exploit the possibilities
Showing 1 - 25 of 68 RSS Feed

Files Date: 2010-04-20

Yahoo CD Player Overflow
Posted Apr 20, 2010
Authored by shinnai

Yahoo! CD Player (YoPlyCd.dll) remote stack overflow exploit.

tags | exploit, remote, overflow
MD5 | cba2d78cfdd3f1a035cbb127d80fd01e
Viscom Movie Player Pro SDK 6.8 Buffer Overflow
Posted Apr 20, 2010
Authored by shinnai

Viscom Software Movie Player Pro SDK version 6.8 suffers from an Active-X related buffer overflow vulnerability.

tags | exploit, overflow, activex
MD5 | 55cad41a9c859bc0c50159d63d504564
Mandriva Linux Security Advisory 2010-070
Posted Apr 20, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-070 - Many security issues have been identified and fixed in Firefox. These range from various memory consumption issues to denial of service vulnerabilities. Since firefox-3.0.19 is the last 3.0.x release Mandriva opted to provide the latest 3.6.3 version for Mandriva Linux 2008.0/2009.0/2009.1/MES5/2010.0. Packages for 2008.0 and 2009.0 are provided due to the Extended Maintenance Program for those products. Additionally, some packages which require so, have been rebuilt and are being provided as updates. Packages for 2009.0 are provided due to the Extended Maintenance Program.

tags | advisory, denial of service, vulnerability
systems | linux, mandriva
advisories | CVE-2010-0164, CVE-2010-0165, CVE-2010-0167, CVE-2010-0168, CVE-2010-0170, CVE-2010-0172, CVE-2010-1122, CVE-2010-0173, CVE-2010-0174, CVE-2010-0175, CVE-2010-0176, CVE-2010-0177, CVE-2010-0178, CVE-2010-0179, CVE-2010-0181, CVE-2010-0182
MD5 | 2c08b4eb70ba4648a14ffa02f5b86b6a
KDC Double Free Vulnerability
Posted Apr 20, 2010
Site web.mit.edu

MIT krb5 Security Advisory 2010-004 - An authenticated remote attacker can crash the KDC by inducing the KDC to perform a double free. Under some circumstances on some platforms, this could also allow malicious code execution. Successfully inducing code execution by exploiting a double free is believed to be difficult, and no such exploits are known to exist for this vulnerability.

tags | advisory, remote, code execution
advisories | CVE-2010-1320
MD5 | 46372372d6abc7d8027f49584b060e58
DBSite w/b CMS Cross Site Scripting
Posted Apr 20, 2010
Authored by OuTLaWz

DBSite w/b CMS suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 486d58e13266a353261c42d9b4ee2a28
Southern-Suzuki SQL Injection
Posted Apr 20, 2010
Authored by OuTLaWz

Southern-Suzuki suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
MD5 | 801df94ecebe37df2e1d6559c34989a4
EasyFTP Server <= 1.7.0.2 CWD Command Stack Buffer Overflow
Posted Apr 20, 2010
Authored by Paul Makowski | Site metasploit.com

This Metasploit module exploits a stack-based buffer overflow in EasyFTP Server 1.7.0.2. EasyFTP fails to check input size when parsing 'CWD' commands, which allows for easy stack based buffer overflow exploitation. EasyFTP allows anonymous access by default; valid credentials are typically unnecessary to exploit this vulnerability. Later versions may vulnerable, but have not been tested. This exploit utilizes a small piece of code that I've referred to as 'fixRet'. This code allows us to inject of payload of ~500 bytes into a 264 byte buffer by 'fixing' the return address post-exploitation. See references for more information.

tags | exploit, overflow
MD5 | 945b3a7dfef041981cebab4cd0278be7
Ubuntu Security Notice 929-2
Posted Apr 20, 2010
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 929-2 - USN-929-1 fixed vulnerabilities in irssi. The upstream changes introduced a regression when using irssi with SSL and an IRC proxy. This update fixes the problem. It was discovered that irssi did not perform certificate host validation when using SSL connections. An attacker could exploit this to perform a man in the middle attack to view sensitive information or alter encrypted communications. Aurelien Delaitre discovered that irssi could be made to dereference a NULL pointer when a user left the channel. A remote attacker could cause a denial of service via application crash. This update also adds SSLv3 and TLSv1 support, while disabling the old, insecure SSLv2 protocol.

tags | advisory, remote, denial of service, vulnerability, protocol
systems | linux, ubuntu
MD5 | 113cbd84a041fa994a7ad52b018598ce
29 Bytes chmod(/etc/shadow, 0777) Shellcode
Posted Apr 20, 2010
Authored by Magnefikko

29 bytes small chmod("/etc/shadow", 0777) shellcode.

tags | shellcode
MD5 | 70387a1ba638547e39b9b7fc69c60d0a
e107 0.7.19 Cross Site Request Forgery
Posted Apr 20, 2010
Authored by High-Tech Bridge SA | Site htbridge.com

e107 version 0.7.19 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | 006cf13046d679cd7d553481b0954d60
Linux x86 fork() Shellcode
Posted Apr 20, 2010
Authored by Jonathan Salwan

6 bytes small Linux/x86 fork() shellcode.

tags | x86, shellcode
systems | linux
MD5 | 76066753b8df0c43a70bbda774f1ec9f
Acritum Femitter 1.03 Directory Traversal
Posted Apr 20, 2010
Authored by Dr_IDE

