exploit the possibilities
Showing 1 - 25 of 33 RSS Feed

Files Date: 2010-04-07

Plume CMS 1.2.4 Local File Inclusion
Posted Apr 7, 2010
Authored by eidelweiss

Plume CMS version 1.2.4 suffers from multiple local file inclusion vulnerabilities. This issue has been known for years and they have ignored fixing it.

tags | exploit, local, vulnerability, file inclusion
MD5 | 4561670eabcefa740893f75f52d30e50
MKPortal Metric Cross Site Scripting
Posted Apr 7, 2010
Authored by Inj3ct0r

The MKPortal Metric suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | ce5c914a94879a51653cde9544d3169c
Local Glibc Shared Library Exploit
Posted Apr 7, 2010
Authored by Rh0

Local Glibc shared library .so exploit that leverages browser plugin functionality.

tags | exploit, local
MD5 | 327860caae0b76edc85a83ea8249f317
Anyzip 1.1 Denial Of Service
Posted Apr 7, 2010
Authored by ItSecTeam

Anyzip version 1.1 local denial of service proof of concept exploit that creates a malicious .zip file.

tags | exploit, denial of service, overflow, local, proof of concept
MD5 | 905fccbf0b4dbc611c7e71fa9edbc39a
Joomla VJDEO 1.0 Local File Inclusion
Posted Apr 7, 2010
Authored by Angela Zhang

The Joomla VJDEO component version 1.0 suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
MD5 | 45887fe7fb17e36947a4c65a1e3f42c1
Joomla aWiki Local File Inclusion
Posted Apr 7, 2010
Authored by Angela Zhang

The Joomla aWiki component suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
MD5 | b3c79af317437f090ae7679cd373ea90
Espinas CMS SQL Injection
Posted Apr 7, 2010
Authored by Pouya Daneshmand

Espinas CMS suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | f880a2a4fbd940230e5b6e329ffb83d9
Ubuntu Security Notice 924-1
Posted Apr 7, 2010
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 924-1 - Sol Jerome discovered that the Kerberos kadmind service did not correctly free memory. An unauthenticated remote attacker could send specially crafted traffic to crash the kadmind process, leading to a denial of service. It was discovered that Kerberos did not correctly free memory in the GSSAPI library. If a remote attacker were able to manipulate an application using GSSAPI carefully, the service could crash, leading to a denial of service. It was discovered that Kerberos did not correctly free memory in the GSSAPI and kdb libraries. If a remote attacker were able to manipulate an application using these libraries carefully, the service could crash, leading to a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2007-5901, CVE-2007-5902, CVE-2007-5971, CVE-2007-5972, CVE-2010-0629, CVE-2007-5971
MD5 | 9c6a14858d8504201af9388993d6a572
Ubuntu Security Notice 923-1
Posted Apr 7, 2010
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 923-1 - Marsh Ray and Steve Dispensa discovered a flaw in the TLS and SSLv3 protocols. It was discovered that Loader-constraint table, Policy/PolicyFile, Inflater/Deflater, drag/drop access, and deserialization did not correctly handle certain sensitive objects. It was discovered that AtomicReferenceArray, System.arraycopy, InetAddress, and HashAttributeSet did not correctly handle certain situations. It was discovered that Pack200, CMM readMabCurveData, ImagingLib, and the AWT library did not correctly check buffer lengths. It was discovered that applets did not correctly handle certain trust chains.

tags | advisory, protocol
systems | linux, ubuntu
advisories | CVE-2009-3555, CVE-2010-0082, CVE-2010-0084, CVE-2010-0085, CVE-2010-0088, CVE-2010-0091, CVE-2010-0092, CVE-2010-0093, CVE-2010-0094, CVE-2010-0095, CVE-2010-0837, CVE-2010-0838, CVE-2010-0840, CVE-2010-0845, CVE-2010-0847, CVE-2010-0848, CVE-2010-0085, CVE-2010-0088
MD5 | a02b84d8b14dd624b758c944014e60df
Internet Explorer Tabular Data Control ActiveX Memory Corruption
Posted Apr 7, 2010
Authored by anonymous | Site metasploit.com

This Metasploit module exploits a memory corruption vulnerability in the Internet Explorer Tabular Data ActiveX Control. Microsoft reports that version 5.01 and 6 of Internet Explorer are vulnerable. By specifying a long value as the "DataURL" parameter to this control, it is possible to write a NUL byte outside the bounds of an array. By targeting control flow data on the stack, an attacker can execute arbitrary code.

tags | exploit, arbitrary, activex
advisories | CVE-2010-0805
MD5 | 2e9bd9ce20838396b564cc155722af3e
Stunnel SSL Wrapper 4.33
Posted Apr 7, 2010
Authored by Michal Trojnara | Site stunnel.org

Stunnel is a program that allows you to encrypt arbitrary TCP connections inside SSL (Secure Sockets Layer) available on both Unix and Windows. Stunnel can allow you to secure non-SSL aware daemons and protocols (like POP, IMAP, NNTP, LDAP, etc) by having Stunnel provide the encryption, requiring no changes to the daemon's code.

