exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 52 RSS Feed

Files Date: 2010-12-11

PowerShell XP 3.0.1 Buffer Overflow
Posted Dec 11, 2010
Authored by m_101

PowerShell XP version 3.0.1 buffer overflow exploit.

tags | exploit, overflow
SHA-256 | 446a585e1ae00a3128deb6fbcfbf923285a37b0964c09c0fb89942ac45f96c79
Exim 4.63 Remote Root Exploit
Posted Dec 11, 2010
Authored by Kingcope

Exim version 4.63 remote root exploit that uses a connect-back shell. Works on RedHat, Centos and Debian.

tags | exploit, remote, shell, root
systems | linux, redhat, debian, centos
advisories | CVE-2010-4344
SHA-256 | af8e1e361c82fc87041373b6e4044b0f7d87c3a5ff26e31b243a3efd06e7c7ca
Clear iSpot / Clearspot 2.0.0.0 Cross Site Request Forgery
Posted Dec 11, 2010
Authored by Matthew Jakubowski, Trustwave | Site trustwave.com

Clear iSpot / Clearspot version 2.0.0.0 suffers from multiple cross site request forgery vulnerabilities.

tags | exploit, vulnerability, csrf
advisories | CVE-2010-4507
SHA-256 | 557f592e7d9902546a91c2ef1117b4bcd128072e4039a2a740e535462ca0814d
BinPack Portable Security Environment 2.0.1
Posted Dec 11, 2010
Authored by Garrett Gee | Site westcoasthackers.net

BinPack is a portable security environment for Windows. With 100+ security tools in the repository, you can easily convert any system into a hacking platform in minutes.

systems | windows
SHA-256 | 40998045d55d1a966a8b323f752174b62aae73bdd9c817bcd067012f3a054d63
ManageEngine EventLog Analyzer 6.1 Cross Site Scripting
Posted Dec 11, 2010
Authored by Rob Kraus, Jose R. Hernandez | Site solutionary.com

ManageEngine EventLog Analyzer version 6.1 suffers from multiple cross site scripting vulnerabilities.

tags | advisory, vulnerability, xss
SHA-256 | 7cb6e64c640b4ec8752b210b56496188f79b9a7b16c49c12fea64d2fd0b98a37
Ubuntu Security Notice USN-1032-1
Posted Dec 11, 2010
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1032-1 - Sergey Kononenko and Eugene Bujak discovered that Exim did not correctly truncate string expansions. A remote attacker could send specially crafted email traffic to run arbitrary code as the Exim user, which could also lead to root privileges.

tags | advisory, remote, arbitrary, root
systems | linux, ubuntu
advisories | CVE-2010-4344
SHA-256 | 77e24a5685302d1d9a4706ecabe2856bbab0526e7306773761125b28efb31777
Debian Security Advisory 2132-1
Posted Dec 11, 2010
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2132-1 - Several remote vulnerabilities have been discovered in Xulrunner, a runtime environment for XUL applications.

tags | advisory, remote, vulnerability
systems | linux, debian
advisories | CVE-2010-3776, CVE-2010-3778, CVE-2010-3769, CVE-2010-3771, CVE-2010-3772, CVE-2010-3775, CVE-2010-3767, CVE-2010-3773, CVE-2010-3770
SHA-256 | c5d9a55fe018b8f6a0b528859bf11a53d47cceff2f04edf9259e2c76a8e58d39
Debian Security Advisory 2130-1
Posted Dec 11, 2010
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2130-1 - Several remote vulnerabilities have been discovered in BIND, an implementation of the DNS protocol suite.

tags | advisory, remote, vulnerability, protocol
systems | linux, debian
advisories | CVE-2010-3762, CVE-2010-3614, CVE-2010-3613
SHA-256 | 8619555691ee3c9a9f71cbb29b207a854db81f998436b8970e8817160cf901d6
Debian Security Advisory 2131-1
Posted Dec 11, 2010
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2131-1 - Several vulnerabilities have been found in exim4 that allow a remote attacker to execute arbitrary code as root user. Exploits for these issues have been seen in the wild.

tags | advisory, remote, arbitrary, root, vulnerability
systems | linux, debian
advisories | CVE-2010-4344
SHA-256 | 5b6512209c1f9073f2e15c1c0f2b5721c46a834515e3e9afa824750e050dcb56
Trixbox langChoice PHP Local File Inclusion
Posted Dec 11, 2010
Authored by chao-mu | Site metasploit.com

This Metasploit module injects php into the trixbox session file and then, in a second call, evaluates that code by manipulating the langChoice parameter as described in OSVDB-50421.

tags | exploit, php
SHA-256 | 9b7e8ae28d33302b7ffa0676ac26fc8fa6a5750081a14578e8b38881ca02354f
Exim4 <= 4.69 string_format Function Heap Buffer Overflow
Posted Dec 11, 2010
Authored by H D Moore, jduck | Site metasploit.com

This Metasploit module exploits a heap buffer overflow within versions of Exim prior to version 4.69. By sending a specially crafted message, an attacker can corrupt the heap and execute arbitrary code with the privileges of the Exim daemon.

