what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 68 RSS Feed

Files Date: 2011-02-07

Zero Day Initiative Advisory 11-061
Posted Feb 7, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-061 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the EMC Replication Manager Client. Authentication is not required to exploit this vulnerability. The Replication Manager client installs a service binds the irccd.exe process to TCP port 6542. This service accepts commands using an XML-based protocol. It exposes a vulnerability through it's RunProgram functionality. By abusing this function an attacker can execute arbitrary code under the context of currently logged in user.

tags | advisory, remote, arbitrary, tcp, protocol
advisories | CVE-2011-0647
SHA-256 | b0ba562a152c5c39509c0e06da0aecba913a3c8125b8aaab3312be041ca3e3b2
Zero Day Initiative Advisory 11-060
Posted Feb 7, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-060 - This vulnerability allows attackers to deny services on vulnerable installations of Novell eDirectory. Authentication is not required in order to trigger this vulnerability. The flaw exists within Novell's eDirectory Server's NCP implementation. Novell's eDirectory Server binds to port 524 for processing NCP requests. When the application processes a malformed FileSetLock request, the service will become unresponsive resulting in an inability to authenticate to that server.

tags | advisory
advisories | CVE-2010-4327
SHA-256 | f9b4dd357b9df9d544c79f8fab909f05fa55ef4a038f6ea6ed83c6cf6ed6ca94
Accellion File Transfer Appliance Multiple Vulnerabilities
Posted Feb 7, 2011
Authored by H D Moore, Rapid7 | Site rapid7.com

Rapid7 Security Advisory - The Accellion File Transfer Appliance, prior to version FTA_8_0_562, suffers from a number of security flaws that can lead to a remote root compromise. These include issues like command injection, administrative tty check bypass, static passwords for privileged accounts, and more.

tags | exploit, remote, root
SHA-256 | 0a8e02333db7c5c6cf71307a3206cf3d0cad0322edd4b58872ca8c87a34994eb
Check Point Endpoint Security Server Information Disclosure
Posted Feb 7, 2011
Authored by H D Moore, Rapid7 | Site rapid7.com

Rapid7 Security Advisory - The Check Point Endpoint Security Server and Integrity Server products inadvertently expose a number of private directories through the web interface. These directories include the SSL private keys, sensitive configuration files (often containing passwords), and application binaries.

tags | exploit, web
SHA-256 | 20ca3fdc39b73e2548b7489b74f418527c50c20cd49f5f2936862c36d8309547
CiviCRM 3.3.3 Drupal-Joomla Cross Site Scripting
Posted Feb 7, 2011
Authored by AutoSec Tools | Site autosectools.com

CiviCRM version 3.3 Drupal-Joomla suffers from a reflective cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | db2fd4b91e3517f616d105fed2848fc82a74dd9b030ccf4e3d462b15dc42dd9c
dotProject 2.1.5 Cross Site Request Forgery
Posted Feb 7, 2011
Authored by AutoSec Tools | Site autosectools.com

dotProject version 2.1.5 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | e1a9a22b95ba609436702a03021011ab9a8fc34f2349b4c8f901661b213d5d05
dotProject 2.1.5 Cross Site Scripting
Posted Feb 7, 2011
Authored by AutoSec Tools | Site autosectools.com

dotProject version 2.1.5 suffers from a reflective cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 98bf49b0dc14873dfc32b9d5dcea1e50a0d9986e6607580d0899f85e8e159b69
AIOCP (All In One Control Panel) 1.4.001 Cross Site Request Forgery
Posted Feb 7, 2011
Authored by AutoSec Tools | Site autosectools.com

AIOCP (All In One Control Panel) version 1.4.001 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | fcdfc6903b13ffd22a8db9581e48804daaa0402b0c206c1ae3148ebca25e7176
Zero Day Initiative Advisory 11-059
Posted Feb 7, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-059 - This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Computer Associates eTrust Secure Content Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists in the eTrust Common Services Transport (ECSQdmn.exe) running on port 1882. When making a request to this service a user supplied DWORD value is used in a memory copy operation. Due to the lack of bounds checking an integer can be improperly calculated leading to a heap overflow. If successfully exploited this vulnerability will result in a remote system compromise with SYSTEM credentials.

tags | advisory, remote, overflow, arbitrary
advisories | CVE-2011-0758
SHA-256 | 2e24b54f4c8ae6b0328b444658adc3ec8e3bc995597606b712966b95374b567a
Zero Day Initiative Advisory 11-058
Posted Feb 7, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-058 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the SCO OpenServer IMAP daemon. Authentication is not required to exploit this vulnerability. The specific flaw exists within the imapd process responsible for handling remote IMAP requests. The process does not properly validate IMAP commands and arguments. Supplying an overly long command followed by an invalid argument can cause an exploitable overflow to occur. This vulnerability can be leveraged to execute arbitrary code.