Acritum Femitter version 1.03 suffers from a directory traversal vulnerability.

tags | exploit, file inclusion
MD5 | 68bdc6e1a19f4f8f17919953225cdfaf
Mongoose 2.8 Directory Traversal
Posted Apr 20, 2010
Authored by Dr_IDE

Mongoose web server version 2.8 suffers from directory traversal vulnerabilities.

tags | exploit, web, vulnerability, file inclusion
MD5 | 54a0752da64ecd5264c2527fce1a7bfa
MultiThreaded HTTP Server 1.1 Source Disclosure
Posted Apr 20, 2010
Authored by Dr_IDE

MultiThreaded HTTP Server version 1.1 suffers from a remote source disclosure vulnerability.

tags | exploit, remote, web, info disclosure
MD5 | fb0856ee2d5b78cec19ff0513fa108d2
MultiThreaded HTTP Server 1.1 Directory Traversal
Posted Apr 20, 2010
Authored by chr1x

MultiThreaded HTTP Server version 1.1 suffers from a directory traversal vulnerability.

tags | exploit, web, file inclusion
MD5 | 993c978eeaa52e5213575d326db684a8
MusicBox 3.3 SQL Injection
Posted Apr 20, 2010
Authored by Ctacok

MusicBox version 3.3 remote SQL injection exploit that leverages genre_artists.php.

tags | exploit, remote, php, sql injection
MD5 | a8da66df59d503fb1176e4088842d18c
Linux write() and exit(0) Shellcode
Posted Apr 20, 2010
Authored by stoke

Linux write() & exit(0) shellcode generator with customizable text.

tags | shellcode
systems | linux
MD5 | 927b2517e37553e9d1a9b0c179827970
Local File Inclusion Whitepaper
Posted Apr 20, 2010
Authored by Fredrik Nordberg Almroth | Site h.ackack.net

This is a short and descriptive guide about various methods for exploiting local file inclusion vulnerabilities.

tags | paper, local, vulnerability, file inclusion
MD5 | 84c0a5f95cd910c921543a779994f496
Secunia Security Advisory 39531
Posted Apr 20, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in the iNetLanka Multiple root component for Joomla, which can be exploited by malicious people to disclose potentially sensitive information.

tags | advisory, root
MD5 | 9082bc0f90c8e448b82ada0944277a94
Secunia Security Advisory 39508
Posted Apr 20, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Cybozu Office and Cybozu dot Sales, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory
MD5 | 35fc2705aea758dd85277a4730167f1f
Speed Commander 13.10 Memory Corruption
Posted Apr 20, 2010
Authored by TecR0c | Site corelan.be

SpeedCommander version 13.10 suffers from a memory corruption denial of service vulnerability. Exploit included.

tags | exploit, denial of service
MD5 | 99205eb0b29f78148fdf9aba23d89813
Mandriva Linux Security Advisory 2010-083
Posted Apr 20, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-083 - lib-src/movemail.c in movemail in emacs 22 and 23 allows local users to read, modify, or delete arbitrary mailbox files via a symlink attack, related to improper file-permission checks. Packages for 2008.0 and 2009.0 are provided due to the Extended Maintenance Program for those products. The updated packages have been patched to correct this issue.

tags | advisory, arbitrary, local
systems | linux, mandriva
advisories | CVE-2010-0825
MD5 | 2609aa145583d01d3d92c578a3045ff0
Joomla Jnewspaper SQL Injection
Posted Apr 20, 2010
Authored by Don Tukulesto | Site indonesiancoder.com

The Joomla Jnewspaper component suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 247275c214dc1257e5af7a5756dc1208
Secunia Security Advisory 39536
Posted Apr 20, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been discovered in the Online News Paper Manager component for Joomla, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, vulnerability, sql injection
MD5 | e0869bf63f76cb6c307c88938ea94476
HP Operations Manager 7.5 / 8.10 / 8.16 Remote Stack Overflow
Posted Apr 20, 2010
Authored by mr_me | Site corelan.be

HP Operations Manager versions 7.5, 8.10 and 8.16 suffer from a remote stack overflow vulnerability. Exploit included.

tags | exploit, remote, overflow
advisories | CVE-2010-1033
MD5 | dc9ff56da2c22e2fd47132c7b68a6ba9
Page 1 of 3
Back123Next

File Archive:

May 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    16 Files
  • 2
    May 2nd
    8 Files
  • 3
    May 3rd
    8 Files
  • 4
    May 4th
    2 Files
  • 5
    May 5th
    1 Files
  • 6
    May 6th
    15 Files
  • 7
    May 7th
    22 Files
  • 8
    May 8th
    16 Files
  • 9
    May 9th
    17 Files
  • 10
    May 10th
    16 Files
  • 11
    May 11th
    3 Files
  • 12
    May 12th
    4 Files
  • 13
    May 13th
    25 Files
  • 14
    May 14th
    24 Files
  • 15
    May 15th
    78 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    16 Files
  • 18
    May 18th
    2 Files
  • 19
    May 19th
    1 Files
  • 20
    May 20th
    11 Files
  • 21
    May 21st
    21 Files
  • 22
    May 22nd
    20 Files
  • 23
    May 23rd
    36 Files
  • 24
    May 24th
    2 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close