what you don't know can hurt you
Showing 1 - 25 of 34 RSS Feed

Files Date: 2011-03-08

Majordomo2 Directory Traversal
Posted Mar 8, 2011
Authored by Nikolas Sotiriu

Majordomo2 suffers from a directory traversal vulnerability in the help command. The parameter named extra is not properly sanitized. Versions 20110203 and below are affected.

tags | exploit
advisories | CVE-2011-0063
MD5 | 009e712aa00f64012ca950521c30a071
Mandriva Linux Security Advisory 2011-044
Posted Mar 8, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-044 - This advisory updates wireshark to the latest version (1.2.15), fixing several security issues. Wireshark 1.5.0, 1.4.3, and earlier frees an uninitialized pointer during processing of a .pcap file in the pcap-ng format, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a malformed file. Heap-based buffer overflow in wiretap/dct3trace.c in Wireshark 1.2.0 through 1.2.14 and 1.4.0 through 1.4.3 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a long record in a Nokia DCT3 trace file. wiretap/pcapng.c in Wireshark 1.2.0 through 1.2.14 and 1.4.0 through 1.4.3 allows remote attackers to cause a denial of service (application crash) via a pcap-ng file that contains a large packet-length field. Various other issues have been addressed as well.

tags | advisory, remote, denial of service, overflow
systems | linux, mandriva
advisories | CVE-2011-0538, CVE-2011-0713, CVE-2011-1139, CVE-2011-1140, CVE-2011-1141, CVE-2011-1142
MD5 | 1a4b5e72ba395d629ca7ab03e3d44ebb
Icinga 1.3.0 / 1.2.1 Cross Site Scripting
Posted Mar 8, 2011
Authored by Stefan Schurtz

Icinga versions 1.3.0 and 1.2.1 suffer from cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | f29051bb67b55ca8f3cefd5eeafc1bef
PhotoSmash 1.0.1 Cross Site Scripting
Posted Mar 8, 2011
Authored by High-Tech Bridge SA | Site htbridge.com

PhotoSmash WordPress plugin version 1.0.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 8d5b609082a2d02621cfdc26fe4229fb
Mandos Encrypted File System Unattended Reboot Utility 1.3.0
Posted Mar 8, 2011
Authored by Teddy | Site fukt.bsnet.se

The Mandos system allows computers to have encrypted root file systems and at the same time be capable of remote or unattended reboots. The computers run a small client program in the initial RAM disk environment which will communicate with a server over a network. All network communication is encrypted using TLS. The clients are identified by the server using an OpenPGP key that is unique to each client. The server sends the clients an encrypted password. The encrypted password is decrypted by the clients using the same OpenPGP key, and the password is then used to unlock the root file system.

Changes: Server and utilities have been updated for Python 2.6. Client bugfixes - the password-prompt plugin does not conflict with Plymouth. initramfs is also updated when purging a package.
tags | remote, root
systems | linux, unix
MD5 | 44a79efe5219d26f3681ed3e0033970c
EzPub Simple Classic ASP CMS SQL Injection
Posted Mar 8, 2011
Authored by p0pc0rn

EzPub Simple Classic ASP CMS suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection, asp
MD5 | 6fc54dbd8a4b0a73d4343fca1cff8d93
1 Flash Gallery 0.2.5 Cross Site Scripting / SQL Injection
Posted Mar 8, 2011
Authored by High-Tech Bridge SA | Site htbridge.com

1 Flash Gallery WordPress plugin version 0.2.5 suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
MD5 | fcc1a2b37341bf2ebe75f27bd1751d8e
Inline Gallery 0.3.9 Cross Site Scripting
Posted Mar 8, 2011
Authored by High-Tech Bridge SA | Site htbridge.com

Inline Gallery WordPress plugin version 0.3.9 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 1d6905969b8628d4f44ec027588af221
HP Security Bulletin HPSBUX02641 SSRT100412
Posted Mar 8, 2011
Authored by HP | Site hp.com

