exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 35 RSS Feed

Files Date: 2010-10-20

In Memory Fuzzing - Real Time Input Tracing And In Memory Fuzzing
Posted Oct 20, 2010
Authored by sinn3r

Whitepaper called In Memory Fuzzing - Real Time Input Tracing and In Memory Fuzzing.

tags | paper
SHA-256 | 5f17a79e44e4710a2c6be2a50c1140bfbfcf921c190973a2632244749e1065ce
MS10-070 ASP.NET Auto-Decryptor File Download
Posted Oct 20, 2010
Authored by Agustin Azubel | Site ampliasecurity.com

MS10-070 ASP.NET auto-decryptor file download proof of concept exploit.

tags | exploit, asp, proof of concept
SHA-256 | 583ab327079e0f73d7b6ed0c839ab545a54adb9b2e531b103d46a58fa7667610
Mandriva Linux Security Advisory 2010-207
Posted Oct 20, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-207 - A vulnerability in the GNU C library was discovered which could escalate the privileges for local users.

tags | advisory, local
systems | linux, mandriva
advisories | CVE-2010-3847
SHA-256 | f405d8ffe59773887cfc06a8a0cd395ef6f4c45e1f6042074edec9ef29999e68
Ubuntu Security Notice 998-1
Posted Oct 20, 2010
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 998-1 - Paul Nickerson, Jesse Ruderman, Olli Pettay, Igor Bukanov, Josh Soref, Gary Kwong, Martijn Wargers, Siddharth Agarwal and Michal Zalewski discovered various flaws in the browser engine. An attacker could exploit this to crash Thunderbird or possibly run arbitrary code as the user invoking the program. Alexander Miller, Sergey Glazunov, and others discovered several flaws in the JavaScript engine. If JavaScript were enabled, an attacker could exploit this to crash Thunderbird or possibly run arbitrary code as the user invoking the program. Eduardo Vela Nava discovered that Thunderbird could be made to violate the same-origin policy by using modal calls with JavaScript. If JavaScript were enabled, an attacker could exploit this to steal information from another site. Dmitri GribenkoDmitri Gribenko discovered that Thunderbird did not properly setup the LD_LIBRARY_PATH environment variable. A local attacker could exploit this to execute arbitrary code as the user invoking the program.

tags | advisory, arbitrary, local, javascript
systems | linux, ubuntu
advisories | CVE-2010-3175, CVE-2010-3176, CVE-2010-3178, CVE-2010-3179, CVE-2010-3180, CVE-2010-3182, CVE-2010-3183
SHA-256 | 9e4b2be1c58a1b6fb4e5fd4754d105fb259fa4aec02256e6c79df5c9a684e20b
Ubuntu Security Notice 997-1
Posted Oct 20, 2010
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 997-1 - Paul Nickerson, Jesse Ruderman, Olli Pettay, Igor Bukanov, Josh Soref, Gary Kwong, Martijn Wargers, Siddharth Agarwal and Michal Zalewski discovered various flaws in the browser engine. An attacker could exploit this to crash the browser or possibly run arbitrary code as the user invoking the program. Alexander Miller, Sergey Glazunov, and others discovered several flaws in the JavaScript engine. An attacker could exploit this to crash the browser or possibly run arbitrary code as the user invoking the program. Robert Swiecki discovered that Firefox did not properly validate Gopher URLs. If a user were tricked into opening a crafted file via Gopher, an attacker could possibly run arbitrary JavaScript. Eduardo Vela Nava discovered that Firefox could be made to violate the same-origin policy by using modal calls with JavaScript. An attacker could exploit this to steal information from another site. Dmitri GribenkoDmitri Gribenko discovered that Firefox did not properly setup the LD_LIBRARY_PATH environment variable. A local attacker could exploit this to execute arbitrary code as the user invoking the program.

