what you don't know can hurt you
Showing 1 - 25 of 42 RSS Feed

Files Date: 2010-07-23

Joomla GolfCourseGuide SQL Injection
Posted Jul 23, 2010
Authored by Valentin Hoebel

Joomla GolfCourseGuide component versions 0.9.6.0 Beta and 1 Beta suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 3d6ec581d8070b9739c7f267a8d19b7b
Mandriva Linux Security Advisory 2010-138
Posted Jul 23, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-138 - Ovidiu Mara reported a vulnerability in ping.c (iputils) that could cause ping to hang when responding to a malicious echo reply. The updated packages have been patched to correct these issues.

tags | advisory
systems | linux, mandriva
advisories | CVE-2010-2529
MD5 | f3a0872b53366adca0c324b1c26cef97
WATOBO Web Application Toolbox Auditor 0.9.2rev149
Posted Jul 23, 2010
Authored by Andreas Schmidt | Site watobo.sourceforge.net

WATOBO, the Web Application Toolbox, is a tool that enables security professionals to perform highly efficient (semi-automated) web application security audits. It acts like a local proxy and analyzes the traffic on the fly for helpful information and vulnerabilities. It also has automated scanning capabilities, e.g. SQL injection, cross site scripting and more.

Changes: New history navigation, new fuzzer engine, improved differ usability, and WATOBO now runs on Windows, Linux and MAC.
tags | tool, web, local, scanner, vulnerability, xss, sql injection
systems | unix
MD5 | f34e3a20366000b0e58427945094a5f9
Ubuntu Security Notice 930-5
Posted Jul 23, 2010
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 930-5 - USN-930-4 fixed vulnerabilities in Firefox and Xulrunner on Ubuntu 9.04 and 9.10. This update provides updated packages for use with Firefox 3.6 and Xulrunner 1.9.2. It was discovered that Firefox could be made to access freed memory. A flaw was discovered in the way plugin instances interacted. An integer overflow was discovered in Firefox. Martin Barbella discovered an integer overflow in an XSLT node sorting routine. Michal Zalewski discovered that the focus behavior of Firefox could be subverted. Ilja van Sprundel discovered that the 'Content-Disposition: attachment' HTTP header was ignored when 'Content-Type: multipart' was also present.

tags | advisory, web, overflow, vulnerability
systems | linux, ubuntu
advisories | CVE-2008-5913, CVE-2010-0654, CVE-2010-1121, CVE-2010-1125, CVE-2010-1196, CVE-2010-1197, CVE-2010-1198, CVE-2010-1199, CVE-2010-1200, CVE-2010-1201, CVE-2010-1202, CVE-2010-1203, CVE-2010-1205, CVE-2010-1206, CVE-2010-1207, CVE-2010-1208, CVE-2010-1209, CVE-2010-1210
MD5 | b18fb0e1a60d1c8024c63d29cf99455e
Ubuntu Security Notice 930-4
Posted Jul 23, 2010
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 930-4 - USN-930-1 fixed vulnerabilities in Firefox and Xulrunner. This update provides the corresponding updates for Ubuntu 9.04 and 9.10, along with additional updates affecting Firefox 3.6.6. If was discovered that Firefox could be made to access freed memory. A flaw was discovered in the way plugin instances interacted. An integer overflow was discovered in Firefox. Martin Barbella discovered an integer overflow in an XSLT node sorting routine. Michal Zalewski discovered that the focus behavior of Firefox could be subverted. Ilja van Sprundel discovered that the 'Content-Disposition: attachment' HTTP header was ignored when 'Content-Type: multipart' was also present.

tags | advisory, web, overflow, vulnerability
systems | linux, ubuntu
advisories | CVE-2008-5913, CVE-2010-0654, CVE-2010-1121, CVE-2010-1125, CVE-2010-1196, CVE-2010-1197, CVE-2010-1198, CVE-2010-1199, CVE-2010-1200, CVE-2010-1201, CVE-2010-1202, CVE-2010-1203, CVE-2010-1205, CVE-2010-1206, CVE-2010-1207, CVE-2010-1208, CVE-2010-1209, CVE-2010-1210
MD5 | 8dac06ec88431ebfc36d057240bcabe5
Ubuntu Security Notice 927-8
Posted Jul 23, 2010
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 927-8 - USN-927-1 fixed vulnerabilities in NSS. This update provides the Thunderbird update to use the new NSS. Original advisory details: Marsh Ray and Steve Dispensa discovered a flaw in the TLS and SSLv3 protocols. If an attacker could perform a man in the middle attack at the start of a TLS connection, the attacker could inject arbitrary content at the beginning of the user's session. This update adds support for the new new renegotiation extension and will use it when the server supports it.

