exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 46 RSS Feed

Files Date: 2011-02-01

Ubuntu Security Notice USN-1055-1
Posted Feb 1, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1055-1 - It was discovered that IcedTea for Java did not properly verify signatures when handling multiply signed or partially signed JAR files, allowing an attacker to cause code to execute that appeared to come from a verified source. USN 1052-1 fixed a vulnerability in OpenJDK for Ubuntu 9.10 and Ubuntu 10.04 LTS on all architectures, and Ubuntu 10.10 for all architectures except for the armel (ARM) architecture. This update provides the corresponding update for Ubuntu 10.10 on the armel (ARM) architecture. It was discovered that the JNLP SecurityManager in IcedTea for Java OpenJDK in some instances failed to properly apply the intended security policy in its checkPermission method. This could allow an attacker to execute code with privileges that should have been prevented.

tags | advisory, java
systems | linux, ubuntu
advisories | CVE-2010-4351, CVE-2011-0025
SHA-256 | f46a6d7f1d829af30a54a7be6942ff2a3e75df718ac0e1ab950de5dc8d69e93a
Zikula CMS 1.2.4 Cross Site Request Forgery
Posted Feb 1, 2011
Authored by Aung Khant | Site yehg.net

Zikula CMS versions 1.2.4 and below suffer from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | 343d0ff30828bef02e6cbf013aeb0f6ba089f8feb8fda4768293c6bd2b131b49
ACollab 1.2 SQL Injection
Posted Feb 1, 2011
Authored by AutoSec Tools | Site autosectools.com

ACollab version 1.2 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 3d687f9f86607e448a2e75242a3821f4fe95c0bd1d065ae0259617f7fef6fedc
AIOCP 1.4.001 SQL Injection
Posted Feb 1, 2011
Authored by AutoSec Tools | Site autosectools.com

AIOCP (All In One Control Panel) version 1.4.001 remote SQL injection exploit.

tags | exploit, remote, sql injection
SHA-256 | 2cfeca1d1569e62cc86cd3db7d5dd59073de3ab84769e38004535af3eb0d0ac5
Limny 3.0.0 Local File Inclusion
Posted Feb 1, 2011
Authored by AutoSec Tools | Site autosectools.com

Limny version 3.0.0 suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
SHA-256 | 251f17e8d3e48b1a6c41063571b219767fea3a46145c9d8533a0b48b068b89c9
Moodle 2.0.1 Cross Site Scripting
Posted Feb 1, 2011
Authored by AutoSec Tools | Site autosectools.com

Moodle version 2.0.1 suffers from a reflective cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 49f1714c6348408d41a1535ffe7fa2161e269eee2c4409446a0f28e41c92b8fc
Pligg CMS 1.1.3 Cross Site Scripting
Posted Feb 1, 2011
Authored by AutoSec Tools | Site autosectools.com

Pligg CMS version 1.1.3 suffers from a reflective cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | b44291bd0cfdb8a5a9185f7d0042004a3c4b6468e80ed3ce169a8c659fe277b1
Simple Web Content Management System 1.21 SQL Injection
Posted Feb 1, 2011
Authored by AutoSec Tools | Site autosectools.com

Simple Web Content Management System version 1.21 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, web, sql injection, bypass
SHA-256 | 474a15f8f4573fa80faab7e7d8d83fceb041a74ea295813a6540932eef13a297
TCExam 11.1.016 Cross Site Scripting
Posted Feb 1, 2011
Authored by AutoSec Tools | Site autosectools.com

TCExam version 11.1.016 suffers from a reflective cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 99849b9682a19770b539b4f70e7b2305f0db1e8f2725f0c1e3476d5f34e87431
WordPress TagNinja 1.0 Cross Site Scripting
Posted Feb 1, 2011
Authored by AutoSec Tools | Site autosectools.com

WordPress TagNinja version 1.0 suffers from a reflective cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | c52c63868322158e01db9d8a10f07b19f3617098d0475448e91a2e530aa40c54
Ubuntu Security Notice USN-1053-1
Posted Feb 1, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1053-1 - It was discovered that Subversion incorrectly handled certain 'partial access' privileges in rare scenarios. Remote authenticated users could use this flaw to obtain sensitive information (revision properties). This issue only applied to Ubuntu 6.06 LTS. It was discovered that the Subversion mod_dav_svn module for Apache did not properly handle a named repository as a rule scope. Remote authenticated users could use this flaw to bypass intended restrictions. This issue only applied to Ubuntu 9.10, 10.04 LTS, and 10.10. It was discovered that the Subversion mod_dav_svn module for Apache incorrectly handled the walk function. Remote authenticated users could use this flaw to cause the service to crash, leading to a denial of service. It was discovered that Subversion incorrectly handled certain memory operations. Remote authenticated users could use this flaw to consume large quantities of memory and cause the service to crash, leading to a denial of service. This issue only applied to Ubuntu 9.10, 10.04 LTS, and 10.10.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2007-2448, CVE-2010-3315, CVE-2010-4539, CVE-2010-4644
SHA-256 | 6c52299afbbe853fb03016c309b0b78876b2b7cd3070260823d92c3bc89893fc
HP Security Bulletin HPSBMA02627 SSRT090246
Posted Feb 1, 2011
Authored by HP | Site hp.com

