what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 33 RSS Feed

Files Date: 2010-08-24

Zero Day Initiative Advisory 10-159
Posted Aug 24, 2010
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 10-159 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Lotus Notes Email Client. User interaction is required to exploit this vulnerability in that the target must open a malicious email attachment. The specific flaw exists within the Lotus Notes file viewer utilizing the KeyView SDK to render a malformed .wk3 document. The application will trust a length specified in the file in order to read a number of bytes into a statically allocated buffer. This leads to a buffer overflow and can lead to code execution under the context of the application.

tags | advisory, remote, overflow, arbitrary, code execution
SHA-256 | 07a662e823b1c48b0488fa5bf4785655dac16efed3acf3a179e4943e49c57461
Zero Day Initiative Advisory 10-158
Posted Aug 24, 2010
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 10-158 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Lotus Notes Email Client. User interaction is required to exploit this vulnerability in that the target must open a malicious email attachment. The specific flaw exists within the Lotus Notes file viewer utilizing the KeyView SDK to render a malformed .wk3 document. The application will mistrust a length used to allocate a buffer. Later, the application will use a differently calculated length in a copy used to initialize that buffer. This leads to a buffer overflow and can lead to code execution under the context of the application.

tags | advisory, remote, overflow, arbitrary, code execution
SHA-256 | aa87f560104a2a07040f49eb78c2fb02bb94b9f1b12d0051ae242816f00c2219
Mono libgdiplus Image Processing Three Integer Overflows
Posted Aug 24, 2010
Authored by Stefan Cornelius | Site secunia.com

Secunia Research has discovered three integer overflow vulnerabilities in libgdiplus for Mono, which can be exploited by malicious people to compromise an application using the library. Version 2.6.7 is affected.

tags | advisory, overflow, vulnerability
advisories | CVE-2010-1526
SHA-256 | ea9c0dd4e0ae6caef818713363a025771127f81ca5d4db62da1b8b3654b2e0ee
Zero Day Initiative Advisory 10-157
Posted Aug 24, 2010
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 10-157 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Lotus Notes Email Client. User interaction is required to exploit this vulnerability in that the target must open a malicious email attachment. The specific flaw exists within the Lotus Notes file viewer utilizing the KeyView SDK to render a Word document containing a malformed shape. The application will calculate a length incorrectly when using it to copy data into an allocated buffer. This can lead to code execution under the context of the application.

tags | advisory, remote, arbitrary, code execution
SHA-256 | 7eaf4e9fe75b91866e7e1361b85fa2bbff07b8b435ecbe5a0e508954308f6770
Zero Day Initiative Advisory 10-156
Posted Aug 24, 2010
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 10-156 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Lotus Notes Email Client. User interaction is required to exploit this vulnerability in that the target must open a malicious email attachment. The specific flaw exists within the Lotus Notes file viewer utilizing the KeyView SDK to render a malformed Word document. The application will copy an arbitrarily sized ASCII string representing the font name into a constant sized buffer located on the stack. If large enough this will lead to a buffer overflow and can lead to code execution under the context of the application.

tags | advisory, remote, overflow, arbitrary, code execution
SHA-256 | 1949c349f722e2055cfd9da3a013ef7d87d2575f0c7c3471abed500176d2f4ea
Security Mitigations For Return-Oriented Programming Attacks
Posted Aug 24, 2010
Authored by Piotr Bania

Whitepaper called Security Mitigations for Return-Oriented Programming Attacks.

tags | paper
SHA-256 | 41f3edf0bb4f700984a9301ce40e45539890331a9b270c62e5aff98dc0a80763
Binary Code Modification
Posted Aug 24, 2010
Authored by Celil Unuver

Whitepaper called Binary Code Modification. Written in Turkish.

tags | paper
SHA-256 | 49805184f64edbdcb7348ceb0f235ba851a2bb0a8153b48cd0f1b6972aeffb5a
OpenBlog Code Execution
Posted Aug 24, 2010
Site bkis.com

OpenBlog versions prior to 1.2.1 suffer from bypass authentication, cross site scripting and cross site request forgery.