Changes: Win32 DLLs were updated to OpenSSL 1.0.0 and zlib 1.2.4. Experimental support was added for local mode on the Win32 platform. Inetd mode was fixed.
tags | arbitrary, encryption, tcp, imap, protocol
systems | windows, unix
MD5 | 559a864066d8cc4afd8a97682c90d41c
Tor-ramdisk i686 UClibc-based Linux Distribution 20100405
Posted Apr 7, 2010
Authored by Anthony G. Basile | Site opensource.dyc.edu

Tor-ramdisk is an i686 uClibc-based micro Linux distribution whose only purpose is to host a Tor server in an environment that maximizes security and privacy. Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. Security is enhanced by employing a monolithically compiled GRSEC/PAX patched kernel and hardened system tools. Privacy is enhanced by turning off logging at all levels so that even the Tor operator only has access to minimal information. Finally, since everything runs in ephemeral memory, no information survives a reboot, except for the Tor configuration file and the private RSA key which may be exported/imported by FTP.

Changes: Tor was updated to the latest stable version 0.2.1.25. Only for the MIPS port was the kernel updated to 2.6.32.9 to extend support for the Mikrotik RB433AH, RB433UAH, and RB450G boards.
tags | tool, kernel, peer2peer
systems | linux
MD5 | 51b7ab588928c908f8ce53e212682852
Nessus XMLRPC Perl Interface 0.20
Posted Apr 7, 2010
Authored by kost

Net::Nessus::XMLRPC is Perl interface for communication with the Nessus scanner over XMLRPC. It lets you start, stop, pause, and resume scans. It can display the progress and status of scans, download reports, etc.

Changes: This release adds functions/methods for handling of users (adding, deleting, listing, and changing passwords).
tags | tool, scanner, perl
systems | unix
MD5 | 96841b6b2200a2af1c1751e638771518
Mandriva Linux Security Advisory 2010-069
Posted Apr 7, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-069 - The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS) 3.12.4 and earlier, and other products, does not properly associate renegotiation handshakes with an existing connection, which allows man-in-the-middle attackers to insert data into HTTPS sessions, and possibly other types of sessions protected by TLS or SSL, by sending an unauthenticated request that is processed retroactively by a server in a post-renegotiation context, related to a plaintext injection attack, aka the Project Mogul issue. Additionally the NSPR package has been upgraded to 4.8.4 that brings numerous upstream fixes. Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. This update provides the latest versions of NSS and NSPR libraries and for which NSS is not vulnerable to this attack.

tags | advisory, web, protocol
systems | linux, mandriva
advisories | CVE-2009-3555
MD5 | 019501974c03af98ab046aab099da195
kadmind Denial Of Service
Posted Apr 7, 2010
Site web.mit.edu

MIT krb5 Security Advisory 2010-003 - In previous MIT krb5 releases krb5-1.5 through krb5-1.6.3, the Kerberos administration daemon (kadmind) can crash due to referencing freed memory. A legitimate user can trigger this crash by using a newer version of the kadmin protocol than the server supports.

tags | advisory, protocol
advisories | CVE-2010-0629
MD5 | 0a671d71b02501e285ea4abda1ef1f22
Zero Day Initiative Advisory 10-067
Posted Apr 7, 2010
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 10-067 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the primary QuickTime.qts library when parsing the BkPixPat opcode (0x12) within a PICT file. The application will use 2 fields within the file in a multiply which is then passed as an argument to an allocation. As both operands in the multiply are user-controllable, specific values can cause an under allocation which will later result in a heap overflow. Successful exploitation can lead to code execution under the context of the current user.

tags | advisory, remote, overflow, arbitrary, code execution
systems | apple
advisories | CVE-2010-0529
MD5 | b7fb33bbe279978ab23ddfc921229b98
Zero Day Initiative Advisory 10-066
Posted Apr 7, 2010
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 10-066 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Computer Associates XOsoft Control Replication and High Availability Control Service. Authentication is not required to exploit this vulnerability. The specific flaw exists within the /entry_point.aspx service and occurs due to an unbounded string copy utilizing a string controlled by the user as the source into a fixed length buffer located on the stack. Successful exploitation can lead to code execution under the context of the service.