tags | advisory, arbitrary, vulnerability, protocol
systems | linux, ubuntu
MD5 | 64b84ca6839b3b57d046d740d8088886
PhotoPost PHP 4.0 - 4.6 SQL Injection
Posted Jul 23, 2010
Authored by Cyber-sec

PhotoPost PHP versions 4.0 through 4.6 suffer from a remote SQL injection vulnerability.

tags | exploit, remote, php, sql injection
MD5 | a1cdbe934b4c194f8d956b20c508495b
SAP NetWeaver SLD 6.4 - 7.02 Cross Site Scripting
Posted Jul 23, 2010
Authored by Sh2kerr, Alexey Troshichev | Site dsecrg.com

SAP NetWeaver SLD versions 6.4 through 7.02 suffer from multiple cross site scripting vulnerabilities.

tags | advisory, vulnerability, xss
MD5 | 451abfbc0ef4b0e2a82befc9477d71d6
ZeeMatri 3x Shell Upload
Posted Jul 23, 2010
Authored by SONiC

ZeeMatri version 3x suffers from a shell upload vulnerability.

tags | exploit, shell
MD5 | 4a637cc7d960b8f6d2938e0878df9701
SAP Netweaver 6.4 - 7.0 Cross Site Scripting
Posted Jul 23, 2010
Authored by Sh2kerr | Site dsecrg.com

SAP Netweaver versions 6.4 through 7.0 suffer from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | d16c41273ad057de749869ddaaf86c49
AIX 5l FTPd Hash Disclosure
Posted Jul 23, 2010
Authored by Kingcope

AIX 5l with FTP server remote root hash disclosure exploit. Creates a coredump including the root user hash from /etc/security/passwd. This is the second version that was written to be more portable between hosts.

tags | exploit, remote, root
systems | aix
MD5 | 9960734c7ca1d426705d71ffbd6d6444
ZeeNetworking 1x Shell Upload
Posted Jul 23, 2010
Authored by SONiC

ZeeNetworking 1x suffers from a shell upload vulnerability.

tags | exploit, shell
MD5 | 9b98bd7441a1a70a3be86f41f1bef75e
LILDBI 1.2 Shell Upload
Posted Jul 23, 2010
Authored by EraGoN

LILDBI version 1.2 suffers from a shell upload vulnerability.

tags | exploit, shell
MD5 | 88a47e0099f7145fcc053be4246ad19b
ZeeAdBox 2x SQL Injection
Posted Jul 23, 2010
Authored by SONiC

ZeeAdBox version 2x suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 1605cc658d69a73544d471f86bedb6d1
Ubuntu Security Notice 957-1
Posted Jul 23, 2010
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 957-1 - Several flaws were discovered in the browser engine of Firefox. If a user were tricked into viewing a malicious site, a remote attacker could use this to crash the browser or possibly run arbitrary code as the user invoking the program. Various integer overflows and other issues have also been addressed.

tags | advisory, remote, overflow, arbitrary
systems | linux, ubuntu
advisories | CVE-2010-0654, CVE-2010-1205, CVE-2010-1206, CVE-2010-1207, CVE-2010-1208, CVE-2010-1209, CVE-2010-1210, CVE-2010-1211, CVE-2010-1212, CVE-2010-1213, CVE-2010-1214, CVE-2010-1215, CVE-2010-2751, CVE-2010-2752, CVE-2010-2753, CVE-2010-2754
MD5 | 7a1629e070c14bb4c39b6846bb407b61
Ubuntu Security Notice 927-7
Posted Jul 23, 2010
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 927-7 - USN-927-4 fixed vulnerabilities in NSS. This update provides the NSPR needed to use the new NSS. Original advisory details: Marsh Ray and Steve Dispensa discovered a flaw in the TLS and SSLv3 protocols. If an attacker could perform a man in the middle attack at the start of a TLS connection, the attacker could inject arbitrary content at the beginning of the user's session. This update adds support for the new new renegotiation extension and will use it when the server supports it.

