exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 94 RSS Feed

Files Date: 2009-12-10

Nuggetz CMS 1.0 Code Execution
Posted Dec 10, 2009
Authored by Amol Naik

Nuggetz CMS version 1.0 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
SHA-256 | 310b44cbfe418b0343922a14821545b165d5feb28615ca8605c5e3bdbfd392ed
Metasploit Framework 3.3.2
Posted Dec 10, 2009
Authored by H D Moore | Site metasploit.com

The Metasploit Framework is an advanced open-source platform for developing, testing, and using exploit code. Metasploit is used by network security professionals to perform penetration tests, system administrators to verify patch installations, product vendors to perform regression testing, and security researchers world-wide. The framework is written in the Ruby programming language and includes components written in C and assembler.

Changes: Metasploit now has 463 exploit modules and 219 auxiliary modules (from 453 and 218 respectively in v3.3.1). Tons of fixes and improvements have been made.
tags | tool, ruby
systems | unix
SHA-256 | d9c8449f489efcce2ae006e4ed806ce911cb7fc671593232151ba25f8b098095
Eureka Email 2.2q ERR Remote Buffer Overflow Exploit
Posted Dec 10, 2009
Authored by Dr_IDE, Francis Provencher, dookie | Site metasploit.com

This Metasploit module exploits a buffer overflow in the Eureka Email 2.2q client that is triggered through an excessively long ERR message.

tags | exploit, overflow
SHA-256 | 215303af9fa1743f8f050624ab0a364dc6fdc4218fbee1b68806a9c6c18c6bd6
Free ASP Shell Upload
Posted Dec 10, 2009
Authored by Mr.aFiR | Site aFiR.me

Free ASP suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell, asp, file upload
SHA-256 | 9bba26c9ce7fe30951060c79b0d86c5e96c82e0a5289088edf6fdf17cd77bf7c
PHP Inventory 1.2 SQL Injection
Posted Dec 10, 2009
Authored by mr_me

PHP Inventory version 1.2 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, php, sql injection
SHA-256 | 5b899f60b55daf260d568e9d4308e55bcf5bb478b1e25e983b52b60e485267eb
OPMANAGER SQL Injection
Posted Dec 10, 2009
Authored by Asheesh Kumar Mani Tripathi

OPMANAGER suffers from a remote blind SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | ecd6d4686ed778d90f4f09e7257a17fc3ff354a7f8a9d56ce86276e63ba28e71
HP Security Bulletin HPSBMA02483 SSRT090257
Posted Dec 10, 2009
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin - Potential security vulnerabilities have been identified with HP OpenView Network Node Manager (OV NNM). These vulnerabilities could be exploited remotely to execute arbitrary code.

tags | advisory, arbitrary, vulnerability
advisories | CVE-2009-0898, CVE-2009-3845, CVE-2009-3846, CVE-2009-3847, CVE-2009-3848, CVE-2009-3849, CVE-2009-4176, CVE-2009-4177, CVE-2009-4178, CVE-2009-4179, CVE-2009-4180, CVE-2009-4181
SHA-256 | 4b95345dd39e85718053b8c02acbf3b6063a33c0f0367ad4bf7808042a164723
oBlog Cross Site Scripting / Request Forgery
Posted Dec 10, 2009
Authored by Milos Zivanovic

oBlog suffers from cross site scripting, cross site request forgery, and a lack of brute forcing protection.

tags | exploit, xss, csrf
SHA-256 | b4501eeff178b670963c76b7bb82ce0b8dd258827b16de5521355d3f7fd7f593
HP Security Bulletin HPSBUX02480 SSRT090253
Posted Dec 10, 2009
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin - A potential security vulnerability has been identified with HP-UX running VRTSweb version 5.0. The vulnerability could be exploited remotely to execute arbitrary code or increase privilege.

tags | advisory, arbitrary
systems | hpux
advisories | CVE-2009-3027
SHA-256 | c065bfd6e8c71363a98cbc56e26f1bf6eb10523be76c23e498ac52558a284d57
Core Security Technologies Advisory 2009.1013
Posted Dec 10, 2009
Authored by Core Security Technologies | Site coresecurity.com

Core Security Technologies Advisory - The TestLink Test Management and Execution System suffers from cross site scripting and remote SQL injection vulnerabilities. Versions below 1.8.5 are affected.

tags | exploit, remote, vulnerability, xss, sql injection
advisories | CVE-2009-4237, CVE-2009-4238
SHA-256 | 2bbdda7eafe32f627a758e47e2c6db60062bf70f69910951129140b25d14cab6
iDEFENSE Security Advisory 2009-12-08.3
Posted Dec 10, 2009
Authored by iDefense Labs | Site idefense.com

iDefense Security Advisory 12.08.09 - Remote exploitation of a heap corruption vulnerability in Microsoft Corp.'s Indeo32 Codec could allow an attacker to execute arbitrary code in the context of the affected user. iDefense has confirmed that ir32_32.dll version 3.24.15.3, as included in fully patched Windows XP as of October 2008, is vulnerable. All previous versions are suspected to be vulnerable.

