 1.0.4 and 1.1 before 1.1.7, as derived from Cyrus libsieve, allow context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted SIEVE script, as demonstrated by forwarding an e-mail message to a large number of recipients, a different vulnerability than CVE-2009-2632. This update provides a solution to this vulnerability. Packages for Enterprise 5 i586 were missing with the previous update. This update corrects this.

tags | advisory, denial of service, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2009-3235
MD5 | 80a9b9513e672cce2223a69a9b1c86d7
Toner Cart SQL Injection
Posted Sep 22, 2009
Authored by OoN_Boy | Site oonboy.blogspot.com

Toner Cart suffers from a remote blind SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 13950706ee054f5570df57be6249bd04
Cosmetics Zone SQL Injection
Posted Sep 22, 2009
Authored by OoN_Boy | Site oonboy.blogspot.com

Cosmetics Zone suffers from a remote blind SQL injection vulnerability in view_products.php.

tags | exploit, remote, php, sql injection
MD5 | ca21be2ca62cd972d38c0af138c6e83e
Mandriva Linux Security Advisory 2009-242
Posted Sep 22, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-242 - Multiple stack-based buffer overflows in the Sieve plugin in Dovecot 1.0 before 1.0.4 and 1.1 before 1.1.7, as derived from Cyrus libsieve, allow context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted SIEVE script, as demonstrated by forwarding an e-mail message to a large number of recipients, a different vulnerability than CVE-2009-2632. This update provides a solution to this vulnerability.

tags | advisory, denial of service, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2009-3235
MD5 | 18fbe63b5c90e115b25ddb25555c74c9
HP Security Bulletin HPSBUX02457 SSRT090174
Posted Sep 22, 2009
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin - A potential security vulnerability has been identified with HP-UX running Role-Based Access Control (RBAC). The vulnerability could be exploited locally to gain unauthorized access.

tags | advisory
systems | hpux
advisories | CVE-2009-2682
MD5 | 4a67c50c7e271844bb0e33265a38f9e0
MS-SQL Injection Tutorial
Posted Sep 22, 2009
Authored by Inj3ct0r | Site Inj3ct0r.com

MS-SQL injection tutorial written in Albanian.

tags | paper, sql injection
MD5 | 61a3ee12256abcf26131ef627a2c9bd4
Mandriva Linux Security Advisory 2009-241
Posted Sep 22, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-241 - The strListGetItem function in src/HttpHeaderTools.c in Squid 2.7 allows remote attackers to cause a denial of service via a crafted auth header with certain comma delimiters that trigger an infinite loop of calls to the strcspn function. This update provides a solution to this vulnerability.

tags | advisory, remote, denial of service
systems | linux, mandriva
advisories | CVE-2009-2855
MD5 | 38d71c87ec714e976c9230b0caa3df1b
Mandriva Linux Security Advisory 2009-240
Posted Sep 22, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-240 - The ap_proxy_ftp_handler function in modules/proxy/proxy_ftp.c in the mod_proxy_ftp module in the Apache HTTP Server 2.0.63 and 2.2.13 allows remote FTP servers to cause a denial of service (NULL pointer dereference and child process crash) via a malformed reply to an EPSV command. The mod_proxy_ftp module in the Apache HTTP Server allows remote attackers to bypass intended access restrictions and send arbitrary commands to an FTP server via vectors related to the embedding of these commands in the Authorization HTTP header, as demonstrated by a certain module in VulnDisco Pack Professional 8.11. NOTE: as of 20090903, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes. This update provides a solution to these vulnerabilities.

tags | advisory, remote, web, denial of service, arbitrary, vulnerability
systems | linux, mandriva
advisories | CVE-2009-3094, CVE-2009-3095
MD5 | 3f7ffaa3c4b8b4c2e51aad29833fd88c
BPLawyerCaseDocument 1.0 SQL Injection
Posted Sep 22, 2009
Authored by OoN_Boy | Site oonboy.blogspot.com

BPLawyerCaseDocument version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 68481398a55f93357b4a86b7184a5b0d
MMORPG Zone SQL Injection
Posted Sep 22, 2009
Authored by OoN_Boy | Site oonboy.blogspot.com

MMORPG Zone suffers from remote blind SQL injection vulnerabilities in view_news.php and game.php.

tags | exploit, remote, php, vulnerability, sql injection
MD5 | a10315c0129cc94fb1ab74f0482dcef7
DVD Zone SQL Injection / Cross Site Scripting
Posted Sep 22, 2009
Authored by OoN_Boy | Site oonboy.blogspot.com

DVD Zone suffers from remote blind SQL injection and cross site scripting vulnerabilities in view_mag.php.

tags | exploit, remote, php, vulnerability, xss, sql injection
MD5 | 727fc86035e2b0d79910bfaba82c6b12
Joomla Sport Fusion 0.2.3 SQL Injection
Posted Sep 22, 2009
Authored by kaMtiEz | Site indonesiancoder.com

