exploit the possibilities
Showing 1 - 25 of 65 RSS Feed

Files Date: 2010-12-08

QuickTime Track Dimensions Buffer Overflow
Posted Dec 8, 2010
Authored by Carsten Eiram | Site secunia.com

Secunia Research has discovered a vulnerability in QuickTime, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused by a boundary error when copying track content based on the track's dimensions and can be exploited to cause a heap-based buffer overflow. Successful exploitation may allow execution of arbitrary code.

tags | advisory, overflow, arbitrary
advisories | CVE-2010-1508
MD5 | d0b224acd73fb622c54986e75999123e
HP System Management Homepage Cross Site Scripting
Posted Dec 8, 2010
Authored by ProCheckUp | Site procheckup.com

The HP System Management Homepage suffers from multiple cross site scripting vulnerabilities. Versions 3.0.0.68, 3.0.2.77 and 6.1.0.103 have all been found affected.

tags | exploit, vulnerability, xss
MD5 | 0ab8705c1b70015991fcc1e05ef56bc9
Windows XP SP3 EN Calc Shellcode
Posted Dec 8, 2010
Authored by AutoSec Tools

16 bytes small Windows XP SP3 EN calc.exe shellcode.

tags | shellcode
systems | windows, xp
MD5 | c0f377daad020f4520463946b53a5002
Wonderware InBatch 9.0sp1 Buffer Overflow
Posted Dec 8, 2010
Authored by Luigi Auriemma | Site aluigi.org

Wonderware InBatch versions 9.0sp1 and below suffer from a buffer overflow vulnerability. Use the related file to exploit it.

tags | advisory, overflow
MD5 | 3cd6f052e80266a816888e24efcc6591
RomPager 4.07 Denial Of Service
Posted Dec 8, 2010
Authored by Ricky-Lee Birtles

Rompager version 4.07 can have a reboot triggered when a specially crafted HTTP request is sent, leading to a denial of service condition.

tags | exploit, web, denial of service
MD5 | d253472aa1ee97e2d8000261a6693012
Ubuntu Security Notice USN-1029-1
Posted Dec 8, 2010
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1029-1 - It was discovered that an old bug workaround in the SSL/TLS server code allowed an attacker to modify the stored session cache ciphersuite. This could possibly allow an attacker to downgrade the ciphersuite to a weaker one on subsequent connections. It was discovered that an old bug workaround in the SSL/TLS server code allowed allowed an attacker to modify the stored session cache ciphersuite. An attacker could possibly take advantage of this to force the use of a disabled cipher. This vulnerability only affects the versions of OpenSSL in Ubuntu 6.06 LTS, Ubuntu 8.04 LTS, and Ubuntu 9.10.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2008-7270, CVE-2010-4180
MD5 | 7ac46ef7d99dc1d04d558228b727044c
HP Security Bulletin HPSBUX02611 SSRT090201
Posted Dec 8, 2010
Authored by HP | Site hp.com

HP Security Bulletin HPSBUX02611 SSRT090201 - A potential security vulnerability has been identified with HP-UX running threaded processes. The vulnerability could be exploited remotely to create a Denial of Service (DoS). Revision 1 of this advisory.

tags | advisory, denial of service
systems | hpux
advisories | CVE-2010-4108
MD5 | afd826c57569975f98ff0b4dfd50e923
Linux Kernel 2.6.37 Local Privilege Escalation
Posted Dec 8, 2010
Authored by Dan Rosenberg

Linux kernel local privilege escalation exploit for versions 2.6.37 and below. It leverages three separate vulnerabilities to achieve root including a NULL pointer dereference, being able to assign arbitrary Econet addresses to arbitrary interfaces, and the ability to write a NULL word to an arbitrary kernel address.

tags | exploit, arbitrary, kernel, local, root, vulnerability
systems | linux
advisories | CVE-2010-4258, CVE-2010-3849, CVE-2010-3850
MD5 | 5b0af44ff36bff6ec1af16b88b07c3af
Ubuntu Security Notice USN-1028-1
Posted Dec 8, 2010
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1028-1 - It was discovered that ImageMagick would search for configuration files in the current directory. If a user were tricked into opening or processing an image in an arbitrary directory, a local attacker could execute arbitrary code with the user's privileges.

tags | advisory, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2010-4167
MD5 | 49c2fed2a7ff0dd003048c1e74fb4c42
Ubuntu Security Notice USN-1027-1
Posted Dec 8, 2010
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1027-1 - It was discovered that Quagga incorrectly handled certain Outbound Route Filtering (ORF) records. A remote authenticated attacker could use this flaw to cause a denial of service or potentially execute arbitrary code. The default compiler options for Ubuntu 8.04 LTS and later should reduce the vulnerability to a denial of service. It was discovered that Quagga incorrectly parsed certain AS paths. A remote attacker could use this flaw to cause Quagga to crash, resulting in a denial of service.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2010-2948, CVE-2010-2949
MD5 | f2529f116336cab668d58d4492475828
Ubuntu Security Notice USN-1026-1
Posted Dec 8, 2010
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1026-1 - It was discovered that Python Paste did not properly sanitize certain strings, resulting in cross-site scripting (XSS) vulnerabilities. With cross-site scripting vulnerabilities, if a user were tricked into viewing server output during a crafted server request, a remote attacker could exploit this to modify the contents, or steal confidential data, within the same domain.

