exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 21 of 21 RSS Feed

Files Date: 2010-02-19

Debian Linux Security Advisory 1999-1
Posted Feb 19, 2010
Authored by Debian | Site debian.org

Debian Linux Security Advisory 1999-1 - Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications, such as the Iceweasel web browser.

tags | advisory, remote, web, vulnerability
systems | linux, debian
advisories | CVE-2009-1571, CVE-2009-3988, CVE-2010-0159, CVE-2010-0160, CVE-2010-0162
SHA-256 | e186bbcef4c76dd7c82263be160a64e36c680eae3464ff34fcd581db19a0af1e
PHP-Kit 1.6.1 SQL Injection
Posted Feb 19, 2010
Authored by Easy Laster

PHP-Kit version 1.6.1 suffers from a remote SQL injection vulnerability in member.php.

tags | exploit, remote, php, sql injection
SHA-256 | 04144ce3bc149adf23bb00f62d88e1218d88bba64637ce4205fe7912fa16b7f0
ACM.org Information Disclosure
Posted Feb 19, 2010
Authored by the hacker

It appears that acm.org suffers from a serious data leak and may be ignoring it.

tags | advisory, info disclosure
SHA-256 | 8e6b09b62e771606ad867f018b1b74c049773aab72fa56fc8c39418f207a5b4e
Joomla Community Polls Local File Inclusion
Posted Feb 19, 2010
Authored by kaMtiEz | Site indonesiancoder.com

The Joomla Community Polls component suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
SHA-256 | 3f0ff7fc4920e3d8f290a994dda63aaf12e15a63d80caf788ebc09983f7337f8
SphereCMS 1.1 Alpha Blind SQL Injection
Posted Feb 19, 2010
Authored by AmnPardaz Security Research Team | Site bugreport.ir

SphereCMS version 1.1 Alpha suffers from a remote blind SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 9431cbe88f2428736d7c267ae83535ba81f25462355a52476e9c29052d518294
Whitepaper Called The Operation CloudBurst Attack
Posted Feb 19, 2010
Authored by CWH Underground | Site citecclub.org

This is a whitepaper called The Operation CloudBurst Attack. It discusses exploitation methodologies in relation to databases.

tags | paper
SHA-256 | 884e7b3743a87e6ba8453db3261db1dd57ab459c1e082f67a505e417fa84c6a7
Ubuntu Security Notice 890-5
Posted Feb 19, 2010
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 890-5 - USN-890-1 fixed vulnerabilities in Expat. This update provides the corresponding updates for XML-RPC for C and C++. Original advisory details: Jukka Taimisto, Tero Rontti and Rauli Kaksonen discovered that Expat did not properly process malformed XML. If a user or application linked against Expat were tricked into opening a crafted XML file, an attacker could cause a denial of service via application crash. It was discovered that Expat did not properly process malformed UTF-8 sequences. If a user or application linked against Expat were tricked into opening a crafted XML file, an attacker could cause a denial of service via application crash.

tags | advisory, denial of service, vulnerability
systems | linux, ubuntu
advisories | CVE-2009-3560, CVE-2009-3720
SHA-256 | 52eb5cf05dd186c7c71a01ca7548fbcb53330023b7e0dfb24faca286a3ad70be
Open Source Classifieds 1.1.0 Alpha Cross Site Scripting / SQL Injection
Posted Feb 19, 2010
Authored by Sioma Labs

Open Source Classifieds version 1.1.0 Alpha suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
SHA-256 | edb76ff2234a4a2dab661efc1a6f76fe7dee35d13cd0e0c436bc4ca9420b547c
Zero Day Initiative Advisory 10-018
Posted Feb 19, 2010
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 10-018 - This vulnerability allows remote attackers to execute remote code on vulnerable installations of IBM Cognos Server. Proper authentication is not required to exploit this vulnerability. The specific flaw exists due to a hidden manager-level account with a default password defined in the user configuration of the bundled Tomcat server. This server can be reached via HTTP on TCP port 19300. A malicious attacker can use this account to manage or deploy a servlet onto the server. By abusing this ability a remote attacker can execute arbitrary code under the context of the user running the Tomcat server.

tags | advisory, remote, web, arbitrary, tcp
SHA-256 | 064aa92535214caeeb8183d2541bf5f3e9054cab2de49dcd22b6b2554e267dba
Dynamic Message Box Shellcode
Posted Feb 19, 2010
Authored by bmgsec | Site bmgsec.com.au

Dynamic message box shellcode for win32. Supports 95/98/ME/NT/2K/XP/Vista.

tags | shellcode
systems | windows
SHA-256 | 44461bb59cc7467533b9c385216223311716e9343ca80fd2b5d82a5848c6a44a
Mandriva Linux Security Advisory 2010-041
Posted Feb 19, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-041 - Multiple security vulnerabilities has been identified and fixed Certain malformed SLP messages can trigger a crash because the MSN protocol plugin fails to check that all pieces of the message are set correctly. In a user in a multi-user chat room has a nickname containing ' ' then libpurple ends up having two users with username ' ' in the room, and Finch crashes in this situation. We do not believe there is a possibility of remote code execution. oCERT notified us about a problem in Pidgin, where a large amount of processing time will be used when inserting many smileys into an IM or chat window. This should not cause a crash, but Pidgin can become unusable slow. Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. This update provides pidgin 2.6.6, which is not vulnerable to these issues.

