what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 32 RSS Feed

Files Date: 2011-04-04

Ubuntu Security Notice USN-1104-1
Posted Apr 4, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1104-1 - Cesar Bernardini and Felipe Andres Manzano discovered that FFmpeg incorrectly handled certain malformed flic files. Dan Rosenberg discovered that FFmpeg incorrectly handled certain malformed wmv files. It was discovered that FFmpeg incorrectly handled certain malformed ogg files. It was discovered that FFmpeg incorrectly handled certain malformed WebM files. Dan Rosenberg discovered that FFmpeg incorrectly handled certain malformed RealMedia files. Dan Rosenberg discovered that FFmpeg incorrectly handled certain malformed VC1 files.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2010-3429, CVE-2010-3908, CVE-2010-4704, CVE-2011-0480, CVE-2011-0722, CVE-2011-0723
SHA-256 | 3e6c89dc86b21f60e492841d1b3209709f3e92b20a589bdfd798814dd3503394
Ubuntu Security Notice USN-1103-1
Posted Apr 4, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1103-1 - Mathias Svensson discovered that the tex-common package contains an insecure shell_escape_commands configuration item. If a user or automated system were tricked into opening a specially crafted TeX file, a remote attacker could execute arbitrary code with user privileges.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2011-1400
SHA-256 | 83801b98f0404790171929036651a1a465deda4d36f504fa5bc2f7e78782519d
Zero Day Initiative Advisory 11-116
Posted Apr 4, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-116 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell File Reporter Agent. Authentication is not required to exploit this vulnerability. The flaw exists within the NFRAgent.exe component which listens by default on TCP port 3037. When handling the contents of an XML tag the process blindly copies user supplied data into a fixed-length buffer on the stack. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the SYSTEM user.

tags | advisory, remote, arbitrary, tcp
advisories | CVE-2011-0994
SHA-256 | 90cc0ec6c17dd1c6b9db0eac9cb8488cf7836c49abb40016ff5390f7f492fc6a
Moscrack WPA Cluster Cracker 2.04b
Posted Apr 4, 2011
Authored by Ryan Babchishin | Site moscrack.sourceforge.net

Moscrack is intended to facilitate the use of a WPA cracker on a cluster. Currently, it has only been used with Mosix (clustering software) and SSH nodes. It works by reading a word list from STDIN or a file, breaking it into chunks and passing those chunks off to separate processes that run in parallel. The parallel processes can then execute on different nodes in your cluster. All results are checked (to a degree) and recorded on your master node. Logging, error handling, etc. are all handled for you. Moscrack is designed to be run for long periods of time (days, weeks, or more).

Changes: This release adds RSH, Pyrit, and checkpoint/resume features.
tags | cracker
systems | unix
SHA-256 | 9e3266b4a6f5ae2e53b40d3c5e991124d65109c96cbb495ee2ede2af43102b27
Hack In The Box 2011 Malaysia Call For Papers
Posted Apr 4, 2011
Site cfp.hackinthebox.org

The Call for Papers (CFP) for Hack In The Box 2011 Malaysia is now open.

tags | paper, conference
SHA-256 | 8507981eede32ea14183dbf30f661baea2142a27814a6c413c95af4d37448f71
LiveStreet 0.4.2 Cross Site Scripting
Posted Apr 4, 2011
Authored by AutoSec Tools | Site autosectools.com

A reflected cross site scripting vulnerability in LiveStreet version 0.4.2 can be exploited to execute arbitrary JavaScript.

tags | exploit, arbitrary, javascript, xss
SHA-256 | 2d8eda39a7f87966420ac83fa63d45dfaa2f03c6667834fc8389ef3c58fb9045
OpenEMR 4.0.0 Database Manipulation
Posted Apr 4, 2011
Authored by AutoSec Tools | Site autosectools.com

OpenEMR version 4.0.0 suffers from arbitrary database creation / enumeration.

