exploit the possibilities
Showing 1 - 25 of 48 RSS Feed

Files Date: 2011-01-21

Oracle Database Vault Administrator Session ID Disclosure
Posted Jan 21, 2011
Authored by Esteban Martinez Fayo | Site appsecinc.com

Team SHATTER Security Advisory - Oracle Database Server versions 10gR2, 11gR1 and 11gR2 suffer from a session id extraction vulnerability.

tags | advisory, info disclosure
advisories | CVE-2010-4420
SHA-256 | eef562c85e54780f81de814c641965c168f2e9b2b4076a28c77c679bc80f39a5
Oracle Database Vault Administrator XSRF
Posted Jan 21, 2011
Authored by Esteban Martinez Fayo | Site appsecinc.com

Team SHATTER Security Advisory - The Oracle Database Vault Administrator web console lacks any sort of cross site request forgery protection.

tags | advisory, web, csrf
advisories | CVE-2010-4421
SHA-256 | 013e587bb10c3bf7704f61efe60bbec7cc861cbd1561e4b1b1c66e862db60f5a
OracleRemExecService Command Execution
Posted Jan 21, 2011
Authored by Martin Rakhmanov | Site appsecinc.com

Team SHATTER Security Advisory - It is possible to execute arbitrary operating system commands as localsystem when certain maintenance tasks are executed. For instance, when Database Configuration Assistant is invoked or Oracle Universal Installer is used to modify features. These tools use a Windows service to execute various commands: the service itself relies on a named pipe to receive the commands. The pipe handling is not secure enough resulting in the vulnerability.

tags | advisory, arbitrary
systems | windows
advisories | CVE-2010-4423
SHA-256 | 917ec70d2616d1daa738ea18642a5db3ecb8441d150203729a61d9b856e59d94
SplashID 5.5 / SplashID Lite 4.6 For iPhone Password Caching Issue
Posted Jan 21, 2011
Authored by Philip Chase

SplashID version 5.5 for iPhone and SplashID Lite version 4.6 for iPhone suffer from a password caching issue that allows for the unlock of a database.

tags | exploit
systems | apple, iphone
SHA-256 | ec6b57aa6e683a71fbf1167e12b5e12051596351add155441985e7dc5ecb4e06
Gentoo Linux Security Advisory 201101-09
Posted Jan 21, 2011
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201101-9 - Multiple vulnerabilities in Adobe Flash Player might allow remote attackers to execute arbitrary code or cause a Denial of Service. Versions less than 10.1.102.64 are affected.

tags | advisory, remote, denial of service, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2008-4546, CVE-2009-3793, CVE-2010-0186, CVE-2010-0187, CVE-2010-0209, CVE-2010-1297, CVE-2010-2160, CVE-2010-2161, CVE-2010-2162, CVE-2010-2163, CVE-2010-2164, CVE-2010-2165, CVE-2010-2166, CVE-2010-2167, CVE-2010-2169, CVE-2010-2170, CVE-2010-2171, CVE-2010-2172, CVE-2010-2173, CVE-2010-2174, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2179, CVE-2010-2180, CVE-2010-2181, CVE-2010-2182
SHA-256 | c6cdc7639bd5039788276ccd46124edec6556cdbe06393e2fee124c513405ba0
Gentoo Linux Security Advisory 201101-08
Posted Jan 21, 2011
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201101-8 - Multiple vulnerabilities in Adobe Reader might result in the execution of arbitrary code. Versions less than 9.4.1 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2010-2883, CVE-2010-2884, CVE-2010-2887, CVE-2010-2889, CVE-2010-2890, CVE-2010-3619, CVE-2010-3620, CVE-2010-3621, CVE-2010-3622, CVE-2010-3625, CVE-2010-3626, CVE-2010-3627, CVE-2010-3628, CVE-2010-3629, CVE-2010-3630, CVE-2010-3632, CVE-2010-3654, CVE-2010-3656, CVE-2010-3657, CVE-2010-3658, CVE-2010-4091
SHA-256 | 7edaf454bc5bfef5fc2ef98234ed5a05063803841e2155e4923cebad9ad09ace
Mandriva Linux Security Advisory 2011-018
Posted Jan 21, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-018 - A patch for parse.c in sudo does not properly interpret a system group in the sudoers file during authorization decisions for a user who belongs to that group, which allows local users to leverage an applicable sudoers file and gain root privileges via a sudo command. NOTE: this vulnerability exists because of a CVE-2009-0034 regression. check.c in sudo 1.7.x before 1.7.4p5, when a Runas group is configured, does not require a password for command execution that involves a gid change but no uid change, which allows local users to bypass an intended authentication requirement via the -g option to a sudo command.