tags | advisory, remote, arbitrary
systems | windows
SHA-256 | 888ecfafd140b35868b4ef6ea7ef78a496f76eb5faa2b5557aec406398d77738
iDEFENSE Security Advisory 2009-12-08.2
Posted Dec 10, 2009
Authored by iDefense Labs, Sean Larsson, Jun Mao | Site idefense.com

iDefense Security Advisory 12.08.09 - Remote exploitation of an integer overflow vulnerability in Microsoft Corp.'s WordPad could allow an attacker to execute arbitrary code with the privileges of the current user. iDefense has confirmed the existence of this vulnerability in WordPad version 5.1 for Windows XP SP3 and SP2. Other versions of Windows may also be affected. However, Vista and Server 2008 are not affected as they no longer contain the Word97 converter.

tags | advisory, remote, overflow, arbitrary
systems | windows
advisories | CVE-2009-2506
SHA-256 | 4a7ab1715bf7bf9f3e49fd7c137a769d655d1bc36bc533cc4eec0e9fb9cba6a6
iDEFENSE Security Advisory 2009-12-08.1
Posted Dec 10, 2009
Authored by iDefense Labs | Site idefense.com

iDefense Security Advisory 12.08.09 - Remote exploitation of a memory corruption vulnerability in Microsoft Corp.'s Internet Explorer could allow an attacker to execute arbitrary code with the privileges of the current user. iDefense confirmed the existence of this vulnerability in Internet Explorer versions 6 and 7. Internet Explorer versions 5 and 8 do not appear to be affected.

tags | advisory, remote, arbitrary
advisories | CVE-2009-3672
SHA-256 | 02c288bac610a30750b24e5ac7d76b96ca73822fa4f83a51387d4eb8f92e1474
Ubuntu Security Notice 869-1
Posted Dec 10, 2009
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 869-1 - David Ford discovered that the IPv4 defragmentation routine did not correctly handle oversized packets. A remote attacker could send specially crafted traffic that would cause a system to crash, leading to a denial of service. (The fix was included in the earlier kernels from USN-864-1.) Akira Fujita discovered that the Ext4 "move extents" ioctl did not correctly check permissions. A local attacker could exploit this to overwrite arbitrary files on the system, leading to root privilege escalation.

tags | advisory, remote, denial of service, arbitrary, kernel, local, root
systems | linux, ubuntu
advisories | CVE-2009-1298, CVE-2009-4131
SHA-256 | 7f47fd71c13c0fa03884c9c33d24664d1e4439bd5e70aae109e817c88809a2c0
GeN3 1.4 SQL Injection
Posted Dec 10, 2009
Authored by u.f

It appears that the recently discovered vulnerability in GeN3 version 1.3 also works against GeN3 version 1.4.

tags | exploit, sql injection
SHA-256 | f129b156270f9e9b305e018efa6a922f749a8f8c21c27ca416a0d76f8945d15c
Mandriva Linux Security Advisory 2009-329
Posted Dec 10, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-329 - Some vulnerabilities were discovered and corrected in the Linux 2.6 kernel.

tags | advisory, kernel, vulnerability
systems | linux, mandriva
advisories | CVE-2009-2903, CVE-2009-3547, CVE-2009-3612, CVE-2009-3621, CVE-2009-3638, CVE-2009-3726, CVE-2009-1298, CVE-2009-4131
SHA-256 | 08f4f173bf8eb330eefa90013138ef9fc8a4b99f9374ed90921abb4467c6c6de
Piwik Cookie Unserialize() Execution
Posted Dec 10, 2009
Authored by Stefan Esser | Site sektioneins.de

It was discovered that Piwik versions 0.4.5 and below unserialize data from the user supplied cookie. By unserializing some of Piwik's objects it is possible to write arbitrary files to writable locations on the webserver which can be used to upload e.g. PHP files to writable directories within the webserver's document root which usually exist in a standard Piwik installation. In newer versions of Piwik it is also possible to execute arbitrary PHP code directly.

tags | advisory, arbitrary, root, php
SHA-256 | a00c0312ce8b82b8cd2813df0c76f936110fcb0c4c828532db7a31e0622117d2
PHPIDS 0.6.2 Unserialize() Execution
Posted Dec 10, 2009
Authored by Stefan Esser | Site sektioneins.de

PHPIDS versions 0.6.2 and below unserializes() user input which allows an attacker to send a carefully crafted cookie that when unserialized can utilize existing classes which e.g. can lead to upload of arbitrary files or execution of arbitrary PHP code in Zend Framework Applications.

