ignore security and it'll go away
Showing 1 - 25 of 1,124 RSS Feed

Files Date: 2011-03-01 to 2011-03-31

Cisco Security Advisory 20110330-acs
Posted Mar 30, 2011
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - A vulnerability exists in some Cisco Secure Access Control System (ACS) versions that could allow a remote, unauthenticated attacker to change the password of any user account to any value without providing the account's previous password. Successful exploitation requires the user account to be defined on the internal identity store. This vulnerability does not allow an attacker to perform any other changes to the ACS database. That is, an attacker cannot change access policies, device properties, or any account attributes except the user password. Cisco has released free software updates that address this vulnerability. There is no workaround for this vulnerability.

tags | advisory, remote
systems | cisco
advisories | CVE-2011-0951
MD5 | 25ea801f2bf5e839abd7519bd4099987
iCloudCenter JobSite PHP Script SQL Injection
Posted Mar 30, 2011
Authored by RoAd_KiLlEr

iCloudCenter JobSite PHP Script version 1.1 suffers from a remote SQL injection vulnerability. The author of this software claims this only affects the demo version.

tags | exploit, remote, php, sql injection
MD5 | 57c32d8b0343624467ca5ac1a29d076d
HT Editor 2.0.18 Stack Overflow
Posted Mar 30, 2011
Authored by ZadYree

HT Editor versions 2.0.18 and below file opening stack overflow exploit.

tags | exploit, overflow
MD5 | 168e1104d0bee121be32f6c2ec6b9c57
Andy's PHP Knowledgebase 0.95.2 SQL Injection
Posted Mar 30, 2011
Authored by Mark Stanislav

Andy's PHP Knowledgebase version 0.95.2 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, php, sql injection
advisories | CVE-2011-1546
MD5 | 3bc7941e99b8ba4774079ca38351f475
Debian Security Advisory 2208-1
Posted Mar 30, 2011
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2208-1 - It was discovered that BIND, a DNS server, contains a race condition when processing zones updates in an authoritative server, either through dynamic DNS updates or incremental zone transfer (IXFR). Such an update while processing a query could result in deadlock and denial of service.

tags | advisory, denial of service
systems | linux, debian
advisories | CVE-2011-0414
MD5 | 0d7b8fad9cfe5f882faa5640facec194
PHPBoost 3.0 Remote Backup Download
Posted Mar 30, 2011
Authored by KedAns-Dz

PHPBoost version 3.0 suffers from a remote backup download vulnerability.

tags | exploit, remote, info disclosure
MD5 | 02afa49edfa10c713577227a8b8a883a
Cisco Security Advisory 20110330-nac
Posted Mar 30, 2011
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Cisco Network Access Control (NAC) Guest Server system software contains a vulnerability in the RADIUS authentication software that may allow an unauthenticated user to access the protected network. Cisco has released free software updates that address this vulnerability.

tags | advisory
systems | cisco
advisories | CVE-2011-0963
MD5 | 82f852f8537b251715887a935685082c
EMC NetWorker Module Arbitrary Code Execution
Posted Mar 30, 2011
Site emc.com

A vulnerability exists in EMC Replication Manager which is embedded in NetWorker Module for Microsoft Applications (NMM). The vulnerability may allow arbitrary code execution on vulnerable installations of the product. Versions affected include EMC NetWorker Module for Microsoft Applications 2.1.x / 2.2.x.

tags | advisory, arbitrary, code execution
advisories | CVE-2011-0647
MD5 | dc245cc7888a0e5d3b03833c6d30192c
Faster Blind MySQL Injection Using Bit Shifting
Posted Mar 30, 2011
Authored by Jelmer de Hen | Site h.ackack.net

This is a brief whitepaper called Faster Blind MySQL Injection Using Bit Shifting.

tags | paper, sql injection
MD5 | 5f7afc16b7b53ae598f47abd1efd3782
Pligg CMS 1.1.3 Privilege Escalation / Access Bypass
Posted Mar 30, 2011
Authored by Jelmer de Hen | Site h.ackack.net

Pligg CMS version 1.1.3 suffers from multiple vulnerabilities including access bypass and privilege escalation.

tags | exploit, vulnerability
MD5 | 9fd7638ce680f67b6349c5ea1579bb8d
GOM Player 2.1.28.5039 Denial Of Service
Posted Mar 30, 2011
Authored by BraniX

GOM Player version 2.1.28.5039 .avi file denial of service proof of concept exploit.

tags | exploit, denial of service, proof of concept
MD5 | 42303389104990adfda2aec75ce3d0df
Windows Explorer 6.0.2900.5512 Denial Of Service
Posted Mar 30, 2011
Authored by BraniX

Windows Explorer version 6.0.2900.5512 Shmedia.dll denial of service proof of concept exploit.

tags | exploit, denial of service, proof of concept
systems | windows
MD5 | 0fe697b8ce6ac1c6a516d68ad8f9e44c
Winamp 5.61 Denial Of Service
Posted Mar 30, 2011
Authored by BraniX

Winamp version 5.61 .avi file denial of service proof of concept exploit.

tags | exploit, denial of service, proof of concept
MD5 | 6f6c55b649b06d4636d4d6d446fd52c6
Media Player Classic Home Cinema 1.5.0.2827 Denial Of Service
Posted Mar 30, 2011
Authored by BraniX

Media Player Classic Home Cinema version 1.5.0.2827 .avi file denial of service proof of concept exploit.

tags | exploit, denial of service, proof of concept
MD5 | 30005f24ecb8d6c58783ebb73fee3959
Zend Java Bridge Remote Code Execution
Posted Mar 30, 2011
Authored by Luca Carettoni

Zend Java Bridge version 3.1 remote code execution exploit that takes advantage of a specific flaw in the javamw.jar service.

