what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 36 RSS Feed

Files Date: 2010-05-26

Ruubik CMS 1.0.3 Cross Site Scripting
Posted May 26, 2010
Authored by High-Tech Bridge SA | Site htbridge.com

Ruubik CMS version 1.0.3 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | f82278e6284eff50960b4f1409360b91c94cee406b915d5a427c686339107d6a
GetSimple CMS 2.01 Cross Site Scripting
Posted May 26, 2010
Authored by High-Tech Bridge SA | Site htbridge.com

GetSimple CMS version 2.01 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | d9c731db83edbf304c2df40653c0adf7bd6973d87f5f54af5cd916b844e14423
Razor CMS 1.0 Stable Cross Site Scripting
Posted May 26, 2010
Authored by High-Tech Bridge SA | Site htbridge.com

Razor CMS version 1.0 stable suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | d00191add5e6aa3226a945fc2f4e61d704367c5235544a64c0668480cf382e80
360 Web Manager 3.0 Cross Site Scripting
Posted May 26, 2010
Authored by High-Tech Bridge SA | Site htbridge.com

360 Web Manager version 3.0 suffers from a cross site scripting vulnerability.

tags | exploit, web, xss
SHA-256 | a9665a1c7c2b5279d7bb3229fc822c058358363bf52fb99f04db4263dd9ea0b6
Microsoft IIS/PWS CGI Filename Double Decode Command Execution
Posted May 26, 2010
Authored by jduck | Site metasploit.com

This Metasploit module will execute an arbitrary payload on a Microsoft IIS installation that is vulnerable to the CGI double-decode vulnerability of 2001. NOTE: This Metasploit module will leave a metasploit payload in the IIS scripts directory.

tags | exploit, arbitrary, cgi
advisories | CVE-2001-0333
SHA-256 | 641ff99aa7811add9ad4dcc768fb2145b5eaa76f8f0c9f211e656f570bea2703
Secunia Security Advisory 39900
Posted May 26, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for glibc and eglibc. This fixes some weaknesses and vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and potentially gain escalated privileges and by malicious people to potentially compromise a vulnerable system.

tags | advisory, denial of service, local, vulnerability
systems | linux, ubuntu
SHA-256 | e6d2c857318f5381c4a650765a9806f63517571e33404493427bef61e80f2c57
Secunia Security Advisory 39956
Posted May 26, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fedora has issued an update for openssl. This fixes some vulnerabilities, where one has unknown impacts and the others can be exploited by malicious people to manipulate certain data or cause a DoS (Denial of Service).

tags | advisory, denial of service, vulnerability
systems | linux, fedora
SHA-256 | c7e329acb67fffd4a0e166c0a11c3dbec8964bd58e59a80cb6097c0891164842
Secunia Security Advisory 39954
Posted May 26, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fedora has issued an update for cacti. This fixes some vulnerabilities, which can be exploited by malicious users to conduct SQL injection attacks and compromise a vulnerable system and by malicious people to conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss, sql injection
systems | linux, fedora
SHA-256 | 8b00fc8efbea4526b50dda19c6037803cf75bcd16315f3c2ffb59504e010c154
Secunia Security Advisory 39957
Posted May 26, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fedora has issued an update for html2ps. This fixes a security issue, which potentially can be exploited by malicious people to disclose sensitive information.

tags | advisory
systems | linux, fedora
SHA-256 | cae33aae581de1e8cd2d8a20cb715972a1fdc5b711c180cdf105a3ec22e5c943
Secunia Security Advisory 39944
Posted May 26, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - HP has acknowledged multiple vulnerabilities in HP Business Availability Center, which can be exploited by malicious users to cause a DoS (Denial of Service) and by malicious people to conduct cross-site scripting and cross-site request forgery attacks, and potentially cause a DoS (Denial of Service).

tags | advisory, denial of service, vulnerability, xss, csrf
SHA-256 | 538a765f61842a4f4c47b7017130989daf1079b43cb7786f83d5d866a937b165
Secunia Security Advisory 39937
Posted May 26, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in Python, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.

tags | advisory, denial of service, vulnerability, python
SHA-256 | 87d63086d4bf8081e97fd15906f22e47d92163532cfb75a90be8358624699a79
Secunia Security Advisory 39909
Posted May 26, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in IBM Communications Server for AIX, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | aix
SHA-256 | 982c112b33f2f74a6384659be1997254e5037e7d14d017c47452b90dd3574b45
Secunia Security Advisory 39961
Posted May 26, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - High-Tech Bridge SA has discovered a vulnerability in razorCMS, which can be exploited by malicious users to conduct script insertion attacks.

tags | advisory
SHA-256 | 80ac8eec129a202e294d1f7c7aef02f635f9b6a2ff2b4be0f529873c6ea61a31
Secunia Security Advisory 39967
Posted May 26, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for multiple packages. This fixes two weaknesses and multiple vulnerabilities, which can be exploited by malicious, local users to disclose potentially sensitive information, cause a DoS (Denial of Service), and potentially gain escalated privileges and by malicious people to conduct spoofing attacks, manipulate certain data, cause a DoS (Denial of Service), bypass certain security restrictions, and potentially compromise a user's system.