HP Security Bulletin HPSBUX02641 SSRT100412 - A potential vulnerability has been identified with HP OpenView Network Node Manager (OV NNM) for HP-UX, Linux, Solaris, and Windows running Java. The vulnerability could be remotely exploited to create a Denial of Service (DoS). Revision 1 of this advisory.

tags | advisory, java, denial of service
systems | linux, windows, solaris, hpux
advisories | CVE-2010-4476
MD5 | ec061af15a4ed1f26cadb40d830a936f
GRAND Flash Album Gallery 0.55 SQL Injection / File Disclosure
Posted Mar 8, 2011
Authored by High-Tech Bridge SA | Site htbridge.com

GRAND Flash Album Gallery WordPress plugin version 0.55 suffers from remote SQL injection and file disclosure vulnerabilities.

tags | exploit, remote, vulnerability, sql injection, info disclosure
MD5 | f50e47d3ea35ceba7294220a780e5f00
Linux Kernel caiaq USB Drivers Buffer Overflow
Posted Mar 8, 2011
Authored by Rafael Dominguez Vega | Site labs.mwrinfosecurity.com

A buffer overflow vulnerability in the caiaq USB drivers in Linux has been identified. These drivers are in the kernel tree and installed by default in most Linux distributions. This vulnerability could be exploited in order to execute arbitrary code by an attacker with physical access to the system.

tags | advisory, overflow, arbitrary, kernel
systems | linux
advisories | CVE-2011-0712
MD5 | e2cd27e7b292045a8bb4474fc7cf21bc
Nokia N97 Playlist Proof Of Concept
Posted Mar 8, 2011
Authored by KedAns-Dz

Nokia N97 .m3u playlist crash proof of concept exploit.

tags | exploit, denial of service, proof of concept
MD5 | dc723b12bdad3cfd11eae607a1d2536c
Movavi VideoSuite 8.0 MovieEditor.exe Buffer Overflow
Posted Mar 8, 2011
Authored by KedAns-Dz

Movavi VideoSuite version 8.0 MovieEditor.exe local crash buffer overflow proof of concept exploit.

tags | exploit, overflow, local, proof of concept
MD5 | f55b26196ffb80876714152e10c1f6c0
Movavi VideoSuite 8.0 MediaPlayer.exe Buffer Overflow
Posted Mar 8, 2011
Authored by KedAns-Dz

Movavi VideoSuite version 8.0 MediaPlayer.exe buffer overflow exploit that spawns a reverse shell.

tags | exploit, overflow, shell
MD5 | a9c04e8d1f9b0f31e61ab121a1bfee12
Movavi VideoSuite 8.0 SlideShow.exe Buffer Overflow
Posted Mar 8, 2011
Authored by KedAns-Dz

Movavi VideoSuite version 8.0 SlideShow.exe local crash buffer overflow proof of concept exploit.

tags | exploit, overflow, local, proof of concept
MD5 | cea8c01d836b5670836123e45078d160
Mandriva Linux Security Advisory 2011-043
Posted Mar 8, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-043 - A buffer overflow was discovered in libtiff which allows remote attackers to execute arbitrary code or cause a denial of service via a crafted TIFF image with CCITT Group 4 encoding.

tags | advisory, remote, denial of service, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2011-0192, CVE-2009-2347, CVE-2010-2065
MD5 | 49d062c22289205b5258adc04c124f6e
Marco Monaco SQL Injection
Posted Mar 8, 2011
Authored by eXeSoul

Web Development by Marco Monaco suffers from a remote SQL injection vulnerability.

tags | exploit, remote, web, sql injection
MD5 | 8bd83287f80e472a3ee39e1b60c19c86
.NET Runtime Optimization Service Privilege Escalation
Posted Mar 8, 2011
Authored by XenoMuta

