Exploit the possiblities
Showing 1 - 22 of 22 RSS Feed

Files Date: 2011-02-25

Ubuntu Security Notice USN-1071-1
Posted Feb 25, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1071-1 - Tavis Ormandy discovered that the Linux kernel did not properly implement exception fixup. A local attacker could exploit this to crash the kernel, leading to a denial of service. Dan Rosenberg discovered that the Linux kernel TIPC implementation contained multiple integer signedness errors. A local attacker could exploit this to gain root privileges. Dan Rosenberg discovered that the Linux kernel X.25 implementation incorrectly parsed facilities. A remote attacker could exploit this to crash the kernel, leading to a denial of service. Vasiliy Kulikov discovered that the Linux kernel X.25 implementation did not correctly clear kernel memory. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. Vasiliy Kulikov discovered that the Linux kernel sockets implementation did not properly initialize certain structures. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. Nelson Elhage discovered that the Linux kernel IPv4 implementation did not properly audit certain bytecodes in netlink messages. A local attacker could exploit this to cause the kernel to hang, leading to a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service, kernel, local, root
systems | linux, ubuntu
advisories | CVE-2010-3086, CVE-2010-3859, CVE-2010-3873, CVE-2010-3875, CVE-2010-3876, CVE-2010-3880, CVE-2010-4078, CVE-2010-4080, CVE-2010-4081, CVE-2010-4083, CVE-2010-4157, CVE-2010-4160
MD5 | c92ade2a6d6618f6e93dbb1f640445c6
Exec2Shell Converter Tool
Posted Feb 25, 2011
Authored by C3lt1c

This is a simple executable to shellcode converter tool. Video for usage is included.

tags | shellcode
MD5 | 88d54301bbac43091658c199a6384a3c
Altigen Gateway Service Heap Overflow
Posted Feb 25, 2011
Authored by Patrick Kelley

Altigen's Gateway Service suffers from a heap overflow vulnerability that can be triggered by a simple nmap portscan.

tags | advisory, overflow
MD5 | 6f09c557991d81745264ebf6c6e829d0
Joomla XCloner Remote Command Execution
Posted Feb 25, 2011
Authored by mr_me

Joomla XCloner component remote command execution exploit. This component also suffers from information disclosure, local file inclusion, denial of service, and cross site scripting vulnerabilities.

tags | exploit, remote, denial of service, local, vulnerability, xss, file inclusion, info disclosure
MD5 | d9e88326cbf36ae262e3a08eb026a116
Linksys Cisco Wag120n Cross Site Request Forgery
Posted Feb 25, 2011
Authored by IRCRASH, Khashayar Fereidani | Site ircrash.com

The Linksys Cisco Wag120n suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
systems | cisco
MD5 | 45131626f0c3178acf1f569223f28ccc
Website By MIC SQL Injection
Posted Feb 25, 2011
Authored by eXeSoul

Website By MIC suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 21a9911ef1ff7bc231405f69fc546810
Prestashop Cartium 1.3.3 - 0.246s SQL Injection
Posted Feb 25, 2011
Authored by Antonio San Martino

Prestashop Cartium version 1.3.3 - 0.246s suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 7e5ec606951f59818a2e57027f673890
glFusion CMS Blind SQL Injection
Posted Feb 25, 2011
Authored by H3X

glFusion CMS suffers from a remote blind SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | dba7d9a798908b7312d3a932d3e683c1
Pragyan CMS Code Execution / SQL Injection
Posted Feb 25, 2011
Authored by villy

Pragyan CMS versions prior to 3.0 rev 274 suffer from code execution and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, code execution, sql injection
MD5 | e16e735ef595e03540293bf94b0d9242
web.go Insecure Cookie
Posted Feb 25, 2011
Authored by Nam Nguyen | Site bluemoon.com.vn

web.go suffers from an insecure cookie vulnerability. Their cookie is modeled after Tornado which had the same issue reported on in 2010.

tags | advisory, web, insecure cookie handling
MD5 | c0a8007d2a21e6fa524b63baa475e61c
RaksoCT SQL Injection
Posted Feb 25, 2011
Authored by p0pc0rn

RaksoCT Web Design suffers from multiple remote SQL injection vulnerabilities.

tags | exploit, remote, web, vulnerability, sql injection
MD5 | ab937186936bf57c3c089dfa87cde96f
iPhone MyDocs 2.7 Directory Traversal
Posted Feb 25, 2011
Authored by IRCRASH, Khashayar Fereidani | Site ircrash.com

iPhone MyDocs version 2.7 suffers from a directory traversal vulnerability.

tags | exploit, file inclusion
systems | apple, iphone
MD5 | 23fba2f55ddcc89807ff99d443fe0d54
iPhone iFile 2.0 Directory Traversal
Posted Feb 25, 2011
Authored by IRCRASH, Khashayar Fereidani | Site ircrash.com

iPhone iFile version 2.0 suffers from a directory traversal vulnerability.