tags | exploit, arbitrary
SHA-256 | dddf61c935cdcd4f8df2692ee65b8cc4779be68b09f9c4e9c9b42177fd87abdc
OpenEMR 4.0.0 Local File Inclusion
Posted Apr 4, 2011
Authored by AutoSec Tools | Site autosectools.com

A local file inclusion vulnerability in OpenEMR version 4.0.0 can be exploited to include arbitrary files.

tags | exploit, arbitrary, local, file inclusion
SHA-256 | 9eba963b52998e9bc872dc06b24f2cd1a37711bd9c90067d57fdfc966c2a6720
OpenEMR 4.0.0 Cross Site Scripting
Posted Apr 4, 2011
Authored by AutoSec Tools | Site autosectools.com

A reflected cross site scripting vulnerability in OpenEMR version 4.0.0 can be exploited to execute arbitrary JavaScript.

tags | exploit, arbitrary, javascript, xss
SHA-256 | 5e72e282ba9e9103255e1b840f91ce2378bba7b0bfeb70e4d8d3f5b12358c5cb
WordPress AdWizz 1.0 Cross Site Scripting
Posted Apr 4, 2011
Authored by AutoSec Tools | Site autosectools.com

A reflected cross site scripting vulnerability in WordPress AdWizz version 1.0 can be exploited to execute arbitrary JavaScript.

tags | exploit, arbitrary, javascript, xss
SHA-256 | 8a9d9c1ebf2a627cef743834e525f4f080dfc7ac0068d836e37f7d69613ef26b
WordPress Placester 0.1.0 Cross Site Scripting
Posted Apr 4, 2011
Authored by AutoSec Tools | Site autosectools.com

A reflected cross site scripting vulnerability in WordPress Placester version 0.1.0 can be exploited to execute arbitrary JavaScript.

tags | exploit, arbitrary, javascript, xss
SHA-256 | b194b7882cf1b7ab61647ac4dd7398f0a19250f8237bd99e0f8d2f6ab2339b2d
WordPress WP Custom Pages 0.5.0.1 Local File Inclusion
Posted Apr 4, 2011
Authored by AutoSec Tools | Site autosectools.com

WordPress WP Custom Pages version 0.5.0.1 suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
SHA-256 | 4b08042a71b6a53021d6402455a7d0578b34f811383665fc249b416ab55ae72d
Ubuntu Security Notice USN-1102-1
Posted Apr 4, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1102-1 - Martin Barbella discovered that the thunder (aka ThunderScan) decoder in the TIFF library incorrectly handled an unexpected BitsPerSample value. If a user or automated system were tricked into opening a specially crafted TIFF image, a remote attacker could execute arbitrary code with user privileges, or crash the application, leading to a denial of service.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2011-1167
SHA-256 | 36a88db86950567b8cf90af39cd85d900e412c352e4f7cf5551a92599d603ff1
Mandriva Linux Security Advisory 2011-064
Posted Apr 4, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-064 - Buffer overflow in LibTIFF allows remote attackers to execute arbitrary code or cause a denial of service via a crafted TIFF image with JPEG encoding. Heap-based buffer overflow in the thunder decoder in tif_thunder.c in LibTIFF 3.9.4 and earlier allows remote attackers to execute arbitrary code via crafted THUNDER_2BITDELTAS data in a.tiff file that has an unexpected BitsPerSample value.

tags | advisory, remote, denial of service, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2011-0191, CVE-2011-1167
SHA-256 | 6ac748ece14189ec17ddd69410b44f068bff96190b2fe40bcf033768554b799f
Mandriva Linux Security Advisory 2011-063
Posted Apr 4, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-063 - xslt.c in XML Security Library before 1.2.17, as used in WebKit and other products, when XSLT is enabled, allows remote attackers to create or overwrite arbitrary files via vectors involving the libxslt output extension and a ds:Transform element during signature verification.