tags | advisory, xss, csrf
SHA-256 | 081d63ce75bf6ae7371626e05df2d9b71077e0b5d07c591a6e1a41f00e95a97e
Novell iPrint Client Browser PluginGetDriverFile Uninitialized Pointer Remote Code Execution
Posted Aug 24, 2010
Authored by Aaron Portnoy | Site tippingpoint.com

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Novell iPrint client. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists within the ienipp.ocx ActiveX control with CLSID 36723f97-7aa0-11d4-8919-FF2D71D0D32C. The function exposes a GetDriverFile method. When this method is invoked for the first time a pointer in the .data section is mapped to an external function within another module. When invoked the second time, the process fails to load the library and assumes the pointer is still valid. When the uninitialized pointer is called the process jumps to an address space easily controlled by an attacker. This can be leveraged to execute remote code under the context of the user running the browser.

tags | advisory, remote, arbitrary, activex
SHA-256 | e0cfa3e2cd1ddcbcc01059726eacacbe82ac5d6853c2f30996a1f6f81e23e936
Mandriva Linux Security Advisory 2010-159
Posted Aug 24, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-159 - GNU gv before 3.7.0 allows local users to overwrite arbitrary files via a symlink attack on a temporary file. This update provides gv 3.7.1, which is not vulnerable to this issue.

tags | advisory, arbitrary, local
systems | linux, mandriva
advisories | CVE-2010-2056
SHA-256 | 3b8275578b70c3d4d40eee96a64eeaff2db63bc968db4b5f2d80fe1c1abc58e9
Cracking Salted Hashes
Posted Aug 24, 2010
Authored by FB1H2S

Whitepaper called Cracking Salted Hashes. The Do's and Don'ts of "Salt Cryptography".

tags | paper
SHA-256 | 2994290c21b4a94ba28fba881b3dd0dc6662a6442242e2f9b7f809a064ad0377
Password Sniffing In Wireshark
Posted Aug 24, 2010
Authored by rOckHuntEr

Brief whitepaper touching on how to use Wireshark for password sniffing. Written in Arabic.

tags | paper
SHA-256 | 7eacf1df077b891bea39f52dc68658cd50ef625393d0cb2f6198e31cb0b0c56d
Debian Linux Security Advisory 2095-1
Posted Aug 24, 2010
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2095-1 - Alasdair Kergon discovered that the cluster logical volume manager daemon (clvmd) in lvm2, The Linux Logical Volume Manager, does not verify client credentials upon a socket connection, which allows local users to cause a denial of service.

tags | advisory, denial of service, local
systems | linux, debian
advisories | CVE-2010-2526
SHA-256 | 97b1dd1b6c2d96ccbdc89dc1e7aef5cdb030d254fff753d47754000812aa70c2
VWar Cross Site Scripting / SQL Injection / Broken Access Controls
Posted Aug 24, 2010
Authored by Darren McDonald

VWar suffers from cross site scripting, remote SQL injection, broken access controls and weak password generation vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
SHA-256 | 340cfcbbdfb9644effebb0512c1fe8ff862d9442b4ea2ba49f74bc3aab9d6bc7
3D FTP Client 9.0 Build 2 Directory Traversal
Posted Aug 24, 2010
Authored by High-Tech Bridge SA | Site htbridge.com

3D FTP Client version 9.0 build 2 suffers from a directory traversal vulnerability.

tags | exploit, file inclusion
SHA-256 | 868f391598d9f4bdb9b15447548cd654613dff4f6412410becde33ad634856f9
Microsoft Windows IcmpSendEcho2Ex Denial Of Service
Posted Aug 24, 2010
Authored by l3D

Microsoft Windows IcmpSendEcho2Ex interrupting denial of service exploit.

tags | exploit, denial of service
systems | windows
SHA-256 | bfe682637a30a40efe730c2072a6c4328d1d0d540323d45a9459237bcc64a59b
Abyssal Metal Player 2.0.9 Denial Of Service
Posted Aug 24, 2010
Authored by 41.w4r10r

Abyssal Metal Player version 2.0.9 denial of service exploit that creates a malicious .avi file.

