what you don't know can hurt you
Showing 1 - 25 of 55 RSS Feed

Files Date: 2010-12-25

Zero Day Initiative Advisory 10-294
Posted Dec 25, 2010
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 10-294 - This vulnerability allows remote attackers to execute arbitrary code on systems with vulnerable installations of multiple products from multiple vendors that utilize the Uni RPC protocol. Authentication is not required to exploit this vulnerability. The specific flaw exists in the Uni RPC service (unirpcd.exe) which listens by default on TCP port 31438. The unirpc32.dll module implements an RPC protocol and is used by the Uni RPC service. While parsing a size value from an RPC packet header, an integer can overflow and consequently bypass a signed comparison. This controlled value is then used as the number of bytes to receive into a static heap buffer. By providing a specially crafted request, this heap buffer can overflow leading to arbitrary code execution under the context of the SYSTEM user.

tags | advisory, remote, overflow, arbitrary, tcp, code execution, protocol
SHA-256 | 0208958c1064611e6f5ae2711eeae42691474fea4bbf89a18187ab50583f03d9
Windows XP SP3 EN Null-Free Connect Back Shellcode
Posted Dec 25, 2010
Authored by AutoSec Tools

228 bytes small Microsoft Windows XP SP3 EN null-free connect-back shellcode.

tags | shellcode
systems | windows
SHA-256 | f479655dd1a787f16319c2aa2c1b0ea89bee260f63461bb68610d3657e69e28b
Babil CMS Insecure Cookie Handling
Posted Dec 25, 2010
Authored by KnocKout

Babil CMS suffers from an insecure cookie handling vulnerability.

tags | exploit, insecure cookie handling
SHA-256 | 9007baac590ba95a829db7eed5cff3b1ba08f53617f9a67c7785737b5af6d32c
Mandriva Linux Security Advisory 2010-251-1
Posted Dec 25, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-251 - Security researchers Yosuke Hasegawa and Masatoshi Kimura reported that the x-mac-arabic, x-mac-farsi and x-mac-hebrew character encodings are vulnerable to XSS attacks due to some characters being converted to angle brackets when displayed by the rendering engine. Google security researcher Michal Zalewski reported that when a window was opened to a site resulting in a network or certificate error page, the opening site could access the document inside the opened window and inject arbitrary content. Various other security issues were identified and fixed in Firefox.

tags | advisory, arbitrary
systems | linux, mandriva
advisories | CVE-2010-3770, CVE-2010-3774, CVE-2010-3773, CVE-2010-3767, CVE-2010-3766, CVE-2010-3775, CVE-2010-3768, CVE-2010-3772, CVE-2010-3771, CVE-2010-3769, CVE-2010-3776, CVE-2010-3777
SHA-256 | 05972126f4f852ff5694fe497d3eae332b473cd1e4ac318afd6d7c055df3c73b
Zero Day Initiative Advisory 10-293
Posted Dec 25, 2010
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 10-293 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP StorageWorks Storage Mirroring. Authentication is not required to exploit this vulnerability. The flaw exists within the DoubleTake.exe component which listens by default on TCP port 6320. When handling an incoming packet the process blindly trusts a user supplied length for a copy of arbitrary data into a fixed-length buffer on the heap. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the SYSTEM user.

tags | advisory, remote, arbitrary, tcp
SHA-256 | 7e0ed22957a6eb5652eb36fdd82ab9d9c7e25b6087da4ce3ea0486aceb35678e
Mandriva Linux Security Advisory 2010-259
Posted Dec 25, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-259 - A null pointer dereference due to receiving a short packet for a direct connection in the MSN code could potentially cause a denial of service.

tags | advisory, denial of service
systems | linux, mandriva
SHA-256 | 09bc6f1483deb8a84257c1e9af6d1dba1cdfed7d771b2bc3506329808b33480a
Embedthis Appweb Web Server 3.2.2-1 Cross Site Scripting
Posted Dec 25, 2010
Authored by LiquidWorm | Site zeroscience.mk

Embedthis Appweb Web Server version 3.2.2-1 suffers from a cross site scripting vulnerability.

tags | exploit, web, xss
SHA-256 | 3bf0eb7266128b20d987e0ca5fdc2ac3b08bde1c94aa4b5000b8e3bb3f0ca62a
Django Admin List Filter Data Extraction
Posted Dec 25, 2010
Authored by Adam Baldwin

Django suffers from an admin list filter data extraction vulnerability.

tags | exploit
SHA-256 | 0df42c652e8f3a5dd96c219a186deee3bc86b62a4050d27531933efc4d5db86e
Social Engine 4.x Shell Upload
Posted Dec 25, 2010
Authored by MyDoom

Social Engine version 4.x suffers from a shell upload vulnerability.

tags | exploit, shell
SHA-256 | 2b51eb97564b90f34b241b7f3f718a48ae6e818122ad2237c0e4eacb7282e44a
LoveCMS 1.6.2 Local File Inclusion
Posted Dec 25, 2010
Authored by cOndemned

LoveCMS version 1.6.2 suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
SHA-256 | 00559a355fe23c2a74f454674ea65b1317e7a370d18f6da6945d680761bbe381
Secunia Security Advisory 42659
Posted Dec 25, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in PCSC-Lite, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.

