exploit the possibilities
Showing 1 - 22 of 22 RSS Feed

Files Date: 2010-02-19

Debian Linux Security Advisory 1999-1
Posted Feb 19, 2010
Authored by Debian | Site debian.org

Debian Linux Security Advisory 1999-1 - Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications, such as the Iceweasel web browser.

tags | advisory, remote, web, vulnerability
systems | linux, debian
advisories | CVE-2009-1571, CVE-2009-3988, CVE-2010-0159, CVE-2010-0160, CVE-2010-0162
MD5 | f460611680e1c22bed4809c5b38c41a5
PHP-Kit 1.6.1 SQL Injection
Posted Feb 19, 2010
Authored by Easy Laster

PHP-Kit version 1.6.1 suffers from a remote SQL injection vulnerability in member.php.

tags | exploit, remote, php, sql injection
MD5 | 46555c0554552701c2f04dd08748fd4a
ACM.org Information Disclosure
Posted Feb 19, 2010
Authored by the hacker

It appears that acm.org suffers from a serious data leak and may be ignoring it.

tags | advisory, info disclosure
MD5 | f819074712f37022be8f1303a2b40678
Joomla Community Polls Local File Inclusion
Posted Feb 19, 2010
Authored by kaMtiEz | Site indonesiancoder.com

The Joomla Community Polls component suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
MD5 | 231b0080cfec609c4a5154dca2612837
SphereCMS 1.1 Alpha Blind SQL Injection
Posted Feb 19, 2010
Authored by AmnPardaz Security Research Team | Site bugreport.ir

SphereCMS version 1.1 Alpha suffers from a remote blind SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | b7e2a1e5e04606fb621b1425e933a696
New-CMS 1.08 LFI / XSS / XSRF / Shell Upload
Posted Feb 19, 2010
Authored by Alberto Fontanella | Site fulgursecurity.com

New-CMS version 1.08 suffers from cross site request forgery, cross site scripting, local file inclusion and shell upload vulnerabilities.

tags | exploit, shell, local, vulnerability, xss, file inclusion, csrf
MD5 | 39d6ce1a45885ec8d935830e7ce48508
Whitepaper Called The Operation CloudBurst Attack
Posted Feb 19, 2010
Authored by CWH Underground | Site citecclub.org

This is a whitepaper called The Operation CloudBurst Attack. It discusses exploitation methodologies in relation to databases.

tags | paper
MD5 | 2c17e69a1f4272d82443a2c395725004
Ubuntu Security Notice 890-5
Posted Feb 19, 2010
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 890-5 - USN-890-1 fixed vulnerabilities in Expat. This update provides the corresponding updates for XML-RPC for C and C++. Original advisory details: Jukka Taimisto, Tero Rontti and Rauli Kaksonen discovered that Expat did not properly process malformed XML. If a user or application linked against Expat were tricked into opening a crafted XML file, an attacker could cause a denial of service via application crash. It was discovered that Expat did not properly process malformed UTF-8 sequences. If a user or application linked against Expat were tricked into opening a crafted XML file, an attacker could cause a denial of service via application crash.

tags | advisory, denial of service, vulnerability
systems | linux, ubuntu
advisories | CVE-2009-3560, CVE-2009-3720
MD5 | ea98fafb8a2ab1fae538a8fa4fae40e8
Open Source Classifieds 1.1.0 Alpha Cross Site Scripting / SQL Injection
Posted Feb 19, 2010
Authored by Sioma Labs

Open Source Classifieds version 1.1.0 Alpha suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
MD5 | 6ce5bef409461fcc5c50fc32b3a1b57e
Zero Day Initiative Advisory 10-018
Posted Feb 19, 2010
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 10-018 - This vulnerability allows remote attackers to execute remote code on vulnerable installations of IBM Cognos Server. Proper authentication is not required to exploit this vulnerability. The specific flaw exists due to a hidden manager-level account with a default password defined in the user configuration of the bundled Tomcat server. This server can be reached via HTTP on TCP port 19300. A malicious attacker can use this account to manage or deploy a servlet onto the server. By abusing this ability a remote attacker can execute arbitrary code under the context of the user running the Tomcat server.

tags | advisory, remote, web, arbitrary, tcp
MD5 | c9bc3e0116e5dcb19b5d9b6c1bd9066f
Dynamic Message Box Shellcode
Posted Feb 19, 2010
Authored by bmgsec | Site bmgsec.com.au

Dynamic message box shellcode for win32. Supports 95/98/ME/NT/2K/XP/Vista.

tags | shellcode
systems | windows
MD5 | 9fcc63dff940a8758880cb1900157164
Mandriva Linux Security Advisory 2010-041
Posted Feb 19, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-041 - Multiple security vulnerabilities has been identified and fixed Certain malformed SLP messages can trigger a crash because the MSN protocol plugin fails to check that all pieces of the message are set correctly. In a user in a multi-user chat room has a nickname containing ' ' then libpurple ends up having two users with username ' ' in the room, and Finch crashes in this situation. We do not believe there is a possibility of remote code execution. oCERT notified us about a problem in Pidgin, where a large amount of processing time will be used when inserting many smileys into an IM or chat window. This should not cause a crash, but Pidgin can become unusable slow. Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. This update provides pidgin 2.6.6, which is not vulnerable to these issues.