tags | advisory, denial of service, local, spoof, vulnerability
systems | linux, suse
SHA-256 | 9da9d333ce39b31e3dc60ba47ed0a21d6c22ba7df54fdc8e4028a80ab2dcdea4
Secunia Security Advisory 39943
Posted May 26, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in HP TestDirector for Quality Center, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory
SHA-256 | a00ab8e905af586f38af9361602f3c714ee73dd8460af925795305200b31eef1
Secunia Security Advisory 39905
Posted May 26, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - epixoip has reported some vulnerabilities in Specialized Data Systems Parent Connect, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, vulnerability, sql injection
SHA-256 | 203bcdb7687a481046f81cfa313bf10c583b80944b6a926a18325e44a17c6f48
Secunia Security Advisory 39864
Posted May 26, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Giamo Casanunda has discovered a vulnerability in CuteSITE CMS, which can be exploited by malicious people to conduct cross-site request forgery attacks.

tags | advisory, csrf
SHA-256 | 9a2a721c28ac6a5f2c6d374d26d27105d5179359d1b9701e15420baaf4bbf7e5
Linux/x86 Disable Randomize Stack Address Shellcode
Posted May 26, 2010
Authored by Jonathan Salwan | Site shell-storm.org

106 bytes small Linux/x86 disable randomize stack address shellcode.

tags | x86, shellcode
systems | linux
SHA-256 | 35d8630bd9123b26df4c95ebc2cc73d88c99017d32b061a3890cd84779c2f483
Ubuntu Security Notice 944-1
Posted May 26, 2010
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 944-1 - Maksymilian Arciemowicz discovered that the GNU C library did not correctly handle integer overflows in the strfmon function. If a user or automated system were tricked into processing a specially crafted format string, a remote attacker could crash applications, leading to a denial of service. (Ubuntu 10.04 was not affected.) Jeff Layton and Dan Rosenberg discovered that the GNU C library did not correctly handle newlines in the mntent family of functions. If a local attacker were able to inject newlines into a mount entry through other vulnerable mount helpers, they could disrupt the system or possibly gain root privileges. Dan Rosenberg discovered that the GNU C library did not correctly validate certain ELF program headers. If a user or automated system were tricked into verifying a specially crafted ELF program, a remote attacker could execute arbitrary code with user privileges.

tags | advisory, remote, denial of service, overflow, arbitrary, local, root
systems | linux, ubuntu
advisories | CVE-2008-1391, CVE-2010-0296, CVE-2010-0830
SHA-256 | 3912a2ecbd425f205230279f33dba703af4f372c3f17130c8ea1d9cf79a904f4
Mandriva Linux Security Advisory 2010-107
Posted May 26, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-107 - The server failed to check the table name argument of a COM_FIELD_LIST command packet for validity and compliance to acceptable table name standards. This could be exploited to bypass almost all forms of checks for privileges and table-level grants by providing a specially crafted table name argument to COM_FIELD_LIST. The server could be tricked into reading packets indefinitely if it received a packet larger than the maximum size of one packet. The server was susceptible to a buffer-overflow attack due to a failure to perform bounds checking on the table name argument of a COM_FIELD_LIST command packet. By sending long data for the table name, a buffer is overflown, which could be exploited by an authenticated user to inject malicious code. Packages for 2008.0 and 2009.0 are provided as of the Extended Maintenance Program. The updated packages have been patched to correct these issues.

tags | advisory, overflow
systems | linux, mandriva
advisories | CVE-2010-1848, CVE-2010-1849, CVE-2010-1850
SHA-256 | c4e7a351b4df255c2bcd254f120217884009c882c3d662a9f87f93f5cefee126
Web5000 SQL Injection
Posted May 26, 2010
Authored by BLack Revenge

Design by Web5000 suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 87444cbc402a3bfc34a4f917e23d240e33168d03ea09bd1fdac2e9e423797ae1
Flock Web Browser 2.5.6 Denial Of Service
Posted May 26, 2010
Authored by eidelweiss

Flock Web Browser version 2.5.6 remote memory corruption denial of service crash exploit.

tags | exploit, remote, web, denial of service
SHA-256 | 7ef197701ddf5fce834d394de1ef5458520ee5509fb092bec9ad82205c220504
Open And Compact FTP Server 1.2 Denial Of Service
Posted May 26, 2010
Authored by Dr_IDE

Open and Compact FTP Server version 1.2 universal pre-auth denial of service exploit.

tags | exploit, denial of service
SHA-256 | 684440a1375687cbbed6a34317a123196df83653b157c3498e09d81c91f2b0de
Webit CMS SQL Injection
Posted May 26, 2010
Authored by CoBRa_21

Webit CMS suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 81cdf9b8a8262be39c1200d2a74f6b3636c9d212bb5d1e62126345f3735f0187
Webby Webserver 1.01 Buffer Overflow
Posted May 26, 2010
Authored by Michael Messner

Webby Webserver version 1.01 suffers from a buffer overflow vulnerability.

tags | exploit, overflow
SHA-256 | c1efddb1b13c33f48bca2724a4a2cd55dd316b60fd3c13ef1e71beab2ce48b4e
Page 1 of 2
Back12Next

File Archive:

October 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    39 Files
  • 2
    Oct 2nd
    23 Files
  • 3
    Oct 3rd
    18 Files
  • 4
    Oct 4th
    20 Files
  • 5
    Oct 5th
    0 Files
  • 6
    Oct 6th
    0 Files
  • 7
    Oct 7th
    17 Files
  • 8
    Oct 8th
    66 Files
  • 9
    Oct 9th
    25 Files
  • 10
    Oct 10th
    20 Files
  • 11
    Oct 11th
    21 Files
  • 12
    Oct 12th
    0 Files
  • 13
    Oct 13th
    0 Files
  • 14
    Oct 14th
    0 Files
  • 15
    Oct 15th
    0 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close