exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 20 of 20 RSS Feed

Files Date: 2011-02-28

Zero Day Initiative Advisory 11-094
Posted Feb 28, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-094 - This vulnerability allows remote attackers to compromise the archive records on vulnerable installations of HP StorageWorks File Migration Agent. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HsmCfgSvc.exe service responsible for managing archive stores. The archive manager is susceptible to tampering due to a failure to enforce authentication from remote users. An attacker could exploit this flaw to compromise the server managing the archives and arbitrarily modify the archive data store under the context of the File Migration Agent software.

tags | advisory, remote
SHA-256 | d0d60346d9845a44d20ccf13f6af2138b11858ae3433292e6668ea1052d56f28
Debian Security Advisory 2175-1
Posted Feb 28, 2011
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2175-1 - Volker Lendecke discovered that missing range checks in Samba's file descriptor handling could lead to memory corruption, resulting in denial of service.

tags | advisory, denial of service
systems | linux, debian
advisories | CVE-2011-0719
SHA-256 | 719f49ec7904b2f94d98af45ddb4672b74fddd92a052524c3e0a664d2a7776f1
Ubuntu Security Notice USN-1077-1
Posted Feb 28, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1077-1 - It was discovered that FUSE would incorrectly follow symlinks when checking mountpoints under certain conditions. A local attacker, with access to use FUSE, could unmount arbitrary locations, leading to a denial of service.

tags | advisory, denial of service, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2009-3297, CVE-2011-0541, CVE-2011-0542, CVE-2011-0543
SHA-256 | 7abc581d95fd6fa91f14b15d1919d17c1f65a3f627fcc6b20f76aa12c42d3cce
Ubuntu Security Notice USN-1074-2
Posted Feb 28, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1074-2 - USN-1074-1 fixed vulnerabilities in linux-fsl-imx51 in Ubuntu 9.10. This update provides the corresponding updates for Ubuntu 10.04. Multiple vulnerabilities have been discovered and addressed in the Linux kernel. Al Viro discovered a race condition in the TTY driver. Dan Rosenberg discovered that the MOVE_EXT ext4 ioctl did not correctly check file permissions. Neil Brown discovered that NFSv4 did not correctly check certain write requests. David Howells discovered that DNS resolution in CIFS could be spoofed. Various other issues have also been addressed.

tags | advisory, kernel, spoof, vulnerability
systems | linux, ubuntu
advisories | CVE-2009-4895, CVE-2010-2066, CVE-2010-2226, CVE-2010-2240, CVE-2010-2248, CVE-2010-2478, CVE-2010-2495, CVE-2010-2521, CVE-2010-2524, CVE-2010-2538, CVE-2010-2798, CVE-2010-2803, CVE-2010-2942, CVE-2010-2943, CVE-2010-2946, CVE-2010-2954, CVE-2010-2955, CVE-2010-2959, CVE-2010-2962, CVE-2010-2963, CVE-2010-3015, CVE-2010-3067, CVE-2010-3078, CVE-2010-3079, CVE-2010-3080, CVE-2010-3081, CVE-2010-3084, CVE-2010-3296
SHA-256 | 4e15776b2f435c92a453d8aac2203f207e854e4b3f906900fe4b4f17ed2e2a0c
Ubuntu Security Notice USN-1076-1
Posted Feb 28, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1076-1 - It was discovered that the Microsoft Office processing code in libclamav improperly handled certain Visual Basic for Applications (VBA) data. This could allow a remote attacker to craft a document that could crash clamav or possibly execute arbitrary code. In the default installation, attackers would be isolated by the ClamAV AppArmor profile.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2011-1003
SHA-256 | 2d04da8d1f11b96f184c08db804c5a8cde452d0361185ff49b7a4fc63f4fbf41
Ubuntu Security Notice USN-1075-1
Posted Feb 28, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1075-1 - Volker Lendecke discovered that Samba incorrectly handled certain file descriptors. A remote attacker could send a specially crafted request to the server and cause Samba to crash or hang, resulting in a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2011-0719
SHA-256 | 5a881149a3fef01c87d99b5117790feb8d52e1b67d16915f6f447bf992dbd6fc
Mandriva Linux Security Advisory 2011-038
Posted Feb 28, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-038 - All current released versions of Samba are vulnerable to a denial of service caused by memory corruption. Range checks on file descriptors being used in the FD_SET macro were not present allowing stack corruption. This can cause the Samba code to crash or to loop attempting to select on a bad file descriptor set.