tags | advisory, arbitrary, vulnerability, protocol
systems | linux, ubuntu
MD5 | f5a372a92aec2d56467fcbe6e439463c
Ubuntu Security Notice 927-6
Posted Jul 23, 2010
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 927-6 - USN-927-1 fixed vulnerabilities in NSS on Ubuntu 9.10. This update provides the corresponding updates for Ubuntu 9.04. Original advisory details: Marsh Ray and Steve Dispensa discovered a flaw in the TLS and SSLv3 protocols. If an attacker could perform a man in the middle attack at the start of a TLS connection, the attacker could inject arbitrary content at the beginning of the user's session. This update adds support for the new new renegotiation extension and will use it when the server supports it.

tags | advisory, arbitrary, vulnerability, protocol
systems | linux, ubuntu
advisories | CVE-2009-3555
MD5 | db50040bea6baa775cf39cbee8ab38e7
Skipfish Web Application Scanner 1.52b
Posted Jul 23, 2010
Authored by Michal Zalewski | Site code.google.com

Skipfish is a fully automated, active web application security reconnaissance tool. It is high speed, has a low false positive rate, and is easy to use.

Changes: Fixed HTTP read loop after 1.48b.
tags | tool, web, scanner
systems | unix
MD5 | 5ac0a84afa132a5fc302f292c897a954
Secunia Security Advisory 40706
Posted Jul 23, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fedora has issued an update for thunderbird and sunbird. This fixes some vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, bypass certain security restrictions, and compromise a user's system.

tags | advisory, vulnerability
systems | linux, fedora
MD5 | 172d902980769171d9fefc6582b5e56c
Secunia Security Advisory 40708
Posted Jul 23, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fedora has issued an update for seamonkey. This fixes some vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, potentially conduct cross-site scripting attacks, bypass certain security restrictions, conduct spoofing attacks, and compromise a user's system.

tags | advisory, spoof, vulnerability, xss
systems | linux, fedora
MD5 | fe8c64bd8090d9235eee1d891e87dc15
Secunia Security Advisory 40691
Posted Jul 23, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in the Linux Kernel, which can be exploited by malicious, local users to conduct DNS cache poisoning attacks.

tags | advisory, kernel, local
systems | linux
MD5 | 7c0783fb696d81d2684dbc13f41fc108
Secunia Security Advisory 40710
Posted Jul 23, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - IBM has acknowledged a security issue in IBM Java, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory, java
MD5 | 2aa7e74ab29628ec0457bfbecb82406d
Secunia Security Advisory 40692
Posted Jul 23, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in the myLinksDump plugin for WordPress, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, sql injection
MD5 | 4b2c3164c44f365cb0425310820b029e
Secunia Security Advisory 40680
Posted Jul 23, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for firefox and xulrunner. This fixes some vulnerabilities, which can be exploited by malicious people to disclose sensitive information, potentially conduct cross-site scripting attacks, bypass certain security restrictions, conduct spoofing attacks, or to compromise a user's system.

tags | advisory, spoof, vulnerability, xss
systems | linux, ubuntu
MD5 | 5baa1dabf565e4433a48490b99550853
Secunia Security Advisory 40683
Posted Jul 23, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for firefox and xulrunner. This fixes some vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, potentially conduct cross-site scripting attacks, bypass certain security restrictions, conduct spoofing attacks, and compromise a user's system.

tags | advisory, spoof, vulnerability, xss
systems | linux, ubuntu
MD5 | 466d00a004f140f4321c9c1a448ce649
Page 1 of 2
Back12Next

File Archive:

October 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    15 Files
  • 2
    Oct 2nd
    16 Files
  • 3
    Oct 3rd
    15 Files
  • 4
    Oct 4th
    15 Files
  • 5
    Oct 5th
    11 Files
  • 6
    Oct 6th
    6 Files
  • 7
    Oct 7th
    2 Files
  • 8
    Oct 8th
    1 Files
  • 9
    Oct 9th
    13 Files
  • 10
    Oct 10th
    16 Files
  • 11
    Oct 11th
    15 Files
  • 12
    Oct 12th
    23 Files
  • 13
    Oct 13th
    13 Files
  • 14
    Oct 14th
    12 Files
  • 15
    Oct 15th
    2 Files
  • 16
    Oct 16th
    16 Files
  • 17
    Oct 17th
    16 Files
  • 18
    Oct 18th
    14 Files
  • 19
    Oct 19th
    8 Files
  • 20
    Oct 20th
    7 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close