exploit the possibilities
Showing 1 - 20 of 20 RSS Feed

Files Date: 2011-02-28

Zero Day Initiative Advisory 11-094
Posted Feb 28, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-094 - This vulnerability allows remote attackers to compromise the archive records on vulnerable installations of HP StorageWorks File Migration Agent. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HsmCfgSvc.exe service responsible for managing archive stores. The archive manager is susceptible to tampering due to a failure to enforce authentication from remote users. An attacker could exploit this flaw to compromise the server managing the archives and arbitrarily modify the archive data store under the context of the File Migration Agent software.

tags | advisory, remote
MD5 | d4c16c8e15d434b6bdca8bff2018e11c
Debian Security Advisory 2175-1
Posted Feb 28, 2011
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2175-1 - Volker Lendecke discovered that missing range checks in Samba's file descriptor handling could lead to memory corruption, resulting in denial of service.

tags | advisory, denial of service
systems | linux, debian
advisories | CVE-2011-0719
MD5 | 5466b76532fc72dde02adea9f1802a53
Ubuntu Security Notice USN-1077-1
Posted Feb 28, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1077-1 - It was discovered that FUSE would incorrectly follow symlinks when checking mountpoints under certain conditions. A local attacker, with access to use FUSE, could unmount arbitrary locations, leading to a denial of service.

tags | advisory, denial of service, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2009-3297, CVE-2011-0541, CVE-2011-0542, CVE-2011-0543
MD5 | 86002895ed2ad1797138a20be9ab9ad0
Ubuntu Security Notice USN-1074-2
Posted Feb 28, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1074-2 - USN-1074-1 fixed vulnerabilities in linux-fsl-imx51 in Ubuntu 9.10. This update provides the corresponding updates for Ubuntu 10.04. Multiple vulnerabilities have been discovered and addressed in the Linux kernel. Al Viro discovered a race condition in the TTY driver. Dan Rosenberg discovered that the MOVE_EXT ext4 ioctl did not correctly check file permissions. Neil Brown discovered that NFSv4 did not correctly check certain write requests. David Howells discovered that DNS resolution in CIFS could be spoofed. Various other issues have also been addressed.

tags | advisory, kernel, spoof, vulnerability
systems | linux, ubuntu
advisories | CVE-2009-4895, CVE-2010-2066, CVE-2010-2226, CVE-2010-2240, CVE-2010-2248, CVE-2010-2478, CVE-2010-2495, CVE-2010-2521, CVE-2010-2524, CVE-2010-2538, CVE-2010-2798, CVE-2010-2803, CVE-2010-2942, CVE-2010-2943, CVE-2010-2946, CVE-2010-2954, CVE-2010-2955, CVE-2010-2959, CVE-2010-2962, CVE-2010-2963, CVE-2010-3015, CVE-2010-3067, CVE-2010-3078, CVE-2010-3079, CVE-2010-3080, CVE-2010-3081, CVE-2010-3084, CVE-2010-3296
MD5 | 3c50452827e25742bef7840b721455f6
Ubuntu Security Notice USN-1076-1
Posted Feb 28, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1076-1 - It was discovered that the Microsoft Office processing code in libclamav improperly handled certain Visual Basic for Applications (VBA) data. This could allow a remote attacker to craft a document that could crash clamav or possibly execute arbitrary code. In the default installation, attackers would be isolated by the ClamAV AppArmor profile.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2011-1003
MD5 | 0c5c16da75174d63e5095da59ac60569
Ubuntu Security Notice USN-1075-1
Posted Feb 28, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1075-1 - Volker Lendecke discovered that Samba incorrectly handled certain file descriptors. A remote attacker could send a specially crafted request to the server and cause Samba to crash or hang, resulting in a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2011-0719
MD5 | 454608850cba21410988f637a3e9c9ac
Mandriva Linux Security Advisory 2011-038
Posted Feb 28, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-038 - All current released versions of Samba are vulnerable to a denial of service caused by memory corruption. Range checks on file descriptors being used in the FD_SET macro were not present allowing stack corruption. This can cause the Samba code to crash or to loop attempting to select on a bad file descriptor set.

tags | advisory, denial of service
systems | linux, mandriva
advisories | CVE-2011-0719
MD5 | b0bc7527f52910e27a51caa3d022119f
FreeBSD crontab Information Leakage
Posted Feb 28, 2011
Authored by Dan Rosenberg

FreeBSD's crontab implementation suffers from various race condition and symlink vulnerabilities that allow for minor information leakage.

tags | advisory, vulnerability
systems | freebsd
MD5 | 07b32ae1079a8ee98df86008e1959da3
BackWPup WordPress Plugin 1.4.0 File Content Disclosure
Posted Feb 28, 2011
Authored by Danilo Massa

BackWPup WordPress plugin versions 1.4.0 and below suffer from a file content disclosure vulnerability.

tags | exploit, info disclosure
MD5 | fb53e14e423d362169ffef768e71af58
DO-CMS SQL Injection
Posted Feb 28, 2011
Authored by AtT4CKxT3rR0r1ST

DO-CMS suffers from multiple remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
MD5 | 6e14e1c1cfab9bfb4fe4b84a82b4dbf2
WeeChat Invalid Certificate Check
Posted Feb 28, 2011
Authored by JD