tags | advisory, remote, arbitrary
systems | linux, mandriva
advisories | CVE-2011-1425
SHA-256 | 03676e8800dd4f2484e21c820bde4c6bd3aa8089ea8f4d526c12470af6ef5eac
Ananta Gazelle 1.0 Cross Site Scripting
Posted Apr 4, 2011
Authored by kurdish hackers team | Site kurdteam.org

Ananta Gazelle version 1.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | a7db18868add2178b346c28a3e2c63af983da4596c9a507dd7d3d3cea36cd4ed
Ananta Gazelle 1.0 SQL Injection
Posted Apr 4, 2011
Authored by kurdish hackers team | Site kurdteam.org

Ananta Gazelle version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 5b6d421dbfc4e58b296226f759b464d79e2a9fff16052c708fc8dabf8e31819a
Planet FPS-1101 Cross Site Scripting
Posted Apr 4, 2011
Authored by b0telh0 | Site gotgeek.com.br

Planet FPS-1101 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | be4c8ab13a464046b02df8cc9802560d96c9104640b88685fbfa716d71252e47
Longshine Multiple Print Servers Cross Site Scripting
Posted Apr 4, 2011
Authored by b0telh0 | Site gotgeek.com.br

Longshine Multiple Print Servers suffer from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | e9739bb3fb22f3cb02183f303617b0b9935d7800671c26fe5abb88c7acf7bdfe
ZO Tech Multiple Print Server Cross Site Scripting
Posted Apr 4, 2011
Authored by b0telh0 | Site gotgeek.com.br

ZO Tech Multiple Print Servers suffer from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 5b76398f48aeff7943f4af61b9f875a7a6058d249a9099a8ecd83c597a68bb53
Planex Mini-300PU / Mini100s Cross Site Scripting
Posted Apr 4, 2011
Authored by b0telh0 | Site gotgeek.com.br

Planex Mini-300PU and Mini100s suffer from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 7fce1a4abec2e258b4bf99447ee0dc88e9148224d06f082dede91c8c9c42a140
TP-Link TL-PS110U / TL-PS110P Cross Site Scripting
Posted Apr 4, 2011
Authored by b0telh0 | Site gotgeek.com.br

TP-Link TL-PS110U and TL-PS110P suffer from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 55c03ebea61a2386e763948b04538e51723e74ac26d209b5827ff3e1995bd8d3
Encore ENPS-2012 Cross Site Scripting
Posted Apr 4, 2011
Authored by b0telh0 | Site gotgeek.com.br

Encore ENPS-2012 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 8b30c93a0376068296832b435f1fcb77cc84b0ee02f856eac2d5e1b838eaf19a
DoceboLMS 4.0.4 Cross Site Scripting
Posted Apr 4, 2011
Authored by LiquidWorm | Site zeroscience.mk

DoceboLMS version 4.0.4 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | f05d2fc8f18a0ffba23d0c365e3e620e537c53fcdd2ae8528167afa9108942cd
Debian Security Advisory 2210-1
Posted Apr 4, 2011
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2210-1 - Several vulnerabilities were discovered in the TIFF manipulation and conversion library.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2011-0191, CVE-2011-0192, CVE-2011-1167
SHA-256 | 17908e5e389a1d58bfea5592d9c39b4318e589b4b87dd51d806219e7d1055abc
Page 1 of 2
Back12Next

File Archive:

August 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    20 Files
  • 2
    Aug 2nd
    4 Files
  • 3
    Aug 3rd
    6 Files
  • 4
    Aug 4th
    55 Files
  • 5
    Aug 5th
    16 Files
  • 6
    Aug 6th
    0 Files
  • 7
    Aug 7th
    0 Files
  • 8
    Aug 8th
    13 Files
  • 9
    Aug 9th
    13 Files
  • 10
    Aug 10th
    34 Files
  • 11
    Aug 11th
    16 Files
  • 12
    Aug 12th
    5 Files
  • 13
    Aug 13th
    0 Files
  • 14
    Aug 14th
    0 Files
  • 15
    Aug 15th
    0 Files
  • 16
    Aug 16th
    0 Files
  • 17
    Aug 17th
    0 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close