exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 14 of 14 RSS Feed

Files Date: 2010-10-08

Mandriva Linux Security Advisory 2010-198
Posted Oct 8, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-198 - Some vulnerabilities were discovered and corrected in the Linux 2.6 kernel. These include memory disclosure, denial of service, NULL pointer dereference and privilege escalation issues.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, mandriva
advisories | CVE-2010-1088, CVE-2009-3228, CVE-2010-0415, CVE-2009-3620, CVE-2010-0622, CVE-2009-2287, CVE-2009-3722, CVE-2009-4308, CVE-2009-2846, CVE-2010-2521, CVE-2008-7256, CVE-2010-1162, CVE-2010-1643, CVE-2010-1173, CVE-2010-1187, CVE-2010-1173, CVE-2010-2248, CVE-2010-2492
SHA-256 | 9b5198e025901d7e83cb9d7ed6a8a856074baa405387532a1558ef7da79896f5
Ubuntu Security Notice 1002-2
Posted Oct 8, 2010
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1002-2 - USN-1002-1 fixed vulnerabilities in PostgreSQL. This update provides the corresponding update for Ubuntu 10.10. It was discovered that PostgreSQL did not properly enforce permissions within sessions when PL/Perl and PL/Tcl functions or operators were redefined. A remote authenticated attacker could exploit this to execute arbitrary code with permissions of a different user, possibly leading to privilege escalation.

tags | advisory, remote, arbitrary, perl, vulnerability
systems | linux, ubuntu
advisories | CVE-2010-3433
SHA-256 | 085a6581138140094c3a3e7e5218e13c206bda65a3d3ed3d068b202fda63e0ba
Ubuntu Security Notice 1003-1
Posted Oct 8, 2010
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1003-1 - It was discovered that OpenSSL incorrectly handled return codes from the bn_wexpand function calls. A remote attacker could trigger this flaw in services that used SSL to cause a denial of service or possibly execute arbitrary code with application privileges. This issue only affected Ubuntu 6.06 LTS, 8.04 LTS, 9.04 and 9.10. It was discovered that OpenSSL incorrectly handled certain private keys with an invalid prime. A remote attacker could trigger this flaw in services that used SSL to cause a denial of service or possibly execute arbitrary code with application privileges. The default compiler options for affected releases should reduce the vulnerability to a denial of service.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2009-3245, CVE-2010-2939
SHA-256 | b2e715ef6350c014f2ef81d22da60aa3be6b6ec9f0721564b45fce3833ccb3a8
Ubuntu Security Notice 1002-1
Posted Oct 8, 2010
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1002-1 - It was discovered that PostgreSQL did not properly enforce permissions within sessions when PL/Perl and PL/Tcl functions or operators were redefined. A remote authenticated attacker could exploit this to execute arbitrary code with permissions of a different user, possibly leading to privilege escalation.

tags | advisory, remote, arbitrary, perl
systems | linux, ubuntu
advisories | CVE-2010-3433
SHA-256 | d38447e625136f99a89cecd34849184cf00b07d42061e2c9072142a231c9438c
Visual Synapse Directory Traversal
Posted Oct 8, 2010
Authored by Felipe Daragon | Site syhunt.com

Visual Synapse HTTP server suffers from a directory traversal vulnerability.

tags | exploit, web, file inclusion
advisories | CVE-2010-3743
SHA-256 | 038f38bdf4e7117803ec5bc6d22f030c1807fe0e79f28bb04eb182d7d342adfb
Mandos Encrypted File System Unattended Reboot Utility 1.2.2
Posted Oct 8, 2010
Authored by Teddy | Site fukt.bsnet.se

The Mandos system allows computers to have encrypted root file systems and at the same time be capable of remote or unattended reboots. The computers run a small client program in the initial RAM disk environment which will communicate with a server over a network. All network communication is encrypted using TLS. The clients are identified by the server using an OpenPGP key that is unique to each client. The server sends the clients an encrypted password. The encrypted password is decrypted by the clients using the same OpenPGP key, and the password is then used to unlock the root file system.