tags | exploit, file inclusion
systems | apple, iphone
MD5 | f4bdae6b02b0273de397fcde642f160d
iPhone Folders 2.5 Directory Traversal
Posted Feb 25, 2011
Authored by IRCRASH, Khashayar Fereidani | Site ircrash.com

iPhone Folders version 2.5 suffers from a directory traversal vulnerability.

tags | exploit, file inclusion
systems | apple, iphone
MD5 | e112a6293907948ca19949f51a462669
Edraw Office Viewer Component 7.4 Active-X Buffer Overflow
Posted Feb 25, 2011
Authored by Alexander Gavrun

Edraw Office Viewer component version 7.4 active-x related stack buffer overflow exploit.

tags | exploit, overflow, activex
MD5 | cbda59e598c9219aa5a7fbcb04fa2bdf
Cewolf 1.1.4 Denial Of Service
Posted Feb 25, 2011
Authored by MustLive

Cewolf - Chart Enabling Web Object Framework versions 1.1.4 and below suffer from a denial of service vulnerability.

tags | advisory, web, denial of service
MD5 | 3befe78c9ef4f0d9b2571b29d6f6361d
WATOBO Web Application Toolbox Auditor 0.9.6rev266
Posted Feb 25, 2011
Authored by Andreas Schmidt | Site watobo.sourceforge.net

WATOBO, the Web Application Toolbox, is a tool that enables security professionals to perform highly efficient (semi-automated) web application security audits. It acts like a local proxy and analyzes the traffic on the fly for helpful information and vulnerabilities. It also has automated scanning capabilities, e.g. SQL injection, cross site scripting and more.

Changes: Now supports one-time tokens. NTLM authentication added. FileFinder plugin added. Various other additions.
tags | tool, web, local, scanner, vulnerability, xss, sql injection
systems | unix
MD5 | 9c5f05f2f5d9847fd5e94984f174f0d3
PHPShop 0.8.1 Cross Site Scripting
Posted Feb 25, 2011
Authored by Aung Khant | Site yehg.net

PHPShop versions 0.8.1 and below suffer from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 2a2bf517ea524714a75f872387d5720d
glibc alloca() Memory Corruption
Posted Feb 25, 2011
Authored by Chris Evans | Site scarybeastsecurity.blogspot.com

Interesting blog entry that discusses how a glibc alloca()-based memory corruption vulnerability allowed for code execution.

tags | paper, code execution
MD5 | e56c4d56e87ef64c4b60687bca94b955
CA HIPS Arbitrary Code Execution
Posted Feb 25, 2011
Authored by Ken Williams | Site www3.ca.com

CA Technologies support is alerting customers to a security risk associated with CA Host-Based Intrusion Prevention System (HIPS). A vulnerability exists that can allow a remote attacker to execute arbitrary code. CA Technologies has issued patches to address the vulnerability. The vulnerability is due to insecure method implementation in the XMLSecDB ActiveX control that is utilized in CA HIPS components and products. A remote attacker can potentially execute arbitrary code if he can trick a user into visiting a malicious web page or opening a malicious file. Versions prior to 8.1.0.88 are affected.

tags | advisory, remote, web, arbitrary, activex
advisories | CVE-2011-1036
MD5 | 9551ac86c08c1110bdce359f65859c95
Problems Faced By Cloud Computing
Posted Feb 25, 2011
Authored by L0rd CrusAd3r

Brief whitepaper discussing some problems faced when using cloud computing.

tags | paper
MD5 | f56240cf1e3214f9b13f1f70c749b4f4
oclHashcat GPU Hash Cracking Utility 0.25
Posted Feb 25, 2011
Authored by atom | Site hashcat.net

oclHashcat GPU hash cracking utility that has multi-GPU and multi-hash support. It supports dictionary-based and mask-attacks for hybrid cracking. Linux and Windows binaries are included.

tags | cracker
systems | linux, windows
MD5 | 7f8cc3e62b15345aa4c3cf6b6ee66374
Page 1 of 1
Back1Next

File Archive:

November 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    22 Files
  • 2
    Nov 2nd
    28 Files
  • 3
    Nov 3rd
    10 Files
  • 4
    Nov 4th
    1 Files
  • 5
    Nov 5th
    5 Files
  • 6
    Nov 6th
    15 Files
  • 7
    Nov 7th
    15 Files
  • 8
    Nov 8th
    13 Files
  • 9
    Nov 9th
    9 Files
  • 10
    Nov 10th
    9 Files
  • 11
    Nov 11th
    3 Files
  • 12
    Nov 12th
    2 Files
  • 13
    Nov 13th
    15 Files
  • 14
    Nov 14th
    17 Files
  • 15
    Nov 15th
    19 Files
  • 16
    Nov 16th
    15 Files
  • 17
    Nov 17th
    19 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close