what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 33 RSS Feed

Files Date: 2010-04-07

Plume CMS 1.2.4 Local File Inclusion
Posted Apr 7, 2010
Authored by eidelweiss

Plume CMS version 1.2.4 suffers from multiple local file inclusion vulnerabilities. This issue has been known for years and they have ignored fixing it.

tags | exploit, local, vulnerability, file inclusion
SHA-256 | 4857423c27d17b04ffc644cfa5a5eae002cdd19c06011bbba75b3adc579028f5
MKPortal Metric Cross Site Scripting
Posted Apr 7, 2010
Authored by Inj3ct0r

The MKPortal Metric suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 4a48a5a2effda08f7b79e0b11755542a2eb3e073156ea44c5bc52548c1c8ac0d
Local Glibc Shared Library Exploit
Posted Apr 7, 2010
Authored by Rh0

Local Glibc shared library .so exploit that leverages browser plugin functionality.

tags | exploit, local
SHA-256 | c5f4308d0b70205197c47e067b799154236efc1c9820daf5d26e2a3e7ba94ba3
Anyzip 1.1 Denial Of Service
Posted Apr 7, 2010
Authored by ItSecTeam

Anyzip version 1.1 local denial of service proof of concept exploit that creates a malicious .zip file.

tags | exploit, denial of service, overflow, local, proof of concept
SHA-256 | 251e6f7377e25bb21260920e78c3af4d5d4ed1b755e8b4266b440239b61f0eb6
Joomla VJDEO 1.0 Local File Inclusion
Posted Apr 7, 2010
Authored by Angela Zhang

The Joomla VJDEO component version 1.0 suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
SHA-256 | 420e8719832043a7367dc13690b6d62fca0f0f2ccaf841f9ff550f3173adaf99
Joomla aWiki Local File Inclusion
Posted Apr 7, 2010
Authored by Angela Zhang

The Joomla aWiki component suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
SHA-256 | e232472b384ebfa71634934cfdaf3ae0673ce1f6caf10f6ac2b5abe89329cee6
Espinas CMS SQL Injection
Posted Apr 7, 2010
Authored by Pouya Daneshmand

Espinas CMS suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | de55827e9e2ec2583cde39eb8515f9aea5b52b3b90caa4cbf8ad1ad07d3d03dd
Ubuntu Security Notice 924-1
Posted Apr 7, 2010
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 924-1 - Sol Jerome discovered that the Kerberos kadmind service did not correctly free memory. An unauthenticated remote attacker could send specially crafted traffic to crash the kadmind process, leading to a denial of service. It was discovered that Kerberos did not correctly free memory in the GSSAPI library. If a remote attacker were able to manipulate an application using GSSAPI carefully, the service could crash, leading to a denial of service. It was discovered that Kerberos did not correctly free memory in the GSSAPI and kdb libraries. If a remote attacker were able to manipulate an application using these libraries carefully, the service could crash, leading to a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2007-5901, CVE-2007-5902, CVE-2007-5971, CVE-2007-5972, CVE-2010-0629, CVE-2007-5971
SHA-256 | bc9bb711c2b8a35f6d930697ac516ed74fe77679f83777bc8331d5e84ba5e977
Ubuntu Security Notice 923-1
Posted Apr 7, 2010
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 923-1 - Marsh Ray and Steve Dispensa discovered a flaw in the TLS and SSLv3 protocols. It was discovered that Loader-constraint table, Policy/PolicyFile, Inflater/Deflater, drag/drop access, and deserialization did not correctly handle certain sensitive objects. It was discovered that AtomicReferenceArray, System.arraycopy, InetAddress, and HashAttributeSet did not correctly handle certain situations. It was discovered that Pack200, CMM readMabCurveData, ImagingLib, and the AWT library did not correctly check buffer lengths. It was discovered that applets did not correctly handle certain trust chains.

tags | advisory, protocol
systems | linux, ubuntu
advisories | CVE-2009-3555, CVE-2010-0082, CVE-2010-0084, CVE-2010-0085, CVE-2010-0088, CVE-2010-0091, CVE-2010-0092, CVE-2010-0093, CVE-2010-0094, CVE-2010-0095, CVE-2010-0837, CVE-2010-0838, CVE-2010-0840, CVE-2010-0845, CVE-2010-0847, CVE-2010-0848, CVE-2010-0085, CVE-2010-0088
SHA-256 | 22c90697e16817e2daab1966ffe9b59158f346973efe7a6f4a6e823cfa269073
Internet Explorer Tabular Data Control ActiveX Memory Corruption
Posted Apr 7, 2010
Authored by anonymous | Site metasploit.com

