exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 43 RSS Feed

Files Date: 2010-02-10

Win32 cmd.exe Shellcode For XP SP2 Turkish
Posted Feb 10, 2010
Authored by Hellcode Research | Site tcc.hellcode.net

26 bytes small Win32 shellcode that launches cmd.exe. Written for XP SP2 Turkish.

tags | shellcode
systems | windows
SHA-256 | 907368c1775ddf7385d0c2734f57d7c482048ce7978fcd5bc65ef6d9c7ab5f0f
Win32 cmd.exe Shellcode For XP SP3 English
Posted Feb 10, 2010
Authored by Hellcode Research | Site tcc.hellcode.net

26 bytes small Win32 shellcode that launches cmd.exe. Written for XP SP3 English.

tags | shellcode
systems | windows
SHA-256 | 397875b7dca92fc5ed4e9e0422258d87916ded2d39a840b62844fbfcfe65f5a7
Internet Explorer 7 / 8 URL Validation
Posted Feb 10, 2010
Authored by Lostmon | Site lostmon.blogspot.com

Microsoft Internet Explorer versions 7 and 8 suffer from an url validation vulnerability.

tags | exploit
advisories | CVE-2010-0027
SHA-256 | 5691209f6297d7c41dfedc1fd1bc337896dda52d19cb5fb673984e723b44156a
Cisco Security Advisory 20100210-ironport
Posted Feb 10, 2010
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Cisco IronPort Encryption Appliance devices contain two vulnerabilities that allow remote, unauthenticated access to any file on the device and one vulnerability that allows remote, unauthenticated users to execute arbitrary code with elevated privileges. There are workarounds available to mitigate these vulnerabilities.

tags | advisory, remote, arbitrary, vulnerability
systems | cisco
advisories | CVE-2010-0143, CVE-2010-0144, CVE-2010-0145
SHA-256 | f55041eba86b197e802f1e3fb48e213d4b2d5aaf87e4bb30235478c5e4e0f139
Magic_Blocks1_2 File Disclosure
Posted Feb 10, 2010
Authored by jiko

Magic_Block1_2 suffers from a remote file disclosure vulnerability.

tags | exploit, remote, info disclosure
SHA-256 | 24612914e0c86a6feb2ca4d0a71edc207c32deab6232020ee1c533a0a987703b
SSL Audit Tool
Posted Feb 10, 2010
Authored by Thierry Zoller | Site g-sec.lu

Developed as part of G-SEC's investigation for the "Secure SSL/TLS configuration Report 2010", they developed this little tool called SSL Audit. SSL Audit scans web servers for SSL support, unlike other tools it is not limited to ciphers supported by SSL engines such as OpenSSL or NSS and can detect all known cipher suites. It also has a fingerprinting mode.

tags | web, encryption
SHA-256 | 28724527671579a60227726d8f0274db7ecfcf5fa272303bdca45d92ef5cb702
The Insecurity Of Omegle
Posted Feb 10, 2010
Authored by Valentin Hoebel

Whitepaper called The (In)Security Of Omegle - What Omegle Users Should Know.

tags | paper
SHA-256 | e80131176281cee3105d378e20511889276f7a62b84d727248ed8d1b98a6bf37
ULoki Community Forum 2.1 Cross Site Scripting
Posted Feb 10, 2010
Authored by Sioma Labs

ULoki Community Forum version 2.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | a2190948885934c0c63581a1eb71dd1ce98a50ac4b3dd1ed99902c05081c997d
HP Security Bulletin HPSBMA02486 SSRT090049
Posted Feb 10, 2010
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin - Potential security vulnerabilities have been identified with the Java Runtime Environment (JRE) and Java Developer Kit (JDK) delivered with HP OpenView Network Node Manager (OV NNM). These vulnerabilities may allow remote unauthorized access, privilege escalation, execution of arbitrary code, and creation of a Denial of Service (DoS) .

tags | advisory, java, remote, denial of service, arbitrary, vulnerability
advisories | CVE-2008-2086, CVE-2008-5339, CVE-2008-5340, CVE-2008-5341, CVE-2008-5342, CVE-2008-5343, CVE-2008-5344, CVE-2008-5345, CVE-2008-5347, CVE-2008-5348, CVE-2008-5350, CVE-2008-5351, CVE-2008-5353, CVE-2008-5354, CVE-2008-5356, CVE-2008-5357, CVE-2008-5358, CVE-2008-5359
SHA-256 | d609c2737ba3ee1e6d4dc412f6776d14c47fbc01f340bfebad40833c6310c6fa
Serverchk.py SQL Injection Scanner
Posted Feb 10, 2010
Authored by FB1H2S | Site whitec0de.com