tags | exploit, java, remote, code execution
MD5 | 42af9d72b56fcd5644aadf31213b3bdb
YaCOMAS 0.3.6 Alpha Disclosure / Cross Site Scripting
Posted Mar 30, 2011
Authored by ProfEsOr X

YaCOMAS version 0.3.6 suffers from information disclosure and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, info disclosure
MD5 | a0ee0f26612c0d8d6e53cec6237154f4
CosmoQuest SQL Injection
Posted Mar 30, 2011
Authored by Net.Edit0r

CosmoQuest suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
MD5 | 8045dcced30ab4e005075f40ea35c701
Bigace 2.7.5 Arbitrary File Upload
Posted Mar 30, 2011
Authored by Net.Edit0r

Bigace version 2.7.5 suffers from an arbitrary file upload vulnerability.

tags | exploit, arbitrary, file upload
MD5 | c8eceb0fe1f378c183f4f4aefbf14d79
IrIran Shopping Script SQL Injection
Posted Mar 30, 2011
Authored by Net.Edit0r

IrIran Shopping Script suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | e4e30ff493a8818c9a1be5dd174a7436
Snortalog Snort Log Summarizer 2.4.3
Posted Mar 30, 2011
Authored by Jeremy Chartier | Site jeremy.chartier.free.fr

Snortalog is a powerful Perl script that summarizes Snort logs, making it easy to view any network attacks detected by Snort. It can generate charts in HTML, PDF, and text output. It works with all versions of Snort, and can analyze logs in three formats: syslog, fast, and full snort alerts. Moreover, it is able to summarize other logs like Fw-1 (NG and 4.1), Netfilter, and IPFilter in a similar way.

Changes: This release brings new features like TippingPoint, Netscreen, and CheckPoint R70 & R71 logs detection. The GUI works with the latest GD libraries to improve Windows compatibility.
tags | tool, perl, sniffer
systems | linux
MD5 | 83b07c1f0ae06f81d04a862704cf83a4
Minveli SQL Injection
Posted Mar 30, 2011
Authored by eXeSoul

Minveli suffers from multiple remote SQL injection vulnerabilities in index_1.php and inner.php.

tags | exploit, remote, php, vulnerability, sql injection
MD5 | 1f8d59c052cbc2834033f8df915eb573
Mandriva Linux Security Advisory 2011-056
Posted Mar 30, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-056 - chain.c in back-ldap in OpenLDAP 2.4.x before 2.4.24, when a master-slave configuration with a chain overlay and ppolicy_forward_updates is used, allows remote authenticated users to bypass external-program authentication by sending an invalid password to a slave server. bind.cpp in back-ndb in OpenLDAP 2.4.x before 2.4.24 does not require authentication for the root Distinguished Name, which allows remote attackers to bypass intended access restrictions via an arbitrary password. modrdn.c in slapd in OpenLDAP 2.4.x before 2.4.24 allows remote attackers to cause a denial of service via a relative Distinguished Name that contains an empty value for the OldDN field. The updated packages have been patched to correct these issues.

tags | advisory, remote, denial of service, arbitrary, root
systems | linux, mandriva
advisories | CVE-2011-1024, CVE-2011-1025, CVE-2011-1081
MD5 | 163855e28dd547d30ccf2fe21546492e
Mandriva Linux Security Advisory 2011-055
Posted Mar 30, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-055 - chain.c in back-ldap in OpenLDAP 2.4.x before 2.4.24, when a master-slave configuration with a chain overlay and ppolicy_forward_updates is used, allows remote authenticated users to bypass external-program authentication by sending an invalid password to a slave server. modrdn.c in slapd in OpenLDAP 2.4.x before 2.4.24 allows remote attackers to cause a denial of service via a relative Distinguished Name that contains an empty value for the OldDN field.

tags | advisory, remote, denial of service
systems | linux, mandriva
advisories | CVE-2011-1024, CVE-2011-1081
MD5 | 7e8fa8300fb8a5afdc20cc30018442df
Grapecity DataDynamics Report Library 1.6.1871.61 Cross Site Scripting
Posted Mar 30, 2011
Authored by Dave Daly

Grapecity DataDynamics Report Library versions 1.6.1871.61 and below suffer from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | e1ed122a417aa2bc2e373199c3f2ac79
VMware Security Advisory 2011-0006
Posted Mar 30, 2011
Authored by VMware | Site vmware.com

VMware Security Advisory 2011-0006 - The VMware vmrun utility is susceptible to a local privilege escalation in non-standard configurations.

tags | advisory, local
advisories | CVE-2011-1126
MD5 | 2a1d16db56e395bf18e79736b86f46a5
Page 1 of 45
Back12345Next

File Archive:

September 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    5 Files
  • 2
    Sep 2nd
    5 Files
  • 3
    Sep 3rd
    3 Files
  • 4
    Sep 4th
    13 Files
  • 5
    Sep 5th
    16 Files
  • 6
    Sep 6th
    15 Files
  • 7
    Sep 7th
    20 Files
  • 8
    Sep 8th
    16 Files
  • 9
    Sep 9th
    4 Files
  • 10
    Sep 10th
    2 Files
  • 11
    Sep 11th
    15 Files
  • 12
    Sep 12th
    19 Files
  • 13
    Sep 13th
    20 Files
  • 14
    Sep 14th
    38 Files
  • 15
    Sep 15th
    31 Files
  • 16
    Sep 16th
    1 Files
  • 17
    Sep 17th
    7 Files
  • 18
    Sep 18th
    15 Files
  • 19
    Sep 19th
    40 Files
  • 20
    Sep 20th
    8 Files
  • 21
    Sep 21st
    1 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close