tags | advisory, denial of service
systems | linux, mandriva
advisories | CVE-2011-0719
SHA-256 | a54128d96ef5760cc084f1f2a4d2324cb00c5687807a07069714410c3ea9f0a2
FreeBSD crontab Information Leakage
Posted Feb 28, 2011
Authored by Dan Rosenberg

FreeBSD's crontab implementation suffers from various race condition and symlink vulnerabilities that allow for minor information leakage.

tags | advisory, vulnerability
systems | freebsd
SHA-256 | 0c48aa105ac5559bbac3c34bec72fc1a917b4bb2c39f51d11be3e0a1932aa408
BackWPup WordPress Plugin 1.4.0 File Content Disclosure
Posted Feb 28, 2011
Authored by Danilo Massa

BackWPup WordPress plugin versions 1.4.0 and below suffer from a file content disclosure vulnerability.

tags | exploit, info disclosure
SHA-256 | 11874aac3134e7b1c28564b2b1dd391fc7b31fa8ecf72478b47ba3ade60462d1
DO-CMS SQL Injection
Posted Feb 28, 2011
Authored by AtT4CKxT3rR0r1ST

DO-CMS suffers from multiple remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
SHA-256 | 707992f3f8c0825e2df5b513fb1b85d07585d5949b07a7fca7e5fda0b1861541
WeeChat Invalid Certificate Check
Posted Feb 28, 2011
Authored by JD

WeeChat suffers from an invalid certificate verification vulnerability.

tags | advisory, bypass
SHA-256 | b244384a98f92322c920ae9a0922ecf9ded2df274ee6fe2b1625224736dcb748
Quick N Easy FTP Server 3.2 Denial Of Service
Posted Feb 28, 2011
Authored by clshack

Quick N Easy FTP Server version 3.2 denial of service exploit.

tags | exploit, denial of service
SHA-256 | 3ac6cb6d87d57934d1c7fa0e8b73b2bcc95def2c7e22d34c1e41acc738bb270d
Magic Music Editor Denial Of Service
Posted Feb 28, 2011
Authored by AtT4CKxT3rR0r1ST

Magic Music Editor denial of service exploit that creates a malicious .cda file.

tags | exploit, denial of service
SHA-256 | 9462a00e75b4e64a1c729ad22229dbc8b510a9a62d9f05baf99b16032b1e7361
PHP Exif Extension Denial Of Service
Posted Feb 28, 2011
Authored by ikki, paradoxengine

PHP versions 5.3.5 and below are susceptible to a denial of service condition in the Exif extension exif_read_data() function.

tags | exploit, denial of service, php
systems | linux
advisories | CVE-2011-0708
SHA-256 | 9a3edc419d1451c112c85dbd5ab1bc18c7921def1d1e3dc9ec1409796a52654d
Imageview 6.0 Directory Traversal
Posted Feb 28, 2011
Authored by Difficult 511

Imageview version 6.0 suffers from a directory traversal vulnerability.

tags | exploit, file inclusion
SHA-256 | 262d1ece9a7414af4ee075eddfb0dbefc8b9f3c934e1df735fa2c92d50584cd5
WSN Guest 1.24 SQL Injection
Posted Feb 28, 2011
Authored by Aliaksandr Hartsuyeu | Site evuln.com

WSN Guest version 1.24 suffers from a remote SQL injection vulnerability in the time parameter.

tags | exploit, remote, sql injection
SHA-256 | da86b8f248d2ef51d36d48a90c668cf8b250e1b9e735d0af54bb77d4e2ddbeff
Mobius Forensic Toolkit 0.5.7
Posted Feb 28, 2011
Site savannah.nongnu.org

Mobius Forensic Toolkit is a forensic framework written in Python/GTK that manages cases and case items, providing an abstract interface for developing extensions. Cases and item categories are defined using XML files for easy integration with other tools.

