Exploit the possiblities
Showing 1 - 25 of 937 RSS Feed

Files Date: 2010-07-01 to 2010-07-31

Mandriva Linux Security Advisory 2010-142
Posted Jul 28, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-142 - The slap_modrdn2mods function in modrdn.c in OpenLDAP 2.4.22 does not check the return value of a call to the smr_normalize function, which allows remote attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a modrdn call with an RDN string containing invalid UTF-8 sequences, which triggers a free of an invalid, uninitialized pointer in the slap_mods_free function, as demonstrated using the Codenomicon LDAPv3 test suite. OpenLDAP 2.4.22 allows remote attackers to cause a denial of service via a modrdn call with a zero-length RDN destination string, which is not properly handled by the smr_normalize function and triggers a NULL pointer dereference in the IA5StringNormalize function in schema_init.c, as demonstrated using the Codenomicon LDAPv3 test suite.

tags | advisory, remote, denial of service, arbitrary
systems | linux, mandriva
advisories | CVE-2010-0211, CVE-2010-0212
MD5 | 7c99ef64bfc0338ec6f317c16f73ff04
UPlusFTP Server 1.7.1.01 Buffer Overflow
Posted Jul 28, 2010
Authored by corelanc0d3r, Karn Ganeshen

UPlusFTP Server version 1.7.1.01 remote buffer overflow post authentication exploit.

tags | exploit, remote, overflow
MD5 | 60a3b2b94f3545e1846005844320d4f2
Symantec AMS Intel Alert Handler Command Execution
Posted Jul 28, 2010
Authored by Spider

Symantec Antivirus Corporate Edition AMS Intel Alert Handler service (hndlrsvc.exe) proof of concept command execution exploit.

tags | exploit, proof of concept
MD5 | 99af1c5cdd484a0a3d2744bc9ee6a38d
Jira 4.0.1 Cross Site Scripting
Posted Jul 28, 2010
Authored by MaXe

Jira version 4.0.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | bd54a2222350829abde01d653c24d6a4
Autonomy KeyView wkssr.dll Record Parsing Buffer Overflows
Posted Jul 28, 2010
Authored by Carsten Eiram | Site secunia.com

Secunia Research has discovered two vulnerabilities in Autonomy KeyView, which can be exploited by malicious people to compromise a vulnerable system. The vulnerabilities are caused by boundary errors in the SpreadSheet Lotus 123 reader (wkssr.dll) when parsing certain records. This can be exploited to cause stack-based buffer overflows via specially crafted files. Successful exploitation allows execution of arbitrary code. Autonomy KeyView versions 10.4 and 10.9 are affected.

tags | advisory, overflow, arbitrary, vulnerability
advisories | CVE-2010-0133
MD5 | 1e07e58e799d937de79f9a8685c827aa
Autonomy KeyView wkssr.dll String Indexing Vulnerability
Posted Jul 28, 2010
Authored by Carsten Eiram | Site secunia.com

Secunia Research has discovered a vulnerability in Autonomy KeyView, which can be exploited by malicious people to potentially compromise a vulnerable system. The vulnerability is caused by an error in the SpreadSheet Lotus 123 reader (wkssr.dll) when allocating an array of pointers during the parsing of a certain record type combined with how strings are later indexed. This can be exploited to corrupt memory via a specially crafted file. Successful exploitation may allow execution of arbitrary code. Autonomy KeyView versions 10.4 and 10.9 are affected.

tags | advisory, arbitrary
advisories | CVE-2010-1524
MD5 | 3d559dc765a3666312900d97ec293124
Zemana AntiLogger Local Privilege Escalation
Posted Jul 28, 2010
Authored by th_decoder

Zemana AntiLogger with AntiLog32.sys versions 1.5.2.755 and below suffer from a local privilege escalation vulnerability.

tags | exploit, local
MD5 | 3c52a66eb2c31dd73df27b7a44faf0b1
Cetera eCommerce 14.0 Cross Site Scripting / SQL Injection
Posted Jul 28, 2010
Authored by MustLive

Cetera eCommerce versions 14.0 and below suffer from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
MD5 | 2eaa26eb1f22884df3d3167bc069e4b0
Autonomy KeyView wkssr.dll Integer Underflow Vulnerability
Posted Jul 28, 2010
Authored by Carsten Eiram | Site secunia.com

Secunia Research has discovered a vulnerability in Autonomy KeyView, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system. The vulnerability is caused by an integer underflow error in the SpreadSheet Lotus 123 reader (wkssr.dll) when parsing the size of a specific record type. This can be exploited to cause a heap-based buffer overflow via a specially crafted file. Successful exploitation may allow execution of arbitrary code. Autonomy KeyView versions 10.4 and 10.9 are affected.

tags | advisory, denial of service, overflow, arbitrary
advisories | CVE-2010-1525
MD5 | 50abca786543ffdc74a394e0ff72c086
Autonomy KeyView wosr.dll Data Block Parsing Buffer Overflow
Posted Jul 28, 2010
Authored by Dyon Balding | Site secunia.com

Secunia Research has discovered a vulnerability in Autonomy KeyView, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused by a boundary error the WordPerfect 5.x reader (wosr.dll) when parsing data blocks and can be exploited to cause a heap-based buffer overflow via a specially crafted file. Successful exploitation may allow execution of arbitrary code. Autonomy KeyView versions 10.4 and 10.9 are affected.

tags | advisory, overflow, arbitrary
advisories | CVE-2010-0135
MD5 | 54f75386e8a64e96a4a8814d3df82ed6
Autonomy KeyView rtfsr.dll RTF Parsing Signedness Error
Posted Jul 28, 2010
Authored by Dyon Balding | Site secunia.com