Serverchk.py is a python script written to scan web applications for SQL injection vulnerabilities.

tags | tool, web, scanner, vulnerability, sql injection, python
systems | unix
SHA-256 | d0ddb6281fd5a4886511316dd456027446ae9f16291895b5c960f2844b37c776
Ubuntu Security Notice 898-1
Posted Feb 10, 2010
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 898-1 - It was discovered that gnome-screensaver did not correctly handle monitor hotplugging. An attacker with physical access could cause gnome-screensaver to crash and gain access to the locked session.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2010-0414
SHA-256 | ab9efb0c857c5d767a9f9fa4206aaf3b5e719739cb6d5792bfe3d17825fce697
Hashe! SQL Injection
Posted Feb 10, 2010
Authored by AtT4CKxT3rR0r1ST

HASHE! suffers from multiple remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
SHA-256 | f1aa99a84e638330cd790af752f8bb2905762e2eca9d56c8da13c526d34c33e1
HP Security Bulletin HPSBMA02484 SSRT090076
Posted Feb 10, 2010
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin - A potential security vulnerability has been identified with HP Network Node Manager (NNM). The vulnerability could be exploited remotely to execute arbitrary commands.

tags | advisory, arbitrary
advisories | CVE-2010-0445
SHA-256 | 2ff695113e010d874733ddd8a0a1bd5e9e0469ca39922dd749407a99da1b6d38
eSmile SQL Injection
Posted Feb 10, 2010
Authored by AtT4CKxT3rR0r1ST

eSmile suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 3d3deb0e4f3512d9deed7609fa028c1675df6945080fcbc8562832700a21a0ff
Microsoft SMB Client Pool Overflow
Posted Feb 10, 2010
Authored by laurent gaffie, Renaud Feil | Site stratsec.net

A vulnerability exists in the Microsoft SMB client which allows an attacker to trigger a kernel pool memory corruption by sending a specific 'Negotiate Protocol' response.

tags | advisory, kernel, protocol
advisories | CVE-2010-0016, CVE-2010-0017
SHA-256 | dd4096a3adf7c94d29852abe073cbc999aa234b0784a145cc1d0c9ce5a2c7733
PLS PLA WMDownloader Proof Of Concept
Posted Feb 10, 2010
Authored by Beenu Arora | Site beenuarora.com

PLS PLA WMDownloader proof of concept local buffer overflow exploit that creates a malicious .pls file.

tags | exploit, overflow, local, proof of concept
SHA-256 | 3e61f7070ee3b03509cd8237fdb7e8db6e1bfcf8c051ab0e276e348f4fb82a24
Ubuntu Security Notice 897-1
Posted Feb 10, 2010
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 897-1 - It was discovered that MySQL could be made to overwrite existing table files in the data directory. It was discovered that MySQL contained a cross-site scripting vulnerability in the command-line client when the --html option is enabled. It was discovered that MySQL could be made to overwrite existing table files in the data directory. It was discovered that MySQL contained multiple format string flaws when logging database creation and deletion. It was discovered that MySQL incorrectly handled errors when performing certain SELECT statements, and did not preserve correct flags when performing statements that use the GeomFromWKB function. It was discovered that MySQL incorrectly checked symlinks when using the DATA DIRECTORY and INDEX DIRECTORY options. It was discovered that MySQL contained a buffer overflow when parsing ssl certificates.

tags | advisory, overflow, xss
systems | linux, ubuntu
advisories | CVE-2008-4098, CVE-2008-4456, CVE-2008-7247, CVE-2009-2446, CVE-2009-4019, CVE-2009-4030, CVE-2009-4484
SHA-256 | f0edf6f7535b1520aeb975de468f02533ed513b5b5870eefc4dccd6cc1160507
Right To Left Override Unicode Can Be Used In Multiple Spoofing Cases
Posted Feb 10, 2010
Authored by Jordi Chancel

Whitepaper called Right To Left Override Unicode Can Be Used In Multiple Spoofing Cases. Written in French.

tags | paper, spoof
SHA-256 | f1b0137bda26ef70c47fb6d33261363a586b255af0a7217e22295d19a8bd8fcf
feedDemon 3.1.0.9 .opml File Buffer Overflow
Posted Feb 10, 2010
Authored by fl0 fl0w

feedDemon version 3.1.0.9 .opml file local buffer overflow exploit.

