exploit the possibilities
Showing 1 - 25 of 31 RSS Feed

Files Date: 2010-02-25

iPhone CSS::Selector Crash Exploit
Posted Feb 25, 2010
Authored by Chase Higgins

iPhone CSS::Selector crash exploit that acts as a web server that sends a malformed long string to the CSS style tag.

tags | exploit, web
systems | apple, iphone
MD5 | e550dbdcd0a7751aca08bcd68528f0e2
EMC HomeBase Server Arbitrary File Upload
Posted Feb 25, 2010
Site emc.com

EMC HomeBase Server contains a vulnerability that may allow an unauthenticated remote user to upload arbitrary files on the affected HomeBase Server. Versions 6.2.x and 6.3.x are affected.

tags | advisory, remote, arbitrary
advisories | CVE-2010-0620
MD5 | c94e1940d368dcf825d56994dc9bfc65
iDEFENSE Security Advisory 2010-02-23.1
Posted Feb 25, 2010
Authored by iDefense Labs, Yorick Koster | Site idefense.com

iDefense Security Advisory 02.23.10 - Remote exploitation of an input validation vulnerability in NOS Microsystems Ltd.'s getPlus Download Manager, as used by Adobe and potentially other vendors, could allow an attacker to execute arbitrary code with the privileges of the current user. The vulnerability exists due to improper validation of the domain used to download and execute applications from. The vulnerable code always assumes that the domain being validated is a subdomain, which can lead to a logic error when comparing the valid domain and the requested domain. iDefense has confirmed the existence of this vulnerability in getPlus version 1.5.2.35 as distributed by Adobe. The Adobe Download Manager on Windows (prior to February 23, 2010) has been confirmed vulnerable by Adobe.

tags | advisory, remote, arbitrary
systems | windows
MD5 | 3858dd8f56afc2be89616b19a3311e24
MIMEDefang Email Scanner 2.68
Posted Feb 25, 2010
Authored by Dianne Skoll | Site mimedefang.org

MIMEDefang is a flexible MIME email scanner designed to protect Windows clients from viruses. Includes the ability to do many other kinds of mail processing, such as replacing parts of messages with URLs. It can alter or delete various parts of a MIME message according to a very flexible configuration file. It can also bounce messages with unacceptable attachments. MIMEDefang works with the Sendmail 8.11 and newer "Milter" API, which makes it more flexible and efficient than procmail-based approaches.

Changes: This is a bugfix and minor cleanup release. It detects Sys::Syslog vs. Unix::Syslog at run-time rather than when running ./configure. It no longer changes Content-Disposition to "inline" by default; it was causing weird bugs with Outlook iCalendar attachments. Various other minor bugfixes and improvements were made.
systems | windows, unix
MD5 | b988d34b7d656fcf007a00c23565ed20
Symantec Products SYMLTCOM.dll Buffer Overflow
Posted Feb 25, 2010
Site vupen.com

VUPEN Vulnerability Research Team discovered a vulnerability in various Symantec security products. The vulnerability is caused by a buffer overflow error in the SYMLTCOM.dll module when processing user-supplied data, which could be exploited by remote attackers to execute arbitrary code by tricking a user into visiting a specially crafted web page on a domain masqueraded as an authorized site.

tags | advisory, remote, web, overflow, arbitrary
advisories | CVE-2010-0107
MD5 | df40fa11e520122e23c1100672594275
Technical Cyber Security Alert 2010-55A
Posted Feb 25, 2010
Authored by US-CERT | Site us-cert.gov

Technical Cyber Security Alert 2010-55A - Malicious activity detected in mid-December targeted at least 20 organizations representing multiple industries including chemical, finance, information technology, and media. Investigation into this activity revealed that third parties routinely accessed the personal email accounts of dozens of users based in the United States, China, and Europe. Further analysis revealed these users were victims of previous phishing scams through which threat actors successfully gained access to their email accounts.

