the original cloud security
Showing 1 - 25 of 30 RSS Feed

Files Date: 2010-09-18

Joomla Restaurant Guide Cross Site Scripting / Local File Inclusion / SQL Injection
Posted Sep 18, 2010
Authored by Valentin Hoebel

The Joomla Restaurant Guide component version 1.0.0 suffers from cross site scripting, local file inclusion and remote SQL injection vulnerabilities.

tags | exploit, remote, local, vulnerability, xss, sql injection, file inclusion
MD5 | ec5f435769e877c0d3fcc3a2360cab97
Wi-fEye Wireless Pentesting Tool 0.5
Posted Sep 18, 2010
Authored by Zaid Al-Quraishi | Site wi-feye.za1d.com

Wi-fEye is designed to help with network penetration testing. It allows the user to perform a number of powerful attack automatically including WEP/WPA cracking, session hijacking and more.

tags | tool, wireless
MD5 | d0f509d117c9104a3aa16663ad92c56d
Ubuntu Security Notice 988-1
Posted Sep 18, 2010
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 988-1 - Ben Hawkes discovered that the Linux kernel did not correctly validate memory ranges on 64bit kernels when allocating memory on behalf of 32bit system calls. On a 64bit system, a local attacker could perform malicious multicast getsockopt calls to gain root privileges. Ben Hawkes discovered that the Linux kernel did not correctly filter registers on 64bit kernels when performing 32bit system calls. On a 64bit system, a local attacker could manipulate 32bit system calls to gain root privileges.

tags | advisory, kernel, local, root
systems | linux, ubuntu
advisories | CVE-2010-3081, CVE-2010-3301
MD5 | 502a7f82ab0d9bc309325a83943d8e9e
Tenshi Log Monitoring Program 0.12
Posted Sep 18, 2010
Authored by Andrea Barisani | Site dev.inversepath.com

Tenshi is a log monitoring program, designed to watch a log file for lines matching user defined regular expression and report on the matches. The regular expressions are assigned to queues which have an alert interval and a list of mail recipients. Queues can be set to send a notification as soon as there is a log line assigned to it, or to send periodic reports.

Changes: FIFO read bugfix and opensuse rpm spec, see Changelog.
tags | system logging
systems | unix
MD5 | 2b5b19c3b74b3fa7bb2a768b7a9c01ae
Win32/XP SP3 Create New File Shellcode
Posted Sep 18, 2010
Authored by ZoRLu

74 bytes small Win32/XP SP3 (Tr) create new file (zrl.txt) shellcode.

tags | shellcode
systems | windows
MD5 | 5e3056b54a47f4fc3e5036765d7a63f2
Win32/XP SP3 Cmd.exe Shellcode
Posted Sep 18, 2010
Authored by ZoRLu

52 bytes small Win32/XP SP3 (Tr) cmd.exe shellcode.

tags | shellcode
systems | windows
MD5 | e4ebc94e2ab224e4a89744206941f111
Win32/XP SP3 Calc.exe Shellcode
Posted Sep 18, 2010
Authored by ZoRLu

53 bytes small Win32/XP SP3 (Tr) calc.exe shellcode.

tags | shellcode
systems | windows
MD5 | 930c382c2555fd3755d12873270d8b30
Open Source CERT Security Advisory 2010.3
Posted Sep 18, 2010
Authored by Andrea Barisani, Open Source CERT | Site ocert.org

Free Simple CMS versions 1.0 and below suffer from a remote file inclusion vulnerability.

tags | advisory, remote, file inclusion
MD5 | 1f65a4ef40d4652202b98d90a136a562
Ubuntu Security Notice 978-2
Posted Sep 18, 2010
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 978-2 - USN-978-1 fixed vulnerabilities in Thunderbird. Some users reported stability problems under certain circumstances. This update fixes the problem. Several dangling pointer vulnerabilities were discovered in Thunderbird. It was discovered that the XPCSafeJSObjectWrapper (SJOW) security wrapper did not always honor the same-origin policy. Matt Haggard discovered that Thunderbird did not honor same-origin policy when processing the statusText property of an XMLHttpRequest object. Chris Rohlf discovered an integer overflow when Thunderbird processed the HTML frameset element. Several issues were discovered in the browser engine. David Huang and Collin Jackson discovered that the <object> tag could override the charset of a framed HTML document in another origin. Paul Stone discovered that with designMode enabled an HTML selection containing JavaScript could be copied and pasted into a document and have the JavaScript execute within the context of the site where the code was dropped. A buffer overflow was discovered in Thunderbird when processing text runs. Peter Van der Beken, Jason Oster, Jesse Ruderman, Igor Bukanov, Jeff Walden, Gary Kwong and Olli Pettay discovered several flaws in the browser engine.

