exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 69 RSS Feed

Files Date: 2010-01-29

Debian Linux Security Advisory 1968-2
Posted Jan 29, 2010
Authored by Debian | Site debian.org

Debian Linux Security Advisory 1968-2 - It was discovered that pdns-recursor, the PowerDNS recursive name server, contains a cache poisoning vulnerability which may allow attackers to trick the server into serving incorrect DNS data (CVE-2009-4010).

tags | advisory
systems | linux, debian
advisories | CVE-2009-4010
SHA-256 | 93b6b97cd2634967ebb166c497f5c1a22c83bd152b29b000215698efced07d33
CemaListe 2.3 Database Disclosure
Posted Jan 29, 2010
Authored by LionTurk

CemaListe version 2.3 suffers from a database disclosure vulnerability.

tags | exploit, info disclosure
SHA-256 | b8f476942015811c66175820d0a874067ef719cab7d74de5eb8eafde41bdbb06
AIC Audio Player 1.4.1.587 Denial Of Service
Posted Jan 29, 2010
Authored by b0telh0

AIC Audio Player version 1.4.1.587 local crash denial of service proof of concept exploit.

tags | exploit, denial of service, local, proof of concept
SHA-256 | df91cc1caa418503b13875a547bbf58abed9b4e04aab9a8a481c8f3325956c8d
Ubuntu Security Notice 892-1
Posted Jan 29, 2010
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 892-1 - Ronald Volgers discovered that FUSE did not correctly check mount locations. A local attacker, with access to use FUSE, could unmount arbitrary locations, leading to a denial of service.

tags | advisory, denial of service, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2009-3297
SHA-256 | 5581a265cff9e48cb846db4f05ccabfbf475feae6e20f5fcdcf3c5431ea5d7f9
PHP Product Catalog Cross Site Request Forgery
Posted Jan 29, 2010
Authored by bi0

PHP Product Catalog suffers from a cross site request forgery vulnerability.

tags | exploit, php, csrf
SHA-256 | 9769bffb52f222f91f048681493b1c29d48568c80a898eed4abdfaae45f40e72
Debian Linux Security Advisory 1981-2
Posted Jan 29, 2010
Authored by Debian | Site debian.org

Debian Linux Security Advisory 1981-2 - The latest DSA for maildrop introduced two regressions. The maildrop program stopped working when invoked as a non-root user, such as with postfix. Also, the lenny version dropped a dependency on the courier-authlib package.

tags | advisory, root
systems | linux, debian
advisories | CVE-2010-0301
SHA-256 | dc9c10eff52a098653f18750b581e99e43503d6ad0570f552ec380e620ccc7c0
Joomla JE Quiz Blind SQL Injection
Posted Jan 29, 2010
Authored by bhunt3r

The Joomla JE Quiz component suffers from a remote blind SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 80bd3f60d046c4a4da88ad8aa2880ad5021d1446ea22572ed29077acb22ef4ee
XAMPP Cross Site Request Forgery / Cross Site Scripting / Path Disclosure / SQL Injection / Traversal
Posted Jan 29, 2010
Authored by MustLive

XAMPP versions 1.6.8 and below suffer from cross site request forgery, cross site scripting, path disclosure, remote SQL injection and directory traversal vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection, file inclusion, csrf
SHA-256 | 98714ff1d8ab1f70017793ae6fa8f89b89eaac83f325a07dcb0b841989499dc1
Joomla CCNewsLetter Local File Inclusion
Posted Jan 29, 2010
Authored by AtT4CKxT3rR0r1ST

The Joomla CCNewsLetter component suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
SHA-256 | 8205aafae6fb9908758492ca1682ef185cf657044b9c44bc6bc25c92ad159ac2
Ubuntu Security Notice 893-1
Posted Jan 29, 2010
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 893-1 - Ronald Volgers discovered that the mount.cifs utility, when installed as a setuid program, suffered from a race condition when verifying user permissions. A local attacker could trick samba into mounting over arbitrary locations, leading to a root privilege escalation.

tags | advisory, arbitrary, local, root
systems | linux, ubuntu
advisories | CVE-2009-3297
SHA-256 | 8d54a9e51f6d12da9bd39ed796b2aaa76b4912fadf7decc1dd8b8445217bea71
Joomla CCNewsLetter Directory Traversal
Posted Jan 29, 2010
Authored by bhunt3r

The Joomla CCNewsLetter component suffers from a directory traversal vulnerability.

tags | exploit, file inclusion
SHA-256 | 1d80a9f391adbef7da3c5f3e510bd73fa389fe51777bbfa87a607fbf301da5a9
Rising AntiVirus 2008 - 2010 Privilege Escalation Proof Of Concept
Posted Jan 29, 2010
Authored by Dlrow

Rising AntiVirus 2008 through 2010 local privilege escalation proof of concept exploit.

tags | exploit, local, proof of concept
SHA-256 | 04d2f1d6930f5971e2ae3032f9012bb0aeb7a4fc678e4f2504cd8ea513cb394d
ProCheckUp Security Advisory 2009.19
Posted Jan 29, 2010
Authored by ProCheckUp, Richard Brain, Jan Fry | Site procheckup.com

CommonSpot Server suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | df67dfe5debcbb27e0fef223695bfa6598ccdaa78f99196c76f1ec8693d28f42
Debian Linux Security Advisory 1981-1
Posted Jan 29, 2010
Authored by Debian | Site debian.org

