exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 26 RSS Feed

Files Date: 2010-12-10

RealNetworks RealPlayer MDPR Chunk Size Remote Code Execution
Posted Dec 10, 2010
Authored by Aaron Portnoy, Logan Brown | Site tippingpoint.com

A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of RealNetworks RealPlayer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within RealPlayer's handling of Internet Video Recording (.ivr) files. While parsing the MLTI chunk the process trusts the field responsible for denoting the size of an embedded MDPR chunk. By modifying this value in an IVR file an attacker can force a misallocation on the heap. The process can then be made to write past the bounds of the buffer, corrupting memory. This can be leveraged to execute arbitrary code under the context of the user invoking RealPlayer.

tags | advisory, remote, arbitrary
advisories | CVE-2010-4390
SHA-256 | ef22d184b5a4a171517add373ae6dc8fd3d072df971cf7a90421dcccf5664ddc
LiteSpeed Web Server 4.0.17 Remote Exploit
Posted Dec 10, 2010
Authored by Kingcope

LiteSpeed Web Server version 4.0.17 with PHP remote exploit for FreeBSD that uses a reverse shell.

tags | exploit, remote, web, shell, php
systems | freebsd
SHA-256 | b0012b61c33fd5c2dc2a099bfb8c36b4de98d5171a58428b919cf7223ecaadd4
RealNetworks RealPlayer MLTI Stream Number Remote Code Execution
Posted Dec 10, 2010
Authored by Aaron Portnoy, Logan Brown | Site tippingpoint.com

A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of RealNetworks RealPlayer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within RealPlayer's handling of Internet Video Recording (.ivr) files. While parsing the MLTI chunk the process trusts the field responsible for denoting the number of streams within the chunk. By modifying this value in an IVR file, an attacker can force a processing loop to overrun and corrupt heap memory. This can be abused to execute arbitrary code under the context of the user invoking RealPlayer.

tags | advisory, remote, overflow, arbitrary
advisories | CVE-2010-4390
SHA-256 | 6ed8ef7f4d23f0fee569702d8aba5ef2ba635dcf17e9a56a9b184e9acc1c3004
Joomla 1.5.22 Cross Site Scripting
Posted Dec 10, 2010
Authored by MustLive

Joomla versions 1.5.22 and below suffer from abuse of functionality and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 3d6c162096d77deb10c8a77a3b58b9d47de91da5158318bb42645b5a3b69f440
Ostinato Traffic Generator 0.3 Windows Binary
Posted Dec 10, 2010
Authored by Srivats P | Site code.google.com

Ostinato is an open-source, cross-platform packet/traffic generator and analyzer with a friendly GUI. It aims to be "Wireshark in Reverse" and thus become complementary to Wireshark. This is the windows binary release.

Changes: IGMP, MLD, HexDump (user defined content) protocols added. Several bugfixes.
tags | tool
systems | windows
SHA-256 | 4cfa61d55987c4bf069662dc1c30e6c0faf532d55dedfc3af8bdfdadea41f160
Ostinato Traffic Generator 0.3 Mac OS X
Posted Dec 10, 2010
Authored by Srivats P | Site code.google.com

Ostinato is an open-source, cross-platform packet/traffic generator and analyzer with a friendly GUI. It aims to be "Wireshark in Reverse" and thus become complementary to Wireshark. This is the Mac OS X release.

Changes: IGMP, MLD, HexDump (user defined content) protocols added. Several bugfixes.
tags | tool
systems | windows, apple, osx
SHA-256 | 790089a6b37cb6940e2218fe426932092d202eb51608d26002a2219c50e57ae8
Ostinato Traffic Generator 0.3 Source Code
Posted Dec 10, 2010
Authored by Srivats P | Site code.google.com

Ostinato is an open-source, cross-platform packet/traffic generator and analyzer with a friendly GUI. It aims to be "Wireshark in Reverse" and thus become complementary to Wireshark.

Changes: IGMP, MLD, HexDump (user defined content) protocols added. Several bugfixes.
tags | tool
systems | windows, unix
SHA-256 | d257270879533212d7fec9f5260b4d3163e0822f8ffdde0fa3f96779fd12e1bb
PHP 5.3.3 GD Stack Buffer Overflow
Posted Dec 10, 2010
Authored by Martin Barbella

PHP 5.3.3 suffers from a GD extension imagepstext stack buffer overflow vulnerability.

tags | exploit, overflow, php
SHA-256 | dd471798a94019e55c17a159a67a7b668dc2b65a5268afe78a02db0606ae93bc
RealNetworks RealPlayer SIPR Stream Frame Dimensions Remote Code Execution
Posted Dec 10, 2010
Authored by Aaron Portnoy, Logan Brown, Zef Cekaj | Site tippingpoint.com