tags | advisory, arbitrary, local, javascript
systems | linux, ubuntu
advisories | CVE-2010-3175, CVE-2010-3176, CVE-2010-3177, CVE-2010-3178, CVE-2010-3179, CVE-2010-3180, CVE-2010-3182, CVE-2010-3183
SHA-256 | ac95c0836d012f7bd93526e4553d961dfa07e7147255fce74bf2ff82b74446d1
Ubuntu Security Notice 1007-1
Posted Oct 20, 2010
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1007-1 - Richard Moore discovered that NSS would sometimes incorrectly match an SSL certificate which had a Common Name that used a wildcard followed by a partial IP address. While it is very unlikely that a Certificate Authority would issue such a certificate, if an attacker were able to perform a man-in-the-middle attack, this flaw could be exploited to view sensitive information. Nelson Bolyard discovered a weakness in the Diffie-Hellman Ephemeral mode (DHE) key exchange implementation which allowed servers to use a too small key length.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2010-3170, CVE-2010-3173
SHA-256 | 648f9afee39487efe955eece570e465a21e61d1af8895a0f7f6a13aadb5d0b4d
Core Security Technologies Advisory 2010.0819
Posted Oct 20, 2010
Authored by Core Security Technologies | Site coresecurity.com

Core Security Technologies Advisory - A statically allocated buffer is overwritten in the case that a very long Object Identifier is specified in stringified dotted notation to the smiGetNode function of libsmi. This may result in arbitrary code execution by cleverly overwriting key pointers in memory.

tags | advisory, arbitrary, code execution
advisories | CVE-2010-2891
SHA-256 | 16f418d01c3fe817c1a749abcd16851913080fe6ee2a92f1103496773afe342b
sNews 1.7 Cross Site Scripting
Posted Oct 20, 2010
Authored by High-Tech Bridge SA | Site htbridge.com

sNews version 1.7 suffers from a stored cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | f74a1472aa89f4890bf502a1eda8d6a82e0f2e84f9094b1180c43ff4116d5b94
Ubuntu Security Notice 1000-1
Posted Oct 20, 2010
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1000-1 - Various image updates have been provided. Joel Becker discovered that OCFS2 did not correctly validate on-disk symlink structures. Al Viro discovered a race condition in the TTY driver. Dan Rosenberg discovered that the MOVE_EXT ext4 ioctl did not correctly check file permissions. Dan Rosenberg discovered that the swapexit xfs ioctl did not correctly check file permissions. Suresh Jayaraman discovered that CIFS did not correctly validate certain response packets. Various other issues have also been addressed.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2009-4895, CVE-2010-2066, CVE-2010-2226, CVE-2010-2248, CVE-2010-2478, CVE-2010-2495, CVE-2010-2521, CVE-2010-2524, CVE-2010-2798, CVE-2010-2942, CVE-2010-2946, CVE-2010-2954, CVE-2010-2955, CVE-2010-2960, CVE-2010-2963, CVE-2010-3015, CVE-2010-3067, CVE-2010-3078
SHA-256 | 6b36ec4068d40a47c3a69616c6e9e4c23c26d91d6ae30534472022bde895c2cc
4Site CMS 2.6 Cross Site Scripting
Posted Oct 20, 2010
Authored by High-Tech Bridge SA | Site htbridge.com

4Site CMS version 2.6 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 5b33334de63db2f944e6c9093dfb77563c53528c6c3bb344662d1ea3c93ae6d0
Tribiq CMS 5.2.5 Path Disclosure
Posted Oct 20, 2010
Authored by High-Tech Bridge SA | Site htbridge.com

Tribiq CMS version 5.2.5 suffers from a path disclosure vulnerability.

tags | exploit, info disclosure
SHA-256 | 9079eb1e8c4bdbf74aed5cb58eae84c0e9c7e7855e1c627879fd8e1313e33efe
DeluxeBB 1.3 SQL Injection
Posted Oct 20, 2010
Authored by High-Tech Bridge SA | Site htbridge.com

DeluxeBB version 1.3 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | afc4892328dc347311ff4cbe87b7fbbc3334933f8e453bbf2dd30dc1a122c54f
vBulletin 3.6.1 SQL Injection
Posted Oct 20, 2010
Authored by jos_ali_joe

vBulletin version 3.6.1 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | e1eb3d388da11c00dc9be594c878990679dda896dbcaf95aa0383b2488531777
Winamp 5.5.8.2985 Stack Overflow
Posted Oct 20, 2010
Authored by Mighty-D

Winamp version 5.5.8.2985 stack overflow exploit that creates a malicious .mtm file.

tags | exploit, overflow
SHA-256 | 1a48d03ff344bd1f13f53912e4959ca1e6eda8f76602c782e228002a946ffd4f
Fat Player Media Player 0.6b0 Buffer Overflow
Posted Oct 20, 2010
Authored by dookie, James Fitts | Site metasploit.com

This Metasploit module exploits a buffer overflow in Fat Player 0.6b. When the application is used to import a specially crafted wav file, a buffer overflow occurs allowing arbitrary code execution.

