Exploit the possiblities
Showing 1 - 25 of 1,050 RSS Feed

Files Date: 2010-08-01 to 2010-08-31

Debian Linux Security Advisory 2100-1
Posted Aug 30, 2010
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2100-1 - George Guninski discovered a double free in the ECDH code of the OpenSSL crypto library, which may lead to denial of service and potentially the execution of arbitrary code.

tags | advisory, denial of service, arbitrary, crypto
systems | linux, debian
advisories | CVE-2010-2939
MD5 | 778bdc01f758228ffbcc2e477119adc1
Mandriva Linux Security Advisory 2010-165
Posted Aug 30, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-165 - Heap-based buffer overflow in the HX_split function in string.c in libHX before 3.6 allows remote attackers to execute arbitrary code or cause a denial of service via a string that is inconsistent with the expected number of fields. The updated packages have been patched to correct this issue.

tags | advisory, remote, denial of service, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2010-2947
MD5 | 400b8ccbc492684a50d95e2110209de1
AuditX Initial Recon Script
Posted Aug 30, 2010
Authored by noptrix | Site nullsecurity.net

AuditX is a shell script that performs initial information gathering for a given target. Can be used prior to a penetration test, etc.

tags | tool, shell
systems | unix
MD5 | 736c752f3f1466dae83bda3fe1b51ede
Whitepaper Called Binary Modification
Posted Aug 30, 2010
Authored by Celil Unuver

Whitepaper called Binary Modification [Patching Vulnerabilities]. This is the English version.

tags | paper, vulnerability
MD5 | 85fa8394f35b6a450f70a016ac0f5f50
Rapid7 Security Advisory 36
Posted Aug 30, 2010
Authored by H D Moore, Rapid7, Will Vandevanter | Site rapid7.com

Rapid7 Security Advisory - FCKEditor contains a file renaming bug that allows remote code execution. Specifically, it is possible to upload ASP code via the ASP.NET connector in FCKEditor. The vulnerability requires that the remote server be running IIS. This vulnerability has been confirmed on FCKEditor 2.5.1 and 2.6.6.

tags | exploit, remote, code execution, asp
advisories | CVE-2009-4444
MD5 | 734bd64d3ff9aa05f3b480e0cd0300eb
Apple QuickTime 7.6.7 _Marshaled_pUnk Code Execution
Posted Aug 30, 2010
Authored by Ruben Santamarta, jduck | Site metasploit.com

This Metasploit module exploits a memory trust issue in Apple QuickTime 7.6.7. When processing a specially-crafted HTML page, the QuickTime ActiveX control will treat a supplied parameter as a trusted pointer. It will then use it as a COM-type pUnknown and lead to arbitrary code execution. This exploit utilizes a combination of heap spraying and the QuickTimeAuthoring.qtx module to bypass DEP and ASLR. This Metasploit module does not opt-in to ASLR. As such, this module should be reliable on all Windows versions. NOTE: The addresses may need to be adjusted for older versions of QuickTime.

tags | exploit, arbitrary, code execution, activex
systems | windows, apple
advisories | CVE-2010-1818
MD5 | 7ad044f928efe468c6ea9c5cb5d51a74
Apple QuickTime _Marshaled_pUnk Backdoor Parameter Code Execution
Posted Aug 30, 2010
Authored by Ruben Santamarta | Site reversemode.com

Apple QuickTime suffers from a "_Marshaled_pUnk" backdoor parameter client-side arbitrary code execution vulnerability.

tags | exploit, arbitrary, code execution
systems | apple
MD5 | e93ace586ff41f998cf0bacbb39e6d88
Global Constructor And Destructor Crashes In ELF File System
Posted Aug 30, 2010
Authored by murderkey

Whitepaper called Global Constructor and Destructor Crashes in the ELF File System.

tags | paper
MD5 | 4bfc91b553a52d8de187c1517d3aa250
DHCP Attack3r - DHCP Spoofing / Starvation
Posted Aug 30, 2010
Authored by rOckHuntEr

Whitepaper called DHCP Attack3r - DHCP Spoofing / Starvation. Written in Arabic.

tags | paper, spoof
MD5 | 02f0384a52d3f9e9e002b2d3889f96f6
Mandriva Linux Security Advisory 2010-164
Posted Aug 30, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-164 - It was possible to conduct a XSS attack using crafted URLs or POST parameters on several pages. This upgrade provides phpmyadmin 3.3.5.1 which is not vulnerable for this security issue.

tags | advisory
systems | linux, mandriva
advisories | CVE-2010-3056
MD5 | 3be3a6120fce5c38be0b4281112147da
Safari For Windows SGV Denial Of Service
Posted Aug 30, 2010
Authored by Lostmon

Safari for Windows invalid SGV text style denial of service vulnerability that leverages Webkit.dll.

tags | exploit, denial of service
systems | windows
MD5 | 7ec3fe1793cf146cc5e0d313c9ed5fc4
Debian Linux Security Advisory 2099-1
Posted Aug 30, 2010
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2099-1 - Charlie Miller has discovered two vulnerabilities in OpenOffice.org Impress, which can be exploited by malicious people to compromise a user's system and execute arbitrary code.

tags | advisory, arbitrary, vulnerability
systems | linux, debian
advisories | CVE-2010-2935, CVE-2010-2936
MD5 | 78c12e5aea3880b86988e87ed64e14f2
Ekoparty Security Conference And Training 6th Edition
Posted Aug 30, 2010
Site ekoparty.com.ar

