what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 24 of 24 RSS Feed

Files Date: 2010-12-17

Radius Manager Cross Site Scripting
Posted Dec 17, 2010
Authored by Rodrigo Rubira Branco

Radius Manager version 3.8.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2010-4275
SHA-256 | 849ce4124b8868d4964c836f3f0fe5032b8b695ec1975c135f686eb55ae4a79c
Embedded Video WordPress Plugin Cross Site Scripting
Posted Dec 17, 2010
Authored by Rodrigo Rubira Branco

Embedded Video WordPress Plugin suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2010-4277
SHA-256 | e878442fc4101ed9c5163d489e152cacbae8369a6daf6621de5c5f33a5a44380
Apple Quicktime Memory Corruption
Posted Dec 17, 2010
Authored by Rodrigo Rubira Branco

The Apple QuickTime player does not properly parse .fpx media files, which causes a memory corruption by opening a malformed file with an invalid value located in PoC repro.fpx at offset 0x49. Tested vulnerable are versions 7.6.8 (1675) and 7.6.6 (1671).

tags | advisory
systems | apple
advisories | CVE-2010-3801
SHA-256 | facb84d8419ffcf0bba2fe7f89e1f2ae1bc160d4a44a1f04b6c7f18419579e90
Heap Taichi: Exploiting Memory Allocation Granularity In Heap-Spraying Attacks
Posted Dec 17, 2010
Authored by Wei Zou, TieLei Wang, Tao Wei, Zhenkai Liang, Yu Ding

Whitepaper called Heap Taichi: Exploiting Memory Allocation Granularity in Heap-Spraying Attacks.

tags | paper
SHA-256 | 5d81db54a8c1cb8adde0d3a9a3232376c7e10413b9da9189fa92a35fc83d1d8c
Gentoo Linux Security Advisory 201012-01
Posted Dec 17, 2010
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201012-1 - Multiple vulnerabilities have been reported in Chromium, some of which may allow user-assisted execution of arbitrary code. Versions less than 8.0.552.224 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
SHA-256 | 843dc252afb33ba84e4493131801ac4527c15a6f2ca5881fceb4574014d0fac1
Windows Win32k Pointer Dereference
Posted Dec 17, 2010
Authored by Stefan Le Berre, Ludo t0ka7a

Microsoft Windows Win32k pointer dereference proof of concept exploit that leverages the vulnerability noted in MS10-098.

tags | exploit, proof of concept
systems | windows
advisories | CVE-2010-3944
SHA-256 | 88c0d56f4f9ce474815203874c072f79800b80461abd432eb2320a32dcce001a
Alt-N WebAdmin 3.3.3 Source Code Disclosure
Posted Dec 17, 2010
Authored by Shennan Wang

Alt-N WebAdmin version 3.3.3 suffers from a remote source code disclosure vulnerability. Also affected is U-Mail for Windows version 9.8 and U-Mail GateWay for Windows version 9.8.

tags | exploit, remote, info disclosure
systems | windows
SHA-256 | 463f4e8bc5d27ae0d0f91b4239888aabb80818473f98de5f45f4248aebf01d9c
RTShop 2.0 SQL Injection
Posted Dec 17, 2010
Authored by KnocKout

RTShop version 2.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 68881dd1dd976189c619312cc6063d18f08f91ea6852c6fb8cf579a5781e565f
Easy Online Shop SQL Injection
Posted Dec 17, 2010
Authored by Easy Laster

Easy Online Shop suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 929e1833d696babaf764b9636f9b287f2b6d22a62944354286c5b2ef14e41776
Immo Makler Script SQL Injection
Posted Dec 17, 2010
Authored by Easy Laster

Immo Makler Script suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | f0472473d06efe5aaa8307fe6e2d182febd90e51cbdddc45877ce76d3ebf816c
Social Share Cross Site Scripting
Posted Dec 17, 2010
Authored by Aliaksandr Hartsuyeu | Site evuln.com

Social Share suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 8ccd8a654a1fc3b0182a14d032cef3fd9d0ffe57ed38687342c7625848f4d43d
D-Link DIR-300 Cross Site Request Forgery
Posted Dec 17, 2010
Authored by outlaw.dll

D-Link DIR-300 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | 4dd65f1f47ca740636fa5722f23e5b9764ea3b4b1e59312db89281f84927d9d6
Softbiz PHP Joke Site Software SQL Injection
Posted Dec 17, 2010
Authored by v3n0m

Softbiz PHP Joke Site suffers from multiple remote SQL injection vulnerabilities.

tags | exploit, remote, php, vulnerability, sql injection
SHA-256 | 08a18a40e33b971a6ef2b83008df97a498d3b419e05c54756c46be30f4228fa6
CubeCart 3.x Shell Upload
Posted Dec 17, 2010
Authored by StunTMaN

CubeCart version 3.x suffers from a shell upload vulnerability.

tags | exploit, shell
SHA-256 | d64ed04b4a12fabd4c0382a28464f89b382faf2a2d17800ae9a3a49b8dd9012c
MHP Downloadshop SQL Injection
Posted Dec 17, 2010
Authored by Easy Laster