tags | advisory, denial of service
SHA-256 | cdc9b4d71e531ce61cb556abba407e75d9fc4966d5a54da3bc97e51e0f56d7e1
Secunia Security Advisory 42658
Posted Dec 25, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in OpenSC, which can be exploited by malicious people to compromise an application using the library.

tags | advisory, vulnerability
SHA-256 | bb1f7a781118479d3a5ad037e7c57988f5db37b02879c108439befee88d5f786
Secunia Security Advisory 42647
Posted Dec 25, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in BEdita, which can be exploited by malicious people to conduct cross-site request forgery attacks.

tags | advisory, csrf
SHA-256 | c6231e49a4a33577179445151d92e79449a75f3ca12deef1fbf9302d76676fbc
Secunia Security Advisory 42662
Posted Dec 25, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Mark Stanislav has discovered a vulnerability in Pointter PHP Content Management System, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory, php
SHA-256 | 07dbf84954a167e49bbf9d01e42ed4463e5d53b22c9fa167ddc230e39e5397df
Secunia Security Advisory 42671
Posted Dec 25, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Slackware has issued an update for bind. This fixes a weakness and multiple vulnerabilities, which can be exploited by malicious people to manipulate certain data, bypass certain security restrictions or cause a DoS (Denial of Service).

tags | advisory, denial of service, vulnerability
systems | linux, slackware
SHA-256 | 29b3b54e7ff2a76c43621f708c2d69ea3f16573d2b148e6399d632f59704a6b8
Secunia Security Advisory 42661
Posted Dec 25, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A weakness has been reported in BlackBerry Desktop Software, which can be exploited by malicious people to conduct brute-force attacks.

tags | advisory
SHA-256 | 55e3a2d767c40f10bccbc43e369c1d7be4ea4c252a40f04eed4b3423b9c4df5f
Secunia Security Advisory 42657
Posted Dec 25, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A weakness has been reported in BlackBerry Desktop Software, which can be exploited by malicious people to conduct brute force attacks.

tags | advisory
SHA-256 | 9d4765023a556f6a233592d4de4fdcb0c34af52c5e701398d85643d077df3ff1
Secunia Security Advisory 42681
Posted Dec 25, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for java-1_4_2-ibm and IBMJava2-JRE. This fixes multiple vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, manipulate certain data, bypass certain security restrictions, and compromise a vulnerable system.

tags | advisory, java, vulnerability
systems | linux, suse
SHA-256 | c3142d1904c62ee9acaae54bf44372c2c48ed89c155d79e822392c577a6022f6
Secunia Security Advisory 42651
Posted Dec 25, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in the Views module for Drupal, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss
SHA-256 | 36fcc19ab95f94edc816126dc127ba3aaacb80492ebb0064a90c4067569ee64f
Secunia Security Advisory 42583
Posted Dec 25, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue has been reported in HP StorageWorks Modular Smart Array P2000, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory
SHA-256 | 8f9692c551eebbda1eaaa8ccf8b2d662b5b87a582a3b8032807ebf017b303390
Secunia Security Advisory 42603
Posted Dec 25, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A weakness has been reported in HP Insight Management Agents, which can be exploited by malicious people to disclose potentially system information.

tags | advisory
SHA-256 | fc4c014633bc02dcc36ea4ce038cde7f44f2e60c5816b331f504bcaf2c87e0de
Secunia Security Advisory 42642
Posted Dec 25, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for java-1.6.0-ibm. This fixes multiple vulnerabilities, which can be exploited by malicious users to cause a DoS (Denial of Service) and by malicious people to disclose potentially sensitive information, manipulate certain data, bypass certain security restrictions, and compromise a vulnerable system.

tags | advisory, java, denial of service, vulnerability
systems | linux, redhat
SHA-256 | f0633cbc839f663231cb2c351016ee72d3e69d58f7de81beddcffe46f26377f6
Secunia Security Advisory 42745
Posted Dec 25, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fedora has issued an update for the kernel. This fixes some weaknesses and vulnerabilities, which can be exploited by malicious, local users to disclose system information, cause a DoS (Denial of Service), and gain escalated privileges, and by malicious people to cause a DoS.

tags | advisory, denial of service, kernel, local, vulnerability
systems | linux, fedora
SHA-256 | 9545595fad3df621da4c8f4798487ebb056d002bdd30f82925a4289de8c20df4
Secunia Security Advisory 42744
Posted Dec 25, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fedora has issued an update for ImageMagick. This fixes a weakness, which can be exploited by malicious, local users to gain escalated privileges.

tags | advisory, local
systems | linux, fedora
SHA-256 | a117c7ecd0c94467bb3e91389502de133772b0f63b3caa1b6050bfa5e4ea3bd7
Secunia Security Advisory 42715
Posted Dec 25, 2010
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two security issues have been reported in Django, which can be exploited by malicious users to disclose potentially sensitive information and by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
SHA-256 | 0d4579f7a78a9e39e831bb594b9f88c7b830e4a6bcd68c7a9670237fb0319679
Page 1 of 3
Back123Next

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    26 Files
  • 18
    May 18th
    4 Files
  • 19
    May 19th
    17 Files
  • 20
    May 20th
    2 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    6 Files
  • 24
    May 24th
    19 Files
  • 25
    May 25th
    5 Files
  • 26
    May 26th
    12 Files
  • 27
    May 27th
    12 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close