what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 68 RSS Feed

Files Date: 2010-04-20

Yahoo CD Player Overflow
Posted Apr 20, 2010
Authored by shinnai

Yahoo! CD Player (YoPlyCd.dll) remote stack overflow exploit.

tags | exploit, remote, overflow
SHA-256 | 8a0d6e287e603a846eafe4d909f0383db7eaf2decf49a019977881ffd8347e27
Viscom Movie Player Pro SDK 6.8 Buffer Overflow
Posted Apr 20, 2010
Authored by shinnai

Viscom Software Movie Player Pro SDK version 6.8 suffers from an Active-X related buffer overflow vulnerability.

tags | exploit, overflow, activex
SHA-256 | b48017e490f339f4951f725955f191ca1b85f6c188585cca4420cb71403509bc
Mandriva Linux Security Advisory 2010-070
Posted Apr 20, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-070 - Many security issues have been identified and fixed in Firefox. These range from various memory consumption issues to denial of service vulnerabilities. Since firefox-3.0.19 is the last 3.0.x release Mandriva opted to provide the latest 3.6.3 version for Mandriva Linux 2008.0/2009.0/2009.1/MES5/2010.0. Packages for 2008.0 and 2009.0 are provided due to the Extended Maintenance Program for those products. Additionally, some packages which require so, have been rebuilt and are being provided as updates. Packages for 2009.0 are provided due to the Extended Maintenance Program.

tags | advisory, denial of service, vulnerability
systems | linux, mandriva
advisories | CVE-2010-0164, CVE-2010-0165, CVE-2010-0167, CVE-2010-0168, CVE-2010-0170, CVE-2010-0172, CVE-2010-1122, CVE-2010-0173, CVE-2010-0174, CVE-2010-0175, CVE-2010-0176, CVE-2010-0177, CVE-2010-0178, CVE-2010-0179, CVE-2010-0181, CVE-2010-0182
SHA-256 | 7a38196109ca581687357af57f2b35960ec088b6dde743dc49c6744fb1343a50
KDC Double Free Vulnerability
Posted Apr 20, 2010
Site web.mit.edu

MIT krb5 Security Advisory 2010-004 - An authenticated remote attacker can crash the KDC by inducing the KDC to perform a double free. Under some circumstances on some platforms, this could also allow malicious code execution. Successfully inducing code execution by exploiting a double free is believed to be difficult, and no such exploits are known to exist for this vulnerability.

tags | advisory, remote, code execution
advisories | CVE-2010-1320
SHA-256 | 7b328a95b0feb5b66e3e8d9d97e9c430a50cbb70a4a9b3e5635ac7b96fad9238
DBSite w/b CMS Cross Site Scripting
Posted Apr 20, 2010
Authored by OuTLaWz

DBSite w/b CMS suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | f78a973b82eb796633f147fe31329328e732afe2cc33e1ba16d7cae689978298
Southern-Suzuki SQL Injection
Posted Apr 20, 2010
Authored by OuTLaWz

Southern-Suzuki suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
SHA-256 | 9b3fc373c8a3662278c1e849f5e910c2002c4dae191e31585194b7e06a743ba5
EasyFTP Server <= 1.7.0.2 CWD Command Stack Buffer Overflow
Posted Apr 20, 2010
Authored by Paul Makowski | Site metasploit.com

This Metasploit module exploits a stack-based buffer overflow in EasyFTP Server 1.7.0.2. EasyFTP fails to check input size when parsing 'CWD' commands, which allows for easy stack based buffer overflow exploitation. EasyFTP allows anonymous access by default; valid credentials are typically unnecessary to exploit this vulnerability. Later versions may vulnerable, but have not been tested. This exploit utilizes a small piece of code that I've referred to as 'fixRet'. This code allows us to inject of payload of ~500 bytes into a 264 byte buffer by 'fixing' the return address post-exploitation. See references for more information.

