what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 15 of 15 RSS Feed

Files Date: 2009-09-26

Mereo 1.8.0 File Disclosure
Posted Sep 26, 2009
Authored by Dr_IDE

Mereo web server version 1.8 suffers from a remote source code disclosure vulnerability.

tags | exploit, remote, web
SHA-256 | 117e0e5e88a43e22c430c1d95e9d478b29c66818ff7b2f283b2628cd14a72bf8
BigAnt Server 2.50 Buffer Overflow PoC 1
Posted Sep 26, 2009
Authored by Dr_IDE

BigAnt server versions 2.50 SP6 and below local buffer overflow exploit that creates a malicious .zip file.

tags | exploit, overflow, local
SHA-256 | 929bf0b0bca74da01ef0e4c388a2bb97e21dc39f430ef19e9d163e349a1892a2
BigAnt Server 2.50 Buffer Overflow PoC 2
Posted Sep 26, 2009
Authored by Dr_IDE

BigAnt server versions 2.50 SP6 and below local buffer overflow exploit that creates a malicious .zip file.

tags | exploit, overflow, local
SHA-256 | fad1d13b6b360530e07a6d9c7e524772e97044a0928f56cb312918aeee2c7486
CDBurnerXP 4.2.4.1351 Crash
Posted Sep 26, 2009
Authored by Dr_IDE

CDBurnerXP version 4.2.4.1351 local crash proof of concept exploit.

tags | exploit, local, proof of concept
SHA-256 | 5f764bdf7b928b7d5e34681481ebb0598b453f1637e1b90aa42f5f7e63ca50a8
Core FTP LE 2.1 Buffer Overflow
Posted Sep 26, 2009
Authored by Dr_IDE

Core FTP LE version 2.1 build 1612 local buffer overflow proof of concept exploit.

tags | exploit, overflow, local, proof of concept
SHA-256 | b5b95426f072fdbe3577e65a1d21389ede29589fa6637ff7d871b8a71b910001
VLC Media Player 1.0.2 smb:// Stack Overflow
Posted Sep 26, 2009
Authored by Dr_IDE

VLC Media Player version 1.0.2 smb:// URI handling remote stack overflow proof of concept exploit.

tags | exploit, remote, overflow, proof of concept
SHA-256 | a989eebff58b37b7f58f336f18a443f36012d78006bda0ae6dc5d02c863864d1
CuteFTP 8.3.3 Buffer Overflow
Posted Sep 26, 2009
Authored by Dr_IDE

CuteFTP version 8.3.3 Home/Pro/Lite create new site local buffer overflow proof of concept exploit.

tags | exploit, overflow, local, proof of concept
SHA-256 | cedfd3793af2ff469ba4e5c5352b060b67620f62d90d694beeaeea6399e58d4c
Mandriva Linux Security Advisory 2009-248
Posted Sep 26, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-248 - The php_openssl_apply_verification_policy function in PHP before 5.2.11 does not properly perform certificate validation, which has unknown impact and attack vectors, probably related to an ability to spoof certificates. Unspecified vulnerability in PHP before 5.2.11 has unknown impact and attack vectors related to missing sanity checks around exif processing. Unspecified vulnerability in the imagecolortransparent function in PHP before 5.2.11 has unknown impact and attack vectors related to an incorrect sanity check for the color index. This update provides a solution to these vulnerabilities.

tags | advisory, spoof, php, vulnerability
systems | linux, mandriva
advisories | CVE-2009-3291, CVE-2009-3292, CVE-2009-3293
SHA-256 | c6fd9002951b645b1a2512216eeebebe823b0b572c4cbaaa2768de70b69fab34
Mandriva Linux Security Advisory 2009-247
Posted Sep 26, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-247 - The dba_replace function in PHP 5.2.6 and 4.x allows context-dependent attackers to cause a denial of service (file truncation) via a key with the NULL byte. The php_openssl_apply_verification_policy function in PHP before 5.2.11 does not properly perform certificate validation, which has unknown impact and attack vectors, probably related to an ability to spoof certificates. Unspecified vulnerability in PHP before 5.2.11 has unknown impact and attack vectors related to missing sanity checks around exif processing. Unspecified vulnerability in the imagecolortransparent function in PHP before 5.2.11 has unknown impact and attack vectors related to an incorrect sanity check for the color index. This update provides a solution to these vulnerabilities.

