exploit the possibilities
Showing 1 - 25 of 26 RSS Feed

Files Date: 2011-03-02

Debian Security Advisory 2179-1
Posted Mar 2, 2011
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2179-1 - Ansgar Burchardt discovered several vulnerabilities in DTC, a web control panel for admin and accounting hosting services.

tags | advisory, web, vulnerability
systems | linux, debian
advisories | CVE-2011-0434, CVE-2011-0435, CVE-2011-0436, CVE-2011-0437
SHA-256 | cb2a9ac58a6b2e1392a9280f47f55599a385e8fd679a98056e66cd9868fd5fc3
PhotoPost PHP 4.8c Cross Site Scripting
Posted Mar 2, 2011
Authored by NassRawI

PhotoPost PHP version 4.8c suffers from a cross site scripting vulnerability.

tags | exploit, php, xss
SHA-256 | 4b3eee89e86329852f8803e91022d4b31cf65a3973d5ef00ef6f4b50a8503cb3
Debian Security Advisory 2178-1
Posted Mar 2, 2011
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2178-1 - It was discovered that pango did not check for memory allocation failures, causing a NULL pointer dereference with an adjustable offset. This can lead to application crashes and potentially arbitrary code execution.

tags | advisory, arbitrary, code execution
systems | linux, debian
advisories | CVE-2011-0064
SHA-256 | 213b3dd282ebde23412fea47ec939c0d2ab2671024435416b3f75f2ef0468a6c
CubeCart 2.0.6 Cross Site Scripting / SQL Injection
Posted Mar 2, 2011
Authored by NassRawI

CubeCart version 2.0.6 appears to suffer from the same old SQL injection vulnerability that multiple prior versions also suffered from. In addition to that, it also suffers from a cross site scripting vulnerability.

tags | exploit, xss, sql injection
SHA-256 | 7ca0c459e6ba8a986ea298b006c52fa6b09a92deee92ab5dd56105656fdb3fb0
Debian Security Advisory 2177-1
Posted Mar 2, 2011
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2177-1 - It was discovered that python-webdav, a WebDAV server implementation, contains several SQL injection vulnerabilities in the processing of user credentials.

tags | advisory, vulnerability, sql injection, python
systems | linux, debian
advisories | CVE-2011-0432
SHA-256 | ddd84c50361e28bec8d106c67025dcf746e93c18608edeca8477b57fc2898d93
Tor's Hammer - Slow POST Denial Of Service Testing Tool
Posted Mar 2, 2011
Authored by entropy | Site phiral.net

Tor's Hammer is a slow post dos testing tool written in Python. It can also be run through the Tor network to be anonymized. If you are going to run it with Tor it assumes you are running Tor on 127.0.0.1:9050. Kills most unprotected web servers running Apache and IIS via a single instance. Kills Apache 1.X and older IIS with ~128 threads, newer IIS and Apache 2.X with ~256 threads.

tags | web, denial of service, python
systems | linux
SHA-256 | 00127b3a7c45407764e28730a9732e9e09810e26b1733841424227c6b35ae4f8
Ubuntu Security Notice USN-1082-1
Posted Mar 2, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1082-1 - Marc Schoenefeld discovered that Pango incorrectly handled certain Glyph Definition (GDEF) tables. If a user were tricked into displaying text with a specially-crafted font, an attacker could cause Pango to crash, resulting in a denial of service. This issue only affected Ubuntu 8.04 LTS and 9.10. Dan Rosenberg discovered that Pango incorrectly handled certain FT_Bitmap objects. If a user were tricked into displaying text with a specially- crafted font, an attacker could cause a denial of service or execute arbitrary code with privileges of the user invoking the program. The default compiler options for affected releases should reduce the vulnerability to a denial of service. It was discovered that Pango incorrectly handled certain memory reallocation failures. If a user were tricked into displaying text in a way that would cause a reallocation failure, an attacker could cause a denial of service or execute arbitrary code with privileges of the user invoking the program. This issue only affected Ubuntu 9.10, 10.04 LTS and 10.10.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2010-0421, CVE-2011-0020, CVE-2011-0064
SHA-256 | 55ec43235e341978a77e9e35929be0aa8b8a56a7665d47badc484fada019b94d
Prestashop Cartium 1.3.3 Cross Site Scripting
Posted Mar 2, 2011
Authored by Antonio San Martino

