what you don't know can hurt you
Showing 1 - 25 of 32 RSS Feed

Files Date: 2011-04-04

Ubuntu Security Notice USN-1104-1
Posted Apr 4, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1104-1 - Cesar Bernardini and Felipe Andres Manzano discovered that FFmpeg incorrectly handled certain malformed flic files. Dan Rosenberg discovered that FFmpeg incorrectly handled certain malformed wmv files. It was discovered that FFmpeg incorrectly handled certain malformed ogg files. It was discovered that FFmpeg incorrectly handled certain malformed WebM files. Dan Rosenberg discovered that FFmpeg incorrectly handled certain malformed RealMedia files. Dan Rosenberg discovered that FFmpeg incorrectly handled certain malformed VC1 files.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2010-3429, CVE-2010-3908, CVE-2010-4704, CVE-2011-0480, CVE-2011-0722, CVE-2011-0723
MD5 | c31a9de5695cbffe5a513feaeebacdcc
Ubuntu Security Notice USN-1103-1
Posted Apr 4, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1103-1 - Mathias Svensson discovered that the tex-common package contains an insecure shell_escape_commands configuration item. If a user or automated system were tricked into opening a specially crafted TeX file, a remote attacker could execute arbitrary code with user privileges.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2011-1400
MD5 | 5eece6c91519fd1203413c77566ba794
Zero Day Initiative Advisory 11-116
Posted Apr 4, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-116 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell File Reporter Agent. Authentication is not required to exploit this vulnerability. The flaw exists within the NFRAgent.exe component which listens by default on TCP port 3037. When handling the contents of an XML tag the process blindly copies user supplied data into a fixed-length buffer on the stack. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the SYSTEM user.

tags | advisory, remote, arbitrary, tcp
advisories | CVE-2011-0994
MD5 | cf3cf5a99fb83b7d98218bd0e1534e9a
Moscrack WPA Cluster Cracker 2.04b
Posted Apr 4, 2011
Authored by Ryan Babchishin | Site moscrack.sourceforge.net

Moscrack is intended to facilitate the use of a WPA cracker on a cluster. Currently, it has only been used with Mosix (clustering software) and SSH nodes. It works by reading a word list from STDIN or a file, breaking it into chunks and passing those chunks off to separate processes that run in parallel. The parallel processes can then execute on different nodes in your cluster. All results are checked (to a degree) and recorded on your master node. Logging, error handling, etc. are all handled for you. Moscrack is designed to be run for long periods of time (days, weeks, or more).

Changes: This release adds RSH, Pyrit, and checkpoint/resume features.
tags | cracker
systems | unix
MD5 | 51f15b0af0c210faa97431bbd3a90dc6
Hack In The Box 2011 Malaysia Call For Papers
Posted Apr 4, 2011
Site cfp.hackinthebox.org

The Call for Papers (CFP) for Hack In The Box 2011 Malaysia is now open.

tags | paper, conference
MD5 | b9948bf6908e3d583b27d479b56f1325
LiveStreet 0.4.2 Cross Site Scripting
Posted Apr 4, 2011
Authored by AutoSec Tools | Site autosectools.com

A reflected cross site scripting vulnerability in LiveStreet version 0.4.2 can be exploited to execute arbitrary JavaScript.

tags | exploit, arbitrary, javascript, xss
MD5 | d2d2f32ee2bb0c8ed52b2a95f1a9350f
OpenEMR 4.0.0 Database Manipulation
Posted Apr 4, 2011
Authored by AutoSec Tools | Site autosectools.com

OpenEMR version 4.0.0 suffers from arbitrary database creation / enumeration.

tags | exploit, arbitrary
MD5 | 839c0e5a633cdcd056e8d0a1d796feaf
OpenEMR 4.0.0 Local File Inclusion
Posted Apr 4, 2011
Authored by AutoSec Tools | Site autosectools.com

A local file inclusion vulnerability in OpenEMR version 4.0.0 can be exploited to include arbitrary files.

tags | exploit, arbitrary, local, file inclusion
MD5 | b67613bca273ae3066d18e3b2d4cad12
OpenEMR 4.0.0 Cross Site Scripting
Posted Apr 4, 2011
Authored by AutoSec Tools | Site autosectools.com

A reflected cross site scripting vulnerability in OpenEMR version 4.0.0 can be exploited to execute arbitrary JavaScript.

tags | exploit, arbitrary, javascript, xss
MD5 | d2003318afd39872adf4a7f1d0a36b77
WordPress AdWizz 1.0 Cross Site Scripting
Posted Apr 4, 2011
Authored by AutoSec Tools | Site autosectools.com

A reflected cross site scripting vulnerability in WordPress AdWizz version 1.0 can be exploited to execute arbitrary JavaScript.

tags | exploit, arbitrary, javascript, xss
MD5 | bbc4f2d2d57ed077f8e283b5098f8afd
WordPress Placester 0.1.0 Cross Site Scripting
Posted Apr 4, 2011
Authored by AutoSec Tools | Site autosectools.com

A reflected cross site scripting vulnerability in WordPress Placester version 0.1.0 can be exploited to execute arbitrary JavaScript.

tags | exploit, arbitrary, javascript, xss
MD5 | b526a98120caab6791d53a01b23854c5
WordPress WP Custom Pages 0.5.0.1 Local File Inclusion
Posted Apr 4, 2011
Authored by AutoSec Tools | Site autosectools.com