tags | advisory, remote, vulnerability, code execution, protocol
systems | linux, mandriva
advisories | CVE-2010-0277, CVE-2010-0420, CVE-2010-0423
SHA-256 | fa9c0b2138d3b8fbc1ab0bfd2fde34bd63b64d1d1e05a2042455f5dfceb6006c
FileApp 1.7 For iPhone / iPod Remote Denial Of Service
Posted Feb 19, 2010
Authored by Ale46

FileApp version 1.7 for iPhone / iPod remote denial of service exploit.

tags | exploit, remote, denial of service
systems | apple, iphone
SHA-256 | 4109c0d6bb570b74ebd596122ca5ea499cee774772a9d79c4476e2f770a5d8e7
BugCON 2010 Call For Papers
Posted Feb 19, 2010
Site bugcon.org

The Call For Papers for the 2010 BugCON Security Conference has been announced. It will be held in Mexico City October 27th through the 29th.

tags | paper, conference
SHA-256 | 8b0ea45a2af3013dd290dfedd4267f1d23d223f7584bea351e3e3cb5023982fd
CubeCart SQL Injection
Posted Feb 19, 2010
Authored by AtT4CKxT3rR0r1ST

CubeCart suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | db7a78ff121d3a197e0fb63d11d567199b738d089c65aa279fcc15b69e1abaa8
Joomla Otzivi Local File Inclusion
Posted Feb 19, 2010
Authored by AtT4CKxT3rR0r1ST

The Joomla Otzivi component suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
SHA-256 | 01a93d462ccd69d9a81bb33cd4caec81dd0bc9a89c544fab6344fad5a0cde8dd
Mozilla Firefox Memory Corruption
Posted Feb 19, 2010
Authored by Alin Rad Pop | Site secunia.com

Secunia Research has discovered a vulnerability in Mozilla Firefox, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused by an error when handling out-of-memory conditions. This can be exploited to corrupt memory and execute arbitrary code via a specially crafted web page. Versions prior to 3.0.18 and 3.5.8 are susceptible.

tags | advisory, web, arbitrary
advisories | CVE-2009-1571
SHA-256 | a0dde42c067bab2639a7964ba57a0b6a1f2fb79a300e90d0ba7960cf79218090
iScanner Malware Identification And Removal Tool 0.3
Posted Feb 19, 2010
Authored by iSecur1ty.org | Site iscanner.isecur1ty.org

iScanner is a free open source tool written in Ruby that lets you detect and remove malicious code from webpages.

tags | tool, scanner, ruby
systems | unix
SHA-256 | b24b4408248cf75aae3756669dc2ddc434a167578ae870ae51c3338e88d30689
Joomla! 1.5 Core Design Scriptegrator Local File Inclusion
Posted Feb 19, 2010
Authored by S2 Crew

Core Design Scriptegrator for Joomla! version 1.5 suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
SHA-256 | 3c624514cfbc530da7d627eb64fa261ec94c619832443d30ff91e7029a4afd30
gitWeb 1.x Remote Command Execution
Posted Feb 19, 2010
Authored by S2 Crew

gitWeb version 1.x suffers from a remote command execution vulnerability.

tags | exploit, remote
advisories | CVE-2008-5516, CVE-2008-5517
SHA-256 | 531316ccb2f446d689c4ea64b60d34f3712be9d3316b609fe811614dc7b64166
Qbik WinGate WWW Proxy Server URL Processing Overflow
Posted Feb 19, 2010
Authored by patrick | Site metasploit.com

This Metasploit module exploits a stack overflow in Qbik WinGate version 6.1.1.1077 and earlier. By sending malformed HTTP POST URL to the HTTP proxy service on port 80, a remote attacker could overflow a buffer and execute arbitrary code.

tags | exploit, remote, web, overflow, arbitrary
advisories | CVE-2006-2926
SHA-256 | 894f43ed9ebd305fbfb850e6148306dc62adfbc8788b34ecf2cdb98d799e4036
Apache Tomcat Manager Application Deployer Upload and Execute
Posted Feb 19, 2010
Authored by jduck | Site metasploit.com

This Metasploit module can be used to execute a payload on Apache Tomcat servers that have an exposed "manager" application. The payload is uploaded as a WAR archive containing a jsp application using a PUT request. The manager application can also be abused using /manager/html/upload, but that method is not implemented in this module.

tags | exploit
advisories | CVE-2009-3843
SHA-256 | f58aeb9136f2b509f52c0f2b286955d484d6b332b4b2c0c9edf999ea5b57d73c
Page 1 of 1
Back1Next

File Archive:

October 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    10 Files
  • 2
    Oct 2nd
    0 Files
  • 3
    Oct 3rd
    12 Files
  • 4
    Oct 4th
    15 Files
  • 5
    Oct 5th
    18 Files
  • 6
    Oct 6th
    16 Files
  • 7
    Oct 7th
    0 Files
  • 8
    Oct 8th
    0 Files
  • 9
    Oct 9th
    0 Files
  • 10
    Oct 10th
    0 Files
  • 11
    Oct 11th
    0 Files
  • 12
    Oct 12th
    0 Files
  • 13
    Oct 13th
    0 Files
  • 14
    Oct 14th
    0 Files
  • 15
    Oct 15th
    0 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close