exploit the possibilities
Showing 1 - 16 of 16 RSS Feed

Files Date: 2010-07-17

Zero Day Initiative Advisory 10-129
Posted Jul 17, 2010
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 10-129 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell Groupwise Internet Agent. Authentication is required to exploit this vulnerability. The flaw exists within the IMAP functionality included with GWIA. When provided with an overly long mailbox name to the CREATE verb, the IMAP server can be forced to overflow a buffer on the stack. Successful exploitation leads to remote code execution under the context of the server.

tags | advisory, remote, overflow, arbitrary, imap, code execution
MD5 | 8cca1277e54171d91b56bac122774274
Group Office 3.5.9 Remote Command Execution
Posted Jul 17, 2010
Authored by ADEO Security

Group Office version 3.5.9 suffers from a remote command execution vulnerability.

tags | exploit, remote
MD5 | b360fec27a08401a80e7de45e0d492fe
Novell Groupwise Internet Agent Stack Overflow
Posted Jul 17, 2010
Authored by Francis Provencher

The Novell Groupwise Internet Agent suffers from a remote code execution vulnerability due to a stack overflow.

tags | exploit, remote, overflow, code execution
MD5 | 5f9b3e490f11794b9e1d6837e9b2ba99
ActiTime 2.0-MA Cross Site Request Forgery
Posted Jul 17, 2010
Authored by Markot | Site corelan.be

ActiTime version 2.0-MA suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | b327bcc93de5ce2ad5988f814a14f454
My Book Insecure Cookie Handling
Posted Jul 17, 2010
Authored by indoushka

My Book suffers from an insecure cookie handling vulnerability.

tags | exploit, insecure cookie handling
MD5 | 7dc8c72f2ad9db5f5fbf4eb88a84c19a
Kanarya Shop Database Disclosure
Posted Jul 17, 2010
Authored by indoushka

Kanarya Shop suffers from a remote database disclosure vulnerability.

tags | exploit, remote, info disclosure
MD5 | a884ca2a3c8d61e56ecea7a82339ffcc
Advanced Management For Services Sites Remote File Inclusion
Posted Jul 17, 2010
Authored by indoushka

Advanced Management For Services Sites suffers from a remote file inclusion vulnerability.

tags | exploit, remote, code execution, file inclusion
MD5 | 90f6be8ede477df7e6561238bb2999ed
Group Office SQL Injection
Posted Jul 17, 2010
Authored by ADEO Security

Group Office suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | d5580f3aac9c03af60c717c2da61b973
Power/Personal FTP Server Denial Of Service
Posted Jul 17, 2010
Authored by antrhacks

Power/Personal FTP server version 2.30 RETR remote denial of service exploit.

tags | exploit, remote, denial of service
MD5 | 4556df6af2953c21c9da7a26171e4828
Haihaisoft PDF Reader Buffer Overflow
Posted Jul 17, 2010
Authored by shinnai

Haihaisoft PDF Reader with OCX control version 1.1.2.0 suffers from a remote buffer overflow vulnerability.

tags | exploit, remote, overflow
MD5 | 1143781c492509aaa54392191231be99
Mini-Stream RM-MP3 Converter 3.1.2.1 Buffer Overflow
Posted Jul 17, 2010
Authored by MadjiX

Universal stack buffer overflow exploit for Mini-Stream RM-MP3 Converter version 3.1.2.1 that creates a malicious .pls file.

tags | exploit, overflow
MD5 | 54609d2b91f2e4a6dba2ed4dfcd267a3
Pre Podcast Portal SQL Injection
Posted Jul 17, 2010
Authored by D4rk357

Pre Podcast Portal suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
MD5 | 01a36988e529ebe571424e1de9f14390
SoftClones Marketing Management SQL Injection
Posted Jul 17, 2010
Authored by D4rk357

SoftClones Marketing Management System suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
MD5 | b3d912fbd30ec5ee98792d03222eeff0
Pre Dynamic Institution SQL Injection
Posted Jul 17, 2010
Authored by D4rk357

Pre Dynamic Institution Web suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, web, sql injection
MD5 | cfba9226c0e87f7eb1f384ec6af3d3e5
Pre Webhost SQL Injection
Posted Jul 17, 2010
Authored by D4rk357

Pre Webhost suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
MD5 | 2da71c595db396d7fef1068e7416365a
Samba chain_reply Memory Corruption (Linux x86)
Posted Jul 17, 2010
Authored by jduck | Site metasploit.com

This exploits a memory corruption vulnerability present in Samba versions prior to 3.3.13. When handling chained response packets, Samba fails to validate the offset value used when building the next part. By setting this value to a number larger than the destination buffer size, an attacker can corrupt memory. Additionally, setting this value to a value smaller than 'smb_wct' (0x24) will cause the header of the input buffer chunk to be corrupted. After close inspection, it appears that 3.0.x versions of Samba are not exploitable. Since they use an "InputBuffer" size of 0x20441, an attacker cannot cause memory to be corrupted in an exploitable way. It is possible to corrupt the heap header of the "InputBuffer", but it didn't seem possible to get the chunk to be processed again prior to process exit. In order to gain code execution, this exploit attempts to overwrite a "talloc chunk" destructor function pointer. This particular module is capable of exploiting the flaw on x86 Linux systems that do not have the nx memory protection. NOTE: It is possible to make exploitation attempts indefinitely since Samba forks for user sessions in the default configuration.

tags | exploit, x86, code execution
systems | linux
advisories | CVE-2010-2063
MD5 | 8062b52a5590ee932de029a55d8641fb
Page 1 of 1
Back1Next

File Archive:

April 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    21 Files
  • 2
    Apr 2nd
    35 Files
  • 3
    Apr 3rd
    21 Files
  • 4
    Apr 4th
    16 Files
  • 5
    Apr 5th
    15 Files
  • 6
    Apr 6th
    1 Files
  • 7
    Apr 7th
    2 Files
  • 8
    Apr 8th
    23 Files
  • 9
    Apr 9th
    19 Files
  • 10
    Apr 10th
    15 Files
  • 11
    Apr 11th
    14 Files
  • 12
    Apr 12th
    11 Files
  • 13
    Apr 13th
    2 Files
  • 14
    Apr 14th
    5 Files
  • 15
    Apr 15th
    14 Files
  • 16
    Apr 16th
    19 Files
  • 17
    Apr 17th
    19 Files
  • 18
    Apr 18th
    8 Files
  • 19
    Apr 19th
    4 Files
  • 20
    Apr 20th
    5 Files
  • 21
    Apr 21st
    1 Files
  • 22
    Apr 22nd
    10 Files
  • 23
    Apr 23rd
    22 Files
  • 24
    Apr 24th
    4 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close