HP Security Bulletin HPSBMA02627 SSRT090246 - A potential vulnerability has been identified with HP OpenView Performance Insight Server. The vulnerability could be exploited remotely to execute arbitrary code. Revision 1 of this advisory.

tags | advisory, arbitrary
SHA-256 | 4d16d697cc16890be0040ca158a04f49f3546e89ea4a98a216041536aa9a90d4
Aruba Networks Security Advisory - 013111 / 011511
Posted Feb 1, 2011
Site arubanetworks.com

Aruba Networks Security Advisory - Two advisories are combined here. A malformed 802.11 probe request frame causes a denial of service condition on an access point. A Dot1X wireless user authentication bypass vulnerability exists when EAP-TLS Dot1X local termination is enabled on WLAN.

tags | advisory, denial of service, local, bypass
SHA-256 | 51bf6a57334f23117c930cf5e179bdca866b73a24186690461c22eb842394f3d
QuickRecon 0.1.1
Posted Feb 1, 2011
Authored by Filip Szymanski

QuickRecon is a python script for simple information gathering. It attempts to find subdomain names, perform zone transfers and gathers emails from Google and Bing.

tags | tool, scanner, python
systems | unix
SHA-256 | 2feac3fdc6a1bf696c441b1994bd43190b9ba6ec49879406f940b6bee127e42d
Joomla! 1.5 / 1.6 JFilterinput Cross Site Scripting Bypass
Posted Feb 1, 2011
Authored by Jeff Channell

Joomla! 1.5 and 1.6 rely on the JFilterInput class to sanitize user-supplied html. This class attempts to parse any given string for html code, checks the code against a whitelist of elements and attributes, and strips out any code that is not allowed. However, malformed html code can be used to bypass the filter and inject XSS code into user-supplied input.

tags | exploit, xss
SHA-256 | d1c7d9bd65808d2318a87184f308f50b77012630bad28f43fca5b7c9862ab2bd
TinyWebGallery 1.8.3 Cross Site Scripting / Directory Traversal
Posted Feb 1, 2011
Authored by Yam Mesicka

TinyWebGallery version 1.8.3 suffers from cross site scripting and directory traversal vulnerabilities.

tags | exploit, vulnerability, xss, file inclusion
SHA-256 | 0e3b1e854f03d89ed5adb65c1a035d1280e5e10c92cf1805f10efe238dd1b52d
NetLink Shell Upload
Posted Feb 1, 2011
Authored by lumut

NetLink suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
SHA-256 | 25974d0d849dddb676dd87c4414c7d9e338de4098222e397ecb9afdf31ba4cb1
POST-it Denial Of Service Tool 1.1.0
Posted Feb 1, 2011
Authored by Zodiac, Hex

POST-it is a both proof of concept and fully functioning code, showing how the timeout-weaknesses in HTTP POST protocol can be leveraged to cause Apache servers to fail. Written in Python.

tags | web, denial of service, protocol, proof of concept, python
SHA-256 | 8d9389ff869470234e1584104d6888b43edeaaaf3d0a9e51e43cdd61fc4a3cbd
PMB Services 3.4.3 SQL Injection
Posted Feb 1, 2011
Authored by Luchador

PMB Services versions 3.4.3 and below suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 9ea8d46b4f16215aa7128c86c2942a6dc2c9c4dbb2b5bf4920af12ad32a681b0
CodeBlocks 8.02 Buffer Overflow
Posted Feb 1, 2011
Authored by sup3r

CodeBlocks version 8.02 buffer overflow exploit that creates a malicious .cbp file.

tags | exploit, overflow
SHA-256 | 739ce0e230f72ba41ac2e7dae6c8bba4d781c615f90e609c4ca79fef95873e28
Secunia Security Advisory 43156
Posted Feb 1, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in Redaxscript, which can be exploited by malicious users to conduct SQL injection attacks.

tags | advisory, vulnerability, sql injection
SHA-256 | 3598566a6b111667b502d3749180c480e07fad2fe74a14b01d7db3646a6f0474
Secunia Security Advisory 43136
Posted Feb 1, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in AOL, which can be exploited by malicious people to compromise a user's system.

tags | advisory
SHA-256 | 034957b25db52ee960006055cb92d1f633ac12894e023971f1a91be478e84d45
Secunia Security Advisory 42390
Posted Feb 1, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Russ McRee has discovered some vulnerabilities in LightNEasy Mini, which can be exploited by malicious people to conduct cross-site scripting and script insertion attacks.

tags | advisory, vulnerability, xss
SHA-256 | ab9fca95fbcea40f0c6756981a0543e98c317472716ab56c3779611a1185990f
Secunia Security Advisory 43144
Posted Feb 1, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in PostgreSQL, which can be exploited by malicious users to compromise a vulnerable system.

tags | advisory
SHA-256 | 76925feef1e88429f1463429d5844b00a2418f50e965b53933369ba24cfde0ce
Secunia Security Advisory 43150
Posted Feb 1, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Andrea Fabrizi has discovered a vulnerability in VirtueMart, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, sql injection
SHA-256 | b9b3ef8e7d5db807d400fac907b7bb3103a1ed630fcd8d9843e8fabe449016d9
Page 1 of 2
Back12Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close