Twenty Year Anniversary
Showing 1 - 16 of 16 RSS Feed

Files Date: 2010-01-16

LetoDMS Local File Inclusion / Cross Site Request Forgery
Posted Jan 16, 2010
Authored by Daniel Fabian, Lukas Weichselbaum | Site sec-consult.com

LetoDMS versions 1.7.2 and below suffer from cross site request forgery and local file inclusion vulnerabilities.

tags | exploit, local, vulnerability, file inclusion, csrf
MD5 | 4ea74d7fa9611a6a57792630447e477e
Adobe Acrobat / Reader U3D Integer Overflow
Posted Jan 16, 2010
Authored by Nicolas Joly | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability affecting Adobe Acrobat and Reader. This vulnerability is caused by an integer overflow error in the U3D module when processing malformed data, which could be exploited by attackers to execute arbitrary code by tricking a user into opening a specially crafted PDF document. Versions 9.2 and below are affected.

tags | advisory, overflow, arbitrary
advisories | CVE-2009-3959
MD5 | 007db25be82a0081152575074324f3b0
Mandriva Linux Security Advisory 2010-009
Posted Jan 16, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-009 - The htmlspecialchars function in PHP before 5.2.12 does not properly handle (1) overlong UTF-8 sequences, (2) invalid Shift_JIS sequences, and (3) invalid EUC-JP sequences, which allows remote attackers to conduct cross-site scripting (XSS) attacks by placing a crafted byte sequence before a special character. The updated packages have been patched to correct this issue.

tags | advisory, remote, php, xss
systems | linux, mandriva
advisories | CVE-2009-4142
MD5 | 3bc2c39f69446ef0aee711c725b25958
Joomla Uploader Shell Upload
Posted Jan 16, 2010
Authored by wlhaan Hacker

The Joomla Uploader component suffers from a shell upload vulnerability.

tags | exploit, shell
MD5 | 8e94f0970612a6b56ca33e904d294d31
Testlink TestManagement And Execution System Directory Traversal
Posted Jan 16, 2010
Authored by Prashant Khandelwal

Testlink TestManagement and Execution System suffers from directory traversal vulnerabilities.

tags | exploit, vulnerability, file inclusion
MD5 | 0893285b3d3d862520059116f6a9b55f
Testlink TestManagement And Execution System Cross Site Scripting
Posted Jan 16, 2010
Authored by Prashant Khandelwal

Testlink TestManagement and Execution System suffers from cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 4216dbb0036bc31009a198f2b87ff56f
AthCon IT Call For Papers
Posted Jan 16, 2010
Site athcon.org

AthCon IT 2010 Call For Papers - This year the conference will take place in the Jockey's Country Club in Athens, Greece from June 3rd through the 4th, 2010.

tags | paper, conference
MD5 | b4d65e7b89d9733d248c67971712a993
Funk Gallery Cross Site Scripting
Posted Jan 16, 2010
Authored by LionTurk

Funk Gallery suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | b75b3c475bdb09f9e2c1ba7d5472ffcb
Mandriva Linux Security Advisory 2010-008
Posted Jan 16, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-008 - The zend_restore_ini_entry_cb function in zend_ini.c in PHP 5.3.0, 5.2.10, and earlier versions allows context-specific attackers to obtain sensitive information (memory contents) and cause a PHP crash by using the ini_set function to declare a variable, then using the ini_restore function to restore the variable. The htmlspecialchars function in PHP before 5.2.12 does not properly handle (1) overlong UTF-8 sequences, (2) invalid Shift_JIS sequences, and (3) invalid EUC-JP sequences, which allows remote attackers to conduct cross-site scripting (XSS) attacks by placing a crafted byte sequence before a special character. Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. The updated packages have been patched to correct these issues.

tags | advisory, remote, php, xss
systems | linux, mandriva
advisories | CVE-2009-2626, CVE-2009-4142
MD5 | 255d28778c94f59a3f2ad6327849b2e3
Packet Sniffing Whitepaper
Posted Jan 16, 2010
Site datairan.ir

