what you don't know can hurt you
Showing 1 - 25 of 94 RSS Feed

Files Date: 2009-12-10

Nuggetz CMS 1.0 Code Execution
Posted Dec 10, 2009
Authored by Amol Naik

Nuggetz CMS version 1.0 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
MD5 | dc85059cdc3f628444f371bef3f2392b
Metasploit Framework 3.3.2
Posted Dec 10, 2009
Authored by H D Moore | Site metasploit.com

The Metasploit Framework is an advanced open-source platform for developing, testing, and using exploit code. Metasploit is used by network security professionals to perform penetration tests, system administrators to verify patch installations, product vendors to perform regression testing, and security researchers world-wide. The framework is written in the Ruby programming language and includes components written in C and assembler.

Changes: Metasploit now has 463 exploit modules and 219 auxiliary modules (from 453 and 218 respectively in v3.3.1). Tons of fixes and improvements have been made.
tags | tool, ruby
systems | unix
MD5 | 8d68dd7060f5cd94e592fee7daadd5fb
Eureka Email 2.2q ERR Remote Buffer Overflow Exploit
Posted Dec 10, 2009
Authored by Dr_IDE, Francis Provencher, dookie | Site metasploit.com

This Metasploit module exploits a buffer overflow in the Eureka Email 2.2q client that is triggered through an excessively long ERR message.

tags | exploit, overflow
MD5 | df43a0282459a241e90c5b7e2feacddc
Free ASP Shell Upload
Posted Dec 10, 2009
Authored by Mr.aFiR | Site aFiR.me

Free ASP suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell, asp, file upload
MD5 | 737992334a8c7df4faa51265669a797a
PHP Inventory 1.2 SQL Injection
Posted Dec 10, 2009
Authored by mr_me

PHP Inventory version 1.2 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, php, sql injection
MD5 | 3958c44a80fbcd8b32858473e4039655
OPMANAGER SQL Injection
Posted Dec 10, 2009
Authored by Asheesh Kumar Mani Tripathi

OPMANAGER suffers from a remote blind SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 42a9e57c7df91b871ead8de8dd34067c
HP Security Bulletin HPSBMA02483 SSRT090257
Posted Dec 10, 2009
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin - Potential security vulnerabilities have been identified with HP OpenView Network Node Manager (OV NNM). These vulnerabilities could be exploited remotely to execute arbitrary code.

tags | advisory, arbitrary, vulnerability
advisories | CVE-2009-0898, CVE-2009-3845, CVE-2009-3846, CVE-2009-3847, CVE-2009-3848, CVE-2009-3849, CVE-2009-4176, CVE-2009-4177, CVE-2009-4178, CVE-2009-4179, CVE-2009-4180, CVE-2009-4181
MD5 | 2d3e144e2052826c292c372c2380c15c
oBlog Cross Site Scripting / Request Forgery
Posted Dec 10, 2009
Authored by Milos Zivanovic

oBlog suffers from cross site scripting, cross site request forgery, and a lack of brute forcing protection.

tags | exploit, xss, csrf
MD5 | 12721db91d5e76d97c790b266f94a48f
HP Security Bulletin HPSBUX02480 SSRT090253
Posted Dec 10, 2009
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin - A potential security vulnerability has been identified with HP-UX running VRTSweb version 5.0. The vulnerability could be exploited remotely to execute arbitrary code or increase privilege.

tags | advisory, arbitrary
systems | hpux
advisories | CVE-2009-3027
MD5 | 0867daa330b8cbdc623a405df21840b3
Core Security Technologies Advisory 2009.1013
Posted Dec 10, 2009
Authored by Core Security Technologies | Site coresecurity.com

Core Security Technologies Advisory - The TestLink Test Management and Execution System suffers from cross site scripting and remote SQL injection vulnerabilities. Versions below 1.8.5 are affected.

tags | exploit, remote, vulnerability, xss, sql injection
advisories | CVE-2009-4237, CVE-2009-4238
MD5 | 5bd0873514f5d1acc5c48a40aa46f3f5
iDEFENSE Security Advisory 2009-12-08.3
Posted Dec 10, 2009
Authored by iDefense Labs | Site idefense.com

iDefense Security Advisory 12.08.09 - Remote exploitation of a heap corruption vulnerability in Microsoft Corp.'s Indeo32 Codec could allow an attacker to execute arbitrary code in the context of the affected user. iDefense has confirmed that ir32_32.dll version 3.24.15.3, as included in fully patched Windows XP as of October 2008, is vulnerable. All previous versions are suspected to be vulnerable.

