what you don't know can hurt you
Showing 1 - 25 of 33 RSS Feed

Files Date: 2011-04-18

Zero Day Initiative Advisory 11-136
Posted Apr 18, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-136 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Tivoli Directory Server. Authentication is not required to exploit this vulnerability. The specific flaw exists in how ibmslapd.exe handles LDAP CRAM-MD5 packets. ibmslapd.exe listens by default on port TCP 389. When the process receives an LDAP CRAM-MD5 packet, it uses libibmldap.dll to handle the allocation of a buffer for the packet data. A specially crafted packet can cause the ber_get_int function to allocate a buffer that is too small to fit the packet data, causing a subsequent stack-based buffer overflow. This can be leveraged by a remote attacker to execute arbitrary code under the context of the SYSTEM user.

tags | advisory, remote, overflow, arbitrary, tcp
advisories | CVE-2011-1206
MD5 | 44951b56c1c7836e265e71114cf6cbb9
Wireshark 1.4.4 SEH Overflow
Posted Apr 18, 2011
Authored by sickness

Wireshark versions 1.4.1 through 1.4.4 SEH overflow exploit that spawns calc.exe.

tags | exploit, overflow
MD5 | 68d2fcfe93eed1f7e7f10c3151f96b6f
Pastebay Password Bypass
Posted Apr 18, 2011
Authored by Sw1tCh

Pastebay suffers from a password bypass vulnerability.

tags | exploit, bypass
MD5 | 09e91f26c8f93195a33b365f323e8d6e
Adaptive Authentication (On-Premise) Cross Site Scripting
Posted Apr 18, 2011
Site emc.com

A potential cross site scripting vulnerability has been identified in RSA? Adaptive Authentication (On-Premise) that could be exploited in certain circumstances. This is due to an input validation error in a Flash Shockwave file provided by the Adaptive Authentication system.

tags | advisory, xss
advisories | CVE-2011-1422
MD5 | 21f436fb56576bd2134b7de33752e5c4
Ultra Marketing Enterprises CMS And Cart SQL Injection
Posted Apr 18, 2011
Authored by eXeSoul

Ultra Marketing Enterprises CMS and Cart suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | cc3551b1161d2489f61d38d52d66f210
Ubuntu Security Notice USN-1113-1
Posted Apr 18, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1113-1 - It was discovered that the Postfix package incorrectly granted write access on the PID directory to the postfix user. A local attacker could use this flaw to possibly conduct a symlink attack and overwrite arbitrary files. This issue only affected Ubuntu 6.06 LTS and 8.04 LTS. Wietse Venema discovered that Postfix incorrectly handled cleartext commands after TLS is in place. A remote attacker could exploit this to inject cleartext commands into TLS sessions, and possibly obtain confidential information such as passwords.

tags | advisory, remote, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2009-2939, CVE-2011-0411
MD5 | 464375a0377cc432d5b348bcf1a97c40
Windows Credential Editor 1.2
Posted Apr 18, 2011
Authored by Hernan Ochoa | Site ampliasecurity.com

Windows Credentials Editor (WCE) allows to list logon sessions and add, change, list and delete associated credentials (ex.: LM/NT hashes and Kerberos tickets). This can be used, for example, to perform pass-the-hash on Windows, obtain NT/LM hashes from memory (from interactive logons, services, remote desktop connections, etc.) which can be used to perform further attacks, obtain Kerberos tickets and reuse them in other Windows or Unix systems.

Changes: It now supports logon sessions and NTLM credentials just by reading memory without performing code injection.
tags | remote
systems | linux, windows
MD5 | 32d74bdf50afa4c6e0a8de7de2fb1637
EMC NetWorker Arbitrary Code Execution With Elevated Privileges
Posted Apr 18, 2011
Site emc.com

EMC NetWorker contains a potential security vulnerability that can be exploited to execute malicious code with elevated privileges on the affected system.

tags | advisory
advisories | CVE-2011-1421
MD5 | 629582396f4cba75ca648520ad5c18a4
Go Null Yourself E-Zine Issue 04
Posted Apr 18, 2011
Authored by gny | Site gonullyourself.org

Go Null Yourself E-zine Issue 4 - Topics in this issue include Lattice-Based Cryptography, The Tech Behind Credit Cards, MapReduce Part 2, 303-833-00xx Scan, and more.

tags | magazine
MD5 | 200e3f15908224e3f17468c0c84fb20e
CRESUS SQL Injection
Posted Apr 18, 2011
Authored by GRAYHATZ

CRESUS suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 3227f10fdddc2e0e061cebc9555313c6
Secunia Security Advisory 44240
Posted Apr 18, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fedora has issued an update for proftpd. This fixes two vulnerabilities, which can be exploited by malicious people to manipulate certain data and cause a DoS (Denial of Service).