tags | exploit, overflow, arbitrary, code execution
SHA-256 | 7b207e157e03544e160929ab34671bcd3b540a6779b07f615673383d33fa2fef
Secunia Security Advisory 41906
Posted Oct 20, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for thunderbird. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to gain escalated privileges, and by malicious people to potentially compromise a user's system.

tags | advisory, local, vulnerability
systems | linux, redhat
SHA-256 | b8a94eb67129286c1d077bfd6a79b4c1bc63077f061c72de71ae9a0f5de70992
Secunia Security Advisory 41908
Posted Oct 20, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in HP Systems Insight Manager, which can be exploited by malicious users to gain escalated privileges and by malicious people to conduct cross-site scripting, cross-site request forgery, click-jacking attacks, or compromise a user's system.

tags | advisory, vulnerability, xss, csrf
SHA-256 | 018c94a9cffe63a57294109cc6322b610df86075826716ddeddbede86ef7723e
Secunia Security Advisory 41901
Posted Oct 20, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in HP AssetCenter and AssetManager, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
SHA-256 | 8afdebf551b002d3f2e0598a773b6fc91471e53b3905b16e3b1ec9ee30d6af7d
Secunia Security Advisory 41817
Posted Oct 20, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in sNews, which can be exploited by malicious people to conduct cross-site request forgery attacks.

tags | advisory, csrf
SHA-256 | 21ade46f76d835a76fc1b3e6b6205423a004ebb7692e14db3107d55771dc5c23
Secunia Security Advisory 41881
Posted Oct 20, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for the kernel. This fixes some weaknesses, security issues, and vulnerabilities, which can be exploited by malicious, local users to disclose system and potentially sensitive information, conduct spoofing attacks, bypass certain security restrictions, cause a DoS (Denial of Service), and gain escalated privileges, and by malicious people to cause a DoS and potentially compromise a vulnerable system.

tags | advisory, denial of service, kernel, local, spoof, vulnerability
systems | linux, ubuntu
SHA-256 | 5b23e388b61694fb21b389dd7203c61a7ab77dbbab5d717adb9fc67aae151546
Secunia Security Advisory 41921
Posted Oct 20, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Explzh, which can be exploited by malicious people to compromise a user's system.

tags | advisory
SHA-256 | 11fa0b49a9898dbcc6cf2a2814a1c95c00b271e9ce3828feba5979f8921c3036
Secunia Security Advisory 41918
Posted Oct 20, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - High-Tech Bridge SA has discovered a vulnerability in DeluxeBB, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, sql injection
SHA-256 | 92d664f4cd8d4f58d9776791a687318a861f48f8b0d8243db70b17da47149898
Secunia Security Advisory 41891
Posted Oct 20, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in TIBCO ActiveMatrix products, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
SHA-256 | 8c61555bf094edf22e678dd63cbadeae6b376178c6401a2754d29718448559db
Secunia Security Advisory 41795
Posted Oct 20, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Tavis Ormandy has reported a weakness in the GNU C Library, which can be exploited by malicious, local users to gain escalated privileges.

tags | advisory, local
SHA-256 | 76619b1950e180bc76dc20770d3afd3ce7596d1d17c1cf0007767b5eadb46310
Secunia Security Advisory 41885
Posted Oct 20, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fedora has issued an update for poppler. This fixes multiple vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise an application using the library.

tags | advisory, denial of service, vulnerability
systems | linux, fedora
SHA-256 | 98210e382dd2535426f783d12355a9ecbe0073c43787ae13fa8ab787ddc196f8
Page 1 of 2
Back12Next

File Archive:

April 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    10 Files
  • 2
    Apr 2nd
    26 Files
  • 3
    Apr 3rd
    40 Files
  • 4
    Apr 4th
    6 Files
  • 5
    Apr 5th
    26 Files
  • 6
    Apr 6th
    0 Files
  • 7
    Apr 7th
    0 Files
  • 8
    Apr 8th
    22 Files
  • 9
    Apr 9th
    14 Files
  • 10
    Apr 10th
    10 Files
  • 11
    Apr 11th
    13 Files
  • 12
    Apr 12th
    14 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    30 Files
  • 16
    Apr 16th
    10 Files
  • 17
    Apr 17th
    22 Files
  • 18
    Apr 18th
    45 Files
  • 19
    Apr 19th
    0 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close