tags | advisory, remote, vulnerability, xss, python
systems | linux, ubuntu
advisories | CVE-2010-2477
MD5 | 7536c74ad809f907f3bfecc7d8878aa0
HP Security Bulletin HPSBMI02614 SSRT100344
Posted Dec 8, 2010
Authored by HP | Site hp.com

HP Security Bulletin HPSBMI02614 SSRT100344 - A potential security vulnerability has been identified with HP webOS Contacts Application. This vulnerability could be exploited to execute arbitrary HTML or JavaScript. Revision 1 of this advisory.

tags | advisory, arbitrary, javascript
advisories | CVE-2010-4109
MD5 | 9b827c40ebe2010917ad2f2c7240cc33
Zero Day Initiative Advisory 10-262
Posted Dec 8, 2010
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 10-262 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Quicktime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within how the application parses directBitsRect records within a .pict file. When decompressing data within this structure, the application will allocate space for the target buffer using fields described within the file and then use a different length to decompress the total data from the file. This can lead to code execution under the context of the application.

tags | advisory, remote, arbitrary, code execution
systems | apple
advisories | CVE-2010-3800
MD5 | 2e51b6f4a75cbfbc814be56bf38933de
Zero Day Initiative Advisory 10-261
Posted Dec 8, 2010
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 10-261 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the application's implementation of a custom compression algorithm. The application will trust a field within a DirectBitsRect structure which is used for an allocation, and later attempt to decompress data into this buffer. Due to the value for the allocation being different from the length of the data being decompressed a buffer overflow will occur which can lead to code execution with the privileges of the application.

tags | advisory, remote, overflow, arbitrary, code execution
systems | apple
advisories | CVE-2010-3800
MD5 | 793da9f7e146cd6e3024cb06e13ec61e
Zero Day Initiative Advisory 10-260
Posted Dec 8, 2010
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 10-260 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Quicktime. User interaction is required to exploit this vulnerability in that a user must be coerced into visiting a malicious page or opening a malicious file. The specific flaw exists within Apple's support for Panoramic Images and occurs due to the application trusting a particular field for calculation of an offset. Due to the field being treated as a signed integer, the calculated offset can result in a pointer outside the bounds of the expected buffer. Upon usage of this out-of-bounds pointer, the application will write proceed to write image data to the invalid location. Successful exploitation can lead to code execution under the context of the application.

tags | advisory, remote, arbitrary, code execution
systems | apple
advisories | CVE-2010-3802
MD5 | 059cc61826de0fa772f0cf072878bad5
Zero Day Initiative Advisory 10-259
Posted Dec 8, 2010
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 10-259 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Quicktime. User interaction is required in that a user must be coerced into opening up a malicious document or visiting a malicious website. The specific flaw exists within the way the application parses a particular property out of a flashpix file. The application will explicitly trust a field in the property as a length for a loop over an array of data structures. If this field's value is larger than the number of objects, the application will utilize objects outside of this array. Successful exploitation can lead to code execution under the context of the application.

tags | advisory, remote, arbitrary, code execution
systems | apple
advisories | CVE-2010-3801
MD5 | 11c5cb789eb4f7c7044a7c7e7824eb4f
Zero Day Initiative Advisory 10-258
Posted Dec 8, 2010
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 10-258 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Quicktime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the Quicktime.qts module responsible for parsing media files. While handling 3GP streams a function within this module a loop trusts a value directly from the media file and uses it during memory copy operations. By supplying a large enough value this buffer can be overflowed leading to arbitrary code execution under the context of the user accessing the file.

tags | advisory, remote, overflow, arbitrary, code execution
systems | apple
advisories | CVE-2010-1508
MD5 | 870a65ad9c6478b780c5316cb87c1e70
ZRTP Protocol Library 1.5.3
Posted Dec 8, 2010
Site gnutelephony.org

ZRTP Protocol Library is an implementation of Phil Zimmermann's ZRTP protocol, created based on and interoperable with Zfone beta 2. Combined with the GNU RTP Stack (ccrtp), this offers the ability to create communication services that natively support the ZRTP protocol.

Changes: Support for building the library using the Android NDK has been added, as well as C wrappers to make it easy to build with pjsip. Fixes for race conditions and better support for multi-stream mode were also added. Updated for the latest inter-operable ZRTP specs. Requires ccrtp 1.7.2 (or later), which fixes an issue with padded SRTP packets.
tags | protocol, library
systems | unix
MD5 | 48ab943615491fc45b886af3172b6d9d
Cisco Template Manager 0.3.0
Posted Dec 8, 2010
Authored by Pavol Krigler | Site gelogic.net

Cisco Template Manager (CTM) is a set of tools that make it easy to manage Cisco configurations over a whole network based on your self-defined templates. Templates support regular expressions. It works with the C760x, C730x, C37xx, C35xx, C29xx, C28xx, C18xx, and C17xx series.