tags | advisory, arbitrary, php
SHA-256 | 2b8975c5803e603dad1a6004fc5744a745207c5abcd0dc71d48308c12e249650
Adobe Flash Player Memory Corruption
Posted Dec 10, 2009
Authored by Bing Liu | Site fortinet.com

Fortinet's FortiGuard Labs has discovered memory corruption vulnerabilities in the Adobe Flash Player.

tags | advisory, vulnerability
advisories | CVE-2009-3797, CVE-2009-3798
SHA-256 | 9a052fa1415f954029989d6440286dc0b418f6bae555c06990af4d02c9892652
HP OpenView NNM ovwebsnmpsrv.exe OVwSelection Stack Overflow
Posted Dec 10, 2009
Authored by Aaron Portnoy | Site tippingpoint.com

A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard OpenView Network Node Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ovwebsnmpsrv.exe application which is launched when a request is received for the jovgraph.exe CGI application. This process copies the contents of the 'sel' POST variable a user-controllable amount of times into a static stack buffer. By repeating a specific string as the contents of the 'arg' POST variable this buffer can be overflowed leading to arbitrary code execution.

tags | advisory, remote, overflow, arbitrary, cgi, code execution
advisories | CVE-2009-4181
SHA-256 | 28ad9e9af0c800bc5f8a1ddce5cb1893870ca2cd7788f4e97910230fc8ae3a63
HP OpenView NNM snmpviewer.exe CGI Host Header Stack Overflow
Posted Dec 10, 2009
Authored by Aaron Portnoy | Site tippingpoint.com

A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard OpenView Network Node Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the snmpviewer.exe CGI application. This process copies the Host header from HTTP requests into a fixed-length buffer located on the stack via a call to strcat. By specifying a string length within a certain range this buffer can be overflowed leading to arbitrary code execution.

tags | advisory, remote, web, overflow, arbitrary, cgi, code execution
advisories | CVE-2009-4180
SHA-256 | b0d41d19ab8754232f64d092b29530e20456986f27ab0588a3fc3fed689c8cba
HP OpenView NNM ovalarm.exe CGI Accept-Language Stack Overflow
Posted Dec 10, 2009
Authored by Aaron Portnoy | Site tippingpoint.com

A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard OpenView Network Node Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ovalarm.exe CGI application. If the OVABverbose POST variable is set, this process takes the value of the Accept-Language HTTP header and copies it without any length checks into a 0x100 byte stack buffer. By providing a large enough string this buffer can be overrun leading to arbitrary code execution.

tags | advisory, remote, web, overflow, arbitrary, cgi, code execution
advisories | CVE-2009-4179
SHA-256 | 7d20c5ff25eafe4a0d9a9a4b4d08d40f2a49c728269fcfbe907eac2b47d120d1
HP OpenView NNM OvWebHelp.exe CGI Topic Heap Overflow
Posted Dec 10, 2009
Authored by Aaron Portnoy | Site tippingpoint.com

A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard OpenView Network Node Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the OvWebHelp.exe CGI application. During a string concatenation the process takes the value of the Topic POST variable and copies it without any length checks into a static 0x400 byte heap buffer. By providing a large enough string this buffer can be overrun leading to arbitrary code execution.

tags | advisory, remote, overflow, arbitrary, cgi, code execution
advisories | CVE-2009-4178
SHA-256 | bc3a170b7c023d93cce2e71f5f18aae14f58b419c61aa33eea31e2d81a8e8cdf
HP OpenView NNM webappmon.exe CGI Host Header Buffer Overflow
Posted Dec 10, 2009
Authored by Aaron Portnoy | Site tippingpoint.com

A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard OpenView Network Node Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the webappmon.exe CGI application. This process copies the Host header from HTTP requests into a fixed-length buffer located in the .DATA section via a call to strcat(). By specifying a string length within a certain range this buffer can be overflowed leading to arbitrary code execution.

tags | advisory, remote, web, overflow, arbitrary, cgi, code execution
advisories | CVE-2009-4177
SHA-256 | e9285c3564b9a9fed271a5fa68086e36a26f9e7fd64d6783330ec170d71256dd
SQLSUS MySQL Injection Tool 0.4.1
Posted Dec 10, 2009
Authored by sativouf | Site sqlsus.sf.net

sqlsus is a MySQL injection and takeover tool, written in perl. Via a command line interface that mimics a mysql console, you can retrieve the database structure / contents, inject a SQL query, download files from the web server, upload and control a backdoor, and much more.

Changes: New brute command. Multithreading support for inband queries. Some additions.
tags | tool, web, scanner, perl, sql injection
systems | unix
SHA-256 | 3ac31ec61fc3009c88c24749920a68b2abfeec486f2dfcc6a9678ed802e7e157
Page 1 of 4
Back1234Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close