exploit the possibilities
Showing 1 - 25 of 39 RSS Feed

Files Date: 2010-03-01

Zero Day Initiative Advisory 10-023
Posted Mar 1, 2010
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 10-023 - This vulnerability allows attackers to execute arbitrary code on vulnerable installations of both IBM Informix Dynamic Server and EMC Legato Networker. User interaction is not required to exploit this vulnerability. The specific flaw exists within the RPC protocol parsing library, librpc.dll, utilized by the ISM Portmapper service (portmap.exe) bound by default to TCP port 36890. During authentication, a lack of a proper signedness check on a supplied parameter size can result in exploitable stack based buffer overflow leading to arbitrary code execution under the context of the SYSTEM user.

tags | advisory, overflow, arbitrary, tcp, code execution, protocol
advisories | CVE-2009-2754
MD5 | bfe5991f25e572c54d036c3558654afb
Zero Day Initiative Advisory 10-022
Posted Mar 1, 2010
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 10-022 - This vulnerability allows attackers to execute arbitrary code on vulnerable installations of both IBM Informix Dynamic Server and EMC Legato Networker. User interaction is not required to exploit this vulnerability. The specific flaws exist within the RPC protocol parsing library, librpc.dll, utilized by the ISM Portmapper service (portmap.exe) bound by default to TCP port 36890. During authentication, a lack of proper sanity checking on supplied parameter sizes can result in exploitable stack and heap based buffer overflows leading to arbitrary code execution under the context of the SYSTEM user.

tags | advisory, overflow, arbitrary, tcp, code execution, protocol
advisories | CVE-2009-2753
MD5 | 4f1940f7c958b1b4c493bc34e7b08225
Mandriva Linux Security Advisory 2010-052
Posted Mar 1, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-052 - sudo 1.6.x before 1.6.9p21, when the runas_default option is used, does not properly set group memberships, which allows local users to gain privileges via a sudo command. The updated packages have been patched to correct this issue.

tags | advisory, local
systems | linux, mandriva
advisories | CVE-2010-0427
MD5 | 5771b261d5cf844262338f82154f65d2
CMS By MyWorks SQL Injection / Cross Site Scripting
Posted Mar 1, 2010
Authored by Palyo34

CMS By MyWorks suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
MD5 | 1c1779ec365dbb80afcd1ca7ffa22d2c
A Practical Attack To De-Anonymize Social Network Users
Posted Mar 1, 2010
Authored by Thorsten Holz, Engin Kirda, Christopher Kruegel, Gilbert Wondracek

Whitepaper called A Practical Attack to De-Anonymize Social Network Users.

tags | paper
MD5 | 9b9fdebc922d5057c3271a50176f09d0
EC2ND 2010 Call For Papers
Posted Mar 1, 2010
Site 2010.ec2nd.org

Call For Papers for EC2ND - The sixth European Conference on Computer Network Defense (EC2ND) will be held at the Faculty of Electrical Engineering and Computer Science at Berlin Institute of Technology (TU Berlin). The conference brings together researchers from academia and industry within Europe and beyond to present and discuss current topics in applied network and systems security. It will occur from October 28th through the 29th, 2010 in Berlin, Germany.

tags | paper, conference
MD5 | 9d76768f1163198e9d61bf27062851a5
phpTroubleTicket 2.0 SQL Injection
Posted Mar 1, 2010
Authored by kaMtiEz | Site indonesiancoder.com

phpTroubleTicket version 2.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 3261fcd2c108956f2d2696414775aa2d
CONFidence 2010 Call For Practitioners
Posted Mar 1, 2010
Site 2010.confidence.org.pl

CONFidence 2010 Call For Papers - This conference will take place from May 25th through the 26th, 2010 in Krakow, Poland.

tags | paper, conference
MD5 | 2f0326525ef4d3f5c4d4ea5b19f3b8c0
RCA DCM425 Cable Modem Denial Of Service
Posted Mar 1, 2010
Authored by ad0nis

RCA DCM425 Cable Modem micro_httpd denial of service proof of concept exploit.

tags | exploit, denial of service, proof of concept
MD5 | b0a2e26ffd898f565221db867068908c
Debian Linux Security Advisory 2005-1
Posted Mar 1, 2010
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2005-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service, sensitive memory leak or privilege escalation. Note that this advisory says DSA-2004-1 but it is actually DSA-2005-1.

tags | advisory, denial of service, kernel, vulnerability, memory leak
systems | linux, debian
advisories | CVE-2009-2691, CVE-2009-2695, CVE-2009-3080, CVE-2009-3726, CVE-2009-3889, CVE-2009-4005, CVE-2009-4020, CVE-2009-4021, CVE-2009-4138, CVE-2009-4308, CVE-2009-4536, CVE-2009-4538, CVE-2010-0003, CVE-2010-0007, CVE-2010-0291, CVE-2010-0410, CVE-2010-0415, CVE-2010-0622
MD5 | 6df548355a759babe2620aa7553824b3
Microsoft Windows XP SP3 Calc.exe Shellcode
Posted Mar 1, 2010
Authored by Hazem Mofeed

37 bytes small Microsoft Windows XP Home Edition SP3 English calc.exe shellcode.

tags | shellcode
systems | windows, xp
MD5 | de2f65c1d17d25d980fe2e73cbcce997
Internet Exploiter II 3.0 With DEP Bypass
Posted Mar 1, 2010
Authored by SkyLined

