exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 43 RSS Feed

Files Date: 2009-10-26

Asterisk Project Security Advisory - AST-2009-007
Posted Oct 26, 2009
Authored by Jeff Peeler | Site asterisk.org

Asterisk Project Security Advisory - A missing ACL check for handling SIP INVITEs allows a device to make calls on networks intended to be prohibited as defined by the "deny" and "permit" lines in sip.conf. The ACL check for handling SIP registrations was not affected.

tags | advisory
SHA-256 | a028170ecb278eb6b1813a2f959521f86bee010953bfc98dd29af7dda75eda1c
Debian Linux Security Advisory 1920-1
Posted Oct 26, 2009
Authored by Debian | Site debian.org

Debian Linux Security Advisory 1920-1 - A denial of service vulnerability has been found in nginx, a small and efficient web server.

tags | advisory, web, denial of service
systems | linux, debian
SHA-256 | a58d06e16a9d3a6b827169a516aff66f2157145f16fcf840430a9cbddc18b800
SquidGuard 1.3 / 1.4 Buffer Overflows
Posted Oct 26, 2009
Authored by Matthieu Bouthors

SquidGuard versions 1.3 and 1.4 suffer from multiple buffer overflow vulnerabilities that can lead to filtering policy bypass and denial of service.

tags | advisory, denial of service, overflow, vulnerability
SHA-256 | 94086b40a1ab7017bb9bc377bf84cfff6fd6d58ed0253373907a92dca67adc7d
SharePoint Source Code Disclosure
Posted Oct 26, 2009
Authored by Daniel Martin

SharePoint Team Services suffers from a remote source code disclosure vulnerability in its download facility.

tags | exploit, remote
SHA-256 | 4e7055eb3038cde6c4ec6d7dddd8f7a0b00a1c88f6274975ea98f42e56ba948e
xp-AntiSpy 3.9.7-4 Local Buffer Overflow
Posted Oct 26, 2009
Authored by Dr_IDE

xp-AntiSpy versions 3.9.7-4 and below local buffer overflow exploit that creates a malicious .xpas file.

tags | exploit, overflow, local
SHA-256 | fb7c0d38c62756cc07427f4f9cc68a113bb21c52a93dcd03c74d4ea5f5190bc2
Botan C++ Crypto Algorithms Library 1.9.1
Posted Oct 26, 2009
Site botan.randombit.net

Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS #10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to most systems and compilers, and includes a substantial tutorial and API reference.

Changes: This release adds an implementation of the SHA-3 candidate Blue Midnight Wish, and updates the Skein implementation to the tweaked 1.2 version. Threshold secret sharing has been added, using the format from draft-mcgrew-tss-02.txt. The wrappers allowing use of botan from Python programs have been updated and expanded; several examples can now be found in the distribution. Runtime CPU detection is used on x86 and x86-64 to check for the availability of SSE2, and the current SSE2 implementations can now be used under Visual C++. XTEA is now twice as fast on Core2 and Opteron processors.
tags | library
SHA-256 | 32e9e06c425bc37a382439688f3aa52f6edd0bffe5039116acef4bc00ae5811e
SSH Keychain Utility 2.7.0
Posted Oct 26, 2009
Authored by Aron Griffis | Site gentoo.org

keychain is a utility that helps manage ssh keys in a convenient and secure manner. It acts as a frontend to ssh-agent, but allows the user to easily have one long running ssh-agent process per system, rather than the norm of one ssh-agent per login session. It also makes it easy for remote cron jobs to securely hook-in to a long running ssh-agent process, allowing your scripts to take advantage of key-based logins.

Changes: The color scheme, output formatting, and the --quiet option were improved. The lockfile() implementation was simplified for smaller code. A new Mac OS X package was added.
tags | remote, encryption
SHA-256 | 7784773ca4eaed559c0ad7be1d9a0b7c3d96bad1be03696a3dffa90458737a22
Oracle 9G / 10G PL/SQL Injection
Posted Oct 26, 2009
Authored by Sh2kerr | Site dsecrg.com

Oracle Database versions 9G and 10G are susceptible to a PL/SQL injection vulnerability in the ctxsys.drvxtabc.create_tables procedure.

tags | advisory, sql injection
advisories | CVE-2009-1991
SHA-256 | 84daa237dd1a6738c1129e914291f5c78d13ae5fea34ce0cf4c5505af298c54a
Openwall Linux Kernel Patch 2.4.37.6
Posted Oct 26, 2009
Authored by Solar Designer | Site openwall.com

The Openwall Linux kernel patch is a collection of security hardening features for the Linux kernel which can stop most 'cookbook' buffer overflow exploits. The patch can also add more privacy to the system by restricting access to parts of /proc so that users may not see what others are doing. Also tightens down file descriptors 0, 1, and 2, implements process limits and shared memory destruction.