tags | advisory, remote, vulnerability, code execution, protocol
systems | linux, mandriva
advisories | CVE-2010-0277, CVE-2010-0420, CVE-2010-0423
MD5 | 289dea377f2bed1e9c2bbd09dcc9ca36
FileApp 1.7 For iPhone / iPod Remote Denial Of Service
Posted Feb 19, 2010
Authored by Ale46

FileApp version 1.7 for iPhone / iPod remote denial of service exploit.

tags | exploit, remote, denial of service
systems | apple, iphone
MD5 | c0099f631a52cda4c304d5792578c7fd
BugCON 2010 Call For Papers
Posted Feb 19, 2010
Site bugcon.org

The Call For Papers for the 2010 BugCON Security Conference has been announced. It will be held in Mexico City October 27th through the 29th.

tags | paper, conference
MD5 | 76ba9246aa1863e820c8d62e9a20e168
CubeCart SQL Injection
Posted Feb 19, 2010
Authored by AtT4CKxT3rR0r1ST

CubeCart suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | fb74314baf44c6f9b0ffc3fb5150e4f8
Joomla Otzivi Local File Inclusion
Posted Feb 19, 2010
Authored by AtT4CKxT3rR0r1ST

The Joomla Otzivi component suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
MD5 | 88747c4911ed8a92b94b337bbdc7d6dd
Mozilla Firefox Memory Corruption
Posted Feb 19, 2010
Authored by Alin Rad Pop | Site secunia.com

Secunia Research has discovered a vulnerability in Mozilla Firefox, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused by an error when handling out-of-memory conditions. This can be exploited to corrupt memory and execute arbitrary code via a specially crafted web page. Versions prior to 3.0.18 and 3.5.8 are susceptible.

tags | advisory, web, arbitrary
advisories | CVE-2009-1571
MD5 | 1d0df647af1c0f63ee33a82c4812b374
iScanner Malware Identification And Removal Tool 0.3
Posted Feb 19, 2010
Authored by iSecur1ty.org | Site iscanner.isecur1ty.org

iScanner is a free open source tool written in Ruby that lets you detect and remove malicious code from webpages.

tags | tool, scanner, ruby
systems | unix
MD5 | 40cb3380eeebec0f889a8832bf21306e
Joomla! 1.5 Core Design Scriptegrator Local File Inclusion
Posted Feb 19, 2010
Authored by S2 Crew

Core Design Scriptegrator for Joomla! version 1.5 suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
MD5 | 642fd89a47b2e01dc8b13921c03b7847
gitWeb 1.x Remote Command Execution
Posted Feb 19, 2010
Authored by S2 Crew

gitWeb version 1.x suffers from a remote command execution vulnerability.

tags | exploit, remote
advisories | CVE-2008-5516, CVE-2008-5517
MD5 | 997ac2f72aedeb75f24449613ad8096f
Qbik WinGate WWW Proxy Server URL Processing Overflow
Posted Feb 19, 2010
Authored by patrick | Site metasploit.com

This Metasploit module exploits a stack overflow in Qbik WinGate version 6.1.1.1077 and earlier. By sending malformed HTTP POST URL to the HTTP proxy service on port 80, a remote attacker could overflow a buffer and execute arbitrary code.

tags | exploit, remote, web, overflow, arbitrary
advisories | CVE-2006-2926
MD5 | 3fb1ecfa9922d452cf006b2e79743e07
Apache Tomcat Manager Application Deployer Upload and Execute
Posted Feb 19, 2010
Authored by jduck | Site metasploit.com

This Metasploit module can be used to execute a payload on Apache Tomcat servers that have an exposed "manager" application. The payload is uploaded as a WAR archive containing a jsp application using a PUT request. The manager application can also be abused using /manager/html/upload, but that method is not implemented in this module.

tags | exploit
advisories | CVE-2009-3843
MD5 | d73ec93fdbad878f033e319661b1c7c1
Page 1 of 1
Back1Next

File Archive:

May 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    16 Files
  • 2
    May 2nd
    8 Files
  • 3
    May 3rd
    8 Files
  • 4
    May 4th
    2 Files
  • 5
    May 5th
    1 Files
  • 6
    May 6th
    15 Files
  • 7
    May 7th
    22 Files
  • 8
    May 8th
    16 Files
  • 9
    May 9th
    17 Files
  • 10
    May 10th
    16 Files
  • 11
    May 11th
    3 Files
  • 12
    May 12th
    4 Files
  • 13
    May 13th
    25 Files
  • 14
    May 14th
    24 Files
  • 15
    May 15th
    78 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    16 Files
  • 18
    May 18th
    2 Files
  • 19
    May 19th
    1 Files
  • 20
    May 20th
    11 Files
  • 21
    May 21st
    21 Files
  • 22
    May 22nd
    20 Files
  • 23
    May 23rd
    36 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close