This Metasploit module exploits a memory corruption vulnerability in the Internet Explorer Tabular Data ActiveX Control. Microsoft reports that version 5.01 and 6 of Internet Explorer are vulnerable. By specifying a long value as the "DataURL" parameter to this control, it is possible to write a NUL byte outside the bounds of an array. By targeting control flow data on the stack, an attacker can execute arbitrary code.

tags | exploit, arbitrary, activex
advisories | CVE-2010-0805
SHA-256 | f289814b228dcb38a6cb14ec1a0f1b164ee34f9990d3cdfec8eb912f49211937
Stunnel SSL Wrapper 4.33
Posted Apr 7, 2010
Authored by Michal Trojnara | Site stunnel.org

Stunnel is a program that allows you to encrypt arbitrary TCP connections inside SSL (Secure Sockets Layer) available on both Unix and Windows. Stunnel can allow you to secure non-SSL aware daemons and protocols (like POP, IMAP, NNTP, LDAP, etc) by having Stunnel provide the encryption, requiring no changes to the daemon's code.

Changes: Win32 DLLs were updated to OpenSSL 1.0.0 and zlib 1.2.4. Experimental support was added for local mode on the Win32 platform. Inetd mode was fixed.
tags | arbitrary, encryption, tcp, imap, protocol
systems | windows, unix
SHA-256 | 240763140000dea6ab76b30f5f5571a8ef4d22ba0712176a9c31c221bb9a48fc
Tor-ramdisk i686 UClibc-based Linux Distribution 20100405
Posted Apr 7, 2010
Authored by Anthony G. Basile | Site opensource.dyc.edu

Tor-ramdisk is an i686 uClibc-based micro Linux distribution whose only purpose is to host a Tor server in an environment that maximizes security and privacy. Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. Security is enhanced by employing a monolithically compiled GRSEC/PAX patched kernel and hardened system tools. Privacy is enhanced by turning off logging at all levels so that even the Tor operator only has access to minimal information. Finally, since everything runs in ephemeral memory, no information survives a reboot, except for the Tor configuration file and the private RSA key which may be exported/imported by FTP.

Changes: Tor was updated to the latest stable version 0.2.1.25. Only for the MIPS port was the kernel updated to 2.6.32.9 to extend support for the Mikrotik RB433AH, RB433UAH, and RB450G boards.
tags | tool, kernel, peer2peer
systems | linux
SHA-256 | 367e72eb8bd8b5eb0b4ad0a3142aae310c7cfc312c288b999d7e2478f868957a
Nessus XMLRPC Perl Interface 0.20
Posted Apr 7, 2010
Authored by kost

Net::Nessus::XMLRPC is Perl interface for communication with the Nessus scanner over XMLRPC. It lets you start, stop, pause, and resume scans. It can display the progress and status of scans, download reports, etc.

Changes: This release adds functions/methods for handling of users (adding, deleting, listing, and changing passwords).
tags | tool, scanner, perl
systems | unix
SHA-256 | 6dcf2abb958c424a69a56523daeec1fd0661b4b65ac7bcc7874067f594a840cd
Mandriva Linux Security Advisory 2010-069
Posted Apr 7, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-069 - The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS) 3.12.4 and earlier, and other products, does not properly associate renegotiation handshakes with an existing connection, which allows man-in-the-middle attackers to insert data into HTTPS sessions, and possibly other types of sessions protected by TLS or SSL, by sending an unauthenticated request that is processed retroactively by a server in a post-renegotiation context, related to a plaintext injection attack, aka the Project Mogul issue. Additionally the NSPR package has been upgraded to 4.8.4 that brings numerous upstream fixes. Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. This update provides the latest versions of NSS and NSPR libraries and for which NSS is not vulnerable to this attack.

tags | advisory, web, protocol
systems | linux, mandriva
advisories | CVE-2009-3555
SHA-256 | aa953ea3c23dba725529e659e1f760619dbc33dfa46ce94e032b05ccb95afe08
kadmind Denial Of Service
Posted Apr 7, 2010
Site web.mit.edu

MIT krb5 Security Advisory 2010-003 - In previous MIT krb5 releases krb5-1.5 through krb5-1.6.3, the Kerberos administration daemon (kadmind) can crash due to referencing freed memory. A legitimate user can trigger this crash by using a newer version of the kadmin protocol than the server supports.