tags | exploit, overflow, arbitrary
advisories | CVE-2010-4344, CVE-2010-4345, OSVDB-69685
SHA-256 | 15971c9b06d4a9c47a89c4805a714e4e8f8fade760ff5ea9313cc6eeb5a8d923
Zero Day Initiative Advisory 10-282
Posted Dec 11, 2010
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 10-282 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of RealNetworks RealPlayer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within RealPlayer's parsing of RealPix files. If such a file contains an image tag pointing to a remote server, the player will attempt to fetch the remote file. When parsing the response from the web server, the process blindly copies the contents of the Server header into a fixed length heap buffer. If an attacker provides a large enough string, critical pointers can be overwritten allowing for arbitrary code execution under the context of the user running the player.

tags | advisory, remote, web, arbitrary, code execution
advisories | CVE-2010-4394
SHA-256 | a844d514524684ea744af60a53c7bea438314ca9be693a9bc51d1c53bd38305d
Zero Day Initiative Advisory 10-281
Posted Dec 11, 2010
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 10-281 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of RealNetworks RealPlayer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the applications support for parsing the RMX file format. When parsing the format, the application will explicitly trust 32-bits in a field used in the header for the allocation of an array. This can cause a buffer to be under-allocated and will cause a buffer overflow when initializing the array. This can lead to code execution under the context of the application.

tags | advisory, remote, overflow, arbitrary, code execution
advisories | CVE-2010-4391
SHA-256 | 63c2ef3a3fc30ef875917113c9e9af486b764fc6723646fc657a7c1e88bc296b
Zero Day Initiative Advisory 10-280
Posted Dec 11, 2010
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 10-280 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of RealNetworks RealPlayer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within how the application decodes data for a particular mime type within a RealMedia file. When decoding the data used for rendering, the application will use the length of a string in an addition used to calculate the size of a buffer. The application will zero-extend it and then allocate. Due to the addition, the result of the calculation can be greater than 16-bits, and when the typecast occurs the result will be smaller than expected. When initializing this buffer, a buffer overflow will occur which can allow for code execution under the context of the application.

tags | advisory, remote, overflow, arbitrary, code execution
advisories | CVE-2010-4392
SHA-256 | f505b27fedf42087b38ac140176d227c5e26666f84896b57c68918f09afb40fb
Zero Day Initiative Advisory 10-279
Posted Dec 11, 2010
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 10-279 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of RealNetworks RealPlayer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within how the application parses cook-specific data used for initialization. The application will use a length in a copy without verifying it being larger than the destination buffer. Successful exploitation can lead to code execution under the context of the application.

tags | advisory, remote, arbitrary, code execution
advisories | CVE-2010-4389
SHA-256 | 2ac78df5cfbdc8ee31da8ed32d56a08cb345debb3b869ec24dc6680258112875
Zero Day Initiative Advisory 10-278
Posted Dec 11, 2010
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 10-278 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of RealNetworks RealPlayer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the Custsupport.html component of the RealPlayer default installation. Due to a failure to properly sanitize user-supplied input, it is possible for an attacker to inject arbitrary code into the RealOneActiveXObject process. This can be abused to bypass the Local Machine Zone security policy and load unsafe controls. Successful exploitation of this issue leads to remote code execution under the context of the RealPlayer application.

tags | advisory, remote, arbitrary, local, code execution, activex
advisories | CVE-2010-4388
SHA-256 | a9f146fd8b222c91545dbb4a4c823cbb9ce33ba31f28ea6a29711bccb7f865e0
Zero Day Initiative Advisory 10-277
Posted Dec 11, 2010
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 10-277 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of RealNetworks RealPlayer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the Main.html component of the RealPlayer default installation. Due to a failure to properly sanitize user-supplied input, it is possible for an attacker to inject arbitrary code into the RealOneActiveXObject process. This can be abused to bypass the Local Machine Zone security policy and load unsafe controls. Successful exploitation of this issue leads to remote code execution under the context of the RealPlayer application.

tags | advisory, remote, arbitrary, local, code execution, activex
advisories | CVE-2010-4388
SHA-256 | 7cd65f8b5b0a062d5e1c7cbe7e5b128e3615de95945c5124b78ea83e2957169b
Zero Day Initiative Advisory 10-276
Posted Dec 11, 2010
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 10-276 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of RealNetworks RealPlayer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the Upsell.htm component of the RealPlayer default installation. Due to a failure to properly sanitize user-supplied input, it is possible for an attacker to inject arbitrary code into the RealOneActiveXObject process via the getqsval function. This can be abused to bypass the Local Machine Zone security policy and load unsafe controls. Successful exploitation of this issue leads to remote code execution under the context of the RealPlayer application.

