what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 22 of 22 RSS Feed

Files Date: 2011-01-28

Microsoft Internet Explorer MHTML Cross Site Scripting
Posted Jan 28, 2011
Authored by 80vul | Site 80vul.com

Microsoft Internet Explorer suffers from a MHTML protocol handler cross site scripting vulnerability.

tags | exploit, protocol, xss
SHA-256 | 160d145b3bfc93edecbe246e18822b9903984206681fb0c6ec6c3e7f1a4ed245
PHP Link Directory Software SQL Injection
Posted Jan 28, 2011
Authored by BorN To K!LL

PHP Link Directory Software suffers from a remote SQL injection vulnerability.

tags | exploit, remote, php, sql injection
SHA-256 | 57b7901f6905dd85b444014c9af38b43c2b8774bc222176019e14d43efaea0f7
Symantec Antivirus Intel Alert Handler Service Denial of Service
Posted Jan 28, 2011
Authored by TELUS Security Labs | Site telussecuritylabs.com

A denial of service vulnerability exists in Symantec Antivirus Intel Alert Handler service. Remote unauthenticated attackers can exploit this vulnerability by sending a malicious packet to the target service.

tags | advisory, remote, denial of service
advisories | CVE-2010-0111
SHA-256 | 9e9991cc21baae425527d30468a81b8551b7dcfe14ef58362a4b2b29ec346383
PHP Classified Ads Software Blind SQL Injection
Posted Jan 28, 2011
Authored by BorN To K!LL

PHP Classified Ads Software suffers from a remote blind SQL injection vulnerability.

tags | exploit, remote, php, sql injection
SHA-256 | af79a70a9e814146165ea6ab750f919456c34db97175e1ac02b674ec40f4142b
A-PDF All To MP3 Converter 2.0.0 Buffer Overflow
Posted Jan 28, 2011
Authored by m0nna

A-PDF All to MP3 Converter version 2.0.0 .wav file buffer overflow exploit.

tags | exploit, overflow
SHA-256 | 69bbd2b289d69a71a0f7fd474738827220511ff1813b77c46e5c66cbdfc7c403
Adobe ColdFusion Cross Site Scripting / Disclosure
Posted Jan 28, 2011
Authored by MustLive

Adobe ColdFusion suffers from cross site scripting and disclosure vulnerabilities.

tags | exploit, vulnerability, xss, sql injection, info disclosure
SHA-256 | 7c7ad4468042f3270eec5cd9989f3673a89812a25841b893851bef7513bdfbda
Virtuosa Phoenix Edition 5.2 Buffer Overflow
Posted Jan 28, 2011
Authored by Acidgen

Virtuosa Phoenix Edition version 5.2 ASX SEH overwrite buffer overflow exploit.

tags | exploit, overflow
SHA-256 | 749fce3f25d6fa7d553bcff6da5c4a63ea30974cb6529e17b7768d7e22dac7df
FreeBSD Local Denial Of Service
Posted Jan 28, 2011
Authored by Kingcope

FreeBSD local denial of service exploit that causes a forced reboot.

tags | exploit, denial of service, local
systems | freebsd
SHA-256 | 74e9ff916c830d783aa31aad9f51279b50bb6492d981404c7bf0b44fa6c5ff54
Linux execve(/bin/sh) Shellcode
Posted Jan 28, 2011
Authored by Zer0 Thunder

28 bytes small execve(/bin/sh) Linux/x86 shellcode.

tags | x86, shellcode
systems | linux
SHA-256 | f110cec41bd0509221fb58aebe8b1f0931c65ac9acecece227d1817f7628559e
PHP Script Directory Software SQL Injection
Posted Jan 28, 2011
Authored by BorN To K!LL

PHP Script Directory Software suffers from a remote SQL injection vulnerability.

tags | exploit, remote, php, sql injection
SHA-256 | 5f253844aa6aaf6311db2795e28e8fb5ca53f9a19c227fa6c0a8a6f488101fe3
WM Downloader 3.1.2.2 2010.04.15 Buffer Overflow / DEP Bypass
Posted Jan 28, 2011
Authored by sickness

WM Downloader version 3.1.2.2 2010.04.15 .m3u file buffer overflow exploit with DEP bypass.

tags | exploit, overflow
SHA-256 | 7cadac710a443dbd30fcec1a6323a195ed9936803f39c055d005ea763e3bbd23
Packet Fence 2.0.1
Posted Jan 28, 2011
Site packetfence.org

PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.