tags | exploit, overflow, local
SHA-256 | bdb43462e833a38c658cf6f4ea913c59a3fd9b5d0c379adb4507e5a5ea47926b
Nautilus File Manager Proof Of Concept
Posted Feb 10, 2010
Authored by Joe Dohn

This is a proof of concept exploit for GNOME's Nautilus file manager version 2.26.2.

tags | exploit, proof of concept
SHA-256 | bd470c247479213d341811294a08a0b0b6b129cd7ca2222f28c9ddd87f5bedf6
Vermillion FTP Daemon PORT Command Memory Corruption
Posted Feb 10, 2010
Authored by jduck | Site metasploit.com

This Metasploit module exploits an out-of-bounds array access in the Arcane Software Vermillion FTP server. By sending an specially crafted FTP PORT command, an attacker can corrupt stack memory and execute arbitrary code. This particular issue is caused by processing data bound by attacker controlled input while writing into a 4 byte stack buffer. Unfortunately, the writing that occurs is not a simple byte copy. Processing is done using a source ptr (p) and a destination pointer (q). The vulnerable function walks the input string and continues while the source byte is non-null. If a comma is encountered, the function increments the the destination pointer. If an ascii digit [0-9] is encountered, the following occurs: *q = (*q * 10) + (*p - '0'); All other input characters are ignored in this loop. As a consequence, an attacker must craft input such that modifications to the current values on the stack result in usable values. In this exploit, the low two bytes of the return address are adjusted to point at the location of a 'call edi' instruction within the binary. This was chosen since 'edi' points at the source buffer when the function returns. NOTE: This server can be installed as a service using "vftpd.exe install". If so, the service does not restart automatically, giving an attacker only one attempt.

tags | exploit, arbitrary
SHA-256 | 6c3e569f4a96d6f26bcfe8754e396fc55a9c9d42d38c9300f94855b2dbd501fb
Microsoft IIS WebDAV Write Access Code Execution
Posted Feb 10, 2010
Site metasploit.com

This Metasploit module can be used to execute a payload on IIS servers that have world-writeable directories. The payload is uploaded as an ASP script using a WebDAV PUT request.

tags | exploit, asp
SHA-256 | 4ec5b093ab1cb3f7824fc0789935b123c05d0f352410b2d130c1546774dfb524
AIX Calendar Manager Service Daemon (rpc.cmsd) Opcode 21 Buffer Overflow
Posted Feb 10, 2010
Authored by Rodrigo Rubira Branco, jduck | Site metasploit.com

This Metasploit module exploits a buffer overflow vulnerability in opcode 21 handled by rpc.cmsd on AIX. By making a request with a long string passed to the first argument of the "rtable_create" RPC, a stack based buffer overflow occurs. This leads to arbitrary code execution.

tags | exploit, overflow, arbitrary, code execution
systems | aix
advisories | CVE-2009-3699
SHA-256 | aff1d1ff1b53822a5be662ef7f7cb50a2f60bbc8bab207ec0fc7df83f3270216
Multiplatform View State Tampering
Posted Feb 10, 2010
Authored by Trustwave | Site trustwave.com

SpiderLabs has documented view state tampering vulnerabilities in three products from separate vendors. Microsoft ASP.Net version 3.5, Apache MyFaces versions 1.2.8 and 1.2.7, and Sun Microsystems Mojarra versions 1.2_14 and 2.0.2 are all vulnerable.

tags | exploit, vulnerability, asp
SHA-256 | 274d820d5053b91c5b4019151e6accd446cb31435dfa6ae866e1d89dceee5e44
AdultBannerExchange Insecure Cookie Handling
Posted Feb 10, 2010
Authored by jiko

AdultBannerExchange suffers from an insecure cookie handling vulnerability.

tags | exploit, insecure cookie handling
SHA-256 | f142410fb170312ad51fa6d4e8e15f8d68406e6dbfa80252e56b9626b1bb942a
Page 1 of 2
Back12Next

File Archive:

July 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    52 Files
  • 2
    Jul 2nd
    0 Files
  • 3
    Jul 3rd
    0 Files
  • 4
    Jul 4th
    11 Files
  • 5
    Jul 5th
    8 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    0 Files
  • 9
    Jul 9th
    0 Files
  • 10
    Jul 10th
    0 Files
  • 11
    Jul 11th
    0 Files
  • 12
    Jul 12th
    0 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    0 Files
  • 16
    Jul 16th
    0 Files
  • 17
    Jul 17th
    0 Files
  • 18
    Jul 18th
    0 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close