tags | advisory, remote, arbitrary, local, code execution, activex
advisories | CVE-2010-4388
SHA-256 | 8e36d0811003e779fba44643d1bbe5b51eeeeb1f879438124ed23e4ce6a675f5
Zero Day Initiative Advisory 10-275
Posted Dec 11, 2010
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 10-275 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of RealNetworks RealPlayer. User interaction is requires in that a target must navigate to a malicious page. The specific flaw exists within the HandleAction method of the RealPlayer ActiveX control with CLSID FDC7A535-4070-4B92-A0EA-D9994BCC0DC5. The vulnerable action that can be invoked via this control is NavigateToURL. If NavigateToURL can be pointed to a controlled file on the user's system, RealPlayer can be made to execute scripts in the Local Zone. To accomplish this, a malicious attacker can force a download of a skin file to a predictable location and then point NavigateToURL at it thus achieving remote code execution under the context of the user running RealPlayer.

tags | advisory, remote, arbitrary, local, code execution, activex
advisories | CVE-2010-4396
SHA-256 | ba7fda2d455803161b7c5c66562d358aca0e458df0599f461315af574e9f3db6
Zero Day Initiative Advisory 10-274
Posted Dec 11, 2010
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 10-274 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of RealNetworks RealPlayer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists within the module responsible for decompressing RV20 video streams. The drv2.dll trusts a value from the file as a length and uses it within a copy loop that writes to heap memory. By specifying large enough values, heap memory can be corrupted which can lead to arbitrary code execution under the context of the user accessing the media file.

tags | advisory, remote, arbitrary, code execution
advisories | CVE-2010-4378
SHA-256 | 7f73e7b515fa0cac4f27f4ab41cae25300467be42116301a8e8fd4379973e287
Zero Day Initiative Advisory 10-273
Posted Dec 11, 2010
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 10-273 - This vulnerability allows attackers to execute arbitrary code on vulnerable installations of RealNetworks RealPlayer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists when parsing an .AAC file containing a malformed MLLT atom. The application utilizes a size specified in this data structure for allocation of a list of objects. To calculate the size for the allocation, the application will multiply this length by 8. If the multiplication results in a value greater than 32 bits an integer overflow will occur. When copying data into this buffer heap corruption will occur which can lead to code execution under the context of the currently logged in user.

tags | advisory, overflow, arbitrary, code execution
advisories | CVE-2010-2999
SHA-256 | a1af742786b67a79216ee5a943a3c9310a4282d8725e0238e53e627f2cbad6c7
Zero Day Initiative Advisory 10-272
Posted Dec 11, 2010
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 10-272 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of RealNetworks RealPlayer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious media file. The specific flaw exists in the parsing of audio codec information encapsulated in a Real Audio media file. While processing cook audio codec data the number of subbands is improperly calculated. By specifying a large number of subbands an allocated heap chunk can be overflown. Successful exploitation can result in system compromise under the credentials of the currently logged in user.

tags | advisory, remote, overflow, arbitrary
advisories | CVE-2010-4377
SHA-256 | 122c4813641f49d9aa2f60456e86f200ba1cc74c9667e7ce6d63d41babbb294f
Zero Day Initiative Advisory 10-271
Posted Dec 11, 2010
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 10-271 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of RealNetworks RealPlayer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious media file. The specific flaw exists in the parsing of GIF87a files over the streaming protocol RTSP. When specifying a large Screen Width size in the Screen Descriptor header a calculation on the destination heap chunks size is improperly checked for overflow. This leads to a smaller buffer being allocated and subsequently a heap overflow when processing the received data. Exploitation of this vulnerability can lead to system compromise under the credentials of the currently logged in user.

tags | advisory, remote, overflow, arbitrary, protocol
advisories | CVE-2010-4376
SHA-256 | 6dfe0caaf35721d2cba472712071f7086a2bec905cceb9403be3f0503027baa9
Zero Day Initiative Advisory 10-270
Posted Dec 11, 2010
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 10-270 - This vulnerability allows remote attackers to execute arbitrary code on vulnerability installations of RealNetworks RealPlayer. User interaction is required to exploit this vulnerability in that the target must open a malicious SHOUTcast Stream. The specific flaw exists in the processing of the StreamTitle tag in a SHOUTcast stream using the ICY protocol. A specially crafted string supplied as the property for the title can result in a failed allocation of heap memory. This then causes the freeing of critical pointers that are subsequently used after freeing. Successful exploitation of this vulnerability can lead to system compromise under the credentials of the currently logged in user.

tags | advisory, remote, arbitrary, protocol
advisories | CVE-2010-2997
SHA-256 | 6b3c1a6c7010eaf0ddd7ecb9c38faba3c6ae65b26557c13d19518cd253877bec
Zero Day Initiative Advisory 10-269
Posted Dec 11, 2010
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 10-269 - This vulnerability allows remote attackers to execute arbitrary code on systems with vulnerable installations of the RealNetworks RealPlayer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists in RealPlayer's pnen3260.dll module while parsing the TIT2 atom within AAC files. The code within this module does not account for a negative size during an allocation and later uses the value as unsigned within a copy loop. Exploitation of this vulnerability allows an attacker to execute arbitrary code under the context of the user opening the AAC file.

tags | advisory, remote, arbitrary
advisories | CVE-2010-4397
SHA-256 | eae35c722cd123a7af53522ea7df47e8e9647306d32a6e34c7868244a3c29afd
Page 1 of 3
Back123Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close