tags | exploit, overflow
SHA-256 | 7f1bac3d002e1b38ff6a6cb8fac785dccf0e2feb7a142467790a9e2361f77931
Ubuntu Security Notice 929-2
Posted Apr 20, 2010
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 929-2 - USN-929-1 fixed vulnerabilities in irssi. The upstream changes introduced a regression when using irssi with SSL and an IRC proxy. This update fixes the problem. It was discovered that irssi did not perform certificate host validation when using SSL connections. An attacker could exploit this to perform a man in the middle attack to view sensitive information or alter encrypted communications. Aurelien Delaitre discovered that irssi could be made to dereference a NULL pointer when a user left the channel. A remote attacker could cause a denial of service via application crash. This update also adds SSLv3 and TLSv1 support, while disabling the old, insecure SSLv2 protocol.

tags | advisory, remote, denial of service, vulnerability, protocol
systems | linux, ubuntu
SHA-256 | 99d0cce56d85ec609fb48c47608c5524c74a66a18e583574b68e87ee2249a76e
29 Bytes chmod(/etc/shadow, 0777) Shellcode
Posted Apr 20, 2010
Authored by Magnefikko

29 bytes small chmod("/etc/shadow", 0777) shellcode.

tags | shellcode
SHA-256 | c5fea9d9abb13284e14c422774840e98a7d4847ebc0c9b4ff64dc8ee8ccdccd9
e107 0.7.19 Cross Site Request Forgery
Posted Apr 20, 2010
Authored by High-Tech Bridge SA | Site htbridge.com

e107 version 0.7.19 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | 27b520286f1e9a6ab8b67aed91a0b309ef5f8f525c0e206c4317a9df6f7f70b4
Linux x86 fork() Shellcode
Posted Apr 20, 2010
Authored by Jonathan Salwan

6 bytes small Linux/x86 fork() shellcode.

tags | x86, shellcode
systems | linux
SHA-256 | b8a211d7d9feeb591b92636544683ccac0866e04bc0aec93ad58bbfb95f42377
Acritum Femitter 1.03 Directory Traversal
Posted Apr 20, 2010
Authored by Dr_IDE

Acritum Femitter version 1.03 suffers from a directory traversal vulnerability.

tags | exploit, file inclusion
SHA-256 | cb8dab774dbd16f5f21e1e46e39fcc8cdcd435b629137c0a322feb43385199b1
Mongoose 2.8 Directory Traversal
Posted Apr 20, 2010
Authored by Dr_IDE

Mongoose web server version 2.8 suffers from directory traversal vulnerabilities.

tags | exploit, web, vulnerability, file inclusion
SHA-256 | c06c9b8a1ab7b64e816927760a9223bd4869afbcc92a31ce1a6fbea862d0a4db
MultiThreaded HTTP Server 1.1 Source Disclosure
Posted Apr 20, 2010
Authored by Dr_IDE

MultiThreaded HTTP Server version 1.1 suffers from a remote source disclosure vulnerability.

tags | exploit, remote, web, info disclosure
SHA-256 | 987bf6b3565122edfa3d483af245ea664523df3e3e0ad0363fc9b0178c19cb29
MultiThreaded HTTP Server 1.1 Directory Traversal
Posted Apr 20, 2010
Authored by chr1x

MultiThreaded HTTP Server version 1.1 suffers from a directory traversal vulnerability.

tags | exploit, web, file inclusion
SHA-256 | 9dbf62deaca4914b270f6ad4441fc332589f96ae1e08adb1bc7d678f3824bff1
MusicBox 3.3 SQL Injection
Posted Apr 20, 2010
Authored by Ctacok

MusicBox version 3.3 remote SQL injection exploit that leverages genre_artists.php.

tags | exploit, remote, php, sql injection
SHA-256 | 99c119fb7e2b1e2af0634299338cceeb0d9f2258659f76496c6ff2b39be74cd8
Linux write() and exit(0) Shellcode
Posted Apr 20, 2010
Authored by stoke

Linux write() & exit(0) shellcode generator with customizable text.

tags | shellcode
systems | linux
SHA-256 | 941fe544cf17011eedcc3db404085a0b37ca85f6ef8f773596185e95a1f9629c
Local File Inclusion Whitepaper
Posted Apr 20, 2010
Authored by Fredrik Nordberg Almroth | Site h.ackack.net

