what you don't know can hurt you
Showing 1 - 25 of 50 RSS Feed

Files Date: 2009-09-22

Hackers 2 Hackers Conference 6 Edition Call For Papers
Posted Sep 22, 2009
Site h2hc.com.br

Call For Papers for the Hackers to Hackers Conference - 6th Edition. It will take place in Sao Paulo, Brazil from November 28th through the 29th, 2009.

tags | paper, conference
MD5 | f1dd14e6f34a5c3b765d7bf728c1f1e3
SQL Injection Write Up In Indonesian
Posted Sep 22, 2009
Authored by Gonzhack

Brief whitepaper discussing SQL injection in MySQL. Written in Indonesian.

tags | paper, sql injection
MD5 | 27b57108848a358f9a3145c6395a539d
Mambo / Joomla Tupinambis SQL Injection
Posted Sep 22, 2009
Authored by Don Tukulesto | Site indonesiancoder.com

The Tupinambis component for Joomla and Mambo suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | c154b25bd848cd01cc00581e772d2721
Joomla Facebook SQL Injection
Posted Sep 22, 2009
Authored by kaMtiEz | Site indonesiancoder.com

The Joomla Facebook component suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 698bb35a3e043a8e7547a7d168e155a5
Share Zone SQL Injection
Posted Sep 22, 2009
Authored by OoN_Boy | Site oonboy.blogspot.com

Share Zone suffers from a remote blind SQL injection vulnerability in view_news.php.

tags | exploit, remote, php, sql injection
MD5 | 31bc6ca06f1f5e0e3873f3a64ec40857
Mandriva Linux Security Advisory 2009-242
Posted Sep 22, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-242-1 - Multiple stack-based buffer overflows in the Sieve plugin in Dovecot 1.0 before 1.0.4 and 1.1 before 1.1.7, as derived from Cyrus libsieve, allow context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted SIEVE script, as demonstrated by forwarding an e-mail message to a large number of recipients, a different vulnerability than CVE-2009-2632. This update provides a solution to this vulnerability. Packages for Enterprise 5 i586 were missing with the previous update. This update corrects this.

tags | advisory, denial of service, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2009-3235
MD5 | 80a9b9513e672cce2223a69a9b1c86d7
Toner Cart SQL Injection
Posted Sep 22, 2009
Authored by OoN_Boy | Site oonboy.blogspot.com

Toner Cart suffers from a remote blind SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 13950706ee054f5570df57be6249bd04
Cosmetics Zone SQL Injection
Posted Sep 22, 2009
Authored by OoN_Boy | Site oonboy.blogspot.com

Cosmetics Zone suffers from a remote blind SQL injection vulnerability in view_products.php.

tags | exploit, remote, php, sql injection
MD5 | ca21be2ca62cd972d38c0af138c6e83e
Mandriva Linux Security Advisory 2009-242
Posted Sep 22, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-242 - Multiple stack-based buffer overflows in the Sieve plugin in Dovecot 1.0 before 1.0.4 and 1.1 before 1.1.7, as derived from Cyrus libsieve, allow context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted SIEVE script, as demonstrated by forwarding an e-mail message to a large number of recipients, a different vulnerability than CVE-2009-2632. This update provides a solution to this vulnerability.

tags | advisory, denial of service, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2009-3235
MD5 | 18fbe63b5c90e115b25ddb25555c74c9
HP Security Bulletin HPSBUX02457 SSRT090174
Posted Sep 22, 2009
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin - A potential security vulnerability has been identified with HP-UX running Role-Based Access Control (RBAC). The vulnerability could be exploited locally to gain unauthorized access.

tags | advisory
systems | hpux
advisories | CVE-2009-2682
MD5 | 4a67c50c7e271844bb0e33265a38f9e0
MS-SQL Injection Tutorial
Posted Sep 22, 2009
Authored by Inj3ct0r | Site Inj3ct0r.com