tags | advisory, remote, overflow, arbitrary, imap
SHA-256 | 26e2bee5820b5b73597b730ef799df9eaa6187c8fb7135154033593117ab2880
Zero Day Initiative Advisory 11-057
Posted Feb 7, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-057 - This vulnerability allows an attacker to execute remote code on vulnerable installations of Hewlett-Packard Data Protector. User interaction is not required to exploit this vulnerability. The specific flaw exists within the Cell Manager Service which listens by default on a random TCP port. The crs.exe process fails to properly validate supplied username, domain, and hostname credentials. A remote attacker can leverage this flaw to execute code on all Data Protector clients.

tags | advisory, remote, tcp
SHA-256 | 0d88b784826b94936a7d4ae935bd76ce0dbe626c3313fbe12b2bcc403b4604dc
ACM CCS 2011 - Call For Workshop Proposals / Papers
Posted Feb 7, 2011
Site easychair.org

This is the ACM CCS 2011 Call For Workshop Proposals and Call For Papers. Proposals are solicited for workshops to be held in conjunction with ACM CCS 2011. Each workshop provides a forum to address a specific topic at the forefront of security research. The annual ACM Computer and Communications Security Conference is a leading international forum for information security researchers, practitioners, developers, and users to explore cutting-edge ideas and results, and to exchange techniques, tools, and experiences. This event will be held at the Swissotel in Chicago, IL, USA from October 17th through the 21st, 2011.

tags | paper, conference
SHA-256 | a3f291c494d423583d5749e2166cd1660eced0ab2193299d4fa7c3db837413b1
aidSQL SQL Injection Detection And Exploitation Tool 02062011
Posted Feb 7, 2011
Authored by Federico Stange | Site code.google.com

aidSQL SQL injection detection and exploitation tool is a modular PHP scanner that allows you to develop your own plugins for use.

Changes: Various updates.
tags | tool, scanner, php, sql injection
systems | linux, unix
SHA-256 | e769c0ef9eb214b98a3f554a62fb6fd1b4b9c8ac94a53d3fcc19df62f382bad0
Magento EE 1.9.1.1 Poisoning
Posted Feb 7, 2011
Authored by Jan Frisby

Magento Enterprise Edition versions 1.9.1.1 and below are vulnerable to poisoning of their page cache under some configurations due to inappropriate trust of HTTP Host header values.

tags | advisory, web
SHA-256 | 072a4238f4c72a544abc579cda6ed12b6b8491d1864bd0cbba463b2fa2d60083
Hanso Player 1.4.0.0 Buffer Overflow
Posted Feb 7, 2011
Authored by badc0re

Hanso Player version 1.4.0.0 buffer overflow exploit that causes a denial of service condition.

tags | exploit, denial of service, overflow
SHA-256 | c0d164add7b795fdd7ab46f48423831e9079327be5df6072b20dae74b7147ada
Zero Day Initiative Advisory 11-056
Posted Feb 7, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-056 - This vulnerability allows an attacker to execute remote code on vulnerable installations of the Hewlett-Packard Data Protector client. User interaction is not required to exploit this vulnerability. The specific flaw exists within the implementation of the EXEC_SETUP command. This command instructs a Data Protector client to download and execute a setup file. A malicious attacker can instruct the client to access a file off of a share thus executing arbitrary code under the context of the current user.

tags | advisory, remote, arbitrary
SHA-256 | 492fd0bf1744cd32de5958731638c38c61879d2a09de0c1f30417c29d37bd124
Stunnel SSL Wrapper 4.35
Posted Feb 7, 2011
Authored by Michal Trojnara | Site stunnel.org

Stunnel is a program that allows you to encrypt arbitrary TCP connections inside SSL (Secure Sockets Layer) available on both Unix and Windows. Stunnel can allow you to secure non-SSL aware daemons and protocols (like POP, IMAP, NNTP, LDAP, etc) by having Stunnel provide the encryption, requiring no changes to the daemon's code.

Changes: OpenSSL DLLs were updated to version 1.0.0c. Transparent source (non-local bind) support was added for FreeBSD 8.x. Transparent destination ("transparent = destination") support was added for Linux. A number of bugfixes were also implemented.
tags | arbitrary, encryption, tcp, imap, protocol
systems | windows, unix
SHA-256 | a810e220498239483e14fae24eeb2a188a6167e9118958b903f8793768c4460f
ProFTPD mod_sftp Integer Overflow
Posted Feb 7, 2011
Authored by Kingcope

ProFTPD mod_sftp integer overflow denial of service proof of concept exploit.