Joomla Sport Fusion component versions 0.2.2 through 0.2.3 suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 56baccc5e29ccac1fb1b69a5ed20e6cb
Alibaba Clone 3.0 SQL Injection
Posted Sep 22, 2009
Authored by OoN_Boy | Site oonboy.blogspot.com

Alibaba Clone version 3.0 suffers from remote blind SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
MD5 | 7241b62e6d9db23ac6f491d3f8bf4534
GRAudit Grep Auditing Tool 1.2
Posted Sep 22, 2009
Authored by Wireghoul | Site justanotherhacker.com

Graudit is a simple script and signature sets that allows you to find potential security flaws in source code using the GNU utility, grep. It's comparable to other static analysis applications like RATS, SWAAT, and flaw-finder while keeping the technical requirements to a minimum and being very flexible.

Changes: Default signatures are now aimed at low hanging fruit. Documentation was improved. Bugs in graudit and signatures were fixed.
systems | unix
MD5 | dd513e8663ab1bcfe61a034823c75d8f
MaxWebPortal SQL Injection
Posted Sep 22, 2009
Authored by OoN_Boy | Site oonboy.blogspot.com

MaxWebPortal suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 6e4efbed0923761042d9e703b805464e
Mandriva Linux Security Advisory 2009-239
Posted Sep 22, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-239 - Use-after-free vulnerability in the dtls1_retrieve_buffered_fragment function in ssl/d1_both.c in OpenSSL 1.0.0 Beta 2 allows remote attackers to cause a denial of service (openssl s_client crash) and possibly have unspecified other impact via a DTLS packet, as demonstrated by a packet from a server that uses a crafted server certificate. The dtls1_retrieve_buffered_fragment function in ssl/d1_both.c in OpenSSL before 1.0.0 Beta 2 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an out-of-sequence DTLS handshake message, related to a fragment bug. The NSS library library before 3.12.3, as used in Firefox; GnuTLS before 2.6.4 and 2.7.4; OpenSSL 0.9.8 through 0.9.8k; and other products support MD2 with X.509 certificates, which might allow remote attackers to spoof certificates by using MD2 design flaws the scope of this issue is currently limited because the amount of computation required is still large. This update provides a solution to these vulnerabilities.

tags | advisory, remote, denial of service, spoof, vulnerability
systems | linux, mandriva
advisories | CVE-2009-1379, CVE-2009-1387, CVE-2009-2409
MD5 | 53607bac689b7a6488ea91c1596b0e99
Real Estate Script For Realtors SQL Injection
Posted Sep 22, 2009
Authored by OoN_Boy | Site oonboy.blogspot.com

The Real Estate Script for Realtors suffers from a blind SQL injection vulnerability in view_listing.php.

tags | exploit, php, sql injection
MD5 | de360a36425505df904d94300c8f40cd
HB CMS 1.7 SQL Injection
Posted Sep 22, 2009
Authored by Securitylab Security Research | Site securitylab.ir

HB CMS version 1.7 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 8afd6599c5304adb123c9238e8d9cb5f
BPMusic 1.0 SQL Injection
Posted Sep 22, 2009
Authored by OoN_Boy | Site oonboy.blogspot.com

BPMusic version 1.0 suffers from blind SQL injection vulnerabilities.

tags | exploit, vulnerability, sql injection
MD5 | dab182504feb221d0eebeabe5a40700a
BPStudent 1.0 SQL Injection
Posted Sep 22, 2009
Authored by OoN_Boy | Site oonboy.blogspot.com

BPStudent version 1.0 suffers from blind SQL injection vulnerabilities.

tags | exploit, vulnerability, sql injection
MD5 | 8c5dd950826a92e11106ecdd92c08814
Page 1 of 2
Back12Next

File Archive:

March 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    2 Files
  • 2
    Mar 2nd
    18 Files
  • 3
    Mar 3rd
    15 Files
  • 4
    Mar 4th
    12 Files
  • 5
    Mar 5th
    19 Files
  • 6
    Mar 6th
    8 Files
  • 7
    Mar 7th
    1 Files
  • 8
    Mar 8th
    1 Files
  • 9
    Mar 9th
    11 Files
  • 10
    Mar 10th
    15 Files
  • 11
    Mar 11th
    9 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    13 Files
  • 14
    Mar 14th
    10 Files
  • 15
    Mar 15th
    13 Files
  • 16
    Mar 16th
    27 Files
  • 17
    Mar 17th
    15 Files
  • 18
    Mar 18th
    23 Files
  • 19
    Mar 19th
    25 Files
  • 20
    Mar 20th
    10 Files
  • 21
    Mar 21st
    6 Files
  • 22
    Mar 22nd
    1 Files
  • 23
    Mar 23rd
    22 Files
  • 24
    Mar 24th
    15 Files
  • 25
    Mar 25th
    22 Files
  • 26
    Mar 26th
    20 Files
  • 27
    Mar 27th
    15 Files
  • 28
    Mar 28th
    10 Files
  • 29
    Mar 29th
    1 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close