Exploit the possiblities
Showing 1 - 25 of 57 RSS Feed

Files Date: 2010-03-09

Technical Cyber Security Alert 2010-68A
Posted Mar 9, 2010
Authored by US-CERT | Site us-cert.gov

Technical Cyber Security Alert 2010-68A - Microsoft has released updates to address vulnerabilities in Microsoft Windows and Microsoft Office.

tags | advisory, vulnerability
systems | windows
MD5 | 52a06df4c61def449f7f9c9f8bcad8b7
Tor-ramdisk i686 UClibc-based Linux Distribution 20100309
Posted Mar 9, 2010
Authored by Anthony G. Basile | Site opensource.dyc.edu

Tor-ramdisk is an i686 uClibc-based micro Linux distribution whose only purpose is to host a Tor server in an environment that maximizes security and privacy. Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. Security is enhanced by employing a monolithically compiled GRSEC/PAX patched kernel and hardened system tools. Privacy is enhanced by turning off logging at all levels so that even the Tor operator only has access to minimal information. Finally, since everything runs in ephemeral memory, no information survives a reboot, except for the Tor configuration file and the private RSA key which may be exported/imported by FTP.

Changes: Tor was updated to 0.2.1.24 and busybox to 1.15.3. The build scripts now allow the option of creating images with a fully featured busybox for debugging and a minimally configured busybox for production.
tags | tool, kernel, peer2peer
systems | linux
MD5 | 24b38d121c40ba789db06b32c48b1899
Core Security Technologies Advisory 2009.1103
Posted Mar 9, 2010
Authored by Core Security Technologies, Damian Frizza | Site coresecurity.com

Core Security Technologies Advisory - A memory corruption occurs on Microsoft Office Excel 2002 when parsing a .XLS file with a malformed DbOrParamQry record. This vulnerability could be used by a remote attacker to execute arbitrary code in the context of the currently logged on user, by enticing the user to open a specially crafted file.

tags | advisory, remote, arbitrary
advisories | CVE-2010-0264
MD5 | 3b4084cc3bd02ec3abcf8034a1cd52e2
Core Security Technologies Advisory 2009.0813
Posted Mar 9, 2010
Authored by Core Security Technologies, Damian Frizza | Site coresecurity.com

Core Security Technologies Advisory - A vulnerability was found in Windows Movie Maker and Microsoft Producer, which can be triggered by a remote attacker by sending a specially crafted file and enticing the user to open it. This vulnerability results in a write access violation and can lead to remote code execution.

tags | advisory, remote, code execution
systems | windows
advisories | CVE-2010-0265
MD5 | c616fcba3c0a93ba3996a3ca8d8818b9
River CMS 1.0 SQL Injection
Posted Mar 9, 2010
Authored by Pouya Daneshmand

River CMS version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
MD5 | 3f9fd122e2c9c13cf36e4141986c3d46
Mandriva Linux Security Advisory 2010-058
Posted Mar 9, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-058 - Multiple vulnerabilities have been found and corrected in PHP. Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. The updated packages have been patched to correct these issues.

tags | advisory, php, vulnerability
systems | linux, mandriva
MD5 | 07bda32325dbbfc3f66329dadbc38dc9
NUs Newssystem 1.02 SQL Injection
Posted Mar 9, 2010
Authored by n3w7u

NUs Newssystem version 1.02 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 73b85126d9a72c43885fe8f5015285eb
Jevci Siparis Formu Scripti Database Disclosure
Posted Mar 9, 2010
Authored by indoushka

Jevci Siparis Formu Scripti suffers from a remote database disclosure vulnerability.

tags | exploit, remote, info disclosure
MD5 | 8dc51a5f030e969191a583ba8fb34d42
Zero Day Initiative Advisory 10-026
Posted Mar 9, 2010
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 10-026 - This vulnerability allows remote attackers to execute arbitrary commands on vulnerable installations of Hewlett-Packard Performance Insight. Authentication is not required to exploit this vulnerability. The specific flaw exists in the handling of requests to the helpmanager servlet running on the Performance Insight web server. Insufficient input validation and authentication allows for arbitrary JSP pages to be uploaded which can be leveraged to execute arbitrary OS commands. Exploitation of this vulnerability allows an attacker to gain control of the affected system under SYSTEM credentials.

tags | advisory, remote, web, arbitrary
advisories | CVE-2010-0447
MD5 | 7e8b4a4e56efc310c9d29affb2ee9a3f
Mhproducts Kleinanzeigenmarkt SQL Injection
Posted Mar 9, 2010
Authored by Easy Laster

Mhproducts Kleinanzeigenmarkt suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | d9ed3069eabcbca64dc161d3fca09550
Easy~FTP Server v1.7.0.2 CWD Command Buffer Overflow
Posted Mar 9, 2010
Authored by Blake | Site metasploit.com

This Metasploit module exploits a stack overflow in the CWD verb in Easy~FTP Server. You must have valid credentials to trigger this vulnerability.

tags | exploit, overflow
MD5 | d732ec3c57befe33133a22a93ffe3bc9
HP Security Bulletin HPSBMA02489 SSRT090065
Posted Mar 9, 2010
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin - A potential vulnerability has been identified with HP Performance Insight. The vulnerability could be exploited remotely to execute arbitrary commands.