MHP Downloadshop suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 75fa8fd6ae9fef0f7ef75d9790e2c22d2c6c62d9e5288e30692da41309dff2dc
PHP ID Page SQL Injection
Posted Dec 17, 2010
Authored by jos_ali_joe

PHP ID Page suffers from a remote SQL injection vulnerability.

tags | exploit, remote, php, sql injection
SHA-256 | 326e1bc0a437f5842d9d703c87f7d2da0bccd9b7e97f2bcd646b29499cf5b52a
PalizPortal Cross Site Scripting
Posted Dec 17, 2010
Authored by NetQurd

Paliz Portal suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | fce37699b0b8289e4697097ade67500a36942965344055e9005984a233a4b114
ESTsoft ALYac Anti-Virus 1.5 Privilege Escalation
Posted Dec 17, 2010
Authored by MJ0011

ESTsoft ALYac Anti-Virus 1.5 versions 5.0.1.2 and below local kernel mode privilege escalation exploit.

tags | exploit, kernel, local, virus
SHA-256 | 3f2ad9346053fe68522b374ee5555a7073ebc22d57e5e70dd6876d32348fda11
ViRobot Desktop 5.5 / Server 3.5 Privilege Escalation
Posted Dec 17, 2010
Authored by MJ0011

ViRobot Desktop version 5.5 and Server version 3.5 local kernel mode privilege escalation exploit.

tags | exploit, kernel, local
SHA-256 | 43b2f4d9655eba5b3ad8440b6a03d204684557b7a8a87dc810c8ac66864da14c
NProtect Anti-Virus 2007 Privilege Escalation
Posted Dec 17, 2010
Authored by MJ0011

NProtect Anti-Virus 2007 versions 2010.5.11.1 and below local kernel mode privilege escalation exploit.

tags | exploit, kernel, local, virus
SHA-256 | 7aa3139aa141fd361b9e82cc2ef15b355832b22280cf778db25220451462bc33
AhnLab V3 Internet Security 8.0 Privilege Escalation
Posted Dec 17, 2010
Authored by MJ0011

AhnLab V3 Internet Security versions 8.0.3.28 and below local kernel mode privilege escalation exploit.

tags | exploit, kernel, local
SHA-256 | f88b271f50becd28f0e4c69664d429db408ede575ed745aea9362f6b33b6e6f0
Rootkit Discovered On Debian Lenny Host Post Exim Compromise
Posted Dec 17, 2010
Site reddit.com

This tarball was discovered on a compromise Debian Lenny host after it was compromised via the recent remote root Exim vulnerability. It includes binaries such as the MIG logcleaner, backdoored versions of top, uptime, free, pgrep and more. Please note that a thorough analysis of these binaries has not been performed and they must be considered unsafe and untrustworthy. Only use the enclosed contents for research purposes. Further details regarding this rootkit can be obtained via the reddit site link.

tags | tool, remote, root, rootkit
systems | linux, unix, debian
SHA-256 | 6a324fcebd39bee3df601a2c0bae779d4238f227c025bef29ca33382ddbcd665
Apple Security Advisory 2010-12-16
Posted Dec 17, 2010
Authored by Apple | Site apple.com

Apple Security Advisory 2010-12-16-1 - Multiple vulnerabilities have been addressed in Time Capsule and the Airport Base Station.

tags | advisory, vulnerability
systems | apple
advisories | CVE-2008-4309, CVE-2009-2189, CVE-2010-0039, CVE-2009-1574, CVE-2010-1804
SHA-256 | 19e1b60ec22923c32fb00988fef5c6e725dba382d2956765668f49e98ef707a3
Mandriva Linux Security Advisory 2010-257
Posted Dec 17, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-257 - The setup_arg_pages function in fs/exec.c in the Linux kernel before 2.6.36, when CONFIG_STACK_GROWSDOWN is used, does not properly restrict the stack memory consumption of the environment for a 32-bit application on a 64-bit platform, which allows local users to cause a denial of service via a crafted exec system call, a related issue to CVE-2010-2240. drivers/media/video/v4l2-compat-ioctl32.c in the Video4Linux implementation in the Linux kernel before 2.6.36 on 64-bit platforms does not validate the destination of a memory copy operation, which allows local users to write to arbitrary kernel memory locations, and consequently gain privileges, via a VIDIOCSTUNER ioctl call on a /dev/video device, followed by a VIDIOCSMICROCODE ioctl call on this device. Various other issues have been addressed as well.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, mandriva
advisories | CVE-2010-3858, CVE-2010-2963, CVE-2010-3067, CVE-2010-3442, CVE-2010-3848, CVE-2010-3849, CVE-2010-3850
SHA-256 | 1e230666cbb1fc66c91156a8035fbdbdaca4fbe40c2a8ed95fd1ecd43722fa30
Page 1 of 1
Back1Next

File Archive:

December 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    2 Files
  • 2
    Dec 2nd
    0 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close