exploit the possibilities
Showing 1 - 18 of 18 RSS Feed

Files Date: 2010-01-12

Technical Cyber Security Alert 2010-12B
Posted Jan 12, 2010
Authored by US-CERT | Site us-cert.gov

Technical Cyber Security Alert 2010-12B - Microsoft has released updates to address a vulnerability in the Windows Embedded Open Type (EOT) font engine. Microsoft has also published an Advisory about multiple vulnerabilities in Adobe (Macromedia) Flash Player 6 that is included with Windows XP.

tags | advisory, vulnerability
systems | windows, xp
advisories | CVE-2010-0018
MD5 | d9a522110eac29f174a5b5c54bf4dad5
Zero Day Initiative Advisory 10-02
Posted Jan 12, 2010
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 10-02 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Secure Backup. Authentication is not required to exploit this vulnerability. The specific flaw exists in the Oracle Secure Backup Services daemon observiced.exe listening on TCP port 10000 by default. Due to the lack of bounds checking on the reverse lookup of connections to the port a stack overflow can occur leading to a complete compromise of the affected system under the credentials of the SYSTEM account.

tags | advisory, remote, overflow, arbitrary, tcp
advisories | CVE-2010-0072
MD5 | 3f1f881e9f1eb23f604ac6d14f2d4c7b
HITB Magazine Volume 1 Issue 1
Posted Jan 12, 2010
Authored by hitb | Site hackinthebox.org

HITB Magazine Volume 1 Issue 1 -This issue covers LDAP injection, DLL injection, malware obfuscation, and more.

tags | magazine
MD5 | e0e38d8bcad34abd0c623fcfd8fdf0fa
Technical Cyber Security Alert 2010-12A
Posted Jan 12, 2010
Authored by US-CERT | Site us-cert.gov

Technical Cyber Security Alert 2010-12A - Oracle products and components are affected by multiple vulnerabilities. The impacts of these vulnerabilities include remote execution of arbitrary code, information disclosure, and denial of service.

tags | advisory, remote, denial of service, arbitrary, vulnerability, info disclosure
MD5 | c0b9455faba3da718ac355bf075afb14
Ubuntu Security Notice 881-1
Posted Jan 12, 2010
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 881-1 - It was discovered that Kerberos did not correctly handle invalid AES blocks. An unauthenticated remote attacker could send specially crafted traffic that would crash the KDC service, leading to a denial of service, or possibly execute arbitrary code with root privileges.

tags | advisory, remote, denial of service, arbitrary, root
systems | linux, ubuntu
advisories | CVE-2009-4212
MD5 | c5cc3071235d3683b1c35e54ec7d601d
Google Maps Cross Site Scripting
Posted Jan 12, 2010
Authored by Gaurav Baruah, Pratul Agrawal

Google Maps suffered from a cross site scripting vulnerability. This was patched the same day as it was publicly disclosed.

tags | exploit, xss
MD5 | 888f54e7c1d88d88df037210a4b74f12
Calendar Express 2 Cross Site Scripting
Posted Jan 12, 2010
Authored by Sora

Calendar Express 2 version 2.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | a16ab7782187e412a8f1d53ece193831
Apple Iphone/Ipod Denial Of Service
Posted Jan 12, 2010
Authored by mr_me

Apple Iphone/Ipod Udisk FTP Basic Edition version 1.0 suffers from a remote pre-authentication denial of service vulnerability. Proof of concept included.

tags | exploit, remote, denial of service, proof of concept
systems | apple, iphone
MD5 | 042f4471fccaaf1f978d0f8954491a7a
Mandriva Linux Security Advisory 2010-003
Posted Jan 12, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-003 - sendmail before 8.14.4 does not properly handle a '\\0' (NUL) character in a Common Name (CN) field of an X.509 certificate, which (1) allows man-in-the-middle attackers to spoof arbitrary SSL-based SMTP servers via a crafted server certificate issued by a legitimate Certification Authority, and (2) allows remote attackers to bypass intended access restrictions via a crafted client certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408. Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. This update provides a fix for this vulnerability.

