what you don't know can hurt you
Showing 1 - 25 of 52 RSS Feed

Files Date: 2010-02-09

PHP Apps Links Insecure Cookie Handling
Posted Feb 9, 2010
Authored by jiko

PHP Apps Links suffers from an insecure cookie handling vulnerability.

tags | exploit, php, insecure cookie handling
MD5 | 122cea400ed7bf6f9eecccbb3dbde11b
Yes Solutions SQL Injection
Posted Feb 9, 2010
Authored by HackXBack

Yes Solutions suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 2a903b9d93e0cef07ce50f2537447b93
Mojo's IWMS 7 SQL Injection / Cross Site Scripting
Posted Feb 9, 2010
Authored by cp77fk4r

Mojo's IWMS versions 7 and below suffer from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
MD5 | 6cebd2b90abd6185eab5bb798b64760f
Technical Cyber Security Alert 2010-40A
Posted Feb 9, 2010
Authored by US-CERT | Site us-cert.gov

Technical Cyber Security Alert 2010-40A - Microsoft has released updates to address vulnerabilities in Microsoft Windows, Windows Server, Internet Explorer, and Microsoft Office.

tags | advisory, vulnerability
systems | windows
MD5 | 9108f9e15288839d67499d2558fcb5f3
Zero Day Initiative Advisory 10-017
Posted Feb 9, 2010
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 10-017 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office PowerPoint Viewer. User interaction is required to exploit this vulnerability in that the target must open a malicious presentation. The specific flaw exists in the handling of TextBytesAtom records contained in a PPT file. Due to the lack of bounds checking on the size argument an unchecked memcpy() copies user data from the file to the stack, overflowing key exception structures. Exploitation of this vulnerability can lead to remote compromise of the affected system under the context of the currently logged in user.

tags | advisory, remote, overflow, arbitrary
advisories | CVE-2010-0033
MD5 | 8978d1cd3eb0adeec15a19ab6c4a7d29
Zero Day Initiative Advisory 10-016
Posted Feb 9, 2010
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 10-016 - This vulnerability allows remote attackers to force a Microsoft Windows system to execute a given local executable. User interaction is required in that the target must access a malicious URL. The specific flaw exists within the ShellExecute API. Using a specially formatted URL an attacker can bypass sanitization checks within this function and force the calling application into running an executable of their choice. Successful exploitation requires a useful binary to exist in a predictable location on the remote system.

tags | advisory, remote, local
systems | windows
advisories | CVE-2010-0027
MD5 | e547143a9fbe9bc36baa123f2786452e
UltraISO 9.3.6.2750 Local Buffer Overflow
Posted Feb 9, 2010
Authored by fl0 fl0w

UltraISO version 9.3.6.2750 local buffer overflow exploit.

tags | exploit, overflow, local
MD5 | ccfdee94e145a442e745eb9612104bb2
Microsoft PowerPoint File Path Handling Buffer Overflow
Posted Feb 9, 2010
Authored by Carsten Eiram | Site secunia.com

Secunia Research has discovered a vulnerability in Microsoft Office PowerPoint, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused by a boundary error when handling file paths and can be exploited to cause a stack-based buffer overflow via a specially crafted file. Successful exploitation allows execution of arbitrary code. Microsoft Powerpoint 2002 is affected.

tags | advisory, overflow, arbitrary
advisories | CVE-2010-0029
MD5 | 1f0f98264cce91f3f785b518aeb37784
Newsletter Tailor SQL Injection
Posted Feb 9, 2010
Authored by ViRuSMaN

Newsletter Tailor suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
MD5 | 34ee1c42a1d59467cc5e096993b86fb6
Newsletter Tailor Backup Related
Posted Feb 9, 2010
Authored by ViRuSMaN

Newsletter Tailor suffers from remote database backup and disclosure vulnerabilities.

tags | exploit, remote, vulnerability, info disclosure
MD5 | fa0826349b5e0ea0926dd004e0b548f1
Core Security Technologies Advisory 2009.0827
Posted Feb 9, 2010
Authored by Core Security Technologies, Damian Frizza | Site coresecurity.com

Core Security Technologies Advisory - A vulnerability exists in MSO.DLL affecting Excel 9 (Office 2000) and Excel 10 (Office XP) in the code responsible for parsing OfficeArtSpgr (recType 0xF003) containers that allows an attacker to cause a class pointer to be interpreted incorrectly, leading to code execution in the context of the currently logged on user.

tags | advisory, code execution
advisories | CVE-2010-0243
MD5 | b2f3bb40ec8fae94f4ec8e97263f9f0c
Zero Day Initiative Advisory 10-015
Posted Feb 9, 2010
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 10-015 - This vulnerability allows attackers to execute arbitrary code on applications that utilize DirectShow for rendering video on Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must be coerced into decompressing a malicious video. The specific flaw exists within the decompression of a specific type of video stream contained in an .AVI file. The application misuses a length field for an allocation causing the memory allocation to be too small to contain the subsequent data. During population of this buffer, the application will copy more data than allocated for leading to memory corruption with the potential for code execution.

tags | advisory, arbitrary, code execution
systems | windows
advisories | CVE-2010-0250
MD5 | 1912905d1232a842162862db969a5a11
Linux /bin/cat /etc/passwd Shellcode
Posted Feb 9, 2010
Authored by FB1H2S

