Exploit the possiblities
Showing 1 - 25 of 946 RSS Feed

Files Date: 2009-09-01 to 2009-09-30

Microsoft SRV2.SYS SMB Negotiate ProcessID Function Table Dereference
Posted Sep 29, 2009
Authored by laurent gaffie

This Metasploit module exploits an out of bounds function table dereference in the SMB request validation code of the SRV2.SYS driver included with Windows Vista, Windows 7 release candidates (not RTM), and Windows 2008 Server prior to R2. Windows Vista without SP1 does not seem affected by this flaw.

tags | exploit
systems | windows, vista, 7
advisories | CVE-2009-3103
MD5 | bd62fbcf8cbf9573b7dfd23935b5cdb8
FlatPress Local File Inclusion / Command Execution
Posted Sep 29, 2009
Authored by Giuseppe Fuggiano

FlatPress versions 0.804 through 0.812.1 are vulnerable to a local file inclusion vulnerability that allows for remote command execution.

tags | exploit, remote, local, file inclusion
MD5 | 62a2749aa60d5266fdcedba67c735356
OpenSCAP Libraries 0.5.3
Posted Sep 29, 2009
Site open-scap.org

The openscap project is a set of open source libraries that support the SCAP (Security Content Automation Protocol) set of standards from NIST. It supports CPE, CCE, CVE, and CVSS.

Changes: Many improvements in OVAL support, including system characteristics and results format, memory management improvements, and the addition of most probes needed for OVAL to evaluate Linux systems. An initial XCCDF API has been added.
tags | protocol, library
MD5 | 39a2b8bf0a2aa4311a73c1dff54a557e
IBM Installation Manager 1.3.0 Code Execution
Posted Sep 29, 2009
Authored by Nine:Situations:Group::Bruiser | Site retrogod.altervista.org

IBM Installation Manager version 1.3.0 and below iim:// URI handler remote code execution exploit.

tags | exploit, remote, code execution
MD5 | cba0b6ebda26e22266089d0679e4c8fe
EMC KeyWorks KeyHelp Buffer Overflow
Posted Sep 29, 2009
Authored by Nine:Situations:Group::pyrokinesis | Site retrogod.altervista.org

Multiple EMC products remote buffer overflow exploit that takes advantage of keyhelp.ocx version 1.2.312.

tags | exploit, remote, overflow
MD5 | adf4ba6c42a12de8fc3a8d2998fefbc3
Oracle Document Capture BlackIce Stack Buffer Overflow
Posted Sep 29, 2009
Authored by Nine:Situations:Group::pyrokinesis | Site retrogod.altervista.org

Oracle Document Capture BlackIce DEVMODE Active-X related remote stack-based buffer overflow exploit.

tags | exploit, remote, overflow, activex
MD5 | 45bc30648d4da6d0e456a9e9f3c80694
HP LoadRunner 9.5 File Creation
Posted Sep 29, 2009
Authored by Nine:Situations:Group::pyrokinesis | Site retrogod.altervista.org

HP LoadRunner version 9.5 Persits.XUpload.2 control (XUpload.ocx) MakeHttpRequest() remote file creation proof of concept exploit.

tags | exploit, remote, proof of concept
MD5 | 4550e59e5f7b19bb56e3cde93e538993
Oracle Document Capture BlackIce Command Execution
Posted Sep 29, 2009
Authored by Nine:Situations:Group::pyrokinesis | Site retrogod.altervista.org

Oracle Document Capture BlackIce DEVMODE Active-X related remote command execution exploit.

tags | exploit, remote, activex
MD5 | df3df1e008e29b946b9b2bb9ac29b8f2
Adobe Photoshop Elements 8.0 Privilege Escalation
Posted Sep 29, 2009
Authored by Nine:Situations:Group::pyrokinesis | Site retrogod.altervista.org

Adobe Photoshop Elements 8.0 Active File Monitor Service suffers from a bad security descriptor local elevation of privileges vulnerability.

tags | exploit, local
MD5 | 4c24f40b5fc01d7fbf5241769744b3a1
WinRAR 3.80 Filename Spoofing
Posted Sep 29, 2009
Authored by chr1x

WinRAR version 3.80 suffers from a ZIP filename spoofing vulnerability.

tags | advisory, spoof
MD5 | 8acd312b18e011b742860a8201a4793c
Dam Burst 1.2
Posted Sep 29, 2009
Authored by Jon Oberheide | Site jon.oberheide.org

Dam Burst is a simple utility that allows an unprivileged user to disable the censorship functionality of the Green Dam Youth Escort software. Dam Burst operates by injecting code into a running application and removing the Green Dam hooks that enable it to monitor and block user activity, effectively restoring the running application to its original uncensored state.

MD5 | bacb81fa63707e78ca1ec66d2241773a
Secunia Security Advisory 36890
Posted Sep 29, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in IBM DB2, where one has an unknown impact and others can be exploited by malicious users to bypass certain security restrictions.

tags | advisory, vulnerability
MD5 | 89494cbaee39794035970b5418e9264e
Secunia Security Advisory 36853
Posted Sep 29, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in IBM Informix Dynamic Server, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
MD5 | d014032cafe65ec96d6d0e0ba5fbf304
Secunia Security Advisory 36829
Posted Sep 29, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in Juniper JUNOS, which can be exploited by malicious people to conduct cross-site scripting attacks and by malicious users to conduct script insertion attacks.

tags | advisory, vulnerability, xss
systems | juniper
MD5 | f3bc6e9c52f143957d44fd92a402b31e
Secunia Security Advisory 36904
Posted Sep 29, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for dovecot. This fixes some vulnerabilities, which can be exploited by malicious users to bypass certain security restrictions, cause a DoS (Denial of Service) or compromise a vulnerable system.