tags | exploit, denial of service, overflow, proof of concept
SHA-256 | 8be96176ffeabb738a525695e7d76457f45c838d9df2d027c6217df3d5d527c2
Ubuntu Security Notice USN-1059-1
Posted Feb 7, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1059-1 - It was discovered that the ACL plugin in Dovecot would incorrectly propagate ACLs to new mailboxes. A remote authenticated user could possibly read new mailboxes that were created with the wrong ACL. It was discovered that the ACL plugin in Dovecot would incorrectly merge ACLs in certain circumstances. A remote authenticated user could possibly bypass intended access restrictions and gain access to mailboxes. It was discovered that the ACL plugin in Dovecot would incorrectly grant the admin permission to owners of certain mailboxes. A remote authenticated user could possibly bypass intended access restrictions and gain access to mailboxes. It was discovered that Dovecot incorrectly handled the simultaneous disconnect of a large number of sessions. A remote authenticated user could use this flaw to cause Dovecot to crash, resulting in a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2010-3304, CVE-2010-3706, CVE-2010-3707, CVE-2010-3779, CVE-2010-3780
SHA-256 | a9cd8538ef52a541d5a2d100ec3dd1ab0318a97ae7b3ffe3845a728cd6313b0f
Zero Day Initiative Advisory 11-055
Posted Feb 7, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-055 - This vulnerability allows an attacker to execute remote code on vulnerable installations of the Hewlett-Packard Data Protector client. User interaction is not required to exploit this vulnerability. The specific flaw exists within the filtering of arguments to the EXEC_CMD command. The Data Protector client allows remote connections to execute files within it's local bin directory. By supplying maliciously crafted input to the EXEC_CMD a remote attacker can interact with a Perl interpreter and execute arbitrary code under the context of the current user.

tags | advisory, remote, arbitrary, local, perl
SHA-256 | 885f54a9069da9e9cb634791db785c52c386d15c8de917dbaf539b1ddf1c0b01
Zero Day Initiative Advisory 11-054
Posted Feb 7, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-054 - This vulnerability allows an attacker to execute remote code on vulnerable installations of the Hewlett-Packard Data Protector client. User interaction is not required to exploit this vulnerability. The specific flaw exists within the filtering of the EXEC_CMD command. The Data Protector client only verifies file names, not their contents. By supplying malicious code within specific script files, arbitrary code execution is possible under the context of the current user.

tags | advisory, remote, arbitrary, code execution
SHA-256 | 480f1d331ab670e19033ac0f39a497a00e59a6a309970fc260db100d15e54efd
Zero Day Initiative Advisory 11-053
Posted Feb 7, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-053 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Lotus Domino. Authentication is not required to exploit this vulnerability. The flaw exists within the ndiiop.exe component which listens by default on a dynamic TCP port. When handling a GIOP getEnvironmentString request the process blindly copies user supplied argument into an stack buffer while checking the local variable cache. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the SYSTEM user.

tags | advisory, remote, arbitrary, local, tcp
SHA-256 | a194da46984ca0fcbd668918ed76961c13b95e538a5c91539a14459d8b50334f
Zero Day Initiative Advisory 11-052
Posted Feb 7, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-052 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Lotus Domino. Authentication is not required to exploit this vulnerability. The flaw exists within the ndiiop.exe component which listens by default on a dynamic TCP port. When handling a GIOP client Request packet type the process can be made to mis-allocate a buffer size due to a signed-ness bug. Later, the process blindly copies user supplied data into this under allocated heap buffer. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the SYSTEM user.

tags | advisory, remote, arbitrary, tcp
SHA-256 | 85e8aee2d6b59feeb796738da1b02f6638705c4cc5ca28b189cf09d07d34bddc
Zero Day Initiative Advisory 11-051
Posted Feb 7, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-051 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Lotus Notes. User interaction is required to exploit this vulnerability. The specific flaw exists within the handling of malformed strings within cai:// URIs. The '--launcher.library' switch can be injected and directed to load a DLL from a network share. This will result in code execution under the context of the current user.

tags | advisory, remote, arbitrary, code execution
SHA-256 | e7e8ead2b21c3cf9c4159a5e9fcd218619c6d857b5f5b3c7e6c587c23e86b731
IDS Overview Whitepaper
Posted Feb 7, 2011
Authored by badc0re

Whitepaper giving an overview of Intrusion Detection Systems. Written in Macedonian.

tags | paper
SHA-256 | fa2242ced879a20f96a7b0aa990b453837a3b072b87b501699884f22b20cf5b0
Page 1 of 3
Back123Next

File Archive:

February 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    11 Files
  • 2
    Feb 2nd
    9 Files
  • 3
    Feb 3rd
    5 Files
  • 4
    Feb 4th
    0 Files
  • 5
    Feb 5th
    0 Files
  • 6
    Feb 6th
    9 Files
  • 7
    Feb 7th
    0 Files
  • 8
    Feb 8th
    0 Files
  • 9
    Feb 9th
    0 Files
  • 10
    Feb 10th
    0 Files
  • 11
    Feb 11th
    0 Files
  • 12
    Feb 12th
    0 Files
  • 13
    Feb 13th
    0 Files
  • 14
    Feb 14th
    0 Files
  • 15
    Feb 15th
    0 Files
  • 16
    Feb 16th
    0 Files
  • 17
    Feb 17th
    0 Files
  • 18
    Feb 18th
    0 Files
  • 19
    Feb 19th
    0 Files
  • 20
    Feb 20th
    0 Files
  • 21
    Feb 21st
    0 Files
  • 22
    Feb 22nd
    0 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close