seeing is believing
Showing 1 - 25 of 55 RSS Feed

Files Date: 2010-12-25

Zero Day Initiative Advisory 10-294
Posted Dec 25, 2010
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 10-294 - This vulnerability allows remote attackers to execute arbitrary code on systems with vulnerable installations of multiple products from multiple vendors that utilize the Uni RPC protocol. Authentication is not required to exploit this vulnerability. The specific flaw exists in the Uni RPC service (unirpcd.exe) which listens by default on TCP port 31438. The unirpc32.dll module implements an RPC protocol and is used by the Uni RPC service. While parsing a size value from an RPC packet header, an integer can overflow and consequently bypass a signed comparison. This controlled value is then used as the number of bytes to receive into a static heap buffer. By providing a specially crafted request, this heap buffer can overflow leading to arbitrary code execution under the context of the SYSTEM user.

tags | advisory, remote, overflow, arbitrary, tcp, code execution, protocol
MD5 | b83efd6fba2e350413a98a981b30fbf8
Windows XP SP3 EN Null-Free Connect Back Shellcode
Posted Dec 25, 2010
Authored by AutoSec Tools

228 bytes small Microsoft Windows XP SP3 EN null-free connect-back shellcode.

tags | shellcode
systems | windows, xp
MD5 | 2e088e5ff54e3ed964db40cd7b87d363
Babil CMS Insecure Cookie Handling
Posted Dec 25, 2010
Authored by KnocKout

Babil CMS suffers from an insecure cookie handling vulnerability.

tags | exploit, insecure cookie handling
MD5 | 8337be0024e5087417012bf8caf7cded
Mandriva Linux Security Advisory 2010-251-1
Posted Dec 25, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-251 - Security researchers Yosuke Hasegawa and Masatoshi Kimura reported that the x-mac-arabic, x-mac-farsi and x-mac-hebrew character encodings are vulnerable to XSS attacks due to some characters being converted to angle brackets when displayed by the rendering engine. Google security researcher Michal Zalewski reported that when a window was opened to a site resulting in a network or certificate error page, the opening site could access the document inside the opened window and inject arbitrary content. Various other security issues were identified and fixed in Firefox.

tags | advisory, arbitrary
systems | linux, mandriva
advisories | CVE-2010-3770, CVE-2010-3774, CVE-2010-3773, CVE-2010-3767, CVE-2010-3766, CVE-2010-3775, CVE-2010-3768, CVE-2010-3772, CVE-2010-3771, CVE-2010-3769, CVE-2010-3776, CVE-2010-3777
MD5 | 14d84af2b1b3847210a158d943647894
Zero Day Initiative Advisory 10-293
Posted Dec 25, 2010
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 10-293 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP StorageWorks Storage Mirroring. Authentication is not required to exploit this vulnerability. The flaw exists within the DoubleTake.exe component which listens by default on TCP port 6320. When handling an incoming packet the process blindly trusts a user supplied length for a copy of arbitrary data into a fixed-length buffer on the heap. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the SYSTEM user.

tags | advisory, remote, arbitrary, tcp
MD5 | 567ab361c53232714a043f6609b9d572
Mandriva Linux Security Advisory 2010-259
Posted Dec 25, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-259 - A null pointer dereference due to receiving a short packet for a direct connection in the MSN code could potentially cause a denial of service.

tags | advisory, denial of service
systems | linux, mandriva
MD5 | 3cbe2893f7a22f3a433569c7999b11c8
Embedthis Appweb Web Server 3.2.2-1 Cross Site Scripting
Posted Dec 25, 2010
Authored by LiquidWorm | Site zeroscience.mk

Embedthis Appweb Web Server version 3.2.2-1 suffers from a cross site scripting vulnerability.

tags | exploit, web, xss
MD5 | cf7c0d3c70690044a125a9f78a85c8d6
Django Admin List Filter Data Extraction
Posted Dec 25, 2010
Authored by Adam Baldwin

Django suffers from an admin list filter data extraction vulnerability.

tags | exploit
MD5 | a8d45299cae5fd08050d869cabafe25a
Social Engine 4.x Shell Upload
Posted Dec 25, 2010
Authored by MyDoom

Social Engine version 4.x suffers from a shell upload vulnerability.

tags | exploit, shell
MD5 | 73529217ef8a9c67ea8f41a9836194eb
LoveCMS 1.6.2 Local File Inclusion
Posted Dec 25, 2010
Authored by cOndemned

LoveCMS version 1.6.2 suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
MD5 | cad49517245b17578d3f1fe114e263cc
Secunia Security Advisory 42659
Posted Dec 25, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in PCSC-Lite, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.

tags | advisory, denial of service
MD5 | 1a2d1987b90669a11ac302456939ed2f
Secunia Security Advisory 42658
Posted Dec 25, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in OpenSC, which can be exploited by malicious people to compromise an application using the library.