Changes: This is a minor release to fix compilation of the client with non-Linux kernels.
tags | remote, root
systems | linux
SHA-256 | f3245eea6c63f8271309ec0e19713906d8cbec8278a5dd9bc25b21e63493ae10
Multiple Vendors libc/glob(3) Resource Exhaustion
Posted Oct 8, 2010
Authored by Maksymilian Arciemowicz

libc/glob(3) suffers from a resource exhaustion vulnerability. Proof of concept code included. Affected includes OpenBSD 4.7, NetBSD 5.0.2, FreeBSD 7.3/8.1, Oracle Sun Solaris 10 and GNU Libc (glibc).

tags | exploit, proof of concept
systems | netbsd, solaris, freebsd, openbsd
advisories | CVE-2010-2632
SHA-256 | 0fe71b6c891ef4cf59d9008f85704335ab1de299aa1ecc8f4f06ae19461af5cd
xWeblog 2.2 SQL Injection
Posted Oct 8, 2010
Authored by KnocKout

xWeblog version 2.2 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 8643efd51e38d75481766b28531e836163d65c18f2c844aa1ee8213d43c8c046
Adobe Reader 9.3.4 Multiple Memory Corruption Issues
Posted Oct 8, 2010
Authored by Brett Gervasoni | Site senseofsecurity.com.au

Adobe Reader version 9.3.4 is vulnerable to multiple memory corruption vulnerabilities. By sending specially crafted PDF files it is possible to cause memory corruption in the 3difr and AcroRd32.dll modules. Both issues trigger a null pointer condition which results in an access violation. The issue in AcroRd32.dll is triggered when Adobe Reader is closed.

tags | advisory, vulnerability
advisories | CVE-2010-3630
SHA-256 | 8cc088f240fc45c266a250afb545cea36a5bbe247a4e721a59aa2a79ae7d9a37
MD5 Online Site Cracker
Posted Oct 8, 2010
Authored by FuRt3X

This shell script takes in a md5 sum and uses various online cracking resources to try and figure out what was hashed.

tags | shell, cracker
SHA-256 | b4bde0e95d3672d6aed81e49a5aa2f7653d49d7b9b0fce5ca6c48c4dddb8ae3b
Joomla Lurm Remote File Inclusion
Posted Oct 8, 2010
Authored by jos_ali_joe

The Joomla Lurm component suffers from a remote file inclusion vulnerability.

tags | exploit, remote, code execution, file inclusion
SHA-256 | c798d1cbdb22f152a28b8bd6c936a82b28aa77f627e846a09f05d0e5a0f4b403
Joomla Picasa2 Local File Inclusion
Posted Oct 8, 2010
Authored by jos_ali_joe

The Joomla Picasa2 component suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
SHA-256 | d9a82f924418130b64f5ae0233801712dad5665af836941b8425d3eccc74a4f5
Joomla Jeformcr Local File Inclusion
Posted Oct 8, 2010
Authored by jos_ali_joe

The Joomla Jeformcr component suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
SHA-256 | 85a8a5289f334c23cc2fa7f75e1dc8527dfd8d072f937043429b999db34b25c6
Joomla JCS Remote File Inclusion
Posted Oct 8, 2010
Authored by jos_ali_joe

The Joomla JCS component suffers from a remote file inclusion vulnerability.

tags | exploit, remote, code execution, file inclusion
SHA-256 | dda225cbfdfcdcc3cd7386333663c1d8f093c903de62c95cd1954507ab155ffd
Page 1 of 1
Back1Next

File Archive:

October 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    39 Files
  • 2
    Oct 2nd
    23 Files
  • 3
    Oct 3rd
    18 Files
  • 4
    Oct 4th
    0 Files
  • 5
    Oct 5th
    0 Files
  • 6
    Oct 6th
    0 Files
  • 7
    Oct 7th
    0 Files
  • 8
    Oct 8th
    0 Files
  • 9
    Oct 9th
    0 Files
  • 10
    Oct 10th
    0 Files
  • 11
    Oct 11th
    0 Files
  • 12
    Oct 12th
    0 Files
  • 13
    Oct 13th
    0 Files
  • 14
    Oct 14th
    0 Files
  • 15
    Oct 15th
    0 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close