WordPress WP Custom Pages version 0.5.0.1 suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
MD5 | 89eca06ef56c1fc05a215f19e6180b8b
Ubuntu Security Notice USN-1102-1
Posted Apr 4, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1102-1 - Martin Barbella discovered that the thunder (aka ThunderScan) decoder in the TIFF library incorrectly handled an unexpected BitsPerSample value. If a user or automated system were tricked into opening a specially crafted TIFF image, a remote attacker could execute arbitrary code with user privileges, or crash the application, leading to a denial of service.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2011-1167
MD5 | abf7620fb04f800373bca0347850f53b
Mandriva Linux Security Advisory 2011-064
Posted Apr 4, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-064 - Buffer overflow in LibTIFF allows remote attackers to execute arbitrary code or cause a denial of service via a crafted TIFF image with JPEG encoding. Heap-based buffer overflow in the thunder decoder in tif_thunder.c in LibTIFF 3.9.4 and earlier allows remote attackers to execute arbitrary code via crafted THUNDER_2BITDELTAS data in a.tiff file that has an unexpected BitsPerSample value.

tags | advisory, remote, denial of service, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2011-0191, CVE-2011-1167
MD5 | 262e17aff4b7fa90887fc32b4cadd46e
Mandriva Linux Security Advisory 2011-063
Posted Apr 4, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-063 - xslt.c in XML Security Library before 1.2.17, as used in WebKit and other products, when XSLT is enabled, allows remote attackers to create or overwrite arbitrary files via vectors involving the libxslt output extension and a ds:Transform element during signature verification.

tags | advisory, remote, arbitrary
systems | linux, mandriva
advisories | CVE-2011-1425
MD5 | 76baedeeb557f3964922769c4543e8ce
Ananta Gazelle 1.0 Cross Site Scripting
Posted Apr 4, 2011
Authored by kurdish hackers team | Site kurdteam.org

Ananta Gazelle version 1.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 319c9ee87bdd5712280e4dc07bb3c333
Ananta Gazelle 1.0 SQL Injection
Posted Apr 4, 2011
Authored by kurdish hackers team | Site kurdteam.org

Ananta Gazelle version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | ba5ae4367584e39b7367e328dac78cf3
Planet FPS-1101 Cross Site Scripting
Posted Apr 4, 2011
Authored by b0telh0 | Site gotgeek.com.br

Planet FPS-1101 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | b3222f609d53ea9f1ce44a375d75676d
Longshine Multiple Print Servers Cross Site Scripting
Posted Apr 4, 2011
Authored by b0telh0 | Site gotgeek.com.br

Longshine Multiple Print Servers suffer from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 657543049822005b5178ba7edb98e176
ZO Tech Multiple Print Server Cross Site Scripting
Posted Apr 4, 2011
Authored by b0telh0 | Site gotgeek.com.br

ZO Tech Multiple Print Servers suffer from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | c6288c9dd1068eb0671860a99e99f969
Planex Mini-300PU / Mini100s Cross Site Scripting
Posted Apr 4, 2011
Authored by b0telh0 | Site gotgeek.com.br

Planex Mini-300PU and Mini100s suffer from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | c5e557b6b4bb0b7de7b1f4350576e1fa
TP-Link TL-PS110U / TL-PS110P Cross Site Scripting
Posted Apr 4, 2011
Authored by b0telh0 | Site gotgeek.com.br

TP-Link TL-PS110U and TL-PS110P suffer from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | dcc33c91af35c34313ec6850292cb4f8
Encore ENPS-2012 Cross Site Scripting
Posted Apr 4, 2011
Authored by b0telh0 | Site gotgeek.com.br

Encore ENPS-2012 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | bdd7f62834c54275308c09b226c4e3be
DoceboLMS 4.0.4 Cross Site Scripting
Posted Apr 4, 2011
Authored by LiquidWorm | Site zeroscience.mk

DoceboLMS version 4.0.4 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 40775df44417389fd31c78cd1ecd4d95
Debian Security Advisory 2210-1
Posted Apr 4, 2011
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2210-1 - Several vulnerabilities were discovered in the TIFF manipulation and conversion library.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2011-0191, CVE-2011-0192, CVE-2011-1167
MD5 | 1b510f5360da3e485b41ac0df0fc2253
Page 1 of 2
Back12Next

File Archive:

September 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    20 Files
  • 2
    Sep 2nd
    15 Files
  • 3
    Sep 3rd
    15 Files
  • 4
    Sep 4th
    4 Files
  • 5
    Sep 5th
    1 Files
  • 6
    Sep 6th
    1 Files
  • 7
    Sep 7th
    15 Files
  • 8
    Sep 8th
    27 Files
  • 9
    Sep 9th
    7 Files
  • 10
    Sep 10th
    16 Files
  • 11
    Sep 11th
    9 Files
  • 12
    Sep 12th
    0 Files
  • 13
    Sep 13th
    0 Files
  • 14
    Sep 14th
    25 Files
  • 15
    Sep 15th
    15 Files
  • 16
    Sep 16th
    15 Files
  • 17
    Sep 17th
    15 Files
  • 18
    Sep 18th
    12 Files
  • 19
    Sep 19th
    1 Files
  • 20
    Sep 20th
    1 Files
  • 21
    Sep 21st
    14 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close