.NET runtime optimization service privilege escalation exploit that leverages the fact that the service's EXE file can be overwritten by any non-admin domain user and local power users. This exploit compiles to a service that uses the original service's id.

tags | exploit, local
MD5 | 1654d9ce4e0f34cf8d67cf2ec320fb41
VMware Security Advisory 2011-0004
Posted Mar 8, 2011
Authored by VMware | Site vmware.com

VMware Security Advisory 2011-0004 - Service Location Protocol daemon (SLPD) denial of service issue and ESX 4.0 Service Console OS (COS) updates for bind, pam, and rpm.

tags | advisory, denial of service, protocol
advisories | CVE-2010-2059, CVE-2010-3316, CVE-2010-3435, CVE-2010-3609, CVE-2010-3613, CVE-2010-3614, CVE-2010-3762, CVE-2010-3853
MD5 | a30d4b13f545259a52360981bf3bea1f
2010 Annual Study - U.S. Cost Of A Data Breach
Posted Mar 8, 2011
Authored by Ponemon Institute, Symantec

Whitepaper called 2010 Annual Study: U.S. Cost of a Data Breach. Compliance pressures, cyber attacks targeting sensitive data drive leading IT organizations to respond quickly and pay more. This is a benchmark study of 51 U.S. companies about the financial impact, customer turnover and preventive solutions related to breaches of sensitive information.

tags | paper
MD5 | d0c51a50c1ac3f5c65a1a9d4048ce78e
Joomla PR Local File Inclusion
Posted Mar 8, 2011
Authored by KedAns-Dz

The Joomla PR component suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
MD5 | 697a4d7f8caae74662123e7b8e6ca5fc
Cool Video Gallery 1.3 WordPress Plugin Path Disclosure
Posted Mar 8, 2011
Authored by High-Tech Bridge SA | Site htbridge.com

The Cool Video Gallery WordPress plugin version 1.3 suffers from a path disclosure vulnerability.

tags | exploit, info disclosure
MD5 | 22fc22e401d4d90e3f1ae12fa5db1c6f
PHP-Nuke Shell Upload
Posted Mar 8, 2011
Authored by h311 c0d3

PHP-Nuke suffers from a shell upload vulnerability.

tags | exploit, shell, php
MD5 | 3b574267cfc0454c59e3d361ed211e26
Multi Threaded TCP Port Scanner 1.1
Posted Mar 8, 2011
Authored by SecPoint | Site secpoint.com

This is a basic TCP SYN scanner that is multi-threaded.

Changes: Added port changing functionality.
tags | tool, scanner, tcp
systems | unix
MD5 | fa5d712113fdfbac1342af0280df3114
Secunia Security Advisory 43437
Posted Mar 8, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A weakness has been reported in GNOME Display Manager, which can lead to unexpected behavior with potentially security relevant implications.

tags | advisory
MD5 | fd9299a9634d2e745409cdabcea9296c
Page 1 of 2
Back12Next

File Archive:

July 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    2 Files
  • 2
    Jul 2nd
    3 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    4 Files
  • 5
    Jul 5th
    15 Files
  • 6
    Jul 6th
    15 Files
  • 7
    Jul 7th
    10 Files
  • 8
    Jul 8th
    2 Files
  • 9
    Jul 9th
    10 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    15 Files
  • 12
    Jul 12th
    19 Files
  • 13
    Jul 13th
    16 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    3 Files
  • 16
    Jul 16th
    2 Files
  • 17
    Jul 17th
    8 Files
  • 18
    Jul 18th
    11 Files
  • 19
    Jul 19th
    15 Files
  • 20
    Jul 20th
    15 Files
  • 21
    Jul 21st
    15 Files
  • 22
    Jul 22nd
    7 Files
  • 23
    Jul 23rd
    2 Files
  • 24
    Jul 24th
    19 Files
  • 25
    Jul 25th
    28 Files
  • 26
    Jul 26th
    2 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close