tags | advisory
MD5 | 86574b00afefa67252260df1c529ad3d
JavaPont Local File Inclusion
Posted Feb 25, 2010
Authored by Palyo34

JavaPont suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
MD5 | d5838ca38a5ac4cb4faf2b76da840c00
Joomla HDFlvPlayer SQL Injection
Posted Feb 25, 2010
Authored by kaMtiEz | Site indonesiancoder.com

Joomla HDFlvPlayer component remote SQL injection exploit.

tags | exploit, remote, sql injection
MD5 | db54a94957b9d2e86c03d4953ba3fc64
LiveChatNow SQL Injection
Posted Feb 25, 2010
Authored by Ariko-Security

LiveChatNow suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | db2380e1359e9673e85aca5acc54a409
Kojoney 0.0.4.1 Denial Of Service
Posted Feb 25, 2010
Authored by Nicob

Kojoney versions prior to 0.0.4.2 suffer from a remote denial of service vulnerability.

tags | exploit, remote, denial of service
MD5 | 68d95ad9784f00dae5e84c6d97c15541
Apple Safari 4.0.4 / Google Chrome 4.0.249 Denial Of Service
Posted Feb 25, 2010
Authored by Rad L. Sneak

Apple Safari version 4.0.4 and Google Chrome version 4.0.249 suffer from a stack overflow denial of service vulnerability.

tags | exploit, denial of service, overflow
systems | apple
MD5 | 82269e14fb958d3fb976e425b9e64c59
FTP Brute Forcing Script
Posted Feb 25, 2010
Authored by gunslinger | Site gunslingerc0de.wordpress.com

FTP brute forcing utility written in Python.

tags | tool, scanner, python
systems | unix
MD5 | c7ac9255a07cda21dcaa257e3e5847c4
Assembly Port Binding Code
Posted Feb 25, 2010
Authored by mywisdom

Assembly code that binds to port 12345.

tags | shellcode
MD5 | 953e6a561f0bba7276a67e166c1b1cb7
Avast! 4.8 / 5.0 Kernel Memory Corruption
Posted Feb 25, 2010
Authored by Tobias Klein | Site trapkit.de

Avast! versions 4.8 and 5.0 suffer from a aavmker4.sys kernel memory corruption vulnerability.

tags | advisory, kernel
MD5 | c9b0429e48b63fc58baca33f1db8e134
phpCOIN 1.2.1 SQL Injection
Posted Feb 25, 2010
Authored by Baybora

phpCOIN version 1.2.1 suffers from a remote SQL injection vulnerability in mod.php.

tags | exploit, remote, php, sql injection
MD5 | 8271e8217a1b406cd701aeb40950ce66
Ubuntu Security Notice 903-1
Posted Feb 25, 2010
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 903-1 - OpenOffice suffers from multiple vulnerabilities. It was discovered that the XML HMAC signature system did not correctly check certain lengths. If an attacker sent a truncated HMAC, it could bypass authentication, leading to potential privilege escalation. If a user were tricked into opening a specially crafted image, an attacker could execute arbitrary code with user privileges. Nicolas Joly discovered that OpenOffice did not correctly handle certain Word documents. If a user were tricked into opening a specially crafted document, an attacker could execute arbitrary code with user privileges. It was discovered that OpenOffice did not correctly handle certain VBA macros correctly. If a user were tricked into opening a specially crafted document, an attacker could execute arbitrary macro commands, bypassing security controls.

tags | advisory, arbitrary, vulnerability
systems | linux, ubuntu
advisories | CVE-2009-0217, CVE-2009-2949, CVE-2009-2950, CVE-2009-3301, CVE-2009-3302, CVE-2010-0136
MD5 | ce4ecf7c54524af66c724c8378accd3e
Softbiz Auktios SQL Injection
Posted Feb 25, 2010
Authored by Easy Laster