MS-SQL injection tutorial written in Albanian.

tags | paper, sql injection
MD5 | 61a3ee12256abcf26131ef627a2c9bd4
Mandriva Linux Security Advisory 2009-241
Posted Sep 22, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-241 - The strListGetItem function in src/HttpHeaderTools.c in Squid 2.7 allows remote attackers to cause a denial of service via a crafted auth header with certain comma delimiters that trigger an infinite loop of calls to the strcspn function. This update provides a solution to this vulnerability.

tags | advisory, remote, denial of service
systems | linux, mandriva
advisories | CVE-2009-2855
MD5 | 38d71c87ec714e976c9230b0caa3df1b
Mandriva Linux Security Advisory 2009-240
Posted Sep 22, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-240 - The ap_proxy_ftp_handler function in modules/proxy/proxy_ftp.c in the mod_proxy_ftp module in the Apache HTTP Server 2.0.63 and 2.2.13 allows remote FTP servers to cause a denial of service (NULL pointer dereference and child process crash) via a malformed reply to an EPSV command. The mod_proxy_ftp module in the Apache HTTP Server allows remote attackers to bypass intended access restrictions and send arbitrary commands to an FTP server via vectors related to the embedding of these commands in the Authorization HTTP header, as demonstrated by a certain module in VulnDisco Pack Professional 8.11. NOTE: as of 20090903, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes. This update provides a solution to these vulnerabilities.

tags | advisory, remote, web, denial of service, arbitrary, vulnerability
systems | linux, mandriva
advisories | CVE-2009-3094, CVE-2009-3095
MD5 | 3f7ffaa3c4b8b4c2e51aad29833fd88c
BPLawyerCaseDocument 1.0 SQL Injection
Posted Sep 22, 2009
Authored by OoN_Boy | Site oonboy.blogspot.com

BPLawyerCaseDocument version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 68481398a55f93357b4a86b7184a5b0d
MMORPG Zone SQL Injection
Posted Sep 22, 2009
Authored by OoN_Boy | Site oonboy.blogspot.com

MMORPG Zone suffers from remote blind SQL injection vulnerabilities in view_news.php and game.php.

tags | exploit, remote, php, vulnerability, sql injection
MD5 | a10315c0129cc94fb1ab74f0482dcef7
DVD Zone SQL Injection / Cross Site Scripting
Posted Sep 22, 2009
Authored by OoN_Boy | Site oonboy.blogspot.com

DVD Zone suffers from remote blind SQL injection and cross site scripting vulnerabilities in view_mag.php.

tags | exploit, remote, php, vulnerability, xss, sql injection
MD5 | 727fc86035e2b0d79910bfaba82c6b12
Joomla Sport Fusion 0.2.3 SQL Injection
Posted Sep 22, 2009
Authored by kaMtiEz | Site indonesiancoder.com

Joomla Sport Fusion component versions 0.2.2 through 0.2.3 suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 56baccc5e29ccac1fb1b69a5ed20e6cb
Alibaba Clone 3.0 SQL Injection
Posted Sep 22, 2009
Authored by OoN_Boy | Site oonboy.blogspot.com

Alibaba Clone version 3.0 suffers from remote blind SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
MD5 | 7241b62e6d9db23ac6f491d3f8bf4534
GRAudit Grep Auditing Tool 1.2
Posted Sep 22, 2009
Authored by Wireghoul | Site justanotherhacker.com

Graudit is a simple script and signature sets that allows you to find potential security flaws in source code using the GNU utility, grep. It's comparable to other static analysis applications like RATS, SWAAT, and flaw-finder while keeping the technical requirements to a minimum and being very flexible.