A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of RealNetworks RealPlayer. Authentication is not required to exploit this vulnerability. The specific flaw exists within the drv1.dll module. Code responsible for parsing SIPR stream metadata trusts frame width and height values from the input file. By crafting particular values an integer value used in a loop can be made to wrap negatively. The loop will subsequently overflow a static heap buffer during an inline memory copy. By crafting a malicious .rm file an attacker can exploit this vulnerability remotely using the RealPlayer ActiveX control.

tags | advisory, remote, overflow, arbitrary, activex
advisories | CVE-2010-4385
SHA-256 | 9008fd6701a36aedb79d1920596baf54f3e5c2c61a1f4933ad72ba730297ce9a
Joomla Redirect Local File Inclusion
Posted Dec 10, 2010
Authored by jos_ali_joe

The Joomla Redirect component suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
SHA-256 | f5e16a32e232c7b86fa162046047fee285a2a477fef1753ae87ce6414c3addbc
CMS Articles NA 1.4 SQL Injection
Posted Dec 10, 2010
Authored by jos_ali_joe

CMS Articles NA version 1.4 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 54bccc80ec75c87314f22778b93627ca97d8858ade981c6dc4eb85e081856f04
Novell Vibe 3 BETA OnPrem Stored Cross Site Scripting
Posted Dec 10, 2010
Authored by Rob Kraus, Paul Petefish | Site solutionary.com

Novell Vibe version 3 BETA OnPrem suffers from a stored cross site scripting vulnerability.

tags | advisory, xss
advisories | CVE-2010-4322
SHA-256 | 38d0853e67710878d23cc032e0905d8715455a8808a2d048463114929f781f0e
PHP 5.3.3 Integer Overflow
Posted Dec 10, 2010
Authored by Maksymilian Arciemowicz

PHP version 5.3.3 suffers from a NumberFormatter::getSymbol integer overflow vulnerability.

tags | exploit, overflow, php
advisories | CVE-2010-4409
SHA-256 | 1df59e17c946c51528d4029507cbbbe55391b84ff9525a5af9000a7bc64461a6
slickMsg 0.7-alpha Cross Site Scripting
Posted Dec 10, 2010
Authored by Aliaksandr Hartsuyeu | Site evuln.com

slickMsg version 0.7-alpha suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 05f71f01e1129b895a298a759b4e9e4e600acac2041a51ab717be52077de08de
Sulata iSoft Local File Disclosure
Posted Dec 10, 2010
Authored by Sudden_death

Sulata iSoft suffers from a local file disclosure vulnerability in stream.php.

tags | exploit, local, php, info disclosure
SHA-256 | 0ccda2ac70c51aec68ad2416f65d43d903a1d928e638ddfea4ca1f7c896e52cd
BizDir 5.10 Cross Site Scripting
Posted Dec 10, 2010
Authored by Aliaksandr Hartsuyeu | Site evuln.com

BizDir version 5.10 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | d846d7b63465d18d943007a50e20c237dea459e54e488848145dc85a72ebecfa
Joomla Billy Portfolio 1.1.2 Blind SQL Injection
Posted Dec 10, 2010
Authored by jdc

The Joomla Billy Portfolio component version 1.1.2 suffers from a remote blind SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | df056ca38fdfc77b1691d2f5f92458740f8b5fa05e8ea171129a2cd4e6cdc6d6
ManageEngine EventLog Analyzer 6.1 Denial Of Service
Posted Dec 10, 2010
Authored by Rob Kraus, Jose R. Hernandez | Site solutionary.com

ManageEngine EventLog Analyzer version 6.1 suffers from a syslog related denial of service vulnerability.

tags | advisory, denial of service
SHA-256 | 9f4921e40b2aa8b7483acda6af72d4fa70c77ca1e595b48731a77471bae50f5a
Zero Day Initiative Advisory 10-263
Posted Dec 10, 2010
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 10-263 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of CA ARCserve Replication and High Availability. Authentication is not required to exploit this vulnerability. The specific flaw exists within the "create_session_bab" SOAP operation, which is handled by the xosoapapi.asmx process that is crucial to the remote administration of both the High Availability and the Replication products. By sending a specially crafted POST request to the xosoapapi.asmx process a remote, unauthenticated attacker can trigger a buffer overflow condition that results in arbitrary code execution under the context of the SOAP server process.