tags | advisory, local, root
systems | linux, mandriva
advisories | CVE-2011-0008, CVE-2011-0010
SHA-256 | d8fd379e68953f4a687be7bb6ecff5da28e252ae6870a740003011ee2ac4751e
Mandriva Linux Security Advisory 2011-017
Posted Jan 21, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-017 - It was discovered that tetex suffered from the same vulnerability as previously addressed in Evince with MDVSA-2011:005. As a precaution tetex has been patched to address this flaw.

tags | advisory
systems | linux, mandriva
advisories | CVE-2010-2642
SHA-256 | e9ce1cb956381283faee9dea18cfb7473ce35d4ecff0d10df3d957c01cf1366f
Mandriva Linux Security Advisory 2011-016
Posted Jan 21, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-016 - It was discovered that t1lib suffered from the same vulnerability as previously addressed in Evince with MDVSA-2011:005.As a precaution t1lib has been patched to address this flaw.

tags | advisory
systems | linux, mandriva
advisories | CVE-2010-2642
SHA-256 | 4b2bea635449b5c844cab0983e16844ae7c387e11040b308523a9d29955b3fba
HP Security Bulletin HPSBMA02622 SSRT100342
Posted Jan 21, 2011
Authored by HP | Site hp.com

HP Security Bulletin HPSBMA02622 SSRT100342 - A potential security vulnerability has been identified with HP Business Availability Center (BAC) and Business Service Management (BSM) . The vulnerability could be remotely exploited to allow Cross Site Scripting (XSS). Revision 1 of this advisory.

tags | advisory, xss
advisories | CVE-2011-0274
SHA-256 | 1be4a4ac638301e6515aeb5fed48c9dbdd6cfb6824e44551141dd08e12cb15de
HP Security Bulletin HPSBUX02623 SSRT100355
Posted Jan 21, 2011
Authored by HP | Site hp.com

HP Security Bulletin HPSBUX02623 SSRT100355 - Potential security vulnerabilities have been identified on HP-UX running Kerberos. These vulnerabilities could be exploited remotely by an unauthorized user to modify data, prompts, or responses. Revision 1 of this advisory.

tags | advisory, vulnerability
systems | hpux
advisories | CVE-2010-1324
SHA-256 | ca37343919cb6c61d84b03811584ab2585bc29f680b21c684e58134373eec5f4
Look N Stop 2.06p4 / 2.07 Denial Of Service
Posted Jan 21, 2011
Authored by Stefan Le Berre

Look N Stop versions 2.06p4 and 2.07 local denial of service exploit.

tags | exploit, denial of service, local
SHA-256 | 38366e3de589fd2ef7d0ec4b3ceb59baa2eb4193fea0063403232b046f8805fc
Panda Global Protection 2010 Local Denial Of Service With Unfiltered wcscpy()
Posted Jan 21, 2011
Authored by Stefan Le Berre

Panda Global Protection 2010 version 3.01.00 local denial of service exploit with unfiltered wcscpy().

tags | exploit, denial of service, local
SHA-256 | b8f8034fca9b425d000da23154d615714b60bd552ae1581119719913e9f55e64
Panda Global Protection 2010 Local Denial Of Service
Posted Jan 21, 2011
Authored by Stefan Le Berre

Panda Global Protection 2010 version 3.01.00 local denial of service exploit.