tags | advisory, protocol
advisories | CVE-2010-0629
SHA-256 | 52f15147f99a8b73ce1c76f66321a7b8f7baa3149d7fbbd12a0453ca1dd44b10
Zero Day Initiative Advisory 10-067
Posted Apr 7, 2010
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 10-067 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the primary QuickTime.qts library when parsing the BkPixPat opcode (0x12) within a PICT file. The application will use 2 fields within the file in a multiply which is then passed as an argument to an allocation. As both operands in the multiply are user-controllable, specific values can cause an under allocation which will later result in a heap overflow. Successful exploitation can lead to code execution under the context of the current user.

tags | advisory, remote, overflow, arbitrary, code execution
systems | apple
advisories | CVE-2010-0529
SHA-256 | f6e0260d36874d1910d85eb36965e1e1bb3c9326a528574dba673de6cdd14f39
Zero Day Initiative Advisory 10-066
Posted Apr 7, 2010
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 10-066 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Computer Associates XOsoft Control Replication and High Availability Control Service. Authentication is not required to exploit this vulnerability. The specific flaw exists within the /entry_point.aspx service and occurs due to an unbounded string copy utilizing a string controlled by the user as the source into a fixed length buffer located on the stack. Successful exploitation can lead to code execution under the context of the service.

tags | advisory, remote, arbitrary, code execution
advisories | CVE-2010-1223
SHA-256 | b312b92fd65e05573df0f64fce5a0025483f93db7e1bb65b59bbd3600014db5d
Zero Day Initiative Advisory 10-065
Posted Apr 7, 2010
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 10-065 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Computer Associates XOsoft Control Replication and High Availability Control Service. Authentication is not required to exploit this vulnerability. The specific flaws exist within the /ws_man/xosoapapi.asmx SOAP endpoint and occur when submitting malformed requests to the server. Successful exploitation can lead to code execution under the context of the service.

tags | advisory, remote, arbitrary, code execution
advisories | CVE-2010-1223
SHA-256 | d85dc0e66b2ace0f3a00e16efb1749d56f1de84b6c2e0f35779b87f0d6c76ba9
Security Notice For CA XOsoft
Posted Apr 7, 2010
Authored by Kevin Kotas | Site www3.ca.com

CA's support is alerting customers to multiple security risks with CA XOsoft products. Multiple vulnerabilities exist that can allow a remote attacker to gain sensitive information, cause a denial of service, or possibly execute arbitrary code. CA has issued patches to address the vulnerabilities.

tags | advisory, remote, denial of service, arbitrary, vulnerability
advisories | CVE-2010-1221, CVE-2010-1222, CVE-2010-1223
SHA-256 | 4f0ccb63614eae015dcca644dfed7c789226834eac0663d29fecd6799c65fd53
GarageSales Remote Shell Upload
Posted Apr 7, 2010
Authored by saidinh0

GarageSales suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
SHA-256 | bf840a495c50a9cf3cdb93d1f6184188ad17616d309be598440492a7328d3cf2
McAfee Email Gateway Privilege Escalation
Posted Apr 7, 2010
Authored by Nahuel Grisolia | Site cybsec.com

CYBSEC Security Advisory - The McAfee Email Gateway suffers from a privilege escalation vulnerability.

tags | exploit
SHA-256 | f4c786cf31412ec33ee8d4c4ab7dc4658486398b70e358e233f1576928ae0dd7
McAfee Email Gateway Information Disclosure
Posted Apr 7, 2010
Authored by Nahuel Grisolia | Site cybsec.com

CYBSEC Security Advisory - The McAfee Email Gateway suffers from an information disclosure vulnerability.

tags | exploit, info disclosure
SHA-256 | 86d26114cf4646342a17e137d952f8bc35258d0bb9d555267865dd729eab939e
MKPortal Lenta Cross Site Scripting
Posted Apr 7, 2010
Authored by Inj3ct0r

The MKPortal Lenta module suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 9558bb52e3e94bea80cd205fe95d5c57859d2277fa4309327391ddef63cecce0
ShopSystem SQL Injection
Posted Apr 7, 2010
Authored by Valentin Hoebel

ShopSystem suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | d143be262b571557ce6c090b1f7444279bb8527d5b056cae63333c4ea5938243
Core Security Technologies Advisory 2010.0323
Posted Apr 7, 2010
Authored by Core Security Technologies | Site coresecurity.com

Core Security Technologies Advisory - A cross site scripting vulnerability has been discovered in the NextGEN Gallery Wordpress plugin.

tags | exploit, xss
SHA-256 | c51f25002c6d814c1a3f04ebc9e036661057e0f14ccfd3859e18aa1db4234c3b
Page 1 of 2
Back12Next

File Archive:

December 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    0 Files
  • 2
    Dec 2nd
    41 Files
  • 3
    Dec 3rd
    25 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close