tags | exploit, denial of service
SHA-256 | 2a195406d01d94ee193f522339cc1f1724d6579bb4cf1bab820d7af4d37de69f
Tplayer V1R10 Denial Of Service
Posted Aug 24, 2010
Authored by 41.w4r10r

Tplayer V1R10 denial of service exploit that creates a malicious .mp3 file.

tags | exploit, denial of service
SHA-256 | 49b7972127296e6bcb4aaafb6c4f72bb8aa04f7dd1109bcdf9dc5df59e191f0e
Mandriva Linux Security Advisory 2010-158
Posted Aug 24, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-158 - functions/imap_general.php in SquirrelMail before 1.4.21 does not properly handle 8-bit characters in passwords, which allows remote attackers to cause a denial of service by making many IMAP login attempts with different usernames, leading to the creation of many preferences files. This update provides squirrelmail 1.4.21, which is not vulnerable to this issue.

tags | advisory, remote, denial of service, php, imap
systems | linux, mandriva
advisories | CVE-2010-2813
SHA-256 | 6c9fba4124976b0bdd310cef7966a54550356155dee580b085e917c4282f3ee0
T-Dreams Announcement Script SQL Injection
Posted Aug 24, 2010
Authored by Br0wn Sug4r

T-Dreams Announcement Script suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | e1e7ff3bbcd70b49f674f486481ea71fd2282fd1ce59675868efe7bd61d4f4c3
netStartEnterprise 4.0 SQL Injection
Posted Aug 24, 2010
Authored by L1nK

netStartEnterprise version 4.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 021191cca2ef7c4e03149b0001779f290e2a096a46db7fa165a8a9d5df8e6e95
Joomla Fabrik SQL Injection
Posted Aug 24, 2010
Authored by Mkr0x

The Joomla Fabrik component suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 25af988561d1aba631680416fc9ed4dba53b08c8a30b4023d1ef9c3acfef20b3
E107 Cross Site Scripting / Cross Site Request Forgery
Posted Aug 24, 2010
Authored by Justin C. Klein Keane

e107 version 0.7.22 suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | advisory, vulnerability, xss, csrf
SHA-256 | 18d87a1b6633c7641658c0f1c3580accf0a28d401bcf0ac63de69bd33dc3896f
SDRF Vulnerability In Web Applications And Browsers
Posted Aug 24, 2010
Authored by Vladimir Vorontsov

Whitepaper called SDRF Vulnerability in Web Applications and Browsers. Like the known CSRF (Cross-Site Request Forgery) vulnerability, SDRF falsifies HTTP requests of users, but in contrast to CSRF, it forges the requests, that are send by a user to the same domain, where the malicious code, that exploits the vulnerability, is located.

tags | paper, web, csrf
SHA-256 | 2bbcbc1e7df3589650f1f93ca4947b1b1933ac3ec1b1c76dbcedd97997b7f901
AutoFTP Manager 4.31 Directory Traversal
Posted Aug 24, 2010
Authored by High-Tech Bridge SA | Site htbridge.com

AutoFTP Manager version 4.31 suffers from a directory traversal vulnerability.

tags | exploit, file inclusion
SHA-256 | 53f94940c4fbf3cbb4c2d8ae6d4d882877de52e1f3a78c2919e60d62b8335aa1
Page 1 of 2
Back12Next

File Archive:

August 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    20 Files
  • 2
    Aug 2nd
    4 Files
  • 3
    Aug 3rd
    6 Files
  • 4
    Aug 4th
    55 Files
  • 5
    Aug 5th
    16 Files
  • 6
    Aug 6th
    0 Files
  • 7
    Aug 7th
    0 Files
  • 8
    Aug 8th
    13 Files
  • 9
    Aug 9th
    13 Files
  • 10
    Aug 10th
    34 Files
  • 11
    Aug 11th
    16 Files
  • 12
    Aug 12th
    0 Files
  • 13
    Aug 13th
    0 Files
  • 14
    Aug 14th
    0 Files
  • 15
    Aug 15th
    0 Files
  • 16
    Aug 16th
    0 Files
  • 17
    Aug 17th
    0 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close