Changes: New hardware support (Xirrus and Exitricom) and improvements to SSID information gathering. Important bugfixes were also made: fixes for issues with VLAN re-evaluation, better IP resolution with IP-Helpers, pfdhcplistener is less prone to crashing, and installation and configuration scripts are more robust.
tags | tool, remote
systems | unix
SHA-256 | e06110e2b20079e0d9fb1b832cdcf370b6219a06289390dfd813e33087d1d1f6
Zero Day Initiative Advisory 11-033
Posted Jan 28, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-033 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Realnetworks Realplayer SP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the vidplin.dll module. A buffer is allocated according to the user supplied length value. User supplied data is then copied into the allocated buffer, without verifying length, allowing the data to be written past the bounds of the previously allocated buffer. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the user running RealPlayer.

tags | advisory, remote, arbitrary
advisories | CVE-2010-4393
SHA-256 | 4f7950d9ccf3d68425f9191e5a7209d82c5c781ecff8aa6a2fee13835b4b1f2b
Debian Security Advisory 2152-1
Posted Jan 28, 2011
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2152-1 - Sebastian Krahmer discovered a buffer overflow in the SNMP discovery code of the HP Linux Printing and Imaging System, which could result in the execution of arbitrary code.

tags | advisory, overflow, arbitrary
systems | linux, debian
advisories | CVE-2010-4267
SHA-256 | 0df6f5b11ac25a100ac343d9019576add718e67970fb289d33591ed5333270e8
Zero Day Initiative Advisory 11-032
Posted Jan 28, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-032 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of multiple Symantec products. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Intel Alert Originator (iao.exe) service. While processing messages sent from the msgsys.exe process a size check can be bypassed and a subsequent stack-based buffer overflow can be triggered. This can be leveraged by remote attackers to execute arbitrary code under the context of the Alert service.

tags | advisory, remote, overflow, arbitrary
advisories | CVE-2010-0111
SHA-256 | c66e997ca909ee69d691b418c9af54257ad3ef41ac951045ce3fe41ece7cfba0
Zero Day Initiative Advisory 11-031
Posted Jan 28, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-031 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Symantec Alert Management System. Authentication is not required to exploit this vulnerability. The specific flaw exists within the pagehndl.dll module while processing data sent from the msgsys.exe process which listens by default on TCP port 38292. The DLL allocates a fixed length stack buffer and subsequently copies a user-supplied pin number string using sprintf without validating the size. By supplying a large enough value this buffer can be overflowed leading to arbitrary code execution under the context of the vulnerable daemon.

tags | advisory, remote, overflow, arbitrary, tcp, code execution
advisories | CVE-2010-0111
SHA-256 | 9103f2f8bde5dc8bae7d14c1434a934a1d5d3d0af76a5626963e2a56a0d79579
Zero Day Initiative Advisory 11-030
Posted Jan 28, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-030 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Symantec Alert Management System. Authentication is not required to exploit this vulnerability. The specific flaw exists within the pagehndl.dll module while processing data sent from the msgsys.exe process which listens by default on TCP port 38292. The DLL allocates a fixed length stack buffer and subsequently copies a user-supplied modem string without validating the size. By supplying a large enough value this buffer can be overflowed leading to arbitrary code execution under the context of the vulnerable daemon.