Prestashop Cartium version 1.3.3 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | bc567158b5df2af1e619333e0b68b6c4acb926f20b25391501db0c5b2d37630b
VidiScript Cross Site Scripting
Posted Mar 2, 2011
Authored by NassRawI

VidiScript suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 68a5335459a59d5b0ae336b2b97a852ea61feab369f515e4fb01e58d1c584f83
Magic Music Editor 8.12.2.11 Buffer Overflow
Posted Mar 2, 2011
Authored by C4SS!0 G0M3S

Magic Music Editor version 8.12.2.11 buffer overflow proof of concept exploit that creates a malicious .cda file.

tags | exploit, overflow, proof of concept
SHA-256 | fa03fc5e07a736b6ce4204c833690ca0102f53f572653ea7ea1a91bef14a7b67
Readmore Systems Script SQL Injection
Posted Mar 2, 2011
Authored by vBzone, El3arby, Zooka

Readmore Systems Script suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 6029a101ef38a53b69dfe1e1099badc7e3a0d38b8a7d57c8349c4e31d69d3c79
Bitweaver 2.8.1 Cross Site Scripting / SQL Injection
Posted Mar 2, 2011
Authored by lemlajt

Bitweaver version 2.8.1 suffers from cross site scripting, path disclosure and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
SHA-256 | ff2fdb37f3a57d1bc9e6f390f20bb5431ef94ee0a67a82fa9774e63a6077ed46
cChatBox For vBulletin 3.6.8 / 3.7.x SQL Injection
Posted Mar 2, 2011
Authored by DSecurity

cChatBox for vBulletin versions 3.6.8 and 3.7.x suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 721e37bfba2eca950514ff9e9b12e67f8dd087cddaea943f5d735600992a1700
A Penetration Testers Guide To Finger Print Authentication
Posted Mar 2, 2011
Authored by FB1H2S

Whitepaper called A Penetration Testers Guide to Finger Print Authentication.

tags | paper
SHA-256 | 765d685444a69e09bb8e61d892694da54f50077d71ab630c5afd17ab4266c5c0
Mega Menager 3.4.0.9 DLL Hijacking
Posted Mar 2, 2011
Authored by Locu

Mega Menager versions 3.4.0.9 and below suffer from a DLL hijacking vulnerability.

tags | exploit
SHA-256 | 8292e1db8dd4a8804eaca19dd072b289eeff35f4b0e0ef339ca2f2208dccb70d
Mandriva Linux Security Advisory 2011-039
Posted Mar 2, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-039 - Multiple cross-site scripting, denial of service and arbitrary code execution security flaws were discovered in webkit. The updated packages have been upgraded to the latest version to correct these issues.

tags | advisory, denial of service, arbitrary, code execution, xss
systems | linux, mandriva
advisories | CVE-2009-2797, CVE-2009-2841, CVE-2010-0046, CVE-2010-0047, CVE-2010-0048, CVE-2010-0049, CVE-2010-0050, CVE-2010-0051, CVE-2010-0052, CVE-2010-0053, CVE-2010-0054, CVE-2010-0314, CVE-2010-0647, CVE-2010-0650, CVE-2010-0651, CVE-2010-0656, CVE-2010-1386, CVE-2010-1387, CVE-2010-1389, CVE-2010-1390, CVE-2010-1391, CVE-2010-1392, CVE-2010-1393, CVE-2010-1394, CVE-2010-1395, CVE-2010-1396, CVE-2010-1397, CVE-2010-1398
SHA-256 | 9aa3acee10ae2e83e96128d82e5f1409071587392804e700307a97e3ba876551
Quicktech SQL Injection
Posted Mar 2, 2011
Authored by eXeSoul

Quicktech suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 9b44b045d9444498ce3fc0e8dd9811147d7667c4c6505a205c92c3c7b69fbdaa
Debian Security Advisory 2176-1
Posted Mar 2, 2011
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2176-1 - Several vulnerabilities have been discovered in the Common UNIX Printing System. A null pointer dereference in RSS job completion notifications could lead to denial of service. It was discovered that incorrect file descriptor handling could lead to denial of service. A cross-site request forgery vulnerability was discovered in the web interface. Incorrect memory management in the filter subsystem could lead to denial of service. Emmanuel Bouillon discovered a symlink vulnerability in handling of cache files. Various other issues were also addressed.

