exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 28 RSS Feed

Files Date: 2011-02-18

Forgotten World - Corporate Business Application Systems
Posted Feb 18, 2011
Authored by Val Smith, Sh2kerr

Whitepaper called Forgotten World - Corporate Business Application Systems. This paper will describe some basic and advanced threats and attacks on Enterprise Business Applications – the core of many companies. Both the paper and Blackhat DC presentation are included in this archive.

tags | paper
systems | linux
SHA-256 | 2e70cc9c883bdf948194b3801a4b9fe5f07f8e73912c291bd5c5b643e993e4a6
Mandriva Linux Security Advisory 2011-029
Posted Feb 18, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-029 - Multiple vulnerabilities have been discovered and fixed in the Linux 2.6 kernel. The X.25 implementation does not properly parse facilities, which allows remote attackers to cause a denial of service (heap memory corruption and panic) or possibly have unspecified other impact via malformed data, a different vulnerability than CVE-2010-4164. The bcm_connect function Broadcast Manager in the Controller Area Network implementation in the Linux creates a publicly accessible file with a filename containing a kernel memory address, which allows local users to obtain potentially sensitive information about kernel memory use by listing this filename. The install_special_mapping function in mm/mmap.c does not make an expected security_file_mmap function call, which allows local users to bypass intended mmap_min_addr restrictions and possibly conduct NULL pointer dereference attacks via a crafted assembly-language application. Various other issues have also been addressed.

tags | advisory, remote, denial of service, kernel, local, vulnerability
systems | linux, mandriva
advisories | CVE-2010-3873, CVE-2010-4565, CVE-2010-4346, CVE-2010-4158, CVE-2010-3874, CVE-2010-4163, CVE-2010-4164, CVE-2009-4307, CVE-2010-4162, CVE-2010-3015, CVE-2010-4258, CVE-2010-3875, CVE-2010-3067, CVE-2010-4248, CVE-2010-3437, CVE-2010-3877, CVE-2009-2406, CVE-2010-3859, CVE-2010-4073, CVE-2010-4072, CVE-2010-3705, CVE-2010-4165, CVE-2010-3310, CVE-2010-3698
SHA-256 | 65f216d797172b0ef5fb798cc0c6bfad2e1a9bea20f92874be16068901dbc644
WSN Guest 1.24 SQL Injection
Posted Feb 18, 2011
Authored by Aliaksandr Hartsuyeu | Site evuln.com

WSN Guest version 1.24 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 3721d9ddd4728ff543339e28099e00ef8a376eab430aa7b4befa266cec6786e8
phpBugTracker 1.0.5 Cross Site Scripting
Posted Feb 18, 2011
Authored by LiquidWorm | Site zeroscience.mk

phpBugTracker version 1.0.5 suffers from multiple reflective cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | e653f2dcaa267e5788cce847b1b903fcb155cef35150ac6fd4a767c3f855861d
Zero Day Initiative Advisory 11-089
Posted Feb 18, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-089 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell Zenworks Configuration Manager. Authentication is not required to exploit this vulnerability. The flaw exists within the novell-tftp.exe component which listens by default on UDP port 69. When handling a request the process blindly copies user supplied data into a fixed-length buffer on the heap. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the ZenWorks user.

tags | advisory, remote, arbitrary, udp
advisories | CVE-2010-4323
SHA-256 | 55ece0d6e6a2aa1abfba68f1a2fe3d382ac7ce1560c3ee6a79c681db1997c8a0
Joomla MyGarage SQL Injection
Posted Feb 18, 2011
Authored by Fl0riX

The Joomla MyGarage component suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | db13e49205e7dccbbefedb310b7e299a7d184b60e8ed1c887ff83e5308e29f88
MNS Portal SQL Injection
Posted Feb 18, 2011
Authored by d3c0der

MNS Portal suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | f0a374a20ec02e9682e0666cf254965a7c80e7f015149b6d628cf35c0db0af69
Ubuntu Security Notice USN-1067-1
Posted Feb 18, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1067-1 - It was discovered that Gabble did not verify the from field of google jingleinfo updates. This could allow a remote attacker to perform man in the middle attacks (MITM) on streamed media.

tags | advisory, remote
systems | linux, ubuntu
SHA-256 | 5768e5cb1d617582d62051f4634eb09b6343083e1a7a2a28e896aa3257fef5cf
Ubuntu Security Notice USN-1066-1
Posted Feb 18, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1066-1 - It was discovered that Django did not properly validate HTTP requests that contain an X-Requested-With header. An attacker could exploit this vulnerability to perform cross-site request forgery (CSRF) attacks. It was discovered that Django did not properly sanitize its input when performing file uploads, resulting in cross-site scripting (XSS) vulnerabilities. With cross-site scripting vulnerabilities, if a user were tricked into viewing server output during a crafted server request, a remote attacker could exploit this to modify the contents, or steal confidential data, within the same domain.

tags | advisory, remote, web, vulnerability, xss, file upload, csrf
systems | linux, ubuntu
advisories | CVE-2011-0696, CVE-2011-0697
SHA-256 | 36104c4235322ded05ccaa17185d640b3a46aa379d05468d669681ba9cf4de86
FlatNux 2011-01.26 Denial Of Service / Path Disclosure
Posted Feb 18, 2011
Authored by High-Tech Bridge SA | Site htbridge.com