tags | advisory, remote, overflow, arbitrary, tcp, code execution
advisories | CVE-2010-0111
SHA-256 | 5582eb66895609940331c18a336a7faf107bac4bf5c35e9a3be4db447ed8e117
Ubuntu Security Notice USN-1052-1
Posted Jan 28, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1052-1 - It was discovered that the JNLP SecurityManager in IcedTea for Java OpenJDK in some instances failed to properly apply the intended security policy in its checkPermission method. This could allow an attacker execute code with privileges that should have been prevented.

tags | advisory, java
systems | linux, ubuntu
advisories | CVE-2010-4351
SHA-256 | 7b17cc6f05973bd79811492179b2b66c2f3275af2843ddc9ebae4ac3103af427
Zero Day Initiative Advisory 11-029
Posted Jan 28, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-029 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Symantec Alert Management System. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HDNLRSVC.EXE service while processing data sent from the msgsys.exe process which listens by default on TCP port 38292. This process passes user-supplied data directly to a CreateProcessA call. By supplying a UNC path to a controlled binary a remote attacker can execute arbitrary code under the context of the vulnerable daemon.

tags | advisory, remote, arbitrary, tcp
advisories | CVE-2010-0111
SHA-256 | 7374c4395937828b4c9608b5274a8438294d68ae60ae99dea9195de9b79871b6
Zero Day Initiative Advisory 11-028
Posted Jan 28, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-028 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Symantec Alert Management System. Authentication is not required to exploit this vulnerability. The specific flaw exists within the AMSLIB.dll module while processing data sent from the msgsys.exe process which listens by default on TCP port 38292. The DLL allocates a fixed length stack buffer and subsequently copies a user-supplied string using memcpy without validating the size. By supplying a large enough value this buffer can be overflowed leading to arbitrary code execution under the context of the vulnerable daemon.

tags | advisory, remote, overflow, arbitrary, tcp, code execution
advisories | CVE-2010-0110
SHA-256 | 089534d8e241bfd9582905aa5c96f9b5ef41c1541a8cdde40fa0a1612acdc0da
Novell GroupWise VCALENDAR TZID Variable Remote Buffer Overflow
Posted Jan 28, 2011
Authored by Sebastien Renaud | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Novell GroupWise. The vulnerability is caused by a buffer overflow error in the "gwwww1.dll" module when processing the "TZID" variable within VCALENDAR data, which could be exploited by remote unauthenticated attackers to execute arbitrary code with SYSTEM privileges. Novell GroupWise versions 8.02 HP 1 (Hot Patch 1) and prior are affected.

tags | advisory, remote, overflow, arbitrary
advisories | CVE-2010-4325
SHA-256 | 557a0d52962a3aa35a46283e0d6a0cfda538de61310dc2fbd2a456f7e11679c3
HP Security Bulletin HPSBMA02626 SSRT100301
Posted Jan 28, 2011
Authored by HP | Site hp.com

HP Security Bulletin HPSBMA02626 SSRT100301 - A potential security vulnerability has been identified with HP OpenView Storage Data Protector. The vulnerability could be remotely exploited to create a Denial of Service (DoS). Revision 1 of this advisory.

tags | advisory, denial of service
advisories | CVE-2011-0275
SHA-256 | 6a5d144de2e59fa328472770123f025419e67db0b1c7bb92a5d2f72a8366cd20
Page 1 of 1
Back1Next

File Archive:

June 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    0 Files
  • 2
    Jun 2nd
    0 Files
  • 3
    Jun 3rd
    18 Files
  • 4
    Jun 4th
    21 Files
  • 5
    Jun 5th
    0 Files
  • 6
    Jun 6th
    57 Files
  • 7
    Jun 7th
    6 Files
  • 8
    Jun 8th
    0 Files
  • 9
    Jun 9th
    0 Files
  • 10
    Jun 10th
    12 Files
  • 11
    Jun 11th
    27 Files
  • 12
    Jun 12th
    38 Files
  • 13
    Jun 13th
    16 Files
  • 14
    Jun 14th
    14 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    16 Files
  • 18
    Jun 18th
    26 Files
  • 19
    Jun 19th
    15 Files
  • 20
    Jun 20th
    18 Files
  • 21
    Jun 21st
    8 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close