Exploit the possiblities
Showing 1 - 25 of 59 RSS Feed

Files Date: 2010-11-08

MOXA Device Manager Tool 2.1 Buffer Overflow
Posted Nov 8, 2010
Authored by Ruben Santamarta, MC | Site metasploit.com

This Metasploit module exploits a stack overflow in MOXA MDM Tool 2.1. When sending a specially crafted MDMGw (MDM2_Gateway) response, an attacker may be able to execute arbitrary code.

tags | exploit, overflow, arbitrary
MD5 | 68671664e061aaddf6fca682ec028a87
Libcap-NG Library 0.6.5
Posted Nov 8, 2010
Site people.redhat.com

The libcap-ng library is intended to make programming with POSIX capabilities much easier than the traditional libcap library. It includes utilities that can analyze all currently running applications to locate applications that may have too many privileges.

Changes: This release works around a problem in the Linux 2.6.36 kernel headers, fixes a segfault when using filecap on a specific file, and makes Python bindings optional.
tags | library
MD5 | 759ae1accd9954f3e08c2f94b4ecfcf9
Joomla Grants SQL Injection
Posted Nov 8, 2010
Authored by jos_ali_joe

The Joomla Grants component suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 088ea94562b50feddb50543490053356
Joomla Forms Local File Inclusion / Download
Posted Nov 8, 2010
Authored by Th3 RDX

The Joomla Forms component suffers from local file inclusion and file download vulnerabilities.

tags | exploit, local, vulnerability, file inclusion, info disclosure
MD5 | b45ca86ae8983faef66a6411337087b9
Joomla Profile Local File Inclusion
Posted Nov 8, 2010
Authored by Th3 RDX

The Joomla Profile component suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
MD5 | d18419d80910c8164fcea2e3c09b4332
Zero Day Initiative Advisory 10-235
Posted Nov 8, 2010
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 10-235 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Cisco ICM. Authentication is not required to exploit this vulnerability. The flaw exists within the Agent.exe component which listens by default on TCP port 40078. When handling the HandleUpgradeTrace packet type the process blindly copies user supplied data into a fixed-length buffer on the stack. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the SYSTEM user.

tags | advisory, remote, arbitrary, tcp
systems | cisco
advisories | CVE-2010-3040
MD5 | c00636806f7580e09649130cf2bd2ab3
phpCow 2.1 Remote / Local File Inclusion
Posted Nov 8, 2010
Authored by ViRuS_HiMa

phpCow version 2.1 suffers from remote / local inclusion vulnerabilities.

tags | exploit, remote, local, vulnerability, code execution, file inclusion
MD5 | 289b8332ee3531625cda02791034ce4c
Joomla Realtyna SQL Injection
Posted Nov 8, 2010
Authored by Fl0riX

The Joomla Realtyna component suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | f176ccfc2bf699a0950faee728ee9794
DIMVA 2011 Call For Papers
Posted Nov 8, 2010
Site dimva.org

Call For Papers for DIMVA 2011, the Eighth International Conference on Detection of Intrusions and Malware and Vulnerability Assessment. This conference will be held from July 7th through the 8th, 2011 in Amsterdam, The Netherlands.

tags | paper, conference
MD5 | f387d0703f7da2aa291c20c2d0b20453
Joomla eDir Local File Inclusion
Posted Nov 8, 2010
Authored by Th3 RDX

The Joomla eDir component suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
MD5 | 8f0052d27e48df180c7b5bf602d4dd00
Zero Day Initiative Advisory 10-234
Posted Nov 8, 2010
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 10-234 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Cisco ICM. Authentication is not required to exploit this vulnerability. The flaw exists within the Agent.exe component which listens by default on TCP port 40078. When handling the HandleQueryNodeInfoReq packet type the process blindly copies user supplied data into a fixed-length stack buffer. A remote attacker can abuse this to execute arbitrary code under the context of the SYSTEM user.

tags | advisory, remote, arbitrary, tcp
systems | cisco
advisories | CVE-2010-3040
MD5 | b00a927026c26faa6aaf1539a9cb3cad
Zero Day Initiative Advisory 10-233
Posted Nov 8, 2010
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 10-233 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Cisco Unified ICM. Authentication is not required to exploit this vulnerability. The flaw exists within the Agent.exe component which listens by default on TCP port 40078. When handling the AgentUpgrade packet type the process blindly copies user supplied data to a fixed-length stack buffer. A remote attacker can abuse this to execute arbitrary code under the context of the SYSTEM user.

tags | advisory, remote, arbitrary, tcp
systems | cisco
advisories | CVE-2010-3040
MD5 | f1cb66fa6d9ce9f32d68c6f23429c403
Zero Day Initiative Advisory 10-232
Posted Nov 8, 2010
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 10-232 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Cisco ICM. Authentication is not required to exploit this vulnerability. The flaw exists within the Agent.exe component which listens by default on TCP port 40078. When processing the HandleUpgradeAll packet type an unchecked copy of user supplied data is performed into a stack-based buffer of a controlled size. Successful exploitation of this vulnerability leads to remote code execution under the context of the SYSTEM user.