tags | advisory, arbitrary
advisories | CVE-2010-0447
MD5 | d32dd84a89acc0ff85800e4c96e86450
Energizer DUO Trojan Code Execution
Posted Mar 9, 2010
Authored by H D Moore | Site metasploit.com

This Metasploit module will execute an arbitrary payload against any system infected with the Arugizer trojan horse. This backdoor was shipped with the software package accompanying the Energizer Duo USB battery charger.

tags | exploit, arbitrary, trojan
advisories | CVE-2010-0103
MD5 | d6d4fbfd8adf2bc89ff2a66c568d2df7
Orbital Viewer ORB File Parsing Buffer Overflow
Posted Mar 9, 2010
Authored by jduck | Site metasploit.com

This Metasploit module exploits a stack-based buffer overflow in David Manthey's Orbital Viewer. When processing .ORB files, data is read from file into a fixed-size stack buffer using the fscanf function. Since no bounds checking is done, a buffer overflow can occur. Attackers can execute arbitrary code by convincing their victim to open an ORB file.

tags | exploit, overflow, arbitrary
advisories | CVE-2010-0688
MD5 | 5aa02439f41605543223cc94d1459d02
Rsstatic SQL Injection
Posted Mar 9, 2010
Authored by ItSecTeam

Rsstatic suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 36b80b3567abad8055fcf5b5022ef709
Uebimiau Webmail 3.2.0-2.0 Email Disclosure
Posted Mar 9, 2010
Authored by R4vax, Z3r0c0re

Uebimiau Webmail version 3.2.0-2.0 suffers from a remote email disclosure vulnerability.

tags | exploit, remote, info disclosure
MD5 | d8986001128e37ed03e54a8e5d292448
AEF 1.0.8 Cross Site Scripting
Posted Mar 9, 2010
Authored by ItSecTeam

AEF version 1.0.8 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | dc6f4907b92f1b05e661dc65bc490c7b
IBM ENOVIA SmarTeam 5 Cross Site Scripting
Posted Mar 9, 2010
Authored by Yaniv Miron

IBM ENOVIA SmarTeam version 5 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 44229551878fc0a868b16aae04f085eb
WILD CMS SQL Injection
Posted Mar 9, 2010
Authored by Ariko-Security

WILD CMS suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | f1c9b20b4b3deac6cdf7619762dfe050
Eleanor CMS Rc5.1 Cross Site Scripting
Posted Mar 9, 2010
Authored by ItSecTeam

Eleanor CMS version Rc5.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | c2139058f58f69cd7a9b7bf522bd98c7
DDL CMS 2.1 Cross Site Scripting
Posted Mar 9, 2010
Authored by ItSecTeam

DDL CMS version 2.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | cee3294fc74b0d4bcf91e8420e6bdd73
Zero Day Initiative Advisory 10-025
Posted Mar 9, 2010
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 10-025 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office Excel. User interaction is required to exploit this vulnerability in that the target must open a malicious file. The specific flaw exists in the decompression of XLSX files. The XLSX file is a ZIP archive of the associated content making up the new Open XML Document. Due to the lack of validation on the ZIP header when decompressing certain XML elements it is possible to execute uninitialized memory. Successful exploitation can lead to remote code execution under the credentials of the currently logged in user.

tags | advisory, remote, arbitrary, code execution
advisories | CVE-2010-0263
MD5 | 345ea63cd930dcb5de4c5273d9c5df54
Joomla HezaContent 1.0 SQL Injection
Posted Mar 9, 2010
Authored by kaMtiEz | Site indonesiancoder.com

The Joomla HezaContent component version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | cdfd8d9c658a9c60e80a698c934e4686
Reverberation UDP Echo Denial Of Service Tool
Posted Mar 9, 2010
Authored by l0om | Site excluded.org

Reverberation is a proof of concept denial of service tool that makes use of UDP echo servers.

tags | denial of service, udp, proof of concept
MD5 | 417ff5e37e88d914eff7eebf43090a98
Introduction To Win32 Shellcoding
Posted Mar 9, 2010
Authored by Peter Van Eeckhoutte | Site corelan.be

Introduction to Win32 shellcoding. Part 9 in a series of tutorials.

tags | paper, shellcode
systems | windows
MD5 | 0cfd5684dce9ff3d1884fa8bc3f5c4a1
Page 1 of 3
Back123Next

File Archive:

November 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    22 Files
  • 2
    Nov 2nd
    28 Files
  • 3
    Nov 3rd
    10 Files
  • 4
    Nov 4th
    1 Files
  • 5
    Nov 5th
    5 Files
  • 6
    Nov 6th
    15 Files
  • 7
    Nov 7th
    15 Files
  • 8
    Nov 8th
    13 Files
  • 9
    Nov 9th
    9 Files
  • 10
    Nov 10th
    9 Files
  • 11
    Nov 11th
    3 Files
  • 12
    Nov 12th
    2 Files
  • 13
    Nov 13th
    15 Files
  • 14
    Nov 14th
    17 Files
  • 15
    Nov 15th
    19 Files
  • 16
    Nov 16th
    15 Files
  • 17
    Nov 17th
    12 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close