This is a whitepaper called Packet Sniffing. Written in Persian.

tags | paper
MD5 | d5df22a5efa0f3ceb3df8f726c360aab
Mandriva Linux Security Advisory 2010-007
Posted Jan 16, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-007 - The (1) htmlentities and (2) htmlspecialchars functions in PHP before 5.2.5 accept partial multibyte sequences, which has unknown impact and attack vectors, a different issue than CVE-2006-5465. The zend_restore_ini_entry_cb function in zend_ini.c in PHP 5.3.0, 5.2.10, and earlier versions allows context-specific attackers to obtain sensitive information (memory contents) and cause a PHP crash by using the ini_set function to declare a variable, then using the ini_restore function to restore the variable. The htmlspecialchars function in PHP before 5.2.12 does not properly handle (1) overlong UTF-8 sequences, (2) invalid Shift_JIS sequences, and (3) invalid EUC-JP sequences, which allows remote attackers to conduct cross-site scripting (XSS) attacks by placing a crafted byte sequence before a special character. The updated packages have been patched to correct these issues.

tags | advisory, remote, php, xss
systems | linux, mandriva
advisories | CVE-2007-5898, CVE-2009-2626, CVE-2009-4142
MD5 | 13194dccfcf5d6fe0f4480b1cb1f6b2c
Microsoft Animated Cursor .ANI Buffer Overflow
Posted Jan 16, 2010
Authored by Jacky

Microsoft Animated Cursor .ANI buffer overflow exploit written in Perl.Works on Windows XP SP2.

tags | exploit, overflow, perl
systems | windows, xp
MD5 | 9b2cc416a644300ebee98679a97eb9fa
OtsTurntables Free 1.00.047 SEH Overwrite
Posted Jan 16, 2010
Authored by Darkb0x | Site nullarea.net

OtsTurntables Free version 1.00.047 SEH overwrite exploit that generates a malicious .ofl file.

tags | exploit
MD5 | c11c752a1f14bfbcded7e3053280faa2
AB Micrologix Denial Of Service / Unauthorized Access
Posted Jan 16, 2010
Authored by Eyal Udassin | Site c4-security.com

Micrologix 1100 and 1400 controllers suffer from multiple vulnerabilities that allow unauthorized control of the PLC. Details of these vulnerabilities will be disclosed only to legitimate parties such as asset owners (utilities), after receiving the approval of the local CERT or any other local official entity.

tags | advisory, local, vulnerability
MD5 | e652a3e99f4038663eb45e3f82b16eb1
Surge FTP Admin Web Module Directory Traversal
Posted Jan 16, 2010
Authored by indoushka

Surge FTP's administrative web interface suffers from an Apache Tomcat 5.5.26 directory traversal vulnerability.

tags | exploit, web, file inclusion
MD5 | c6a87528c70e7df93015f603a699819f
Linux/x86 Overwrite MBR With LOL Shellcode
Posted Jan 16, 2010
Authored by root@thegibson

43 bytes small Linux/x86 MBR overwrite code that hits /dev/sda with LOL!

tags | x86, shellcode
systems | linux
MD5 | 0004dd88b05303c353cde48caa3cc7df
Page 1 of 1
Back1Next

File Archive:

October 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    26 Files
  • 2
    Oct 2nd
    15 Files
  • 3
    Oct 3rd
    15 Files
  • 4
    Oct 4th
    15 Files
  • 5
    Oct 5th
    15 Files
  • 6
    Oct 6th
    2 Files
  • 7
    Oct 7th
    3 Files
  • 8
    Oct 8th
    23 Files
  • 9
    Oct 9th
    16 Files
  • 10
    Oct 10th
    15 Files
  • 11
    Oct 11th
    19 Files
  • 12
    Oct 12th
    16 Files
  • 13
    Oct 13th
    2 Files
  • 14
    Oct 14th
    2 Files
  • 15
    Oct 15th
    15 Files
  • 16
    Oct 16th
    20 Files
  • 17
    Oct 17th
    19 Files
  • 18
    Oct 18th
    21 Files
  • 19
    Oct 19th
    16 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close