exploit the possibilities
Showing 1 - 25 of 46 RSS Feed

Files Date: 2010-04-28

Botan C++ Crypto Algorithms Library 1.9.7
Posted Apr 28, 2010
Site botan.randombit.net

Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS #10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to most systems and compilers, and includes a substantial tutorial and API reference.

Changes: This release adds support for reading SSLv2 client hellos, which some applications still send for compatibility with SSLv2-only servers. TLS ciphersuites using the South Korean. SEED block cipher are now supported. The Comb4P hash function combiner is now included. A bug that caused raw (unhashed, unpadded) signatures of messages beginning with 0 bytes to be rejected has been fixed.
tags | library
MD5 | 2250a0c26dd9d926329721bc0f95af0c
SoftBizScripts Hosting Script SQL Injection
Posted Apr 28, 2010
Authored by 41.w4r10r

SoftBizScripts Hosting Script suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 8c729982704fee9168892b7c39114d89
SoftBizScripts Dating Script SQL Injection
Posted Apr 28, 2010
Authored by 41.w4r10r

SoftBizScripts Dating Script suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 91eaa07807c8a35c1b78bf10065f497f
GeneShop 5.1.1 SQL Injection
Posted Apr 28, 2010
Authored by 41.w4r10r

GeneShop version 5.1.1 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 4d9ed531f7dc619c9bb6fa348e5b1f58
UBB.threads 6.4.4 Forum Cross Site Scripting
Posted Apr 28, 2010
Authored by Cr3w-D, Dr.0rYX

UBB.threads 6.4.4 Forum suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 6badbc44057352ff3fdaa8d3d9df51b3
Microsoft SharePoint Server 2007 Cross Site Scripting
Posted Apr 28, 2010
Authored by High-Tech Bridge SA | Site htbridge.com

Microsoft SharePoint Server 2007 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 9e194b0ba05aeaf6d0ff084cd4208e5a
Mandriva Linux Security Advisory 2010-084
Posted Apr 28, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-084 - Multiple Java OpenJDK security vulnerabilities have been identified and fixed. Packages for 2009.0 are provided due to the Extended Maintenance Program.

tags | advisory, java, vulnerability
systems | linux, mandriva
advisories | CVE-2009-2409, CVE-2009-3555, CVE-2009-3728, CVE-2009-3869, CVE-2009-3871, CVE-2009-3873, CVE-2009-3874, CVE-2009-3875, CVE-2009-3876, CVE-2009-3877, CVE-2009-3879, CVE-2009-3880, CVE-2009-3881, CVE-2009-3882, CVE-2009-3883, CVE-2009-3884, CVE-2009-3885, CVE-2010-0082
MD5 | 799c117e760584a5cec15b3330233f9a
Mandriva Linux Security Advisory 2009-332
Posted Apr 28, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-332 - Integer overflow in the read_channel_data function in plug-ins/file-psd/psd-load.c in GIMP 2.6.7 might allow remote attackers to execute arbitrary code via a crafted PSD file that triggers a heap-based buffer overflow. Additionally the patch for in MDVSA-2009:296 was incomplete, this update corrects this as well. This update provides a solution to this vulnerability. Packages for 2009.0 are provided due to the Extended Maintenance Program.

tags | advisory, remote, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2009-3909
MD5 | 09307dfe73093ca74e518148265a9873
Joomla Wap4Joomla SQL Injection
Posted Apr 28, 2010
Authored by Manas58

The Joomla Wap4Joomla component suffers from a remote SQL injection vulnerability in wapmain.php.

tags | exploit, remote, php, sql injection
MD5 | 8fca422af5d6a083fb96bde3b732feb6
Tele Data's CMS 0.9 SQL Injection
Posted Apr 28, 2010
Authored by AutoSec Tools

Tele Data's CMS version 0.9 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | a8c5a547cda12f0d6a38273beee914c4
Mandriva Linux Security Advisory 2010-085
Posted Apr 28, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-085 - The OSCAR protocol plugin in libpurple in Pidgin before 2.6.3 and Adium before 1.3.7 allows remote attackers to cause a denial of service (application crash) via crafted contact-list data for ICQ and possibly AIM, as demonstrated by the SIM IM client. Directory traversal vulnerability in slp.c in the MSN protocol plugin in libpurple in Pidgin 2.6.4 and Adium 1.3.8 allows remote attackers to read arbitrary files via a .. (dot dot) in an application/x-msnmsgrp2p MSN emoticon (aka custom smiley) request, a related issue to CVE-2004-0122. Directory traversal vulnerability in slp.c in the MSN protocol plugin in libpurple in Pidgin 2.6.4 and Adium 1.3.8 allows remote attackers to read arbitrary files via a .. (dot dot) in an application/x-msnmsgrp2p MSN emoticon (aka custom smiley) request, a related issue to CVE-2004-0122. Other issues have also been identified.

tags | advisory, remote, denial of service, arbitrary, protocol
systems | linux, mandriva
advisories | CVE-2009-3615, CVE-2010-0013, CVE-2010-0013, CVE-2010-0277, CVE-2010-0420, CVE-2010-0423
MD5 | 49222a235d53bf710183de3ed0ee127d
Mandriva Linux Security Advisory 2010-078
Posted Apr 28, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-078 - The command matching functionality in sudo 1.6.8 through 1.7.2p5 does not properly handle when a file in the current working directory has the same name as a pseudo-command in the sudoers file and the PATH contains an entry for ., which allows local users to execute arbitrary commands via a Trojan horse executable, as demonstrated using sudoedit, a different vulnerability than CVE-2010-0426. Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. The updated packages have been patched to correct this issue. Packages for 2009.0 are provided due to the Extended Maintenance Program.