WeeChat suffers from an invalid certificate verification vulnerability.

tags | advisory, bypass
MD5 | 4892538ee317654444753cbcdf21baf7
Quick N Easy FTP Server 3.2 Denial Of Service
Posted Feb 28, 2011
Authored by clshack

Quick N Easy FTP Server version 3.2 denial of service exploit.

tags | exploit, denial of service
MD5 | 01f297c81b50928e8762cd265e7bf030
Magic Music Editor Denial Of Service
Posted Feb 28, 2011
Authored by AtT4CKxT3rR0r1ST

Magic Music Editor denial of service exploit that creates a malicious .cda file.

tags | exploit, denial of service
MD5 | 901a457d03c41e9e059ea5f045617153
PHP Exif Extension Denial Of Service
Posted Feb 28, 2011
Authored by ikki, paradoxengine

PHP versions 5.3.5 and below are susceptible to a denial of service condition in the Exif extension exif_read_data() function.

tags | exploit, denial of service, php
systems | linux
advisories | CVE-2011-0708
MD5 | 21882b823a841e7aa0af5399dda7100f
Imageview 6.0 Directory Traversal
Posted Feb 28, 2011
Authored by Difficult 511

Imageview version 6.0 suffers from a directory traversal vulnerability.

tags | exploit, file inclusion
MD5 | 37f5e1b38578d121fe9e0bb7fa8b0cd7
WSN Guest 1.24 SQL Injection
Posted Feb 28, 2011
Authored by Aliaksandr Hartsuyeu | Site evuln.com

WSN Guest version 1.24 suffers from a remote SQL injection vulnerability in the time parameter.

tags | exploit, remote, sql injection
MD5 | 3b5d4d7c3f1d265bb20702cac790e626
Mobius Forensic Toolkit 0.5.7
Posted Feb 28, 2011
Site savannah.nongnu.org

Mobius Forensic Toolkit is a forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files for easy integration with other tools.

Changes: Six news registry reports were added - user assist, recent docs, product keys, O.S. folders, user logon info, and computer info. Minor improvements were made.
tags | tool, python, forensics
systems | unix
MD5 | 5b73f2118bdc9bf8d8c47cb653502507
Scapy Packet Manipulation Tool 2.2.0
Posted Feb 28, 2011
Authored by Philippe Biondi | Site secdev.org

Scapy is a powerful interactive packet manipulation tool, packet generator, network scanner, network discovery tool, and packet sniffer. It provides classes to interactively create packets or sets of packets, manipulate them, send them over the wire, sniff other packets from the wire, match answers and replies, and more. Interaction is provided by the Python interpreter, so Python programming structures can be used (such as variables, loops, and functions). Report modules are possible and easy to make. It is intended to do the same things as ttlscan, nmap, hping, queso, p0f, xprobe, arping, arp-sk, arpspoof, firewalk, irpas, tethereal, tcpdump, etc.

Changes: This release adds a contrib section filled with old contributions that were not distributed with Scapy yet: CDP, IGMP, MPLS, CHDLC, SLARP, WPA EAPOL, DTP, EIGRP, VQP, BGP, OSPF, VTP RSVP, EtherIP, RIPng, and IKEv2. It fixes some bugs.
tags | tool, scanner, python
systems | unix
MD5 | 406990bd8da1f4958b354b4b6fc4b3eb
HP Security Bulletin HPSBPI02635 SSRT100391
Posted Feb 28, 2011
Authored by HP | Site hp.com

HP Security Bulletin HPSBPI02635 SSRT100391 - A potential security vulnerability has been identified with HP Web Jetadmin running on Windows. The vulnerability could be exploited by a local user to gain unauthorized access to resources managed by Web Jetadmin. Revision 1 of this advisory.

tags | advisory, web, local
systems | windows
advisories | CVE-2011-0278
MD5 | dbfa0eea53e5eee6e8679bf73a71bbb7
phpMyAdmin 3.3.9 Brute Force / Path Disclosure
Posted Feb 28, 2011
Authored by MustLive

phpMyAdmin versions 3.3.9 and below suffers from brute force and path disclosure vulnerabilities.

tags | advisory, cracker, vulnerability, info disclosure
advisories | CVE-2011-0986
MD5 | 6e8fae2af8d9530fd34944a378dabe95
Page 1 of 1
Back1Next

File Archive:

May 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    16 Files
  • 2
    May 2nd
    8 Files
  • 3
    May 3rd
    8 Files
  • 4
    May 4th
    2 Files
  • 5
    May 5th
    1 Files
  • 6
    May 6th
    15 Files
  • 7
    May 7th
    22 Files
  • 8
    May 8th
    16 Files
  • 9
    May 9th
    17 Files
  • 10
    May 10th
    16 Files
  • 11
    May 11th
    3 Files
  • 12
    May 12th
    4 Files
  • 13
    May 13th
    25 Files
  • 14
    May 14th
    24 Files
  • 15
    May 15th
    78 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    12 Files
  • 18
    May 18th
    2 Files
  • 19
    May 19th
    1 Files
  • 20
    May 20th
    2 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close