Formal announcement regarding the agenda and training related to the Ekoparty Security Conference and Training - 6th Edition. It is being held from September 13th through the 15th, 2010, in Buenos Aires City, Argentina.

tags | paper, conference
MD5 | a5182636ddc0e9298d969a6ba45eec46
Microsoft Office Property Code Execution
Posted Aug 30, 2010
Authored by Abhishek Lyall | Site aslitsecurity.com

Microsoft Office memory corruption code execution exploit that demonstrates a malformed property vulnerability.

tags | exploit, code execution
advisories | CVE-2006-2389
MD5 | 0b8748008d4dae5d86c97975f64bc3c6
Orange Spain Phone Number Embed
Posted Aug 30, 2010
Authored by xuf

Orange Spain is adding the user MSISDN in every HTTP request it sends. Due to this, any web site you visit now has your number.

tags | advisory, web, info disclosure
MD5 | fb788f399f4ea82ce7c3034d9fd9b97e
Seagull 0.6.7 Remote File Inclusion
Posted Aug 30, 2010
Authored by FoX HaCkEr

Seagull version 0.6.7 suffers from remote file inclusion vulnerabilities.

tags | exploit, remote, vulnerability, code execution, file inclusion
MD5 | 698dcf5ebca0a2a60aa3b33cdc5d5a44
CF Image Hosting Script 1.3 Database Disclosure
Posted Aug 30, 2010
Authored by Dr.Saudi

CF Image Hosting Script version 1.3 suffers from a database disclosure vulnerability.

tags | exploit, info disclosure
MD5 | 7973b8d7314f0256d73262283b3dc3df
Virtual DJ 6.1.2 DLL Hijacking Exploit
Posted Aug 30, 2010
Authored by Classity Security Scans | Site classity.nl

Virtual DJ version 6.1.2 DLL hijacking exploit that leverages hdjapi.dll while loading .mp3 content.

tags | exploit
MD5 | 6552b5ef24190ba330da50f0888896e5
BS Player 2.56 DLL Hijacking Exploit
Posted Aug 30, 2010
Authored by Classity Security Scans | Site classity.nl

BS Player version 2.56 DLL hijacking exploit.

tags | exploit
MD5 | 35c98e79724baf98aa0880e4afedff7c
Windows 7 / Vista Backup Utility sdclt.exe fveapi.dll DLL Hijacking Exploit
Posted Aug 30, 2010
Authored by Christian Heinrich

Microsoft Windows 7 / Vista backup utility sdclt.exe fveapi.dll DLL hijacking exploit.

tags | exploit
systems | windows, 7
MD5 | 585e03acfe30337026381ca0d0ab85bc
Daemon Tools Lite 4.35.6.0091 mfc80loc.dll DLL Hijacking Exploit
Posted Aug 30, 2010
Authored by Christian Heinrich

Daemon Tools Lite versions 4.35.6.0091 and below mfc80loc.dll DLL hijacking exploit.

tags | exploit
MD5 | 77ef249904bd3ac9c7b90e298e229746
Mandriva Linux Security Advisory 2010-163
Posted Aug 30, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-163 - The setup script used to generate configuration can be fooled using a crafted POST request to include arbitrary PHP code in generated configuration file. Combined with the ability to save files on the server, this can allow unauthenticated users to execute arbitrary PHP code. It was possible to conduct a XSS attack using crafted URLs or POST parameters on several pages. This upgrade provides phpmyadmin 2.11.10.1 which is not vulnerable for these security issues.

tags | advisory, arbitrary, php
systems | linux, mandriva
advisories | CVE-2010-3055, CVE-2010-3056
MD5 | d248f7348fefef070fc9b5eb58537666
GuestBookPlus HTML Injection / Comment Bypass
Posted Aug 30, 2010
Authored by MiND

GuestBookPlus suffers from comment restriction bypass and html injection vulnerabilities.

tags | exploit, vulnerability
MD5 | 03ca280256ec1a44fa5b99d689d410db
Debian Linux Security Advisory 2098-1
Posted Aug 30, 2010
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2098-1 - Several remote vulnerabilities have been discovered in the TYPO3 web SQL injection, broken authentication and session management, insecure randomness, information disclosure and arbitrary code execution.

tags | advisory, remote, web, arbitrary, vulnerability, code execution, sql injection, info disclosure
systems | linux, debian
MD5 | 3f95a2a22284f1eddb22cc015afa5722
QtWeb Browser 3.3 Build 043 DLL Hijacking Exploit
Posted Aug 30, 2010
Authored by Aung Khant | Site yehg.net

QtWeb Browser version 3.3 build 043 DLL hijacking exploit.

tags | exploit
MD5 | a61ba519336b8cb290a240a5a1997066
Page 1 of 42
Back12345Next

File Archive:

December 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    15 Files
  • 2
    Dec 2nd
    2 Files
  • 3
    Dec 3rd
    1 Files
  • 4
    Dec 4th
    15 Files
  • 5
    Dec 5th
    15 Files
  • 6
    Dec 6th
    18 Files
  • 7
    Dec 7th
    17 Files
  • 8
    Dec 8th
    15 Files
  • 9
    Dec 9th
    13 Files
  • 10
    Dec 10th
    4 Files
  • 11
    Dec 11th
    41 Files
  • 12
    Dec 12th
    44 Files
  • 13
    Dec 13th
    25 Files
  • 14
    Dec 14th
    15 Files
  • 15
    Dec 15th
    28 Files
  • 16
    Dec 16th
    3 Files
  • 17
    Dec 17th
    13 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close