tags | advisory, remote, arbitrary
systems | windows, xp
MD5 | 1e2f7c4a212e62fd1ecba1718f805ada
iDEFENSE Security Advisory 2009-12-08.2
Posted Dec 10, 2009
Authored by iDefense Labs, Sean Larsson, Jun Mao | Site idefense.com

iDefense Security Advisory 12.08.09 - Remote exploitation of an integer overflow vulnerability in Microsoft Corp.'s WordPad could allow an attacker to execute arbitrary code with the privileges of the current user. iDefense has confirmed the existence of this vulnerability in WordPad version 5.1 for Windows XP SP3 and SP2. Other versions of Windows may also be affected. However, Vista and Server 2008 are not affected as they no longer contain the Word97 converter.

tags | advisory, remote, overflow, arbitrary
systems | windows, xp
advisories | CVE-2009-2506
MD5 | 2c4745f28174c0c357fd390356bb3767
iDEFENSE Security Advisory 2009-12-08.1
Posted Dec 10, 2009
Authored by iDefense Labs | Site idefense.com

iDefense Security Advisory 12.08.09 - Remote exploitation of a memory corruption vulnerability in Microsoft Corp.'s Internet Explorer could allow an attacker to execute arbitrary code with the privileges of the current user. iDefense confirmed the existence of this vulnerability in Internet Explorer versions 6 and 7. Internet Explorer versions 5 and 8 do not appear to be affected.

tags | advisory, remote, arbitrary
advisories | CVE-2009-3672
MD5 | 1d9dcb0b3e1240b326450402d77672b3
Ubuntu Security Notice 869-1
Posted Dec 10, 2009
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 869-1 - David Ford discovered that the IPv4 defragmentation routine did not correctly handle oversized packets. A remote attacker could send specially crafted traffic that would cause a system to crash, leading to a denial of service. (The fix was included in the earlier kernels from USN-864-1.) Akira Fujita discovered that the Ext4 "move extents" ioctl did not correctly check permissions. A local attacker could exploit this to overwrite arbitrary files on the system, leading to root privilege escalation.

tags | advisory, remote, denial of service, arbitrary, kernel, local, root
systems | linux, ubuntu
advisories | CVE-2009-1298, CVE-2009-4131
MD5 | 6056cc26c4c50d2337013a7a0e9ba401
GeN3 1.4 SQL Injection
Posted Dec 10, 2009
Authored by u.f

It appears that the recently discovered vulnerability in GeN3 version 1.3 also works against GeN3 version 1.4.

tags | exploit, sql injection
MD5 | 77465baf2f8a5b61eab785c5cf00b094
Mandriva Linux Security Advisory 2009-329
Posted Dec 10, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-329 - Some vulnerabilities were discovered and corrected in the Linux 2.6 kernel.

tags | advisory, kernel, vulnerability
systems | linux, mandriva
advisories | CVE-2009-2903, CVE-2009-3547, CVE-2009-3612, CVE-2009-3621, CVE-2009-3638, CVE-2009-3726, CVE-2009-1298, CVE-2009-4131
MD5 | 0ae3e261522d74717f927b70795d3d47
Piwik Cookie Unserialize() Execution
Posted Dec 10, 2009
Authored by Stefan Esser | Site sektioneins.de

It was discovered that Piwik versions 0.4.5 and below unserialize data from the user supplied cookie. By unserializing some of Piwik's objects it is possible to write arbitrary files to writable locations on the webserver which can be used to upload e.g. PHP files to writable directories within the webserver's document root which usually exist in a standard Piwik installation. In newer versions of Piwik it is also possible to execute arbitrary PHP code directly.

tags | advisory, arbitrary, root, php
MD5 | 59251921d20945e7d95e8f6cfd293f3f
PHPIDS 0.6.2 Unserialize() Execution
Posted Dec 10, 2009
Authored by Stefan Esser | Site sektioneins.de

PHPIDS versions 0.6.2 and below unserializes() user input which allows an attacker to send a carefully crafted cookie that when unserialized can utilize existing classes which e.g. can lead to upload of arbitrary files or execution of arbitrary PHP code in Zend Framework Applications.

tags | advisory, arbitrary, php
MD5 | 5c383e049cdf91d67cd84022a00c3cff
Adobe Flash Player Memory Corruption
Posted Dec 10, 2009
Authored by Bing Liu | Site fortinet.com

Fortinet's FortiGuard Labs has discovered memory corruption vulnerabilities in the Adobe Flash Player.

tags | advisory, vulnerability
advisories | CVE-2009-3797, CVE-2009-3798
MD5 | 830ead6b8a3bc4a4854e3ffb3a8121f5
HP OpenView NNM ovwebsnmpsrv.exe OVwSelection Stack Overflow
Posted Dec 10, 2009
Authored by Aaron Portnoy | Site tippingpoint.com