Softbiz Auktios suffers from multiple remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
MD5 | dd6d566e55ce1f03401d2274cfef0784
Ubuntu Security Notice 904-1
Posted Feb 25, 2010
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 904-1 - It was discovered that Squid incorrectly handled certain malformed packets received on the HTCP port. A remote attacker could exploit this with a specially-crafted packet and cause Squid to crash, resulting in a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2010-0639
MD5 | d3479185c4f49b3f493a9738c7f50ddb
Softbiz Classifieds PLUS SQL Injection
Posted Feb 25, 2010
Authored by Easy Laster

Softbiz Classifieds PLUS suffers from multiple remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
MD5 | 81945e0bc247b90f6b2477662daade38
WikyBlog 1.7.3rc2 XSS / Shell Upload / RFI
Posted Feb 25, 2010
Authored by indoushka

WikyBlog version 1.7.3rc2 suffers from shell upload, cross site scripting, cookie manipulation, session fixation, and remote file inclusion vulnerabilities.

tags | exploit, remote, shell, vulnerability, code execution, xss, file inclusion
MD5 | 3dde7809ab7fd5d926ab77cbf305ac16
Article Friendly Local File Inclusion
Posted Feb 25, 2010
Authored by Pratul Agrawal

Article Friendly suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
MD5 | a3d111ea1b9c0845af7f5b35772ba734
PBBoard 2.0.5 Add Administrator / Shell Upload
Posted Feb 25, 2010
Authored by indoushka

PBBoard version 2.0.5 suffers from add administrator and shell upload vulnerabilities.

tags | exploit, shell, vulnerability, add administrator, file upload
MD5 | e260d5b1aa14649a57add955517ced45
Zero Day Initiative Advisory 10-020
Posted Feb 25, 2010
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 10-020 - This vulnerability allows remote attackers to upload arbitrary files on vulnerable installations of EMC HomeBase Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HomeBase SSL Service due to a failure to sanitize '../' directory traversal modifiers from a parameter. This will allow a user to specify any filename to upload arbitrary contents into. Successful exploitation can result in code execution under the context of the service.

tags | advisory, remote, arbitrary, code execution
advisories | CVE-2010-0620
MD5 | 7a47f532b7bc7be16f1d52ed570df02d
Newbie CMS Insecure Cookie Handling
Posted Feb 25, 2010
Authored by jiko

Newbie CMS suffers from an insecure cookie handling vulnerability.

tags | exploit, insecure cookie handling
MD5 | 18a16902e4af232fa4b30300393edee3
MediaCoder 0.7.3.4605 Local Buffer Overflow
Posted Feb 25, 2010
Authored by fl0 fl0w

MediaCoder version 0.7.3.4605 local buffer overflow exploit with calc.exe and bindshell shellcode.

tags | exploit, overflow, local, shellcode
MD5 | bd212377a0b1b463975331d7928ce0e8
Page 1 of 2
Back12Next

File Archive:

February 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    22 Files
  • 2
    Feb 2nd
    9 Files
  • 3
    Feb 3rd
    2 Files
  • 4
    Feb 4th
    15 Files
  • 5
    Feb 5th
    50 Files
  • 6
    Feb 6th
    24 Files
  • 7
    Feb 7th
    15 Files
  • 8
    Feb 8th
    6 Files
  • 9
    Feb 9th
    1 Files
  • 10
    Feb 10th
    1 Files
  • 11
    Feb 11th
    22 Files
  • 12
    Feb 12th
    25 Files
  • 13
    Feb 13th
    16 Files
  • 14
    Feb 14th
    32 Files
  • 15
    Feb 15th
    15 Files
  • 16
    Feb 16th
    10 Files
  • 17
    Feb 17th
    2 Files
  • 18
    Feb 18th
    27 Files
  • 19
    Feb 19th
    3 Files
  • 20
    Feb 20th
    0 Files
  • 21
    Feb 21st
    0 Files
  • 22
    Feb 22nd
    0 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close