exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 16 of 16 RSS Feed

Files Date: 2010-07-17

Zero Day Initiative Advisory 10-129
Posted Jul 17, 2010
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 10-129 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell Groupwise Internet Agent. Authentication is required to exploit this vulnerability. The flaw exists within the IMAP functionality included with GWIA. When provided with an overly long mailbox name to the CREATE verb, the IMAP server can be forced to overflow a buffer on the stack. Successful exploitation leads to remote code execution under the context of the server.

tags | advisory, remote, overflow, arbitrary, imap, code execution
SHA-256 | c38190bbe6cf2654a24eaabcd78ecd040cbac6cf773df475162d54315a49992e
Group Office 3.5.9 Remote Command Execution
Posted Jul 17, 2010
Authored by ADEO Security

Group Office version 3.5.9 suffers from a remote command execution vulnerability.

tags | exploit, remote
SHA-256 | d395780e5580c0301934155e011a6e18ec6447417232cef5adc8718a94ff5e55
Novell Groupwise Internet Agent Stack Overflow
Posted Jul 17, 2010
Authored by Francis Provencher

The Novell Groupwise Internet Agent suffers from a remote code execution vulnerability due to a stack overflow.

tags | exploit, remote, overflow, code execution
SHA-256 | 76736a6c8ea0fb9f7f9a0f12dd5cf5394064dec0c96b1d6cf55ca7dee72c2d5f
ActiTime 2.0-MA Cross Site Request Forgery
Posted Jul 17, 2010
Authored by Markot | Site corelan.be

ActiTime version 2.0-MA suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | 7ffc90c83666da1448e58b4d7792f8c5e3f865d85fc1b893bc5df889050e7665
My Book Insecure Cookie Handling
Posted Jul 17, 2010
Authored by indoushka

My Book suffers from an insecure cookie handling vulnerability.

tags | exploit, insecure cookie handling
SHA-256 | a29827e1ca16915e2d7afbdb5e7b956a5d2d58ffd1c18ec8b119d77b2956f904
Kanarya Shop Database Disclosure
Posted Jul 17, 2010
Authored by indoushka

Kanarya Shop suffers from a remote database disclosure vulnerability.

tags | exploit, remote, info disclosure
SHA-256 | 69fbe4b53ecfb180b40ae3484e5a0e50663da1178494b1d683bbbc2847895221
Advanced Management For Services Sites Remote File Inclusion
Posted Jul 17, 2010
Authored by indoushka

Advanced Management For Services Sites suffers from a remote file inclusion vulnerability.

tags | exploit, remote, code execution, file inclusion
SHA-256 | c5d21bffb0aa5bfb010119083c19eeefdc1426ade4cbbee9ecd019485aa7bb75
Group Office SQL Injection
Posted Jul 17, 2010
Authored by ADEO Security

Group Office suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | bac72b012a143df904a3867be5a1fa3da472f92978594f803af6d9357f30c3af
Power/Personal FTP Server Denial Of Service
Posted Jul 17, 2010
Authored by antrhacks

Power/Personal FTP server version 2.30 RETR remote denial of service exploit.

tags | exploit, remote, denial of service
SHA-256 | 8eb5be68d140f5c719236df4f806ecfe5541c74edb10de2eee9b728ea928b676
Haihaisoft PDF Reader Buffer Overflow
Posted Jul 17, 2010
Authored by shinnai

Haihaisoft PDF Reader with OCX control version 1.1.2.0 suffers from a remote buffer overflow vulnerability.

tags | exploit, remote, overflow
SHA-256 | f4f2df2555e6a1b165df2624885a25e4c36da2d1ed12ade17c8c774d9d6cbb70
Mini-Stream RM-MP3 Converter 3.1.2.1 Buffer Overflow
Posted Jul 17, 2010
Authored by MadjiX

Universal stack buffer overflow exploit for Mini-Stream RM-MP3 Converter version 3.1.2.1 that creates a malicious .pls file.

tags | exploit, overflow
SHA-256 | 2d21c24af7764b4ae41792b6351041be17be14984b31d19baf9460494491f17d
Pre Podcast Portal SQL Injection
Posted Jul 17, 2010
Authored by D4rk357

Pre Podcast Portal suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
SHA-256 | d6ccf2eda4aa207ef41787011032a875efd56bbf6a901d840ea984b9df6f1570
SoftClones Marketing Management SQL Injection
Posted Jul 17, 2010
Authored by D4rk357

SoftClones Marketing Management System suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
SHA-256 | 5e9b43b5f3b06b5391f598908fe6c8effa8f6ac51bbb071efec0e2288b86ffd2
Pre Dynamic Institution SQL Injection
Posted Jul 17, 2010
Authored by D4rk357

Pre Dynamic Institution Web suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, web, sql injection
SHA-256 | 9e4d718f4d60f7d1de7823b1d56d1c7206cfe27636ab8542383aee718c2d5b6f
Pre Webhost SQL Injection
Posted Jul 17, 2010
Authored by D4rk357

Pre Webhost suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
SHA-256 | 77f51ba784add431406c6bab60dc2057c4e59ab848f6d29b8a9b7921a488e955
Samba chain_reply Memory Corruption (Linux x86)
Posted Jul 17, 2010
Authored by jduck | Site metasploit.com

This exploits a memory corruption vulnerability present in Samba versions prior to 3.3.13. When handling chained response packets, Samba fails to validate the offset value used when building the next part. By setting this value to a number larger than the destination buffer size, an attacker can corrupt memory. Additionally, setting this value to a value smaller than 'smb_wct' (0x24) will cause the header of the input buffer chunk to be corrupted. After close inspection, it appears that 3.0.x versions of Samba are not exploitable. Since they use an "InputBuffer" size of 0x20441, an attacker cannot cause memory to be corrupted in an exploitable way. It is possible to corrupt the heap header of the "InputBuffer", but it didn't seem possible to get the chunk to be processed again prior to process exit. In order to gain code execution, this exploit attempts to overwrite a "talloc chunk" destructor function pointer. This particular module is capable of exploiting the flaw on x86 Linux systems that do not have the nx memory protection. NOTE: It is possible to make exploitation attempts indefinitely since Samba forks for user sessions in the default configuration.

tags | exploit, x86, code execution
systems | linux
advisories | CVE-2010-2063
SHA-256 | 62e4dbdef10ca045ef1ec88681d7b84288ebd9bf3ef44718fc8ad5724142a978
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close