what you don't know can hurt you
Showing 1 - 25 of 26 RSS Feed

Files Date: 2011-03-02

Debian Security Advisory 2179-1
Posted Mar 2, 2011
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2179-1 - Ansgar Burchardt discovered several vulnerabilities in DTC, a web control panel for admin and accounting hosting services.

tags | advisory, web, vulnerability
systems | linux, debian
advisories | CVE-2011-0434, CVE-2011-0435, CVE-2011-0436, CVE-2011-0437
MD5 | 283f0f39076276ae2520c06a4eebddce
PhotoPost PHP 4.8c Cross Site Scripting
Posted Mar 2, 2011
Authored by NassRawI

PhotoPost PHP version 4.8c suffers from a cross site scripting vulnerability.

tags | exploit, php, xss
MD5 | 571a45750756554c7f2509ef511ca883
Debian Security Advisory 2178-1
Posted Mar 2, 2011
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2178-1 - It was discovered that pango did not check for memory allocation failures, causing a NULL pointer dereference with an adjustable offset. This can lead to application crashes and potentially arbitrary code execution.

tags | advisory, arbitrary, code execution
systems | linux, debian
advisories | CVE-2011-0064
MD5 | 0256d16f618bc2494c090867d5b7897d
CubeCart 2.0.6 Cross Site Scripting / SQL Injection
Posted Mar 2, 2011
Authored by NassRawI

CubeCart version 2.0.6 appears to suffer from the same old SQL injection vulnerability that multiple prior versions also suffered from. In addition to that, it also suffers from a cross site scripting vulnerability.

tags | exploit, xss, sql injection
MD5 | 0521bf64312b85088148301a42251dd6
Debian Security Advisory 2177-1
Posted Mar 2, 2011
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2177-1 - It was discovered that python-webdav, a WebDAV server implementation, contains several SQL injection vulnerabilities in the processing of user credentials.

tags | advisory, vulnerability, sql injection, python
systems | linux, debian
advisories | CVE-2011-0432
MD5 | 30b70b00ce28dce18704aeb94b1c2b0b
Tor's Hammer - Slow POST Denial Of Service Testing Tool
Posted Mar 2, 2011
Authored by entropy | Site phiral.net

Tor's Hammer is a slow post dos testing tool written in Python. It can also be run through the Tor network to be anonymized. If you are going to run it with Tor it assumes you are running Tor on 127.0.0.1:9050. Kills most unprotected web servers running Apache and IIS via a single instance. Kills Apache 1.X and older IIS with ~128 threads, newer IIS and Apache 2.X with ~256 threads.

tags | web, denial of service, python
systems | linux
MD5 | 890a8e4765a1cebbe6cdf3476b203d97
Ubuntu Security Notice USN-1082-1
Posted Mar 2, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1082-1 - Marc Schoenefeld discovered that Pango incorrectly handled certain Glyph Definition (GDEF) tables. If a user were tricked into displaying text with a specially-crafted font, an attacker could cause Pango to crash, resulting in a denial of service. This issue only affected Ubuntu 8.04 LTS and 9.10. Dan Rosenberg discovered that Pango incorrectly handled certain FT_Bitmap objects. If a user were tricked into displaying text with a specially- crafted font, an attacker could cause a denial of service or execute arbitrary code with privileges of the user invoking the program. The default compiler options for affected releases should reduce the vulnerability to a denial of service. It was discovered that Pango incorrectly handled certain memory reallocation failures. If a user were tricked into displaying text in a way that would cause a reallocation failure, an attacker could cause a denial of service or execute arbitrary code with privileges of the user invoking the program. This issue only affected Ubuntu 9.10, 10.04 LTS and 10.10.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2010-0421, CVE-2011-0020, CVE-2011-0064
MD5 | 60380eab213b23e026f848dcea89c3b9
Prestashop Cartium 1.3.3 Cross Site Scripting
Posted Mar 2, 2011
Authored by Antonio San Martino