tags | advisory, remote, arbitrary, spoof
systems | linux, mandriva
advisories | CVE-2009-4565
MD5 | c18ea676b8eb51367d52261fb2788cf0
Mandriva Linux Security Advisory 2010-002
Posted Jan 12, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-002 - Directory traversal vulnerability in slp.c in the MSN protocol plugin in libpurple in Pidgin 2.6.4 and Adium 1.3.8 allows remote attackers to read arbitrary files via a. (dot dot) in an application/x-msnmsgrp2p MSN emoticon (aka custom smiley) request, a related issue to CVE-2004-0122. NOTE: it could be argued that this is resultant from a vulnerability in which an emoticon download request is processed even without a preceding text/x-mms-emoticon message that announced availability of the emoticon. This update provides pidgin 2.6.5, which is not vulnerable to this issue.

tags | advisory, remote, arbitrary, protocol
systems | linux, mandriva
advisories | CVE-2010-0013
MD5 | 7226873ff6153f816a25acddb14064ab
Mandriva Linux Security Advisory 2010-001
Posted Jan 12, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-001 - The OSCAR protocol plugin in libpurple in Pidgin before 2.6.3 and Adium before 1.3.7 allows remote attackers to cause a denial of service (application crash) via crafted contact-list data for (1) ICQ and possibly (2) AIM, as demonstrated by the SIM IM client. Directory traversal vulnerability in slp.c in the MSN protocol plugin in libpurple in Pidgin 2.6.4 and Adium 1.3.8 allows remote attackers to read arbitrary files via a. (dot dot) in an application/x-msnmsgrp2p MSN emoticon (aka custom smiley) request, a related issue to CVE-2004-0122. NOTE: it could be argued that this is resultant from a vulnerability in which an emoticon download request is processed even without a preceding text/x-mms-emoticon message that announced availability of the emoticon. Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. This update provides pidgin 2.6.5, which is not vulnerable to these issues.

tags | advisory, remote, denial of service, arbitrary, protocol
systems | linux, mandriva
advisories | CVE-2009-3615, CVE-2010-0013
MD5 | e5b03601138caff85338a39af21a4bfc
LayoutCMS 1.0 SQL Injection / Cross Site Scripting
Posted Jan 12, 2010
Authored by R3d-D3v!L

LayoutCMS version 1.0 suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
MD5 | 48bf17562f7d5271e284581300693420
PhPepperShop Webshop 2.5 Cross Site Scripting
Posted Jan 12, 2010
Authored by Crux

PhPepperShop Webshop version 2.5 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | e02ad44bbe24356663d682f8a4a9ed15
VisioSight Script 1.0 SQL Injection
Posted Jan 12, 2010
Authored by R3d-D3v!L

VisioSight Script version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 0f530e0c59c472177549de03b031b4a3
Commercial CMS 1.0 Cross Site Scripting
Posted Jan 12, 2010
Authored by R3d-D3v!L

Commercial CMS version 1.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 4f03794f8b802f3fcfc75caaf94e1a2b
Docmint CMS 1.0 Cross Site Scripting
Posted Jan 12, 2010
Authored by R3d-D3v!L

Docmint CMS version 1.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 0a710bc7f684cc0dabf758f6df7b957e
SBD Directory 4.0 Cross Site Scripting
Posted Jan 12, 2010
Authored by Crux

SBD Directory version 4.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 03accaa66a9b866dcc98d634e3259224
IBM Cognos 8 Business Intelligence 8.4.1 Cross Site Scripting
Posted Jan 12, 2010
Authored by Spala Ferenc

IBM Cognos 8 Business Intelligence version 8.4.1 suffers from a cross site scripting vulnerability.

tags | advisory, xss
MD5 | 3d6900f49ce26748400a87ac87f523c2
Page 1 of 1
Back1Next

File Archive:

October 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    25 Files
  • 2
    Oct 2nd
    13 Files
  • 3
    Oct 3rd
    1 Files
  • 4
    Oct 4th
    1 Files
  • 5
    Oct 5th
    15 Files
  • 6
    Oct 6th
    15 Files
  • 7
    Oct 7th
    15 Files
  • 8
    Oct 8th
    11 Files
  • 9
    Oct 9th
    3 Files
  • 10
    Oct 10th
    1 Files
  • 11
    Oct 11th
    1 Files
  • 12
    Oct 12th
    8 Files
  • 13
    Oct 13th
    12 Files
  • 14
    Oct 14th
    23 Files
  • 15
    Oct 15th
    4 Files
  • 16
    Oct 16th
    13 Files
  • 17
    Oct 17th
    1 Files
  • 18
    Oct 18th
    1 Files
  • 19
    Oct 19th
    27 Files
  • 20
    Oct 20th
    41 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close