tags | advisory, web, denial of service, vulnerability, csrf
systems | linux, unix, debian
advisories | CVE-2008-5183, CVE-2009-3553, CVE-2010-0540, CVE-2010-0542, CVE-2010-1748, CVE-2010-2431, CVE-2010-2432, CVE-2010-2941
SHA-256 | 21901e6c776cf699416e364a1c536e8ae21ddbb297893d90aec7aef45ed8caff
Ubuntu Security Notice USN-1081-1
Posted Mar 2, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1081-1 - The Linux 2.6 kernel had multiple vulnerabilities identified and addressed. It was discovered that KVM did not correctly initialize certain CPU registers. Thomas Pollet discovered that the RDS network protocol did not check certain iovec buffers. Vasiliy Kulikov discovered that the Linux kernel X.25 implementation did not correctly clear kernel memory. Vasiliy Kulikov discovered that the Linux kernel sockets implementation did not properly initialize certain structures. Various other issues were also addressed.

tags | advisory, kernel, vulnerability, protocol
systems | linux, ubuntu
advisories | CVE-2010-3698, CVE-2010-3865, CVE-2010-3875, CVE-2010-3876, CVE-2010-3877, CVE-2010-3880, CVE-2010-4079, CVE-2010-4083, CVE-2010-4248, CVE-2010-4342, CVE-2010-4346, CVE-2010-4527, CVE-2010-4649, CVE-2011-1044
SHA-256 | d8345350ee5fcccf7db501dc22e7fa3c03ec4d5ee8994a838c926a6f1424f8c6
Ubuntu Security Notice USN-1080-1
Posted Mar 2, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1080-1 - The Linux 2.6 kernel had multiple vulnerabilities identified and addressed. Thomas Pollet discovered that the RDS network protocol did not check certain iovec buffers. Vasiliy Kulikov discovered that the Linux kernel X.25 implementation did not correctly clear kernel memory. Vasiliy Kulikov discovered that the Linux kernel sockets implementation did not properly initialize certain structures. Vasiliy Kulikov discovered that the TIPC interface did not correctly initialize certain structures. Various other issues were also addressed.

tags | advisory, kernel, vulnerability, protocol
systems | linux, ubuntu
advisories | CVE-2010-3865, CVE-2010-3875, CVE-2010-3876, CVE-2010-3877, CVE-2010-3880, CVE-2010-4248, CVE-2010-4343, CVE-2010-4346, CVE-2010-4526, CVE-2010-4527, CVE-2010-4649, CVE-2011-1044
SHA-256 | c71487823755634861f489d8726738a989e9ca187336d6c2634366b8d23bd557
Botan C++ Crypto Algorithms Library 1.9.14
Posted Mar 2, 2011
Site botan.randombit.net

Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS #10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to most systems and compilers, and includes a substantial tutorial and API reference.

Changes: This release adds support for the bcrypt password hashing scheme and NIST's AES key wrap algorithm.
tags | library
systems | linux
SHA-256 | b495686d1ba68f7330ab2abc64ece39ce1963b370dea46da18238f51acfd8de5
Secunia Security Advisory 43397
Posted Mar 2, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fedora has issued an update for krb5. This fixes multiple vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service, vulnerability
systems | linux, fedora
SHA-256 | 082676fc6c171d78fa7600c466ad0e66addc873dc6ef02eeea93434a1dcf1a2d
Secunia Security Advisory 43427
Posted Mar 2, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for moodle. This fixes multiple vulnerabilities, which can be exploited by malicious users to perform certain actions with escalated privileges, disclose sensitive information, and hijack another user's session and by malicious people to conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss
systems | linux, debian
SHA-256 | c53dc345c8cf6427828070a4af4cf9ed8721cdb4731818199411eeea62babb37
Secunia Security Advisory 43387
Posted Mar 2, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for java-1.6.0-sun. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to disclose potentially sensitive information and by malicious people to disclose potentially sensitive information, manipulate certain data, cause a DoS (Denial of Service), and compromise a vulnerable system.

tags | advisory, java, denial of service, local, vulnerability
systems | linux, redhat
SHA-256 | 443e6857a1db9b22042ee6d774fadb99f361dff304946c6b96e207bc322c46d6
Secunia Security Advisory 43385
Posted Mar 2, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in the Messaging module for Drupal, which can be exploited by malicious users to conduct script insertion attacks.

tags | advisory
SHA-256 | 55dc0413a7c8afbbb745d97385fb8d5650294b97cc37fb83c64bfb739d97025c
Page 1 of 2
Back12Next

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    26 Files
  • 18
    May 18th
    0 Files
  • 19
    May 19th
    0 Files
  • 20
    May 20th
    0 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close