tags | advisory, denial of service, vulnerability
systems | linux, fedora
MD5 | 08343dd8a6d1e355b30d69884831ccfb
Secunia Security Advisory 44051
Posted Apr 18, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Mojolicious, which can be exploited by malicious people to disclose potentially sensitive information.

tags | advisory
MD5 | 43a49b5df5d43c954fd48de480082d1d
Secunia Security Advisory 44224
Posted Apr 18, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in Perl Jifty::DBI, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, perl, vulnerability, sql injection
MD5 | 182eac0ac4a0305183f99bc457d486f4
Drupal Themes XSS / Denial Of Service
Posted Apr 18, 2011
Authored by MustLive

Multiple Drupal themes suffer from cross site scripting and denial of service vulnerabilities. Affected themes include Fresh News, Inspire, Spectrum, Delegate, Optimize, Bueno, Headlines, Daily Edition, Coffee Break, The Gazette Edition.

tags | advisory, denial of service, vulnerability, xss
MD5 | 74e3195dcb816701fe2abc173c6845bc
Secunia Security Advisory 44219
Posted Apr 18, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue and a vulnerability have been discovered in MyBB, which can be exploited by malicious people to disclose certain sensitive information and conduct SQL injection attacks.

tags | advisory, sql injection
MD5 | d0358ce8903da477451ba475c1deddfe
Secunia Security Advisory 44238
Posted Apr 18, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fedora has issued an update for libmodplug. This fixes a vulnerability, which can be exploited by malicious people to compromise an application using the library.

tags | advisory
systems | linux, fedora
MD5 | 1eea0b6b1c9086871646806716e721a4
Secunia Security Advisory 44104
Posted Apr 18, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in Thunar, which potentially can be exploited by malicious people to compromise a user's system.

tags | advisory
MD5 | 1102b5e1cd046f223401be1f1d76bd95
Secunia Security Advisory 44239
Posted Apr 18, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fedora has issued an update for tmux. This fixes a security issue, which can be exploited by malicious, local users to perform certain actions with escalated privileges.

tags | advisory, local
systems | linux, fedora
MD5 | a9bd1c805e8bfdb4df7e67893f8a4b3f
Secunia Security Advisory 44223
Posted Apr 18, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Justin Case has reported a weakness in Skype for Android, which can be exploited by malicious people to gain access to sensitive information.

tags | advisory
MD5 | c08cdca63162dbebeb0c08aaec5b2a0c
Secunia Security Advisory 44169
Posted Apr 18, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for wireshark. This fixes multiple vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service, vulnerability
systems | linux, suse
MD5 | a35086b7803e4a14a74206d77f9dfcb4
CompactCMS 1.4.1 Remote File Inclusion / File Disclosure
Posted Apr 18, 2011
Authored by KedAns-Dz

CompactCMS versions 1.4.1 and below suffer from remote file inclusion and disclosure issues.

tags | exploit, remote, code execution, file inclusion, info disclosure
MD5 | 18dc7b13da026b3f301fb9633f733150
Google Chrome 10.0.648.205 Stack Overflow
Posted Apr 18, 2011
Authored by C4SS!0 G0M3S

Google Chrome version 10.0.648.205 stack exhaustion exploit.

tags | exploit
MD5 | 9ef566cbf660702ad353c638b39b4eff
Secunia Security Advisory 44181
Posted Apr 18, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for krb5. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | linux, suse
MD5 | fa37b83907cdd797b33c916a6ab39454
Secunia Security Advisory 44173
Posted Apr 18, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for libmodplug. This fixes a vulnerability, which can be exploited by malicious people to compromise an application using the library.

tags | advisory
systems | linux, suse
MD5 | 965c6249cef6ad7562b50d6d9c0b0b03
Secunia Security Advisory 44179
Posted Apr 18, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for dhcp6. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
systems | linux, suse
MD5 | b1526256f15cf7e1ce9dadefbbd72699
Page 1 of 2
Back12Next

File Archive:

November 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    2 Files
  • 2
    Nov 2nd
    9 Files
  • 3
    Nov 3rd
    15 Files
  • 4
    Nov 4th
    90 Files
  • 5
    Nov 5th
    22 Files
  • 6
    Nov 6th
    16 Files
  • 7
    Nov 7th
    1 Files
  • 8
    Nov 8th
    1 Files
  • 9
    Nov 9th
    40 Files
  • 10
    Nov 10th
    27 Files
  • 11
    Nov 11th
    28 Files
  • 12
    Nov 12th
    13 Files
  • 13
    Nov 13th
    18 Files
  • 14
    Nov 14th
    2 Files
  • 15
    Nov 15th
    2 Files
  • 16
    Nov 16th
    29 Files
  • 17
    Nov 17th
    15 Files
  • 18
    Nov 18th
    15 Files
  • 19
    Nov 19th
    21 Files
  • 20
    Nov 20th
    16 Files
  • 21
    Nov 21st
    1 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    19 Files
  • 24
    Nov 24th
    32 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close