Changes: The CTM has better support for ACL checking. The CTM now supports the following ACL types: access list, IP access list, IPv6 access list, and MAC access list. The main difference between common section files and ACL files is the way of checking. From CTM version 0.3.0, the template ACL and Cisco ACL are compared with the diff command, which will ensure the right sequence of every ACL line.
systems | cisco, unix
MD5 | 2f4f37e51919da08b89728beefbde736
Mandriva Linux Security Advisory 2010-249
Posted Dec 8, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-249 - Multiple unspecified vulnerabilities in pdf.c in libclamav in ClamAV before 0.96.5 allow remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted PDF document. Off-by-one error in the icon_cb function in pe_icons.c in libclamav in ClamAV before 0.96.5 allows remote attackers to cause a denial of service or possibly execute arbitrary code via unspecified vectors. NOTE: some of these details are obtained from third party information.

tags | advisory, remote, denial of service, arbitrary, vulnerability
systems | linux, mandriva
advisories | CVE-2010-4260, CVE-2010-4261, CVE-2010-4479
MD5 | eb14530d6f1724d0545b64c433c2f4d1
Solarwinds Orion NPM 10.1 Cross Site Scripting
Posted Dec 8, 2010
Authored by x0skel

Solarwinds Orion NPM version 10.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 0a3582ad2e30fd1a49575fbc1a354401
Mandriva Linux Security Advisory 2010-248
Posted Dec 8, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-248 - OpenSSL before 0.9.8q, and 1.0.x before 1.0.0c, when SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG is enabled, does not properly prevent modification of the ciphersuite in the session cache, which allows remote attackers to force the use of an unintended cipher via vectors involving sniffing network traffic to discover a session identifier.

tags | advisory, remote
systems | linux, mandriva
advisories | CVE-2010-4180
MD5 | 59997337bf7c346b04d0c1e00b9a02f9
VMware Security Advisory 2010-0019
Posted Dec 8, 2010
Authored by VMware | Site vmware.com

VMware Security Advisory 2010-0019 - ESX 3.x Console OS (COS) updates for samba, bzip2, and openssl packages.

tags | advisory
advisories | CVE-2009-0590, CVE-2009-2409, CVE-2009-3555, CVE-2010-0405, CVE-2010-3069
MD5 | 77bea71347b06ea7767dc27e922cab06
Firewall Builder With GUI 4.1.3
Posted Dec 8, 2010
Site fwbuilder.org

Firewall Builder consists of a GUI and set of policy compilers for various firewall platforms. It helps users maintain a database of objects and allows policy editing using simple drag-and-drop operations. The GUI and policy compilers are completely independent, which provides for a consistent abstract model and the same GUI for different firewall platforms. It currently supports iptables, ipfilter, ipfw, OpenBSD pf, Cisco PIX and FWSM, and Cisco routers access lists.

Changes: This release comes with a number of usability improvements and bugfixes, such as the addition of an Advanced User mode to reduce the number of tooltips for power users, and the addition of a new policy rule checkbox to define whether new rules have logging enabled or disabled by default. Critical bugfixes include improved support for Windows systems that use PuTTY sessions and configuration of IP broadcast addresses on interfaces. Fixes related to cluster configurations include support for import of branching rules when a cluster is created and generating NAT rules that require the iptables REDIRECT target.
tags | tool, firewall
systems | cisco, linux, unix, openbsd
MD5 | 7cb6d50ce6f02b485525405bd00d8c33
Secunia Security Advisory 42545
Posted Dec 8, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in the Processing Embed plugin for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
MD5 | 434786dcb5cee55e7829b2839a2cc0c9
Page 1 of 3
Back123Next

File Archive:

June 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    1 Files
  • 2
    Jun 2nd
    2 Files
  • 3
    Jun 3rd
    19 Files
  • 4
    Jun 4th
    21 Files
  • 5
    Jun 5th
    15 Files
  • 6
    Jun 6th
    12 Files
  • 7
    Jun 7th
    11 Files
  • 8
    Jun 8th
    1 Files
  • 9
    Jun 9th
    1 Files
  • 10
    Jun 10th
    15 Files
  • 11
    Jun 11th
    15 Files
  • 12
    Jun 12th
    15 Files
  • 13
    Jun 13th
    8 Files
  • 14
    Jun 14th
    16 Files
  • 15
    Jun 15th
    2 Files
  • 16
    Jun 16th
    1 Files
  • 17
    Jun 17th
    18 Files
  • 18
    Jun 18th
    15 Files
  • 19
    Jun 19th
    15 Files
  • 20
    Jun 20th
    0 Files
  • 21
    Jun 21st
    0 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close