what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 65 RSS Feed

Files Date: 2010-08-30

Debian Linux Security Advisory 2100-1
Posted Aug 30, 2010
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2100-1 - George Guninski discovered a double free in the ECDH code of the OpenSSL crypto library, which may lead to denial of service and potentially the execution of arbitrary code.

tags | advisory, denial of service, arbitrary, crypto
systems | linux, debian
advisories | CVE-2010-2939
SHA-256 | 3909f527b897a5b897e023ce44d7c8ead354203ce693f5c7850f56715487e780
Mandriva Linux Security Advisory 2010-165
Posted Aug 30, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-165 - Heap-based buffer overflow in the HX_split function in string.c in libHX before 3.6 allows remote attackers to execute arbitrary code or cause a denial of service via a string that is inconsistent with the expected number of fields. The updated packages have been patched to correct this issue.

tags | advisory, remote, denial of service, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2010-2947
SHA-256 | 7c17832ce2648dd5df2b0c1c15a0b95e4de8654ea3c56acabf9bf515866c5190
AuditX Initial Recon Script
Posted Aug 30, 2010
Authored by noptrix | Site nullsecurity.net

AuditX is a shell script that performs initial information gathering for a given target. Can be used prior to a penetration test, etc.

tags | tool, shell
systems | unix
SHA-256 | a01a350bb540d200dca06d152ff91c9a912f5d90e82cf36ad84a9e9646b62f95
Whitepaper Called Binary Modification
Posted Aug 30, 2010
Authored by Celil Unuver

Whitepaper called Binary Modification [Patching Vulnerabilities]. This is the English version.

tags | paper, vulnerability
SHA-256 | af82ee20ef73831193428f3a2a6559efa83590257c927a910ce46f38bf607354
Rapid7 Security Advisory 36
Posted Aug 30, 2010
Authored by H D Moore, Rapid7, Will Vandevanter | Site rapid7.com

Rapid7 Security Advisory - FCKEditor contains a file renaming bug that allows remote code execution. Specifically, it is possible to upload ASP code via the ASP.NET connector in FCKEditor. The vulnerability requires that the remote server be running IIS. This vulnerability has been confirmed on FCKEditor 2.5.1 and 2.6.6.

tags | exploit, remote, code execution, asp
advisories | CVE-2009-4444
SHA-256 | d7ff7819bc5c1b9397d022f19065769fe00e58d1169b50c1ef3b83d03e7b2950
Apple QuickTime 7.6.7 _Marshaled_pUnk Code Execution
Posted Aug 30, 2010
Authored by Ruben Santamarta, jduck | Site metasploit.com

This Metasploit module exploits a memory trust issue in Apple QuickTime 7.6.7. When processing a specially-crafted HTML page, the QuickTime ActiveX control will treat a supplied parameter as a trusted pointer. It will then use it as a COM-type pUnknown and lead to arbitrary code execution. This exploit utilizes a combination of heap spraying and the QuickTimeAuthoring.qtx module to bypass DEP and ASLR. This Metasploit module does not opt-in to ASLR. As such, this module should be reliable on all Windows versions. NOTE: The addresses may need to be adjusted for older versions of QuickTime.

tags | exploit, arbitrary, code execution, activex
systems | windows, apple
advisories | CVE-2010-1818
SHA-256 | ad2a818e38de29a3d18064e2a155fb84222ea75ee5b000f0fd2526843600bd1b
Apple QuickTime _Marshaled_pUnk Backdoor Parameter Code Execution
Posted Aug 30, 2010
Authored by Ruben Santamarta | Site reversemode.com

Apple QuickTime suffers from a "_Marshaled_pUnk" backdoor parameter client-side arbitrary code execution vulnerability.

tags | exploit, arbitrary, code execution
systems | apple
SHA-256 | 644b799b15a352ece2eb968a2fc1a39765068d3237f090e9e9ad901abdde450d
Global Constructor And Destructor Crashes In ELF File System
Posted Aug 30, 2010
Authored by murderkey

Whitepaper called Global Constructor and Destructor Crashes in the ELF File System.