tags | advisory, remote, overflow, arbitrary, code execution
advisories | CVE-2010-3984
SHA-256 | 732bf3442e6da2fe98cceb20002cd9124a7abfd5f86bcb66579eb08e7127f203
Ubuntu Security Notice USN-1031-1
Posted Dec 10, 2010
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1031-1 - Arkadiusz Miskiewicz and others discovered that the PDF processing code in libclamav improperly validated input. This could allow a remote attacker to craft a PDF document that could crash clamav or possibly execute arbitrary code. It was discovered that an off-by-one error in the icon_cb function in pe_icons.c in libclamav could allow an attacker to corrupt memory, causing clamav to crash or possibly execute arbitrary code. In the default installation, attackers would be isolated by the clamav AppArmor profile.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2010-4260, CVE-2010-4261, CVE-2010-4479
SHA-256 | d0f9bc4b01b56f6c35bd1a69cb58cd5c1ff58f1214a2c3965971aaddf9b5ea2b
Ubuntu Security Notice USN-1020-1
Posted Dec 10, 2010
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1020-1 - Jesse Ruderman, Andreas Gal, Nils, Brian Hackett, and Igor Bukanov discovered several memory issues in the browser engine. An attacker could exploit these to crash Thunderbird or possibly run arbitrary code as the user invoking the program. Marc Schoenefeld and Christoph Diehl discovered several problems when handling downloadable fonts. The new OTS font sanitizing library was added to mitigate these issues.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2010-3768, CVE-2010-3776, CVE-2010-3777, CVE-2010-3778
SHA-256 | 58125ecef67a854a08073ba14044044eff383049ce27f28c18c034a16b68f915
Mandriva Linux Security Advisory 2010-251
Posted Dec 10, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-251 - Security issues were identified and fixed in firefox. Security researchers Yosuke Hasegawa and Masatoshi Kimura reported that the x-mac-arabic, x-mac-farsi and x-mac-hebrew character encodings are vulnerable to XSS attacks due to some characters being converted to angle brackets when displayed by the rendering engine. Google security researcher Michal Zalewski reported that when a window was opened to a site resulting in a network or certificate error page, the opening site could access the document inside the opened window and inject arbitrary content. Mozilla security researcher moz_bug_r_a4 reported that the fix for could be circumvented permitting the execution of arbitrary JavaScript with chrome privileges. Security researcher regenrecht reported via TippingPoint's Zero Day Initiative that JavaScript arrays were vulnerable to an integer overflow vulnerability. Various other issues were also addressed.

tags | advisory, overflow, arbitrary, javascript
systems | linux, mandriva
advisories | CVE-2010-3770, CVE-2010-3774, CVE-2010-3773, CVE-2010-3767, CVE-2010-3766, CVE-2010-3775, CVE-2010-3768, CVE-2010-3772, CVE-2010-3771, CVE-2010-3769, CVE-2010-3776, CVE-2010-3777
SHA-256 | 16122a701f5f539a783c5b878ccf9fe72cee3d02e7ec9741e38419714da1014a
Zero Day Initiative Advisory 10-265
Posted Dec 10, 2010
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 10-265 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within Firefox's management of the JSSLOT_ARRAY_COUNT annotation. This value represents the number of items filled within a given Array object. If an attacker creates an array to a high enough value, an initialization routine can be made to mis-allocate a buffer. This can be abused by an attacker to corrupt memory and subsequently execute arbitrary code under the context of the user running the browser.

tags | advisory, remote, arbitrary
advisories | CVE-2010-3767
SHA-256 | 75b03482e75543985b5e511481850aa72e3865412d33cf8444b5cf97d0d8ca83
Zero Day Initiative Advisory 10-264
Posted Dec 10, 2010
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 10-264 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the application's support of the NodeIterator API used for element traversal. Due to a particular element not implementing functionality required by the API, a use-after free vulnerability can be forced to occur. This can be used to achieve code execution under the context of the application.

tags | advisory, remote, arbitrary, code execution
advisories | CVE-2010-3766
SHA-256 | 7b5bb458fc4220d1f9db581ca89419c0f49e85793d1c5dc4993db945e7802b26
Mandriva Linux Security Advisory 2010-250
Posted Dec 10, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-250 - The multipart_init function in Simple.pm in CGI::Simple 1.112 and earlier uses a hardcoded value of the MIME boundary string in multipart/x-mixed-replace content, which allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via crafted input that contains this value, a different vulnerability than CVE-2010-3172. The updated packages have been patched to correct this issue.

tags | advisory, remote, web, arbitrary, cgi
systems | linux, mandriva
advisories | CVE-2010-2761
SHA-256 | b7f64cfb55262b0406f6c5964fd0e2fb06ab945161587fa019059be5d48fad83
Page 1 of 2
Back12Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close