Changes: The patch has been updated to Linux 2.4.37.6. A fix for a typographical error in one of the information leak fixes included into 2.4.37.6 has been added.
tags | overflow, kernel
systems | linux
SHA-256 | d218ae46a81a248e35dee10baea3e087404f8327ea92a0b2aee6adf48cad3ca6
Anti-Virus PWN2RM Challenge Results
Posted Oct 26, 2009
Authored by Christophe, Samir

This pdf has the Anti-virus PWN2RM Challenge results. An amusing read discussing how to disable McAfee, Norton, and various other AV software.

tags | paper, virus
SHA-256 | 232bf4211083bfc95c523a4af38a1e65423009125b74c66afdafd26c6bd3968a
Cherokee 0.5.4 Denial Of Service
Posted Oct 26, 2009
Authored by Usman Saeed | Site xc0re.net

Cherokee web server version 0.5.4 remote denial of service exploit.

tags | exploit, remote, web, denial of service
SHA-256 | bc5ae7c21bcb8c03242d5ca9efe893b038532ab37ece8f6120f1d93318696b2b
NetReconn Scanning Tool Collection 1.72
Posted Oct 26, 2009
Authored by Jay Fink

Netreconn is a collection of network scan/recon tools that are relatively small compared to their larger cousins. These include nstrobe, ipdump, and ndecode.

tags | tool
systems | unix
SHA-256 | ee882726312658fdb64084f3d9a51c98927c49b5b5f040c16b122a0cbe79e6eb
Gentoo Linux Security Advisory 200910-3
Posted Oct 26, 2009
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 200910-3 - Multiple vulnerabilities in Adobe Reader might result in the execution of arbitrary code, or other attacks. Multiple vulnerabilities were discovered in Adobe Reader. Versions less than 9.2 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2007-0045, CVE-2007-0048, CVE-2009-2979, CVE-2009-2980, CVE-2009-2981, CVE-2009-2982, CVE-2009-2983, CVE-2009-2985, CVE-2009-2986, CVE-2009-2988, CVE-2009-2990, CVE-2009-2991, CVE-2009-2993, CVE-2009-2994, CVE-2009-2996, CVE-2009-2997, CVE-2009-2998, CVE-2009-3431
SHA-256 | cf303bc61426589808c198dba2d9c4e5dc717575857163c0c64d5200873a727a
Pacman Removal Shellcode
Posted Oct 26, 2009
Authored by Jonathan Salwan | Site shell-storm.org

59 bytes small Linux/i686 pacman -R <package> shellcode.

tags | shellcode
systems | linux
SHA-256 | 9fdcaebcc059d12655b9ae6ddaf35b30a0d628ce708478877b288fa9989270a8
Jetty 6.x / 7.x Information Disclosure / XSS
Posted Oct 26, 2009
Authored by Francesco Ongaro, Antonio Parata, Giovanni Pellerano | Site ush.it

Jetty versions 6.x and 7.x suffer from cross site scripting, injection, and information disclosure vulnerabilities.

tags | exploit, vulnerability, xss, info disclosure
SHA-256 | 5f6bdd64a6596d46cbd0a5ae2448106b4656a8543eb8f07317ef5d4b92ae82d9
Debian Linux Security Advisory 1919-1
Posted Oct 26, 2009
Authored by Debian | Site debian.org

Debian Linux Security Advisory 1919-1 - Several remote vulnerabilities have been discovered in Smarty, a PHP templating engine.

tags | advisory, remote, php, vulnerability
systems | linux, debian
advisories | CVE-2008-4810, CVE-2009-1669
SHA-256 | e81d5c75010f479d4b00e96bf9841a9e460fd58089ab86927076c5b5f3212808
Debian Linux Security Advisory 1918-1
Posted Oct 26, 2009
Authored by Debian | Site debian.org

Debian Linux Security Advisory 1918-1 - Several remote vulnerabilities have been discovered in phpMyAdmin, a tool to administer MySQL over the web.

tags | advisory, remote, web, vulnerability
systems | linux, debian
advisories | CVE-2009-3696, CVE-2009-3697
SHA-256 | 4d4adb4605ffe4527fd5c970fde5a8eb921aa1aa3a8d0bb58a365697b47926cd
RunCMS 2M1 SQL Injection
Posted Oct 26, 2009
Authored by Nine:Situations:Group::bookoo | Site retrogod.altervista.org