tags | paper
SHA-256 | 90ad9a853b2ca40febefb4c9a97cc44168335e4b1a985062b533ff7bae21329c
DHCP Attack3r - DHCP Spoofing / Starvation
Posted Aug 30, 2010
Authored by rOckHuntEr

Whitepaper called DHCP Attack3r - DHCP Spoofing / Starvation. Written in Arabic.

tags | paper, spoof
SHA-256 | adfc661f8296c5bd4ce62a456c30c7746aeb8eb419475e2d08b2e1d535bac89d
Mandriva Linux Security Advisory 2010-164
Posted Aug 30, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-164 - It was possible to conduct a XSS attack using crafted URLs or POST parameters on several pages. This upgrade provides phpmyadmin 3.3.5.1 which is not vulnerable for this security issue.

tags | advisory
systems | linux, mandriva
advisories | CVE-2010-3056
SHA-256 | 60db42d3354d6ff1f1c80b63abae9bea06cc95f164fa11a0f38df7f544c7f2f4
Safari For Windows SGV Denial Of Service
Posted Aug 30, 2010
Authored by Lostmon

Safari for Windows invalid SGV text style denial of service vulnerability that leverages Webkit.dll.

tags | exploit, denial of service
systems | windows
SHA-256 | e8a5b1311f426408047edca0da8c487d6d0d638b2dd706feca4f561119a2f731
Debian Linux Security Advisory 2099-1
Posted Aug 30, 2010
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2099-1 - Charlie Miller has discovered two vulnerabilities in OpenOffice.org Impress, which can be exploited by malicious people to compromise a user's system and execute arbitrary code.

tags | advisory, arbitrary, vulnerability
systems | linux, debian
advisories | CVE-2010-2935, CVE-2010-2936
SHA-256 | 01d63c383e5b02942d801254b67b24a814e59377e006e583a93ee5ff2509616c
Ekoparty Security Conference And Training 6th Edition
Posted Aug 30, 2010
Site ekoparty.com.ar

Formal announcement regarding the agenda and training related to the Ekoparty Security Conference and Training - 6th Edition. It is being held from September 13th through the 15th, 2010, in Buenos Aires City, Argentina.

tags | paper, conference
SHA-256 | 783558bfbf79357edf916bc2ee97c2a68f3de8cef5f89d4af06a8bd55a27c918
Microsoft Office Property Code Execution
Posted Aug 30, 2010
Authored by Abhishek Lyall | Site aslitsecurity.com

Microsoft Office memory corruption code execution exploit that demonstrates a malformed property vulnerability.

tags | exploit, code execution
advisories | CVE-2006-2389
SHA-256 | 67133dc497539753267bc808925df732f7962b52ca82d47cc32471d4d61f8381
Orange Spain Phone Number Embed
Posted Aug 30, 2010
Authored by xuf

Orange Spain is adding the user MSISDN in every HTTP request it sends. Due to this, any web site you visit now has your number.

tags | advisory, web, info disclosure
SHA-256 | 9030c3718066d74b2dc936155a5ca1bc3949578dc1c1980da9c84f71675859e8
Seagull 0.6.7 Remote File Inclusion
Posted Aug 30, 2010
Authored by FoX HaCkEr

Seagull version 0.6.7 suffers from remote file inclusion vulnerabilities.

tags | exploit, remote, vulnerability, code execution, file inclusion
SHA-256 | 3894dc1f951b61040f513ecb1490578469eca0b554740e2a24a940c336d2f1f9
CF Image Hosting Script 1.3 Database Disclosure
Posted Aug 30, 2010
Authored by Dr.Saudi

CF Image Hosting Script version 1.3 suffers from a database disclosure vulnerability.

tags | exploit, info disclosure
SHA-256 | 1ad84f8b647c73ca975147161aeab601ff85c2f7bfae97069dfdc3cd0d431148
Virtual DJ 6.1.2 DLL Hijacking Exploit
Posted Aug 30, 2010
Authored by Classity Security Scans | Site classity.nl

Virtual DJ version 6.1.2 DLL hijacking exploit that leverages hdjapi.dll while loading .mp3 content.