Secunia Research has discovered a vulnerability in Autonomy KeyView, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused by a signedness error when parsing the argument to the "\\ls" keyword within a list override table entry in RTF files. This can be exploited to cause a buffer overflow via a specially crafted RTF file. Successful exploitation may allow execution of arbitrary code. Autonomy KeyView versions 10.4 and 10.9 are affected.

tags | advisory, overflow, arbitrary
advisories | CVE-2010-0134
MD5 | 051da84386777387a8d490662fbcab7b
Autonomy KeyView wkssr.dll Floating Point Conversion Buffer Overflow
Posted Jul 28, 2010
Authored by Carsten Eiram | Site secunia.com

Secunia Research has discovered a vulnerability in Autonomy KeyView, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused by a boundary error in the Spreadsheet Lotus 123 reader (wkssr.dll) when converting floating point values in certain record types. This can be exploited to cause a stack-based buffer overflow via a specially crafted file. Successful exploitation allows execution of arbitrary code. Autonomy KeyView versions 10.4 and 10.9 are affected.

tags | advisory, overflow, arbitrary
advisories | CVE-2010-0131
MD5 | b86bf4c0e20e58cec482e0807c9fbb94
Autonomy KeyView Compound File Parsing Buffer Overflow
Posted Jul 28, 2010
Authored by Carsten Eiram | Site secunia.com

Secunia Research has discovered a vulnerability in Autonomy KeyView, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused by a boundary error when parsing record data in compound documents. This can be exploited to cause a heap-based buffer overflow when an application using the vulnerable library parses e.g. a specially crafted Quattro Pro file. Successful exploitation allows execution of arbitrary code. Autonomy KeyView versions 10.4 and 10.9 are affected.

tags | advisory, overflow, arbitrary
advisories | CVE-2010-0126
MD5 | 51d0af3f78c93a798c10dd606371c9df
Apache Tomcat UTF-8 Directory Traversal
Posted Jul 28, 2010
Authored by Simon Ryeo, mywisdom

UTF-8 directory traversal /etc/passwd grabbing exploit for Apache Tomcat versions prior to 6.0.18.

tags | exploit, file inclusion
advisories | CVE-2008-2938
MD5 | be0f85711288d99a26465aac5493aec3
Joomla PhotoMap Gallery 1.6.0 SQL Injection
Posted Jul 28, 2010
Authored by Salvatore Fresta

Joomla PhotoMap Gallery version 1.6.0 suffers from multiple remote blind SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
MD5 | 929ef26fbab0a2d1e5aa1b95348554d7
AV Arcade 3 Insecure Cookie / SQL Injection
Posted Jul 28, 2010
Authored by saudi0hacker

AV Arcade version 3 suffers from insecure cookie and SQL injection vulnerabilities.

tags | exploit, vulnerability, sql injection, insecure cookie handling
MD5 | e24295757afa6e9f6b4a25d30a5fe4e7
nuBuilder 10.04.x Remote File Inclusion
Posted Jul 28, 2010
Authored by Ahlspiess

nuBuilder version 10.04.x suffers from a remote file inclusion vulnerability.

tags | exploit, remote, code execution, file inclusion
MD5 | d451eae5886197e24dccb93485ece7ea
Secunia Security Advisory 40741
Posted Jul 28, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for jboss-seam2. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
systems | linux, redhat
MD5 | 1885f500c7d8fe88f35cd6bccb9551a6
Secunia Security Advisory 40740
Posted Jul 28, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue and a vulnerability have been reported in MediaWiki, which can be exploited by malicious people to disclose potentially sensitive information and conduct cross-site scripting attacks.

tags | advisory, xss
MD5 | d256e7d7aa961f062a1ccb43a814ed60
Secunia Security Advisory 40679
Posted Jul 28, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in Zabbix, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
MD5 | 9c77181788849b7fef46c1cbeac37df1
Secunia Security Advisory 40727
Posted Jul 28, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in KVIrc, which can be exploited by malicious people to hijack IRC connections.

tags | advisory
MD5 | d81f8ab64b57ef18925cc1a397d7fc7d
Secunia Security Advisory 40737
Posted Jul 28, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in bozohttpd, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory
MD5 | c669946e2c4504078dda399855579e65
Secunia Security Advisory 40744
Posted Jul 28, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in nuBuilder, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
MD5 | e60282b28a3820e9a13b9603b24bf551
Secunia Security Advisory 40713
Posted Jul 28, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in hsolinkcontrol, which can be exploited by malicious, local users to gain escalated privileges.

tags | advisory, local, vulnerability
MD5 | 9442a238f62946101e1927378ef6e2c1
Secunia Security Advisory 40753
Posted Jul 28, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue has been reported in the Front End User Registration extension for TYPO3, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory
MD5 | 00146257b5b1ceb672e21e8b345fcea6
Page 1 of 38
Back12345Next

File Archive:

December 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    15 Files
  • 2
    Dec 2nd
    2 Files
  • 3
    Dec 3rd
    1 Files
  • 4
    Dec 4th
    15 Files
  • 5
    Dec 5th
    15 Files
  • 6
    Dec 6th
    18 Files
  • 7
    Dec 7th
    17 Files
  • 8
    Dec 8th
    15 Files
  • 9
    Dec 9th
    13 Files
  • 10
    Dec 10th
    4 Files
  • 11
    Dec 11th
    41 Files
  • 12
    Dec 12th
    44 Files
  • 13
    Dec 13th
    25 Files
  • 14
    Dec 14th
    15 Files
  • 15
    Dec 15th
    28 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close