tags | advisory, remote, arbitrary, tcp, code execution
systems | cisco
advisories | CVE-2010-3040
MD5 | 1cbbcf61ff1042cc799fa7eb72d468c1
Zero Day Initiative Advisory 10-231
Posted Nov 8, 2010
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 10-231 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Juniper SA Series devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the meeting_testjava.cgi page which is used to test JVM compatibility. When handling the DSID HTTP header the code allows an attacker to inject arbitrary javascript into the page. This can be abused by an attacker to perform a cross-site scripting attack on the device.

tags | advisory, remote, web, arbitrary, cgi, javascript, xss
systems | juniper
MD5 | e1db201e6c5dec0d564680e5ccdbe72c
Zero Day Initiative Advisory 10-230
Posted Nov 8, 2010
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 10-230 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell ZENworks Handheld Management. Authentication is not required to exploit this vulnerability. The specific flaw exists within module ZfHIPCND.exe. This process is responsible for handling the data received on TCP port 2400. The module reads in the data stream and copies the specified amount of bytes into a fixed-length buffer located in the heap. An attacker can overflow this buffer and execute arbitrary code with SYSTEM privileges.

tags | advisory, remote, overflow, arbitrary, tcp
MD5 | c7c429ff6c19e448f8c122164255afdc
Zero Day Initiative Advisory 10-229
Posted Nov 8, 2010
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 10-229 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of ProFTPD. Authentication is not required to exploit this vulnerability. The flaw exists within the proftpd server component which listens by default on TCP port 21. When reading user input if a TELNET_IAC escape sequence is encountered the process miscalculates a buffer length counter value allowing a user controlled copy of data to a stack buffer. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the proftpd process.

tags | advisory, remote, arbitrary, tcp
MD5 | c49c86c0ac88c59c7b0dd52df9822f87
Zeeways Adserver Cross Site Request Forgery / SQL Injection
Posted Nov 8, 2010
Authored by Valentin Hoebel

The Zeeways Adserver suffers from cross site request forgery, disclosure and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection, csrf
MD5 | 2f3b326abc4277ffbcadef8338038403
Joomla Connect Local File Inclusion
Posted Nov 8, 2010
Authored by Th3 RDX

The Joomla Connect component suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
MD5 | 1431ab59724f80f21f9101355f532d5c
Joomla Dcnews Local File Inclusion
Posted Nov 8, 2010
Authored by Th3 RDX

The Joomla Dcnews component suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
MD5 | 941d724c32bd8aa0182c814e42875e34
Tutorial Blind SQL Injection Referensi
Posted Nov 8, 2010
Authored by jos_ali_joe

Whitepaper called Tutorial Blind SQL Injection Referensi. Written in Indonesian.

tags | paper, sql injection
MD5 | 63f2b8f63c3fd977692f13ed307277b6
Xampp 1.7.3 Cross Site Scripting
Posted Nov 8, 2010
Authored by Sangteamtham

Xampp version 1.7.3 suffers from cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | d7a5def2bf9fe3c4f120371d3a808e07
LEADTOOLS 11.5.0.9 Access Violation
Posted Nov 8, 2010
Authored by Matthew Bergin

LEADTOOLS version 11.5.0.9 suffers from multiple access violation vulnerabilities.

tags | exploit, vulnerability
MD5 | 9f9cbd099255f9184716453af9828d26
G Data TotalCare 2011 NtOpenKey Race Condition
Posted Nov 8, 2010
Authored by Nikita Tarakanov

G Data TotalCare 2011 suffers from a NtOpenKey race condition vulnerability.

tags | exploit
MD5 | 612affa28396e6150bb5e52d28834471
PCSX2 0.9.7 Beta Denial Of Service
Posted Nov 8, 2010
Authored by 41.w4r10r

PCSX2 version 0.9.7 Beta suffers from a binary denial of service vulnerability.

tags | exploit, denial of service
MD5 | 0afc5c143c0328192a7eda729e9f73a8
G Data TotalCare 2011 Local Kernel Exploit
Posted Nov 8, 2010
Authored by Nikita Tarakanov

G Data Totalcare 2011 local kernel exploit.

tags | exploit, kernel, local
MD5 | f51ad061b8d847e596279dc7a0de1056
Page 1 of 3
Back123Next

File Archive:

November 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    22 Files
  • 2
    Nov 2nd
    28 Files
  • 3
    Nov 3rd
    10 Files
  • 4
    Nov 4th
    1 Files
  • 5
    Nov 5th
    5 Files
  • 6
    Nov 6th
    15 Files
  • 7
    Nov 7th
    15 Files
  • 8
    Nov 8th
    13 Files
  • 9
    Nov 9th
    9 Files
  • 10
    Nov 10th
    9 Files
  • 11
    Nov 11th
    3 Files
  • 12
    Nov 12th
    2 Files
  • 13
    Nov 13th
    15 Files
  • 14
    Nov 14th
    17 Files
  • 15
    Nov 15th
    19 Files
  • 16
    Nov 16th
    15 Files
  • 17
    Nov 17th
    19 Files
  • 18
    Nov 18th
    4 Files
  • 19
    Nov 19th
    2 Files
  • 20
    Nov 20th
    9 Files
  • 21
    Nov 21st
    14 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close