tags | advisory, denial of service, spoof, php, vulnerability
systems | linux, mandriva
advisories | CVE-2008-7068, CVE-2009-3291, CVE-2009-3292, CVE-2009-3293
SHA-256 | 9f34eb3be32a16badbc273deeba8ee60a449660a14f9a4391e63e8989fd4396d
Mandriva Linux Security Advisory 2009-246
Posted Sep 26, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-246 - The dba_replace function in PHP 5.2.6 and 4.x allows context-dependent attackers to cause a denial of service (file truncation) via a key with the NULL byte. The php_openssl_apply_verification_policy function in PHP before 5.2.11 does not properly perform certificate validation, which has unknown impact and attack vectors, probably related to an ability to spoof certificates. Unspecified vulnerability in PHP before 5.2.11 has unknown impact and attack vectors related to missing sanity checks around exif processing. Unspecified vulnerability in the imagecolortransparent function in PHP before 5.2.11 has unknown impact and attack vectors related to an incorrect sanity check for the color index. This update provides a solution to these vulnerabilities.

tags | advisory, denial of service, spoof, php, vulnerability
systems | linux, mandriva
advisories | CVE-2008-7068, CVE-2009-3291, CVE-2009-3292, CVE-2009-3293
SHA-256 | a7888af91f0c4d772efd71a91fd56e1c64e3be7dc6c2d0e953cc04cb1993cd51
Drupal Bibliography Module Cross Site Scripting
Posted Sep 26, 2009
Authored by Black Packeteer

The Drupal Bibliography module suffers from a cross site scripting vulnerability.

tags | advisory, xss
SHA-256 | 1df00a569c1d0e9242547459c6bbde0f8d569f1342ca584e414ab5b065649d36
Gentoo Linux Security Advisory 200909-20
Posted Sep 26, 2009
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200909-20 - An error in the X.509 certificate handling of cURL might enable remote attackers to conduct man-in-the-middle attacks. Scott Cantor reported that cURL does not properly handle fields in X.509 certificates that contain an ASCII NUL (\\0) character. Specifically, the processing of such fields is stopped at the first occurrence of a NUL character. This type of vulnerability was recently discovered by Dan Kaminsky and Moxie Marlinspike. Versions less than 7.19.6 are affected.

tags | advisory, remote
systems | linux, gentoo
advisories | CVE-2009-2417
SHA-256 | d7a6e3c8914f596bc2790f9b68c01a382534d960f78935b39e8bde92ac5178ee
Klonet E-Commerce SQL Injection
Posted Sep 26, 2009
Authored by S3T4N | Site sux0r.net

Klonet E-Commerce suffers from a remote SQL injection vulnerability in products.php.

tags | exploit, remote, php, sql injection
SHA-256 | f5de29acce0856b4becd099321c830b1664a5cc06f453ac330643c3f2692cb66
Cisco ACE XML Gateway 6.0 IP Disclosure
Posted Sep 26, 2009
Authored by nitr0us

Cisco ACE XML Gateway versions 6.0 and below suffer from an internal IP address disclosure.

tags | advisory, info disclosure
systems | cisco
SHA-256 | 10bcb1121c5acc6108bd14846e869fa5d909a554f39476024703a4b6603e3d13
Engeman 6.x.x SQL Injection
Posted Sep 26, 2009
Authored by crashbrz

Engeman version 6.x.x suffers from a SQL injection vulnerability.

tags | exploit, sql injection
SHA-256 | de087fcffc69d216c02ae0b5df55f0e127c09b10fc5ccacc0f2e7ca50168edd6
Page 1 of 1
Back1Next

File Archive:

April 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    10 Files
  • 2
    Apr 2nd
    26 Files
  • 3
    Apr 3rd
    40 Files
  • 4
    Apr 4th
    6 Files
  • 5
    Apr 5th
    26 Files
  • 6
    Apr 6th
    0 Files
  • 7
    Apr 7th
    0 Files
  • 8
    Apr 8th
    22 Files
  • 9
    Apr 9th
    14 Files
  • 10
    Apr 10th
    10 Files
  • 11
    Apr 11th
    13 Files
  • 12
    Apr 12th
    14 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    30 Files
  • 16
    Apr 16th
    10 Files
  • 17
    Apr 17th
    22 Files
  • 18
    Apr 18th
    45 Files
  • 19
    Apr 19th
    8 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    11 Files
  • 23
    Apr 23rd
    68 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close