tags | advisory, vulnerability
MD5 | 17e2879e2b19242858022aea5e7ec445
Secunia Security Advisory 42647
Posted Dec 25, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in BEdita, which can be exploited by malicious people to conduct cross-site request forgery attacks.

tags | advisory, csrf
MD5 | dd50af2dd93b14958b478d472cfd27a7
Secunia Security Advisory 42662
Posted Dec 25, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Mark Stanislav has discovered a vulnerability in Pointter PHP Content Management System, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory, php
MD5 | 1ed440f04f913451556c19958896ceed
Secunia Security Advisory 42671
Posted Dec 25, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Slackware has issued an update for bind. This fixes a weakness and multiple vulnerabilities, which can be exploited by malicious people to manipulate certain data, bypass certain security restrictions or cause a DoS (Denial of Service).

tags | advisory, denial of service, vulnerability
systems | linux, slackware
MD5 | 8bfb8ea3c95f4c6819841bb54f795088
Secunia Security Advisory 42661
Posted Dec 25, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A weakness has been reported in BlackBerry Desktop Software, which can be exploited by malicious people to conduct brute-force attacks.

tags | advisory
MD5 | 48b0da630e0b9bb16608c8c9e66573e2
Secunia Security Advisory 42657
Posted Dec 25, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A weakness has been reported in BlackBerry Desktop Software, which can be exploited by malicious people to conduct brute force attacks.

tags | advisory
MD5 | af0bfbf941654c758eec979f83cd5049
Secunia Security Advisory 42681
Posted Dec 25, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for java-1_4_2-ibm and IBMJava2-JRE. This fixes multiple vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, manipulate certain data, bypass certain security restrictions, and compromise a vulnerable system.

tags | advisory, java, vulnerability
systems | linux, suse
MD5 | 7882511f5c9588d9f67e3dfbaef52674
Secunia Security Advisory 42651
Posted Dec 25, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in the Views module for Drupal, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss
MD5 | 247e5513a5857d3f3fb2b89761263b7c
Secunia Security Advisory 42583
Posted Dec 25, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue has been reported in HP StorageWorks Modular Smart Array P2000, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory
MD5 | 8cec285bc6c3645915f2304ae36ea73a
Secunia Security Advisory 42603
Posted Dec 25, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A weakness has been reported in HP Insight Management Agents, which can be exploited by malicious people to disclose potentially system information.

tags | advisory
MD5 | d15d0a3ea04a2a5239b8007bd3c77a1f
Secunia Security Advisory 42642
Posted Dec 25, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for java-1.6.0-ibm. This fixes multiple vulnerabilities, which can be exploited by malicious users to cause a DoS (Denial of Service) and by malicious people to disclose potentially sensitive information, manipulate certain data, bypass certain security restrictions, and compromise a vulnerable system.

tags | advisory, java, denial of service, vulnerability
systems | linux, redhat
MD5 | 09b87c4cedc01d831ed27d12c903b31d
Secunia Security Advisory 42745
Posted Dec 25, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fedora has issued an update for the kernel. This fixes some weaknesses and vulnerabilities, which can be exploited by malicious, local users to disclose system information, cause a DoS (Denial of Service), and gain escalated privileges, and by malicious people to cause a DoS.

tags | advisory, denial of service, kernel, local, vulnerability
systems | linux, fedora
MD5 | 8454081123e996379733b3270f744910
Secunia Security Advisory 42744
Posted Dec 25, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fedora has issued an update for ImageMagick. This fixes a weakness, which can be exploited by malicious, local users to gain escalated privileges.

tags | advisory, local
systems | linux, fedora
MD5 | 38e6c48d8e0b85e125247155f0af3308
Secunia Security Advisory 42715
Posted Dec 25, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two security issues have been reported in Django, which can be exploited by malicious users to disclose potentially sensitive information and by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
MD5 | 2368c4bbae734efee71513fc2641d386
Page 1 of 3
Back123Next

File Archive:

July 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    2 Files
  • 2
    Jul 2nd
    3 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    4 Files
  • 5
    Jul 5th
    15 Files
  • 6
    Jul 6th
    15 Files
  • 7
    Jul 7th
    10 Files
  • 8
    Jul 8th
    2 Files
  • 9
    Jul 9th
    10 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    15 Files
  • 12
    Jul 12th
    19 Files
  • 13
    Jul 13th
    16 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    3 Files
  • 16
    Jul 16th
    2 Files
  • 17
    Jul 17th
    8 Files
  • 18
    Jul 18th
    11 Files
  • 19
    Jul 19th
    15 Files
  • 20
    Jul 20th
    15 Files
  • 21
    Jul 21st
    15 Files
  • 22
    Jul 22nd
    7 Files
  • 23
    Jul 23rd
    2 Files
  • 24
    Jul 24th
    19 Files
  • 25
    Jul 25th
    28 Files
  • 26
    Jul 26th
    2 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close