A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard OpenView Network Node Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ovwebsnmpsrv.exe application which is launched when a request is received for the jovgraph.exe CGI application. This process copies the contents of the 'sel' POST variable a user-controllable amount of times into a static stack buffer. By repeating a specific string as the contents of the 'arg' POST variable this buffer can be overflowed leading to arbitrary code execution.

tags | advisory, remote, overflow, arbitrary, cgi, code execution
advisories | CVE-2009-4181
MD5 | 05f1b79f20f57c986181ccb0e9ca312f
HP OpenView NNM snmpviewer.exe CGI Host Header Stack Overflow
Posted Dec 10, 2009
Authored by Aaron Portnoy | Site tippingpoint.com

A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard OpenView Network Node Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the snmpviewer.exe CGI application. This process copies the Host header from HTTP requests into a fixed-length buffer located on the stack via a call to strcat. By specifying a string length within a certain range this buffer can be overflowed leading to arbitrary code execution.

tags | advisory, remote, web, overflow, arbitrary, cgi, code execution
advisories | CVE-2009-4180
MD5 | 0d967250f63108042256ec9e2d517299
HP OpenView NNM ovalarm.exe CGI Accept-Language Stack Overflow
Posted Dec 10, 2009
Authored by Aaron Portnoy | Site tippingpoint.com

A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard OpenView Network Node Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ovalarm.exe CGI application. If the OVABverbose POST variable is set, this process takes the value of the Accept-Language HTTP header and copies it without any length checks into a 0x100 byte stack buffer. By providing a large enough string this buffer can be overrun leading to arbitrary code execution.

tags | advisory, remote, web, overflow, arbitrary, cgi, code execution
advisories | CVE-2009-4179
MD5 | 991f9de5a347dac69d082246cce0034c
HP OpenView NNM OvWebHelp.exe CGI Topic Heap Overflow
Posted Dec 10, 2009
Authored by Aaron Portnoy | Site tippingpoint.com

A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard OpenView Network Node Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the OvWebHelp.exe CGI application. During a string concatenation the process takes the value of the Topic POST variable and copies it without any length checks into a static 0x400 byte heap buffer. By providing a large enough string this buffer can be overrun leading to arbitrary code execution.

tags | advisory, remote, overflow, arbitrary, cgi, code execution
advisories | CVE-2009-4178
MD5 | e15d3f54e90486675f6e1952e6b7ef50
HP OpenView NNM webappmon.exe CGI Host Header Buffer Overflow
Posted Dec 10, 2009
Authored by Aaron Portnoy | Site tippingpoint.com

A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard OpenView Network Node Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the webappmon.exe CGI application. This process copies the Host header from HTTP requests into a fixed-length buffer located in the .DATA section via a call to strcat(). By specifying a string length within a certain range this buffer can be overflowed leading to arbitrary code execution.

tags | advisory, remote, web, overflow, arbitrary, cgi, code execution
advisories | CVE-2009-4177
MD5 | 5a4f0c7e4f5ba23d5b620acc658ec84d
SQLSUS MySQL Injection Tool 0.4.1
Posted Dec 10, 2009
Authored by sativouf | Site sqlsus.sf.net

sqlsus is a MySQL injection and takeover tool, written in perl. Via a command line interface that mimics a mysql console, you can retrieve the database structure / contents, inject a SQL query, download files from the web server, upload and control a backdoor, and much more.

Changes: New brute command. Multithreading support for inband queries. Some additions.
tags | tool, web, scanner, perl, sql injection
systems | unix
MD5 | d541eaa26e82ebe05c60f0f65ddcb5eb
Page 1 of 4
Back1234Next

File Archive:

October 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    24 Files
  • 2
    Oct 2nd
    15 Files
  • 3
    Oct 3rd
    7 Files
  • 4
    Oct 4th
    4 Files
  • 5
    Oct 5th
    10 Files
  • 6
    Oct 6th
    1 Files
  • 7
    Oct 7th
    21 Files
  • 8
    Oct 8th
    19 Files
  • 9
    Oct 9th
    5 Files
  • 10
    Oct 10th
    20 Files
  • 11
    Oct 11th
    17 Files
  • 12
    Oct 12th
    4 Files
  • 13
    Oct 13th
    4 Files
  • 14
    Oct 14th
    15 Files
  • 15
    Oct 15th
    19 Files
  • 16
    Oct 16th
    25 Files
  • 17
    Oct 17th
    17 Files
  • 18
    Oct 18th
    7 Files
  • 19
    Oct 19th
    1 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close