This is a short and descriptive guide about various methods for exploiting local file inclusion vulnerabilities.

tags | paper, local, vulnerability, file inclusion
SHA-256 | 9795bf804107400fefe0f8fd5f52c5cbf31a5fc615ca209df91921cc5d9ea8e6
Secunia Security Advisory 39531
Posted Apr 20, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in the iNetLanka Multiple root component for Joomla, which can be exploited by malicious people to disclose potentially sensitive information.

tags | advisory, root
SHA-256 | 45ae506991fd6744a0a0d9af417c6a90a9842cdeec9fcf342c500fef93b3741d
Secunia Security Advisory 39508
Posted Apr 20, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Cybozu Office and Cybozu dot Sales, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory
SHA-256 | 7d5334f1d18fd187a4b7c56d38727e35504685c450b45609605694ceec09542b
Speed Commander 13.10 Memory Corruption
Posted Apr 20, 2010
Authored by TecR0c | Site corelan.be

SpeedCommander version 13.10 suffers from a memory corruption denial of service vulnerability. Exploit included.

tags | exploit, denial of service
SHA-256 | ca3fcff87584ab42c2a2013194c68b8c234aabd62272a8f654f1f54713f24a0a
Mandriva Linux Security Advisory 2010-083
Posted Apr 20, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-083 - lib-src/movemail.c in movemail in emacs 22 and 23 allows local users to read, modify, or delete arbitrary mailbox files via a symlink attack, related to improper file-permission checks. Packages for 2008.0 and 2009.0 are provided due to the Extended Maintenance Program for those products. The updated packages have been patched to correct this issue.

tags | advisory, arbitrary, local
systems | linux, mandriva
advisories | CVE-2010-0825
SHA-256 | cd6c32014e9614e16b6f7c4de36feb10809fa7b82d925ee152775e497ece6a8b
Joomla Jnewspaper SQL Injection
Posted Apr 20, 2010
Authored by Don Tukulesto | Site indonesiancoder.com

The Joomla Jnewspaper component suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | c00c6e54b879810eafd7685f8fa0899eb0892a8bc46c173b5b34b4fdb33191e4
Secunia Security Advisory 39536
Posted Apr 20, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been discovered in the Online News Paper Manager component for Joomla, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, vulnerability, sql injection
SHA-256 | 82c902434037de2c57f35cfd13051d6ecf62044e21482c3fe61e3bd2bc5c19ec
HP Operations Manager 7.5 / 8.10 / 8.16 Remote Stack Overflow
Posted Apr 20, 2010
Authored by mr_me | Site corelan.be

HP Operations Manager versions 7.5, 8.10 and 8.16 suffer from a remote stack overflow vulnerability. Exploit included.

tags | exploit, remote, overflow
advisories | CVE-2010-1033
SHA-256 | f6dcb05657875a0c205848a9a614db696f308ed1f94ec31aa62d579c64f81ee0
Page 1 of 3
Back123Next

File Archive:

February 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    11 Files
  • 2
    Feb 2nd
    9 Files
  • 3
    Feb 3rd
    5 Files
  • 4
    Feb 4th
    0 Files
  • 5
    Feb 5th
    0 Files
  • 6
    Feb 6th
    2 Files
  • 7
    Feb 7th
    0 Files
  • 8
    Feb 8th
    0 Files
  • 9
    Feb 9th
    0 Files
  • 10
    Feb 10th
    0 Files
  • 11
    Feb 11th
    0 Files
  • 12
    Feb 12th
    0 Files
  • 13
    Feb 13th
    0 Files
  • 14
    Feb 14th
    0 Files
  • 15
    Feb 15th
    0 Files
  • 16
    Feb 16th
    0 Files
  • 17
    Feb 17th
    0 Files
  • 18
    Feb 18th
    0 Files
  • 19
    Feb 19th
    0 Files
  • 20
    Feb 20th
    0 Files
  • 21
    Feb 21st
    0 Files
  • 22
    Feb 22nd
    0 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close