tags | advisory, remote, arbitrary, code execution
advisories | CVE-2010-1223
MD5 | b2bae431128f00cd1f373aad25343cfe
Zero Day Initiative Advisory 10-065
Posted Apr 7, 2010
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 10-065 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Computer Associates XOsoft Control Replication and High Availability Control Service. Authentication is not required to exploit this vulnerability. The specific flaws exist within the /ws_man/xosoapapi.asmx SOAP endpoint and occur when submitting malformed requests to the server. Successful exploitation can lead to code execution under the context of the service.

tags | advisory, remote, arbitrary, code execution
advisories | CVE-2010-1223
MD5 | 268a390a1f95294b1ba6f2f7660efdbb
Security Notice For CA XOsoft
Posted Apr 7, 2010
Authored by Kevin Kotas | Site www3.ca.com

CA's support is alerting customers to multiple security risks with CA XOsoft products. Multiple vulnerabilities exist that can allow a remote attacker to gain sensitive information, cause a denial of service, or possibly execute arbitrary code. CA has issued patches to address the vulnerabilities.

tags | advisory, remote, denial of service, arbitrary, vulnerability
advisories | CVE-2010-1221, CVE-2010-1222, CVE-2010-1223
MD5 | f23f915b24df0d33265e464258f5bc9b
GarageSales Remote Shell Upload
Posted Apr 7, 2010
Authored by saidinh0

GarageSales suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
MD5 | c655f2c349d23f52b16f784943803c46
McAfee Email Gateway Privilege Escalation
Posted Apr 7, 2010
Authored by Nahuel Grisolia | Site cybsec.com

CYBSEC Security Advisory - The McAfee Email Gateway suffers from a privilege escalation vulnerability.

tags | exploit
MD5 | 2e7f7de6001a5ae35a0b8b12e74a50ca
McAfee Email Gateway Information Disclosure
Posted Apr 7, 2010
Authored by Nahuel Grisolia | Site cybsec.com

CYBSEC Security Advisory - The McAfee Email Gateway suffers from an information disclosure vulnerability.

tags | exploit, info disclosure
MD5 | 8156708096f1650686606dfcb63d7947
MKPortal Lenta Cross Site Scripting
Posted Apr 7, 2010
Authored by Inj3ct0r

The MKPortal Lenta module suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 330537d8ec9418a6f18c34d69c3cd9c6
ShopSystem SQL Injection
Posted Apr 7, 2010
Authored by Valentin Hoebel

ShopSystem suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | d30d0bc5364b8fb7575f5a6d0bc9d2d8
Core Security Technologies Advisory 2010.0323
Posted Apr 7, 2010
Authored by Core Security Technologies | Site coresecurity.com

Core Security Technologies Advisory - A cross site scripting vulnerability has been discovered in the NextGEN Gallery Wordpress plugin.

tags | exploit, xss
MD5 | 8a8c17b84534b03817773cf4545519a2
Page 1 of 2
Back12Next

File Archive:

July 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    13 Files
  • 2
    Jul 2nd
    12 Files
  • 3
    Jul 3rd
    1 Files
  • 4
    Jul 4th
    2 Files
  • 5
    Jul 5th
    34 Files
  • 6
    Jul 6th
    21 Files
  • 7
    Jul 7th
    21 Files
  • 8
    Jul 8th
    13 Files
  • 9
    Jul 9th
    6 Files
  • 10
    Jul 10th
    1 Files
  • 11
    Jul 11th
    3 Files
  • 12
    Jul 12th
    15 Files
  • 13
    Jul 13th
    19 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    15 Files
  • 16
    Jul 16th
    9 Files
  • 17
    Jul 17th
    2 Files
  • 18
    Jul 18th
    2 Files
  • 19
    Jul 19th
    19 Files
  • 20
    Jul 20th
    21 Files
  • 21
    Jul 21st
    53 Files
  • 22
    Jul 22nd
    14 Files
  • 23
    Jul 23rd
    14 Files
  • 24
    Jul 24th
    1 Files
  • 25
    Jul 25th
    1 Files
  • 26
    Jul 26th
    21 Files
  • 27
    Jul 27th
    8 Files
  • 28
    Jul 28th
    9 Files
  • 29
    Jul 29th
    12 Files
  • 30
    Jul 30th
    9 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close