tags | advisory, arbitrary, local, trojan
systems | linux, mandriva
advisories | CVE-2010-1163
MD5 | 2344824ca6cfa27865431ec8d854428a
Safari 4.0.3 / 4.0.4 Stack Exhaustion
Posted Apr 28, 2010
Authored by Fredrik Nordberg Almroth | Site h.ackack.net

Safari versions 4.0.3 and 4.0.4 stack exhaustion exploit.

tags | exploit
MD5 | 13138f27ecadcce816436fbb3b18ed43
Zero Day Initiative Advisory 10-079
Posted Apr 28, 2010
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 10-079 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of RealNetworks Helix Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the authentication provided by the administrative web interface and is only present if it is configured to use NTLM. The vulnerability can be triggered by specifying invalid Base64 string within the Authorization header. If the string is not proper Base64 the vulnerable function returns -1 which is not verified and is later used as a length to a string copy routine.

tags | advisory, remote, web, arbitrary
advisories | CVE-2010-1317
MD5 | 53d87a8058df5d5de20421ffa49c121e
Pligg CMS 1.0.4 SQL Injection
Posted Apr 28, 2010
Authored by Don Tukulesto | Site indonesiancoder.com

Pligg CMS version 1.0.4 suffers from a remote SQL injection vulnerability in story.php.

tags | exploit, remote, php, sql injection
MD5 | 017d514c6dca422f524b68c576485c61
Joomla JE Property Finder Shell Upload
Posted Apr 28, 2010
Authored by Sid3 effects

The Joomla JE Property Finder component suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
MD5 | 9aff99ca671974991c7485b2727a3c7f
Canvas Tag Denial Of Service
Posted Apr 28, 2010
Authored by Jelmer de Hen | Site h.ackack.net

Safari 4.0.5 and Internet Explorer 6.0 / 8.0 suffer from a canvas tag denial of service vulnerability.

tags | exploit, denial of service
MD5 | 2e7b712b7f0005467b80cbed9284734b
WhatWeb Scanner 0.4.1
Posted Apr 28, 2010
Authored by Andrew Horton (urbanadventurer) | Site morningstarsecurity.com

WhatWeb next generation web scanner identifies what websites are running. Released at the Kiwicon conference (kiwicon.org) in Wellington, New Zealand. Written in Ruby for Linux. Flexible plugin architecture with over 70 plugins so far. Passive plugins use information in the headers, cookies, HTML body and URL. Aggressive plugins can identify versions of Joomla, phpBB, etc by making extra requests to the webserver.

tags | tool, web, scanner, ruby
systems | linux, unix
MD5 | b74e3f7eb1c8f6f67596aa3d5e5fedad
Secunia Security Advisory 39630
Posted Apr 28, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in Acoustica CD/DVD Label Maker, which can be exploited by malicious people to compromise a user's system.

tags | advisory
MD5 | e725f244e7d7e15d1673f89d61d0d1b3
Secunia Security Advisory 39585
Posted Apr 28, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in the Graphics component for Joomla, which can be exploited by malicious people to disclose potentially sensitive information.

tags | advisory
MD5 | 2174874dcdca2347a786a397e8533525
Secunia Security Advisory 39617
Posted Apr 28, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue has been discovered in Portaneo Open Source

tags | advisory
MD5 | 28ac0cea98bfe9be608003f40f3b91ae
Secunia Security Advisory 39622
Posted Apr 28, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in 2daybiz Advanced Poll Script, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks.

tags | advisory, vulnerability, xss, sql injection
MD5 | 4ecd94ce6826b6325f9bcaab1c0860d8
NIBE Heat Pump Remote Command Execution
Posted Apr 28, 2010
Authored by Jelmer de Hen | Site h.ackack.net

NIBE Heat Pump remote command execution exploit.

tags | exploit, remote
MD5 | 17de60f902391f8dc9856508e27959e2
NIBE Heat Pump Local File Inclusion
Posted Apr 28, 2010
Authored by Jelmer de Hen | Site h.ackack.net

NIBE Heat Pump suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
MD5 | 25e38168d3280360efc9ac40fd647517
OneHTTPD 0.6 Directory Traversal
Posted Apr 28, 2010
Authored by AutoSec Tools

OneHTTPD version 0.6 suffers from a directory traversal vulnerability.

tags | exploit, file inclusion
MD5 | 62c5d2d673e5f75392996aff5d03c2e1
Page 1 of 2
Back12Next

File Archive:

June 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    1 Files
  • 2
    Jun 2nd
    2 Files
  • 3
    Jun 3rd
    19 Files
  • 4
    Jun 4th
    21 Files
  • 5
    Jun 5th
    15 Files
  • 6
    Jun 6th
    12 Files
  • 7
    Jun 7th
    11 Files
  • 8
    Jun 8th
    1 Files
  • 9
    Jun 9th
    1 Files
  • 10
    Jun 10th
    15 Files
  • 11
    Jun 11th
    15 Files
  • 12
    Jun 12th
    15 Files
  • 13
    Jun 13th
    8 Files
  • 14
    Jun 14th
    16 Files
  • 15
    Jun 15th
    2 Files
  • 16
    Jun 16th
    1 Files
  • 17
    Jun 17th
    18 Files
  • 18
    Jun 18th
    16 Files
  • 19
    Jun 19th
    0 Files
  • 20
    Jun 20th
    0 Files
  • 21
    Jun 21st
    0 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close