Prestashop Cartium version 1.3.3 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 6198cc88bd14bcf70674198aab4f3e38
VidiScript Cross Site Scripting
Posted Mar 2, 2011
Authored by NassRawI

VidiScript suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 2fa4cf37696c106c2d4fa4a4005dcd08
Magic Music Editor 8.12.2.11 Buffer Overflow
Posted Mar 2, 2011
Authored by C4SS!0 G0M3S

Magic Music Editor version 8.12.2.11 buffer overflow proof of concept exploit that creates a malicious .cda file.

tags | exploit, overflow, proof of concept
MD5 | def7086b359eace15d90e8f858f8fe4a
Readmore Systems Script SQL Injection
Posted Mar 2, 2011
Authored by vBzone, El3arby, Zooka

Readmore Systems Script suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 2f1166bb7f3b052a7733c629f4dcd8dc
Bitweaver 2.8.1 Cross Site Scripting / SQL Injection
Posted Mar 2, 2011
Authored by lemlajt

Bitweaver version 2.8.1 suffers from cross site scripting, path disclosure and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
MD5 | 92ecbdef28ef2e8499a451f4e42b6665
cChatBox For vBulletin 3.6.8 / 3.7.x SQL Injection
Posted Mar 2, 2011
Authored by DSecurity

cChatBox for vBulletin versions 3.6.8 and 3.7.x suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | ebd4725188f837c3d35cbb448327b05f
A Penetration Testers Guide To Finger Print Authentication
Posted Mar 2, 2011
Authored by FB1H2S

Whitepaper called A Penetration Testers Guide to Finger Print Authentication.

tags | paper
MD5 | 202008ef8ee0e5166d64fa35be46b629
Mega Menager 3.4.0.9 DLL Hijacking
Posted Mar 2, 2011
Authored by Locu

Mega Menager versions 3.4.0.9 and below suffer from a DLL hijacking vulnerability.

tags | exploit
MD5 | 746f40156556bdf0f7f4338d52b39285
Mandriva Linux Security Advisory 2011-039
Posted Mar 2, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-039 - Multiple cross-site scripting, denial of service and arbitrary code execution security flaws were discovered in webkit. The updated packages have been upgraded to the latest version to correct these issues.

tags | advisory, denial of service, arbitrary, code execution, xss
systems | linux, mandriva
advisories | CVE-2009-2797, CVE-2009-2841, CVE-2010-0046, CVE-2010-0047, CVE-2010-0048, CVE-2010-0049, CVE-2010-0050, CVE-2010-0051, CVE-2010-0052, CVE-2010-0053, CVE-2010-0054, CVE-2010-0314, CVE-2010-0647, CVE-2010-0650, CVE-2010-0651, CVE-2010-0656, CVE-2010-1386, CVE-2010-1387, CVE-2010-1389, CVE-2010-1390, CVE-2010-1391, CVE-2010-1392, CVE-2010-1393, CVE-2010-1394, CVE-2010-1395, CVE-2010-1396, CVE-2010-1397, CVE-2010-1398
MD5 | a84fbc59041c817d23a06d95e8ea7c97
Quicktech SQL Injection
Posted Mar 2, 2011
Authored by eXeSoul

Quicktech suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 2a1e7a322eff84b01cfafbbe0b22eb1a
Debian Security Advisory 2176-1
Posted Mar 2, 2011
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2176-1 - Several vulnerabilities have been discovered in the Common UNIX Printing System. A null pointer dereference in RSS job completion notifications could lead to denial of service. It was discovered that incorrect file descriptor handling could lead to denial of service. A cross-site request forgery vulnerability was discovered in the web interface. Incorrect memory management in the filter subsystem could lead to denial of service. Emmanuel Bouillon discovered a symlink vulnerability in handling of cache files. Various other issues were also addressed.