Changes: Six news registry reports were added - user assist, recent docs, product keys, O.S. folders, user logon info, and computer info. Minor improvements were made.
tags | tool, python, forensics
systems | unix
SHA-256 | 50c17be7feb4f17c9b55e331490c6fc1b4a79d0c13287fc82c168b7bccf58523
Scapy Packet Manipulation Tool 2.2.0
Posted Feb 28, 2011
Authored by Philippe Biondi | Site secdev.org

Scapy is a powerful interactive packet manipulation tool, packet generator, network scanner, network discovery tool, and packet sniffer. It provides classes to interactively create packets or sets of packets, manipulate them, send them over the wire, sniff other packets from the wire, match answers and replies, and more. Interaction is provided by the Python interpreter, so Python programming structures can be used (such as variables, loops, and functions). Report modules are possible and easy to make. It is intended to do the same things as ttlscan, nmap, hping, queso, p0f, xprobe, arping, arp-sk, arpspoof, firewalk, irpas, tethereal, tcpdump, etc.

Changes: This release adds a contrib section filled with old contributions that were not distributed with Scapy yet: CDP, IGMP, MPLS, CHDLC, SLARP, WPA EAPOL, DTP, EIGRP, VQP, BGP, OSPF, VTP RSVP, EtherIP, RIPng, and IKEv2. It fixes some bugs.
tags | tool, scanner, python
systems | unix
SHA-256 | c5363b224df0efbd78d7dc4d8a518e5518b2e7affc2e5f1fcecd4efa3ab815af
HP Security Bulletin HPSBPI02635 SSRT100391
Posted Feb 28, 2011
Authored by HP | Site hp.com

HP Security Bulletin HPSBPI02635 SSRT100391 - A potential security vulnerability has been identified with HP Web Jetadmin running on Windows. The vulnerability could be exploited by a local user to gain unauthorized access to resources managed by Web Jetadmin. Revision 1 of this advisory.

tags | advisory, web, local
systems | windows
advisories | CVE-2011-0278
SHA-256 | ca21811109cbf5040a354178f86ad2d2ce44ab035696b794e445212335b8cf7e
phpMyAdmin 3.3.9 Brute Force / Path Disclosure
Posted Feb 28, 2011
Authored by MustLive

phpMyAdmin versions 3.3.9 and below suffers from brute force and path disclosure vulnerabilities.

tags | advisory, cracker, vulnerability, info disclosure
advisories | CVE-2011-0986
SHA-256 | 57dff876815eb07a5a14b2a29cab989fa9f079aa94371b1d74b85134fb0f35f5
Page 1 of 1
Back1Next

File Archive:

February 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    11 Files
  • 2
    Feb 2nd
    9 Files
  • 3
    Feb 3rd
    5 Files
  • 4
    Feb 4th
    0 Files
  • 5
    Feb 5th
    0 Files
  • 6
    Feb 6th
    9 Files
  • 7
    Feb 7th
    32 Files
  • 8
    Feb 8th
    0 Files
  • 9
    Feb 9th
    0 Files
  • 10
    Feb 10th
    0 Files
  • 11
    Feb 11th
    0 Files
  • 12
    Feb 12th
    0 Files
  • 13
    Feb 13th
    0 Files
  • 14
    Feb 14th
    0 Files
  • 15
    Feb 15th
    0 Files
  • 16
    Feb 16th
    0 Files
  • 17
    Feb 17th
    0 Files
  • 18
    Feb 18th
    0 Files
  • 19
    Feb 19th
    0 Files
  • 20
    Feb 20th
    0 Files
  • 21
    Feb 21st
    0 Files
  • 22
    Feb 22nd
    0 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close