FlatNux version 2011-01.26 suffers from denial of service and path disclosure vulnerabilities.

tags | exploit, denial of service, vulnerability, info disclosure
SHA-256 | e14e89f9938e55f193a332beec701ac58f0394811148895add76514cf18d7f71
Coppermine 1.5.12 Path Disclosure
Posted Feb 18, 2011
Authored by High-Tech Bridge SA | Site htbridge.com

Coppermine version 1.5.12 suffers from a path disclosure vulnerability.

tags | exploit, info disclosure
SHA-256 | 83db463dc2d27d98f18acf8674a0e5391a1376a10dd4144c295a581442bbe405
Secunia Security Advisory 43363
Posted Feb 18, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for the kernel. This fixes some weaknesses and a vulnerability, which can be exploited by malicious, local users to disclose certain system information and gain escalated privileges.

tags | advisory, kernel, local
systems | linux, redhat
SHA-256 | 7c464e361f1d86b50f054aceb88df4925787a6f3232736638d4d96b344c385ef
Secunia Security Advisory 43337
Posted Feb 18, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in Oracle Database, which can be exploited by malicious people to compromise a user's system.

tags | advisory
SHA-256 | 01e08754bbdeed339ead01cd46ba36abbd36655574520e2dd14d538d808a42db
Secunia Security Advisory 43388
Posted Feb 18, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fedora has issued an update for openoffice.org. This fixes a security issue and some vulnerabilities, which can be exploited by malicious, local users to gain escalated privileges and by malicious people to compromise a user's system.

tags | advisory, local, vulnerability
systems | linux, fedora
SHA-256 | 4a6a37b6e34692f03a76edaa41d6c156d51c36ff095b2de6ff4920e761b01bab
Secunia Security Advisory 43323
Posted Feb 18, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for ffmpeg-debian. This fixes multiple vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise an application using the library.

tags | advisory, denial of service, vulnerability
systems | linux, debian
SHA-256 | b0aecefa969ae412325296ec4987ec13ab45d8e2dcf9490b123d3a5d8dabb053
Secunia Security Advisory 43393
Posted Feb 18, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Cisco Security Agent, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
systems | cisco
SHA-256 | 33e2680673f1b2cc0c36a80f0c46917e1f961a05431580fb155e95ffbc1498f7
Secunia Security Advisory 43366
Posted Feb 18, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for sendmail. This fixes a vulnerability, which can be exploited by malicious people to conduct spoofing attacks.

tags | advisory, spoof
systems | linux, redhat
SHA-256 | 7fb753199cf85ae534b13626962a0f90d4eb9f6bf7ad9b82d204fa9f9b5ed699
Secunia Security Advisory 43365
Posted Feb 18, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for bash. This fixes a security issue, which can be exploited by malicious, local users to perform certain actions with escalated privileges.

tags | advisory, local, bash
systems | linux, redhat
SHA-256 | 3b11091449426d106a859dd40b2c11b92b586bf5f63d1ca11ec469c285cddb7b
Secunia Security Advisory 43264
Posted Feb 18, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in Adobe ColdFusion, which can be exploited by malicious people to disclose certain information, conduct cross-site scripting, HTTP header injection, and session fixation attacks.

tags | advisory, web, vulnerability, xss
SHA-256 | 2ffb345772e0fcd4abe3bbce379138ab0d2e0e7a921f329f9c1d3043dd5de1f9
Secunia Security Advisory 43256
Posted Feb 18, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been discovered in Enable Media Replace plugin for WordPress, which can be exploited by malicious users to conduct SQL injection attacks and compromise a vulnerable system.

tags | advisory, vulnerability, sql injection
SHA-256 | 18ec777a5a1417bee6af6c41cfd1e81e88e802bee45abc3f4828a558856ce991
Secunia Security Advisory 43345
Posted Feb 18, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for shadow. This fixes a vulnerability, which can be exploited by malicious, local users to manipulate certain data.

tags | advisory, local
systems | linux, debian
SHA-256 | 342d11db40aff000cb94e79f1f13a554341156d3c2838e38a35d7fd3514f56e6
Secunia Security Advisory 43367
Posted Feb 18, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for ccs. This fixes a security issue, which can be exploited by malicious, local users to perform certain actions with escalated privileges.

tags | advisory, local
systems | linux, redhat
SHA-256 | a594c72523387b436f6641655f1febb5e4e50d92ebcf257bb981d20e184109c7
Secunia Security Advisory 43400
Posted Feb 18, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - HP has acknowledged a vulnerability in HP NonStop Server, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
SHA-256 | 28aee556213257a195b9c8f8477d2a7043a102d61e9e8498700c0c8e5a1bcd6a
Secunia Security Advisory 43369
Posted Feb 18, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Telepathy Gabble, which can be exploited by malicious people to conduct hijacking attacks.

tags | advisory
SHA-256 | 713b53d14b152df096419b109d409086b7700bf07c7d89ce2503858921ba124c
Secunia Security Advisory 43316
Posted Feb 18, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for telepathy-gabble. This fixes a vulnerability, which can be exploited by malicious people to conduct hijacking attacks.

tags | advisory
systems | linux, ubuntu
SHA-256 | 0407705b038105c2a7e62ffb5f356c5c0b56cd4a8f27a6afee4cf701b5cbf2a8
Page 1 of 2
Back12Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close