tags | advisory, web, denial of service, vulnerability, csrf
systems | linux, unix, debian
advisories | CVE-2008-5183, CVE-2009-3553, CVE-2010-0540, CVE-2010-0542, CVE-2010-1748, CVE-2010-2431, CVE-2010-2432, CVE-2010-2941
MD5 | ff95ca5661531c2dca70538070770840
Ubuntu Security Notice USN-1081-1
Posted Mar 2, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1081-1 - The Linux 2.6 kernel had multiple vulnerabilities identified and addressed. It was discovered that KVM did not correctly initialize certain CPU registers. Thomas Pollet discovered that the RDS network protocol did not check certain iovec buffers. Vasiliy Kulikov discovered that the Linux kernel X.25 implementation did not correctly clear kernel memory. Vasiliy Kulikov discovered that the Linux kernel sockets implementation did not properly initialize certain structures. Various other issues were also addressed.

tags | advisory, kernel, vulnerability, protocol
systems | linux, ubuntu
advisories | CVE-2010-3698, CVE-2010-3865, CVE-2010-3875, CVE-2010-3876, CVE-2010-3877, CVE-2010-3880, CVE-2010-4079, CVE-2010-4083, CVE-2010-4248, CVE-2010-4342, CVE-2010-4346, CVE-2010-4527, CVE-2010-4649, CVE-2011-1044
MD5 | 1560817ccddd3675a7fb3925c07a4ad1
Ubuntu Security Notice USN-1080-1
Posted Mar 2, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1080-1 - The Linux 2.6 kernel had multiple vulnerabilities identified and addressed. Thomas Pollet discovered that the RDS network protocol did not check certain iovec buffers. Vasiliy Kulikov discovered that the Linux kernel X.25 implementation did not correctly clear kernel memory. Vasiliy Kulikov discovered that the Linux kernel sockets implementation did not properly initialize certain structures. Vasiliy Kulikov discovered that the TIPC interface did not correctly initialize certain structures. Various other issues were also addressed.

tags | advisory, kernel, vulnerability, protocol
systems | linux, ubuntu
advisories | CVE-2010-3865, CVE-2010-3875, CVE-2010-3876, CVE-2010-3877, CVE-2010-3880, CVE-2010-4248, CVE-2010-4343, CVE-2010-4346, CVE-2010-4526, CVE-2010-4527, CVE-2010-4649, CVE-2011-1044
MD5 | 73381f915c1229455588d263d256fd31
Botan C++ Crypto Algorithms Library 1.9.14
Posted Mar 2, 2011
Site botan.randombit.net

Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS #10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to most systems and compilers, and includes a substantial tutorial and API reference.

Changes: This release adds support for the bcrypt password hashing scheme and NIST's AES key wrap algorithm.
tags | library
systems | linux
MD5 | 6c1f733185c1bd73ee4187d61ecc8d2b
Secunia Security Advisory 43397
Posted Mar 2, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fedora has issued an update for krb5. This fixes multiple vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service, vulnerability
systems | linux, fedora
MD5 | b89a803183cf446560ab7f16322df5c1
Secunia Security Advisory 43427
Posted Mar 2, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for moodle. This fixes multiple vulnerabilities, which can be exploited by malicious users to perform certain actions with escalated privileges, disclose sensitive information, and hijack another user's session and by malicious people to conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss
systems | linux, debian
MD5 | ce97da51158b23aa64a2cbbe7b151368
Secunia Security Advisory 43387
Posted Mar 2, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for java-1.6.0-sun. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to disclose potentially sensitive information and by malicious people to disclose potentially sensitive information, manipulate certain data, cause a DoS (Denial of Service), and compromise a vulnerable system.

tags | advisory, java, denial of service, local, vulnerability
systems | linux, redhat
MD5 | 514e5e21c6b120756c2b059285d33d08
Secunia Security Advisory 43385
Posted Mar 2, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in the Messaging module for Drupal, which can be exploited by malicious users to conduct script insertion attacks.

tags | advisory
MD5 | a7960f1d35acf5adec08d4be6be749c5
Page 1 of 2
Back12Next

File Archive:

December 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    18 Files
  • 2
    Dec 2nd
    11 Files
  • 3
    Dec 3rd
    23 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    13 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close