tags | advisory, denial of service, vulnerability
systems | linux, ubuntu
MD5 | 23045f86daec1c1e74b9d84c0a9a47dc
Secunia Security Advisory 36911
Posted Sep 29, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in HP Remote Graphics Software (RGS), which can be exploited by malicious users to bypass certain security restrictions and compromise a vulnerable system.

tags | advisory, remote
MD5 | 510fff61b8e3f6f1c8dc3b4f9036a414
Secunia Security Advisory 36880
Posted Sep 29, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Maxim A. Kulakov has reported a vulnerability in multiple TrustPort products, which can be exploited by malicious, local users to gain escalated privileges.

tags | advisory, local
MD5 | e7fbe2cd92a8a196b73eb3db8c73c8ce
Secunia Security Advisory 36860
Posted Sep 29, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in the FireFTP extension for Firefox, which can be exploited by malicious people to manipulate certain data.

tags | advisory
MD5 | 174a211fff96134a2bf29097974f3f68
E107 eCaptcha Cross Site Scripting
Posted Sep 29, 2009
Authored by MustLive

The E107 eCaptcha plugin suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 9bf6eec349f9f3a9671fd5a91381079e
HP Security Bulletin HPSBMA02461 SSRT090187
Posted Sep 29, 2009
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin - A potential security vulnerability has been identified with HP Remote Graphics Software (RGS) Sender. The vulnerability could be exploited remotely to gain unauthorized access.

tags | advisory, remote
advisories | CVE-2009-2683
MD5 | c6b0b7cf9a5b9153b505cd95fdaadfd0
Trustport Security Software Privilege Escalation
Posted Sep 29, 2009
Authored by ShineShadow

TrustPort Antivirus version 2.8.0.2265, Antivirus Business version 2.8.0.2265, PC Security version 2.0.0.1290, and PC Security Business version 2.0.0.1290 suffer from a local privilege escalation vulnerability.

tags | advisory, local
MD5 | f4125c990ffeba14c91e81629e0b2a6e
Debian Linux Security Advisory 1897-1
Posted Sep 29, 2009
Authored by Debian | Site debian.org

Debian Security Advisory 1897-1 - Stefan Esser discovered that Horde, a web application framework providing classes for dealing with preferences, compression, browser detection, connection tracking, MIME, and more, is insufficiently validating and escaping user provided input. The Horde_Form_Type_image form element allows to reuse a temporary filename on reuploads which are stored in a hidden HTML field and then trusted without prior validation. An attacker can use this to overwrite arbitrary files on the system or to upload PHP code and thus execute arbitrary code with the rights of the webserver.

tags | advisory, web, arbitrary, php
systems | linux, debian
advisories | CVE-2009-3236
MD5 | 1cc29d8e7c72d67ccea9c6e02738dee6
TOR Navigator Alpha 0.0.2
Posted Sep 29, 2009
Site tornavigator.com

TorNavigator is a Web browser dedicated to the TOR network, which allows people and groups to improve their privacy on the Internet by hiding their IP address through a network of virtual tunnels. TorNavigator includes a built-in Tor server and provides the ability to choose or ban countries in order to use an IP address from a specific country. The Privoxy local proxy is used for better privacy.

Changes: The cross platform Qt4 code should now compile under Win32 without major difficulties. Please note that specific Win32 Qt4 DLLs are expected to be found in the same directory as the TorNavigator executable. Tor 2.1.19 and Privoxy are included and are directly configured by TorNavigator, so it is no longer necessary to install them separately.
tags | tool, web, local, peer2peer
MD5 | 6be618b7b1a7e557b51c96e01a0be5ca
Libcap-NG Library 0.6.2
Posted Sep 29, 2009
Site people.redhat.com

The libcap-ng library is intended to make programming with POSIX capabilities much easier than the traditional libcap library. It includes utilities that can analyze all currently running applications to locate applications that may have too many privileges.

Changes: This release adds pkg-config support, cleans the prctl syscalls, and drops capabilities in pscap.
tags | library
MD5 | f9af01f4ec602506da717632b94354fd
Ubuntu Security Notice 838-1
Posted Sep 29, 2009
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice USN-838-1 - It was discovered that the ACL plugin in Dovecot would incorrectly handle negative access rights. An attacker could exploit this flaw to access the Dovecot server, bypassing the intended access restrictions. This only affected Ubuntu 8.04 LTS. It was discovered that the ManageSieve service in Dovecot incorrectly handled ".." in script names. A remote attacker could exploit this to read and modify arbitrary sieve files on the server. This only affected Ubuntu 8.10. It was discovered that the Sieve plugin in Dovecot incorrectly handled certain sieve scripts. An authenticated user could exploit this with a crafted sieve script to cause a denial of service or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2008-4577, CVE-2008-5301, CVE-2009-2632, CVE-2009-3235
MD5 | 54a118d0ecc432c97961d4edf92d88b7
Page 1 of 38
Back12345Next

File Archive:

December 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    15 Files
  • 2
    Dec 2nd
    2 Files
  • 3
    Dec 3rd
    1 Files
  • 4
    Dec 4th
    15 Files
  • 5
    Dec 5th
    15 Files
  • 6
    Dec 6th
    18 Files
  • 7
    Dec 7th
    17 Files
  • 8
    Dec 8th
    15 Files
  • 9
    Dec 9th
    13 Files
  • 10
    Dec 10th
    4 Files
  • 11
    Dec 11th
    41 Files
  • 12
    Dec 12th
    44 Files
  • 13
    Dec 13th
    25 Files
  • 14
    Dec 14th
    15 Files
  • 15
    Dec 15th
    28 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close