RunCMS version 2M1 store() remote SQL injection exploit.

tags | exploit, remote, sql injection
SHA-256 | 5ec198e21d6cd21d61f5fdc3c6a5ee8d87713cb7314e10d3097198cadcd066a8
TFTgallery 0.13 Cross Site Scripting
Posted Oct 26, 2009
Authored by Blake

TFTgallery version 0.13 is susceptible to a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 63c864ab65c6626cd22619a37272b2397a4e4a8dfda92c12502c770de28ed5ca
RunCMS 2M1 SQL Injection
Posted Oct 26, 2009
Authored by Nine:Situations:Group::bookoo | Site retrogod.altervista.org

RunCMS version 2M1 /modules/forum/post.php semi-blind remote SQL injection exploit.

tags | exploit, remote, php, sql injection
SHA-256 | b2726e7da364c32aec8f8908559cc2dcf26bc16728ad3c42b92e056f14f27478
Novell eDirectory 8.8 SP5 Proof Of Concept
Posted Oct 26, 2009
Authored by karak0rsan, murderkey | Site tcc.hellcode.net

Novell eDirectory version 8.8 SP5 for Windows proof of concept buffer overflow exploit.

tags | exploit, overflow, proof of concept
systems | windows
SHA-256 | ba9b1bdb9f350ebe348f99b9a102fd4c9f4d556dfbe999f07b23a3755a9a0738
Debian Linux Security Advisory 1917-1
Posted Oct 26, 2009
Authored by Debian | Site debian.org

Debian Linux Security Advisory 1917-1 - Several vulnerabilities have been discovered in mimetex, a lightweight alternative to MathML.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2009-1382, CVE-2009-2459
SHA-256 | f4eec4bd418d00f6295ba89cc77c83571f52da70023e4e2e892335b60cb58dc1
Debian Linux Security Advisory 1916-1
Posted Oct 26, 2009
Authored by Debian | Site debian.org

Debian Linux Security Advisory 1916-1 - Dan Kaminsky and Moxie Marlinspike discovered that kdelibs, core libraries from the official KDE release, does not properly handle a '\\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority.

tags | advisory, arbitrary, spoof
systems | linux, debian
advisories | CVE-2009-2702
SHA-256 | 88d9ef536fbb093198ad22faeeb4c73bad0b94a4bafd1f42e43a6c1f079e8091
Debian Linux Security Advisory 1912-2
Posted Oct 26, 2009
Authored by Debian | Site debian.org

Debian Linux Security Advisory 1912-2 - Due to the fact that advi, an active DVI previewer and presenter, statically links against camlimages it was necessary to rebuilt it in order to incorporate the latest security fixes for camlimages, which could lead to integer overflows via specially crafted TIFF files (CVE-2009-3296) or GIFF and JPEG images (CVE-2009-2660).

tags | advisory, overflow
systems | linux, debian
advisories | CVE-2009-3296, CVE-2009-2660
SHA-256 | ba7b34b0bb05be6dd15df8083c54a4d732ff7cd274c08c9d1f9b0cbd29a04c52
Mandriva Linux Security Advisory 2009-288
Posted Oct 26, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-288 - The mod_tls module in proftpd < 1.3.2b is vulnerable to a similar security issue as CVE-2009-2408. This update fixes these vulnerability.

tags | advisory
systems | linux, mandriva
advisories | CVE-2009-2408
SHA-256 | 0e8d72525416ecf43373f296880c86846c238d5af213c156135bba25e17696f4
Page 1 of 2
Back12Next

File Archive:

August 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    20 Files
  • 2
    Aug 2nd
    4 Files
  • 3
    Aug 3rd
    6 Files
  • 4
    Aug 4th
    55 Files
  • 5
    Aug 5th
    16 Files
  • 6
    Aug 6th
    0 Files
  • 7
    Aug 7th
    0 Files
  • 8
    Aug 8th
    13 Files
  • 9
    Aug 9th
    13 Files
  • 10
    Aug 10th
    34 Files
  • 11
    Aug 11th
    16 Files
  • 12
    Aug 12th
    5 Files
  • 13
    Aug 13th
    0 Files
  • 14
    Aug 14th
    0 Files
  • 15
    Aug 15th
    25 Files
  • 16
    Aug 16th
    3 Files
  • 17
    Aug 17th
    6 Files
  • 18
    Aug 18th
    4 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close