43 bytes small /bin/cat /etc/passwd Linux x/86 shellcode.

tags | shellcode
systems | linux
MD5 | 2799d300b0067e9a58f6249650090e2b
Spoofing Technique
Posted Feb 9, 2010
Authored by mc2_s3lector

Whitepaper called spoofing technique.

tags | paper, spoof
MD5 | 65a186b0f1619645b5df80b181c70b95
LDAP Injection Proof Of Concept
Posted Feb 9, 2010
Authored by mc2_s3lector

LDAP injection proof of concept exploit.

tags | exploit, proof of concept
MD5 | ce98bee2a6d03c1531d5f1790b7b3b38
FlexCMS Insecure Cookie Handling
Posted Feb 9, 2010
Authored by ViRuSMaN

FlexCMS version 3.1 suffers from an insecure cookie handling vulnerability.

tags | exploit, insecure cookie handling
MD5 | f78e033118c2608a2ac1056e27f1c335
Oracle E-Business Suite Cross Site Scripting
Posted Feb 9, 2010
Authored by Gil Cohen | Site hacktics.com

The Oracle E-Business Suite suffers from a cross site scripting vulnerability in the error details page.

tags | advisory, xss
MD5 | 9cb292b5286761099c52dba53e565290
ThinkPHP 1.5 / 2.0 Cross Site Scripting
Posted Feb 9, 2010
Authored by zx

ThinkPHP versions 2.0 and below suffer from cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | a3dc6ba953b837878aca58c9809fffc8
ACM CCS 2010 - Call For Workshop Proposals
Posted Feb 9, 2010
Authored by Ninghui Li, Ting Yu Chairs

Proposals are solicited for workshops to be held in conjunction with ACM CCS 2010. Each workshop provides a forum to address a specific topic at the forefront of security research. A workshop must be one full day in length. Proceedings of all workshops will be available (on a CD) to the workshop attendees. Each workshop will also have on-line proceedings through ACM Digital Library, with a separate ISBN.

tags | paper, conference
MD5 | 19dc59ae850bc3346f49d457bbeb11f9
NetReconn Scanning Tool Collection 1.76
Posted Feb 9, 2010
Authored by Jay Fink

Netreconn is a collection of network scan/recon tools that are relatively small compared to their larger cousins. These include nstrobe, ipdump, and ndecode.

Changes: Various bug fixes and additions.
tags | tool
systems | unix
MD5 | 8061ea5f80d65bf6656c3f5a55d50534
Aruba Networks Security Advisory - 020810
Posted Feb 9, 2010
Site arubanetworks.com

Aruba Networks Security Advisory - This advisory addresses the renegotiation related vulnerability disclosed recently in Transport Layer Security protocol. This vulnerability may allow a Man-in-the-Middle (MITM) attacker to inject arbitrary data into the beginning of the application protocol stream protected by TLS.

tags | advisory, arbitrary, protocol
advisories | CVE-2009-3555
MD5 | 2f67860d1650ede724866d5efef4c335
Secunia Security Advisory 38510
Posted Feb 9, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in Microsoft Windows, which can be exploited by malicious users to compromise a vulnerable system and by malicious people to conduct brute force attacks or to cause a DoS (Denial of Service).

tags | advisory, denial of service, vulnerability
systems | windows
MD5 | b20d8a34efcfb1659d45057ba638f6fa
Secunia Security Advisory 38506
Posted Feb 9, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in Microsoft Windows, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system.

tags | advisory, denial of service, vulnerability
systems | windows
MD5 | b4afb434df2d333e90a34e0920a4fac1
Secunia Security Advisory 38512
Posted Feb 9, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious users to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | windows
MD5 | 80284b123f3edfff1d4862c4e3790548
Secunia Security Advisory 38503
Posted Feb 9, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Microsoft Data Analyzer, which can be exploited by malicious people to compromise a user's system.

tags | advisory
MD5 | 9d8f07d622632dabbd381496fa8e479f
Page 1 of 3
Back123Next

File Archive:

November 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    2 Files
  • 2
    Nov 2nd
    9 Files
  • 3
    Nov 3rd
    15 Files
  • 4
    Nov 4th
    90 Files
  • 5
    Nov 5th
    22 Files
  • 6
    Nov 6th
    16 Files
  • 7
    Nov 7th
    1 Files
  • 8
    Nov 8th
    1 Files
  • 9
    Nov 9th
    40 Files
  • 10
    Nov 10th
    27 Files
  • 11
    Nov 11th
    28 Files
  • 12
    Nov 12th
    13 Files
  • 13
    Nov 13th
    18 Files
  • 14
    Nov 14th
    2 Files
  • 15
    Nov 15th
    2 Files
  • 16
    Nov 16th
    29 Files
  • 17
    Nov 17th
    15 Files
  • 18
    Nov 18th
    15 Files
  • 19
    Nov 19th
    21 Files
  • 20
    Nov 20th
    16 Files
  • 21
    Nov 21st
    1 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    19 Files
  • 24
    Nov 24th
    32 Files
  • 25
    Nov 25th
    7 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close