tags | exploit, denial of service, local
SHA-256 | 002177a31b3e4110ef699bede0043feb3ba0b836255f7f83f4d651e70937a580
PHP Lowbids Blind SQL Injection
Posted Jan 21, 2011
Authored by BorN To K!LL

PHP Lowbids suffers from a remote blind SQL injection vulnerability.

tags | exploit, remote, php, sql injection
SHA-256 | 35f6cef618b747815b2c64e0d6175a6d68f3651bd8c0419eb7e6a3245555d373
Malmon Detection Tool 0.1b
Posted Jan 21, 2011
Authored by ShadowX | Site sourceforge.net

Malmon is a real-time exploit/backdoor detection tool for Linux that audits the integrity of files in a given directory.

tags | tool, integrity
systems | linux, unix
SHA-256 | d5dd56f761d0cdd8088afc2459b6355673102f394d9f5f7aa0f74876cbcf1afa
RFC6056 - Recommendations For Transport-Protocol Port Randomization
Posted Jan 21, 2011
Authored by Fernando Gont, Michael Vittrup Larsen

RFC6056 has been released and is titled Recommendations for Transport-Protocol Port Randomization.

tags | paper, protocol
SHA-256 | 2d899269f777944a49b7bcd5373a53284b4b6425a5e957bee90959e976ad26bb
BlackBerry Denial Of Service
Posted Jan 21, 2011
Site tehtri-security.com

RIM has released a patch to address the denial of service vulnerability discovered by TEHTRI-Security in BlackBerry devices.

tags | advisory, denial of service
advisories | CVE-2010-2599
SHA-256 | 663fa36925d22e162d930f155d3fb9489283e35bc81b821489b43a4d6ab2ef96
R-U-Dead-Yet Denial Of Service Tool 2.2
Posted Jan 21, 2011
Authored by Raviv Raz | Site code.google.com

R-U-Dead-Yet is a universal DoS attack tool written in Python. It will attack all and any web applications / servers. Runs either in unattended mode using configuration file or in an interactive auto-discover-web-forms mode.

Changes: RUDY handles ports other than 80 now.
tags | web, denial of service, python
systems | unix
SHA-256 | e9dbd25e93a96deead6d457fea311264726fcd2e8c1c46a1ac23a3359fa8f491
Secunia Security Advisory 42954
Posted Jan 21, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Citrix Provisioning Services, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
SHA-256 | b4314624ed63197d2a9b8ff088640fb9851a8b3972cf7b62229b2758b070191c
Secunia Security Advisory 42992
Posted Jan 21, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Oracle Outside In Technology, which can be exploited by malicious, local users to cause a DoS (Denial of Service).

tags | advisory, denial of service, local
SHA-256 | cb61dd6f00e9509cc53cc7fd9264ffe0f3465b26c6cc9e4ce7a6912b7266ef4e
Secunia Security Advisory 42960
Posted Jan 21, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for dbus. This fixes a vulnerability, which can be exploited by malicious, local users to cause a DoS (Denial of Service).

tags | advisory, denial of service, local
systems | linux, debian
SHA-256 | 0247e53ce1b77e8b303cf36129e1e856e3141718ab85f81600a0dde4c83a5406
Secunia Security Advisory 42971
Posted Jan 21, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Iconfidant SSL, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
SHA-256 | 6018cfe81daa57bf7b2990373d6da633e3935f46d431f3c72ca50dbbad47d714
Secunia Security Advisory 43007
Posted Jan 21, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Phpcms 2008, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, sql injection
SHA-256 | f8142114efbe3bb01751edf99df2f45f900f93b174195040b9a0f3b26c65d0b6
Secunia Security Advisory 42966
Posted Jan 21, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for libuser. This fixes a security issue, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory
systems | linux, redhat
SHA-256 | 2b55ce60206d34aafa80dde1db6b5ba0fb732d5864e890e502cee2f57c7d226e
Page 1 of 2
Back12Next

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    0 Files
  • 18
    May 18th
    0 Files
  • 19
    May 19th
    0 Files
  • 20
    May 20th
    0 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close