tags | exploit
SHA-256 | dcd25bf9f4bf961d04adc02a8f0bbd62e6d4ff35423f5103c1e5fb84819b57d4
BS Player 2.56 DLL Hijacking Exploit
Posted Aug 30, 2010
Authored by Classity Security Scans | Site classity.nl

BS Player version 2.56 DLL hijacking exploit.

tags | exploit
SHA-256 | 1138e666e26d184783548561e62217e74722851cbc6da3b4fc0a1c1b81932324
Windows 7 / Vista Backup Utility sdclt.exe fveapi.dll DLL Hijacking Exploit
Posted Aug 30, 2010
Authored by Christian Heinrich

Microsoft Windows 7 / Vista backup utility sdclt.exe fveapi.dll DLL hijacking exploit.

tags | exploit
systems | windows
SHA-256 | e9a3f70c34d950830c001a7411b170513dad016f68fa1b229c110676f531a7d2
Daemon Tools Lite 4.35.6.0091 mfc80loc.dll DLL Hijacking Exploit
Posted Aug 30, 2010
Authored by Christian Heinrich

Daemon Tools Lite versions 4.35.6.0091 and below mfc80loc.dll DLL hijacking exploit.

tags | exploit
SHA-256 | 436b05330dd8f07f7a229810298f9d46708f1f4909e13c4868f11d90655ac9cd
Mandriva Linux Security Advisory 2010-163
Posted Aug 30, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-163 - The setup script used to generate configuration can be fooled using a crafted POST request to include arbitrary PHP code in generated configuration file. Combined with the ability to save files on the server, this can allow unauthenticated users to execute arbitrary PHP code. It was possible to conduct a XSS attack using crafted URLs or POST parameters on several pages. This upgrade provides phpmyadmin 2.11.10.1 which is not vulnerable for these security issues.

tags | advisory, arbitrary, php
systems | linux, mandriva
advisories | CVE-2010-3055, CVE-2010-3056
SHA-256 | 9986c79908b9ee4d1ba1f58ab5437dfb3312b87f607400d0eb139d1ac17b4e10
GuestBookPlus HTML Injection / Comment Bypass
Posted Aug 30, 2010
Authored by MiND

GuestBookPlus suffers from comment restriction bypass and html injection vulnerabilities.

tags | exploit, vulnerability
SHA-256 | d04398881aabed711212520e586cce8ba19d2ed3c5f5da45745a3f94fb0bebfe
Debian Linux Security Advisory 2098-1
Posted Aug 30, 2010
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2098-1 - Several remote vulnerabilities have been discovered in the TYPO3 web SQL injection, broken authentication and session management, insecure randomness, information disclosure and arbitrary code execution.

tags | advisory, remote, web, arbitrary, vulnerability, code execution, sql injection, info disclosure
systems | linux, debian
SHA-256 | ea3f13e2fa8f96769e55b83ed985ffd5ddb20e1914df7e0b147151d2c74ce0f4
QtWeb Browser 3.3 Build 043 DLL Hijacking Exploit
Posted Aug 30, 2010
Authored by Aung Khant | Site yehg.net

QtWeb Browser version 3.3 build 043 DLL hijacking exploit.

tags | exploit
SHA-256 | 617db4e1c90c9939fbdbd8c5436f9e0e4902a383aed7ef5c648c7ffc3e984cb9
Page 1 of 3
Back123Next

File Archive:

August 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    20 Files
  • 2
    Aug 2nd
    4 Files
  • 3
    Aug 3rd
    6 Files
  • 4
    Aug 4th
    55 Files
  • 5
    Aug 5th
    16 Files
  • 6
    Aug 6th
    0 Files
  • 7
    Aug 7th
    0 Files
  • 8
    Aug 8th
    13 Files
  • 9
    Aug 9th
    13 Files
  • 10
    Aug 10th
    34 Files
  • 11
    Aug 11th
    16 Files
  • 12
    Aug 12th
    5 Files
  • 13
    Aug 13th
    0 Files
  • 14
    Aug 14th
    0 Files
  • 15
    Aug 15th
    0 Files
  • 16
    Aug 16th
    0 Files
  • 17
    Aug 17th
    0 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close