Internet Exploiter II version 3.0 DHTML memory corruption proof of concept exploit that bypasses DEP.

tags | exploit, proof of concept
MD5 | 58372761a020366efaad41e73953345e
Debian Linux Security Advisory 2004-1
Posted Mar 1, 2010
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2004-1 - Two local vulnerabilities have been discovered in samba, a SMB/CIFS file, print, and login server for Unix.

tags | advisory, local, vulnerability
systems | linux, unix, debian
advisories | CVE-2009-3297, CVE-2010-0547
MD5 | 391456ff30c5353ccb3cf6e4dfc9ad13
Oracle Siebel 7.x CRM Cross Site Scripting
Posted Mar 1, 2010
Authored by Yaniv Miron

Oracle Siebel CRM version 7.x suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 211348ee4c67e61f8bf60833d1cbc6bd
Easy FTP Server 1.7.0.2 Return Overwrite Exploit
Posted Mar 1, 2010
Authored by Paul Makowski

Easy FTP Server version 1.7.0.2 remote buffer overflow RET overwrite exploit.

tags | exploit, remote, overflow
MD5 | 111f85a6272b2f258ebd96ad8e47cca7
iPhone / iTouch FTPDisc 1.0 Buffer Overflow
Posted Mar 1, 2010
Authored by Alberto Ortega | Site pentbox.net

iPhone / iTouch FTPDisc version 1.0 3 exploits-in-one buffer overflow denial of service exploit.

tags | exploit, denial of service, overflow
systems | apple, iphone
MD5 | 0db78b45ab6408bc49513babfa992874
Packet Storm New Exploits For February, 2010
Posted Mar 1, 2010
Authored by Todd J. | Site packetstormsecurity.com

This archive contains all of the 396 exploits added to Packet Storm in February, 2010.

tags | exploit
MD5 | 8ca09222db4fc42bca2fc18b7ef8af84
Uiga Church Portal SQL Injection
Posted Mar 1, 2010
Authored by Easy Laster

Uiga Church Portal suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 13aa22e3ddf64b9844a11a1d8cbce79c
Mandriva Linux Security Advisory 2010-051
Posted Mar 1, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-051 - Security researcher Alin Rad Pop of Secunia Research reported that the HTML parser incorrectly freed used memory when insufficient space was available to process remaining input. Under such circumstances, memory occupied by in-use objects was freed and could later be filled with attacker-controlled text. These conditions could result in the execution or arbitrary code if methods on the freed objects were subsequently called. Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. The updated packages have been patched to correct this issue.

tags | advisory, arbitrary
systems | linux, mandriva
advisories | CVE-2009-1571
MD5 | 52c29b36b535a4e076f4d244b53c6d8c
Secunia Security Advisory 38727
Posted Mar 1, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Maurycy Prodeus has discovered a vulnerability in Microsoft Windows, which can be exploited by malicious people to compromise a user's system.

tags | advisory
systems | windows
MD5 | 17ea4c22af74cb62e1260217f67f7b8d
Secunia Security Advisory 38756
Posted Mar 1, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been discovered in Uiga FanClub, which can be exploited by malicious people to conduct SQL injection and cross-site scripting attacks.

tags | advisory, vulnerability, xss, sql injection
MD5 | e491cb7e893efe18193ab78e6694cf8d
Secunia Security Advisory 38768
Posted Mar 1, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in Pre Classified Listings ASP, which can be exploited by malicious people to conduct script insertion and SQL injection attacks.

tags | advisory, vulnerability, sql injection, asp
MD5 | 0be78e6e390107b4bb3d4b28c08825fc
Secunia Security Advisory 38810
Posted Mar 1, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for linux-2.6.24. This fixes some security issues and vulnerabilities, which can be exploited by malicious, local users to bypass certain security restrictions, cause a DoS (Denial of Service), disclose potentially sensitive information, and gain escalated privileges, and by malicious people to cause a DoS.

tags | advisory, denial of service, local, vulnerability
systems | linux, debian
MD5 | 4f78fd153d21cdb58ab2f643307b1d3d
Secunia Security Advisory 38771
Posted Mar 1, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in ScriptsFeed Business Directory Software, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, vulnerability, sql injection
MD5 | f9e5e7392f7895c5bb9cde8c0df9ff95
Secunia Security Advisory 38767
Posted Mar 1, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in ScriptsFeed Dating Software, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, vulnerability, sql injection
MD5 | 714c7dad66739b5d1b9a8991c10a3ca8
Page 1 of 2
Back12Next

File Archive:

August 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    10 Files
  • 2
    Aug 2nd
    8 Files
  • 3
    Aug 3rd
    2 Files
  • 4
    Aug 4th
    1 Files
  • 5
    Aug 5th
    15 Files
  • 6
    Aug 6th
    79 Files
  • 7
    Aug 7th
    16 Files
  • 8
    Aug 8th
    11 Files
  • 9
    Aug 9th
    10 Files
  • 10
    Aug 10th
    0 Files
  • 11
    Aug 11th
    6 Files
  • 12
    Aug 12th
    26 Files
  • 13
    Aug 13th
    15 Files
  • 14
    Aug 14th
    19 Files
  • 15
    Aug 15th
    52 Files
  • 16
    Aug 16th
    11 Files
  • 17
    Aug 17th
    1 Files
  • 18
    Aug 18th
    2 Files
  • 19
    Aug 19th
    18 Files
  • 20
    Aug 20th
    19 Files
  • 21
    Aug 21st
    17 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close