tags | advisory, overflow, javascript, vulnerability
systems | linux, ubuntu
advisories | CVE-2010-2760, CVE-2010-2763, CVE-2010-2764, CVE-2010-2765, CVE-2010-2766, CVE-2010-2767, CVE-2010-2768, CVE-2010-2769, CVE-2010-3166, CVE-2010-3167, CVE-2010-3168, CVE-2010-3169
MD5 | ec7ca46b4fd599abb60f7457e52ba746
Month Of Abysssec Undisclosed Bugs - Apple QuickTime FLI
Posted Sep 18, 2010
Authored by Abysssec, Shahin | Site abysssec.com

Month Of Abysssec Undisclosed Bugs - Apple QuickTime player version 7.6.5 suffers from a remote code execution vulnerability.

tags | advisory, remote, code execution
systems | apple
advisories | CVE-2010-0520
MD5 | c27732b06bc63f3d585e7421ea2c38b7
Month Of Abysssec Undisclosed Bugs - CMSimple 3.2
Posted Sep 18, 2010
Authored by Abysssec | Site abysssec.com

Month Of Abysssec Undisclosed Bugs - CMSimple versions 3.2 and below suffer from a cross site request forgery vulnerability.

tags | advisory, csrf
MD5 | 168f66188b324e3b9021d291eba29626
Month Of Abysssec Undisclosed Bugs - Firefox Plugin Parameter
Posted Sep 18, 2010
Authored by Abysssec, Shahin | Site abysssec.com

Month Of Abysssec Undisclosed Bugs - The Parameter plugin in Firefox 3.6.4 suffers from a remote code execution vulnerability.

tags | advisory, remote, code execution
advisories | CVE-2010-1214
MD5 | 58a7f6c16e93687e3b179b933a2d0ee3
Month Of Abysssec Undisclosed Bugs - phpmyfamily 1.4.2
Posted Sep 18, 2010
Authored by Abysssec | Site abysssec.com

Month Of Abysssec Undisclosed Bugs - phpmyfamily versions 1.4.2 and below suffer from cross site request forgery, cross site scripting, information disclosure and remote SQL injection vulnerabilities.

tags | advisory, remote, vulnerability, xss, sql injection, info disclosure, csrf
MD5 | 8329f2dc1b832056d421b598b3454d0f
xt:Commerce Gambio 2008 - 2010 SQL Injection
Posted Sep 18, 2010
Authored by secret

xt:Commerce Gambio 2008 - 2010 suffers from an ERROR based SQL injection vulnerability in reviews.php.

tags | exploit, php, sql injection
MD5 | b72dedcd6177fc893b6118f10b2880b9
Ubuntu Security Notice 975-2
Posted Sep 18, 2010
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 975-2 - USN-975-1 fixed vulnerabilities in Firefox and Xulrunner. Some users reported stability problems under certain circumstances. This update fixes the problem. Several dangling pointer vulnerabilities were discovered in Firefox. Blake Kaplan and Michal Zalewski discovered several weaknesses in the XPCSafeJSObjectWrapper (SJOW) security wrapper. Various other issues were addressed.

tags | advisory, vulnerability
systems | linux, ubuntu
advisories | CVE-2010-2760, CVE-2010-2762, CVE-2010-2764, CVE-2010-2765, CVE-2010-2766, CVE-2010-2767, CVE-2010-2768, CVE-2010-2769, CVE-2010-3166, CVE-2010-3167, CVE-2010-3168, CVE-2010-3169
MD5 | 275833fb8fb2c88da5027f3f678e76ef
MediaHuman Music COnverter 1.0.1 Denial Of Service
Posted Sep 18, 2010
Authored by modpr0be