Debian Linux Security Advisory 1981-1 - Christoph Anton Mitterer discovered that maildrop, a mail delivery agent with filtering abilities, is prone to a privilege escalation issue that grants a user root group privileges.

tags | advisory, root
systems | linux, debian
SHA-256 | 686b60a76e096bbcfb68030abfcf145851da868baad7fac2177dd1c60e8131f0
Arraid Insecure Cookie Handling
Posted Jan 29, 2010
Authored by alnjm33

Arraid version 1. suffers from an insecure cookie handling vulnerability.

tags | exploit, insecure cookie handling
SHA-256 | cd96dc8355a696490e8c079a19c7618886a205c4398efcd4cc36f41cb623e81e
Joomla jVideoDirect Blind SQL Injection
Posted Jan 29, 2010
Authored by bhunt3r

The Joomla jVideoDirect component version 1.1 RC3b suffers from a remote blind SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | e24db250aa34f2166086725ee102a72db226d14eed35d975837e36ac0f66fae9
Joomla CCNewsLetter Blind SQL Injection
Posted Jan 29, 2010
Authored by bhunt3r

The Joomla CCNewsLetter component suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | b7d58f293411f7c47e5123ba2fafde7743db507590b98ccc168969284c4db663
Ubuntu Security Notice 891-1
Posted Jan 29, 2010
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 891-1 - It was discovered that lintian did not correctly validate certain filenames when processing input. If a user or an automated system were tricked into running lintian on a specially crafted set of files, a remote attacker could execute arbitrary code with user privileges.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2009-4013, CVE-2009-4014, CVE-2009-4015
SHA-256 | 4003b484d84f814534861d3711d43ca466e33ec2d8c8d4118de59a8ba205ab58
fipsForum 2.6 Database Disclosure
Posted Jan 29, 2010
Authored by ViRuSMaN

fipsForum version 2.6 suffers from a database disclosure vulnerability.

tags | exploit, info disclosure
SHA-256 | 18c9777ddbd274ff077e7ee941ac742df9fe585e709048e4016e0a5ee055f5fe
Joomla Autartitarot Directory Traversal
Posted Jan 29, 2010
Authored by bhunt3r

The Joomla Autartitarot component suffers from a directory traversal vulnerability.

tags | exploit, file inclusion
SHA-256 | 9da52e396a9d381586a2d8a9fa9d8dafb623a2cb8a0d3e3d9b8191059b94614f
phpBB 2.0.1 Cross Site Scripting
Posted Jan 29, 2010
Authored by s4r4d0

phpBB version 2.0.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 895ceb3611b49cbf692d9eb4a56bfd05510ac7c22df141395622bd38bed3ff06
NovaBoard 1.1.2 SQL Injection
Posted Jan 29, 2010
Authored by Delibey

NovaBoard version 1.1.2 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | f1855c117858b59ca361d6858975ac70417aa29475b41a84336fd26cb65b6316
LandShop Cross Site Scripting
Posted Jan 29, 2010
Authored by Cyber_945

LandShop suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | c9f90c560b3fac0a0db362eabfdc48413c34e1637d138f2e1522f8609f55c09b
Debian Linux Security Advisory 1980-1
Posted Jan 29, 2010
Authored by Debian | Site debian.org

Debian Linux Security Advisory 1980-1 - David Leadbeater discovered an integer underflow that could be triggered via the LINKS command and can lead to a denial of service or the execution of arbitrary code (CVE-2009-4016). This issue affects both, ircd-hybrid and ircd-ratbox.

tags | advisory, denial of service, arbitrary
systems | linux, debian
advisories | CVE-2009-4016, CVE-2010-0300
SHA-256 | 0a6ecd8132d5653e5359b9dd2ff6f80c30c048776ddc6919626b811351537118
Nmap Port Scanner 5.21
Posted Jan 29, 2010
Authored by Fyodor | Site insecure.org

Nmap is a utility for port scanning large networks, although it works fine for single hosts. Sometimes you need speed, other times you may need stealth. In some cases, bypassing firewalls may be required. Not to mention the fact that you may want to scan different protocols (UDP, TCP, ICMP, etc.). Nmap supports Vanilla TCP connect() scanning, TCP SYN (half open) scanning, TCP FIN, Xmas, or NULL (stealth) scanning, TCP ftp proxy (bounce attack) scanning, SYN/FIN scanning using IP fragments (bypasses some packet filters), TCP ACK and Window scanning, UDP raw ICMP port unreachable scanning, ICMP scanning (ping-sweep), TCP Ping scanning, Direct (non portmapper) RPC scanning, Remote OS Identification by TCP/IP Fingerprinting, and Reverse-ident scanning. Nmap also supports a number of performance and reliability features such as dynamic delay time calculations, packet timeout and retransmission, parallel port scanning, detection of down hosts via parallel pings.

Changes: Fixed an error that occurred when UDP scan was combined with version scan. Various NSE improvements.
tags | tool, remote, udp, tcp, protocol, nmap
systems | unix
SHA-256 | 9fcb24f86157541c2f17cc8a0cc1e5d15d909b51720d163fcad5faaa6201b0ba
Page 1 of 3
Back123Next

File Archive:

December 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    2 Files
  • 2
    Dec 2nd
    12 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close