Changes: Default signatures are now aimed at low hanging fruit. Documentation was improved. Bugs in graudit and signatures were fixed.
systems | unix
MD5 | dd513e8663ab1bcfe61a034823c75d8f
MaxWebPortal SQL Injection
Posted Sep 22, 2009
Authored by OoN_Boy | Site oonboy.blogspot.com

MaxWebPortal suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 6e4efbed0923761042d9e703b805464e
Mandriva Linux Security Advisory 2009-239
Posted Sep 22, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-239 - Use-after-free vulnerability in the dtls1_retrieve_buffered_fragment function in ssl/d1_both.c in OpenSSL 1.0.0 Beta 2 allows remote attackers to cause a denial of service (openssl s_client crash) and possibly have unspecified other impact via a DTLS packet, as demonstrated by a packet from a server that uses a crafted server certificate. The dtls1_retrieve_buffered_fragment function in ssl/d1_both.c in OpenSSL before 1.0.0 Beta 2 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an out-of-sequence DTLS handshake message, related to a fragment bug. The NSS library library before 3.12.3, as used in Firefox; GnuTLS before 2.6.4 and 2.7.4; OpenSSL 0.9.8 through 0.9.8k; and other products support MD2 with X.509 certificates, which might allow remote attackers to spoof certificates by using MD2 design flaws the scope of this issue is currently limited because the amount of computation required is still large. This update provides a solution to these vulnerabilities.

tags | advisory, remote, denial of service, spoof, vulnerability
systems | linux, mandriva
advisories | CVE-2009-1379, CVE-2009-1387, CVE-2009-2409
MD5 | 53607bac689b7a6488ea91c1596b0e99
Real Estate Script For Realtors SQL Injection
Posted Sep 22, 2009
Authored by OoN_Boy | Site oonboy.blogspot.com

The Real Estate Script for Realtors suffers from a blind SQL injection vulnerability in view_listing.php.

tags | exploit, php, sql injection
MD5 | de360a36425505df904d94300c8f40cd
HB CMS 1.7 SQL Injection
Posted Sep 22, 2009
Authored by Securitylab Security Research | Site securitylab.ir

HB CMS version 1.7 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 8afd6599c5304adb123c9238e8d9cb5f
BPMusic 1.0 SQL Injection
Posted Sep 22, 2009
Authored by OoN_Boy | Site oonboy.blogspot.com

BPMusic version 1.0 suffers from blind SQL injection vulnerabilities.

tags | exploit, vulnerability, sql injection
MD5 | dab182504feb221d0eebeabe5a40700a
BPStudent 1.0 SQL Injection
Posted Sep 22, 2009
Authored by OoN_Boy | Site oonboy.blogspot.com

BPStudent version 1.0 suffers from blind SQL injection vulnerabilities.

tags | exploit, vulnerability, sql injection
MD5 | 8c5dd950826a92e11106ecdd92c08814
Page 1 of 2
Back12Next

File Archive:

January 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    2 Files
  • 2
    Jan 2nd
    0 Files
  • 3
    Jan 3rd
    20 Files
  • 4
    Jan 4th
    4 Files
  • 5
    Jan 5th
    37 Files
  • 6
    Jan 6th
    20 Files
  • 7
    Jan 7th
    4 Files
  • 8
    Jan 8th
    0 Files
  • 9
    Jan 9th
    0 Files
  • 10
    Jan 10th
    18 Files
  • 11
    Jan 11th
    8 Files
  • 12
    Jan 12th
    19 Files
  • 13
    Jan 13th
    31 Files
  • 14
    Jan 14th
    2 Files
  • 15
    Jan 15th
    2 Files
  • 16
    Jan 16th
    2 Files
  • 17
    Jan 17th
    18 Files
  • 18
    Jan 18th
    13 Files
  • 19
    Jan 19th
    0 Files
  • 20
    Jan 20th
    0 Files
  • 21
    Jan 21st
    0 Files
  • 22
    Jan 22nd
    0 Files
  • 23
    Jan 23rd
    0 Files
  • 24
    Jan 24th
    0 Files
  • 25
    Jan 25th
    0 Files
  • 26
    Jan 26th
    0 Files
  • 27
    Jan 27th
    0 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close