MediaHuman Music Converter version 1.0.1 suffers from .wav and .mp3 denial of service vulnerabilities.

tags | exploit, denial of service, vulnerability
MD5 | a5338a3713e6db9312a215762d56eb10
Microsoft DRM Technology Active-X Overflow / Denial Of Service
Posted Sep 18, 2010
Authored by Asheesh Kumar Mani Tripathi

Microsoft DRM technology suffers from Active-x related buffer overflow and denial of service vulnerabilities.

tags | exploit, denial of service, overflow, vulnerability, activex
MD5 | 8f594583273a077238965c33a2966578
Debian Linux Security Advisory 2110-1
Posted Sep 18, 2010
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2110-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leak.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, debian
advisories | CVE-2010-2492, CVE-2010-2954, CVE-2010-3078, CVE-2010-3080, CVE-2010-3081
MD5 | 90765b3502ab596dfec8cdb6a4b1edab
HP Security Bulletin HPSBUX02546 SSRT100159
Posted Sep 18, 2010
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin - A potential security vulnerability has been identified with HP-UX running BIND. The vulnerability could be exploited remotely to create a Denial of Service (DoS) and permit unauthorized disclosure of information.

tags | advisory, denial of service
systems | hpux
advisories | CVE-2009-4022, CVE-2010-0290, CVE-2010-0382
MD5 | 450c5cf02a8e88c0e03438ffe0fbcde6
Month Of Abysssec Undisclosed Bugs - Apple QuickTime FLI
Posted Sep 18, 2010
Authored by Abysssec, Shahin | Site abysssec.com

Month Of Abysssec Undisclosed Bugs - Apple QuickTime player version 7.6.5 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
systems | apple
advisories | CVE-2010-0520
MD5 | b65cedab3abbedcaca437a4def1b6c0a
Month Of Abysssec Undisclosed Bugs - Firefox Plugin Parameter
Posted Sep 18, 2010
Authored by Abysssec, Shahin | Site abysssec.com

Month Of Abysssec Undisclosed Bugs - The Parameter plugin in Firefox 3.6.4 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2010-1214
MD5 | 74174befe2d88bbd92a889fdd6b771bd
Month Of Abysssec Undisclosed Bugs - CMSimple 3.2
Posted Sep 18, 2010
Authored by Abysssec | Site abysssec.com

Month Of Abysssec Undisclosed Bugs - CMSimple versions 3.2 and below suffer from a cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | 7294b31d71285ec92d3f7e7381bbd7a9
Month Of Abysssec Undisclosed Bugs - phpmyfamily 1.4.2
Posted Sep 18, 2010
Authored by Abysssec | Site abysssec.com

Month Of Abysssec Undisclosed Bugs - phpmyfamily versions 1.4.2 and below suffer from cross site request forgery, cross site scripting, information disclosure and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection, info disclosure, csrf
MD5 | 2454a889874d1d9575faf915042f88bd
A-PDF All To MP3 Coverter 1.1.0 Universal Exploit
Posted Sep 18, 2010
Authored by modpr0be

A-PDF All to MP3 Converter version 1.1.0 universal SEH overwrite exploit.

tags | exploit
MD5 | 81f13aef1403f9fe64ce3ebefa579fa5
DJ Studio Pro 8.1.3.2.1 SEH Overwrite
Posted Sep 18, 2010
Authored by Abhishek Lyall | Site aslitsecurity.com

DJ Studio Pro version 8.1.3.2.1 SEH overwrite exploit.

tags | exploit
MD5 | 0e08d21f6d702942cfd8a5ee8014138f
Page 1 of 2
Back12Next

File Archive:

July 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    2 Files
  • 2
    Jul 2nd
    3 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    4 Files
  • 5
    Jul 5th
    15 Files
  • 6
    Jul 6th
    15 Files
  • 7
    Jul 7th
    10 Files
  • 8
    Jul 8th
    2 Files
  • 9
    Jul 9th
    10 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    15 Files
  • 12
    Jul 12th
    19 Files
  • 13
    Jul 13th
    16 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    3 Files
  • 16
    Jul 16th
    2 Files
  • 17
    Jul 17th
    8 Files
  • 18
    Jul 18th
    11 Files
  • 19
    Jul 19th
    2 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close