Exploit the possiblities
Showing 1 - 25 of 1,035 RSS Feed

Files Date: 2011-04-01 to 2011-04-30

Ubuntu Security Notice USN-1126-1
Posted Apr 29, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1126-1 - Stephane Chazelas discovered that the /etc/cron.d/php5 cron job for PHP 5.3.5 allows local users to delete arbitrary files via a symlink attack on a directory under /var/lib/php5/. Raphael Geisert and Dan Rosenberg discovered that the PEAR installer allows local users to overwrite arbitrary files via a symlink attack on the package.xml file. Martin Barbella discovered a buffer overflow in the PHP GD extension that allows an attacker to cause a denial of service (application crash) via a large number of anti-aliasing steps in an argument to the imagepstext function. It was discovered that PHP accepts the \0 character in a pathname, which might allow an attacker to bypass intended access restrictions by placing a safe file extension after this character. Various other issues with PHP 5 were also identified and resolved.

tags | advisory, denial of service, overflow, arbitrary, local, php
systems | linux, ubuntu
advisories | CVE-2011-1144, CVE-2006-7243, CVE-2010-4697, CVE-2010-4698, CVE-2011-0420, CVE-2011-0421, CVE-2011-0441, CVE-2011-0708, CVE-2011-1072, CVE-2011-1092, CVE-2011-1144, CVE-2011-1148, CVE-2011-1153, CVE-2011-1464, CVE-2011-1466, CVE-2011-1467, CVE-2011-1468, CVE-2011-1469, CVE-2011-1470, CVE-2011-1471
MD5 | 2c7a97fe636fd30935212ae6c190fea6
Zero Day Initiative Advisory 11-153
Posted Apr 29, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-153 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Borland Interbase. Authentication is not required to exploit these vulnerabilities. The specific flaws exists within the database service, ibserver.exe, which binds to TCP port 3050. When a specially crafted "connect" (opcode 0x01) message is sent a stack-based buffer overflow can occur. If properly exploited this can lead to remote compromise of the system with SYSTEM credentials.

tags | advisory, remote, overflow, arbitrary, tcp, vulnerability
MD5 | 1f46e22d147fff89eec1b34de93c13cc
Zero Day Initiative Advisory 11-152
Posted Apr 29, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-152 - This vulnerability allows remote attackers directory traversal on vulnerable installations of HP OpenView Data Protector. Authentication is not required to exploit this vulnerability. This specific flaw exists in the Backup Client Service (OmniInet.exe). The Backup Client Service listens on TCP port 5555 for communications between systems in the cell. The process has insufficient sanitization on user-supplied data when handling certain messages. Remote, unauthenticated attackers can exploit this vulnerability by sending crafted filename strings to the target, which would allow attackers to view or download arbitrary files on the target system.

tags | advisory, remote, arbitrary, tcp
advisories | CVE-2011-1736
MD5 | 6ceb32c63571b4806fec8bfa1ca94d17
Mac OS X / Intel Reverse TCP Shell Shellcode
Posted Apr 29, 2011
Authored by Jacob Hammack

131 bytes small Mac OS X / Intel reverse TCP shell shellcode for x86_64.

tags | shell, tcp, shellcode
systems | apple, osx
MD5 | 01de685f8e9a7ce64746376e0578c5f0
Microsoft Office Excel Buffer Overflow
Posted Apr 29, 2011
Authored by webDEViL

Microsoft Office Excel Axis properties record parsing buffer overflow proof of concept exploit that leverages the issue discussed in MS11-021.

tags | exploit, overflow, proof of concept
advisories | CVE-2011-0978
MD5 | 4f5360a8806ec726349e3b14dde3a712
SOOP Portal Raven 1.0b SQL Injection
Posted Apr 29, 2011
Authored by Evil-Thinker

SOOP Portal Raven version 1.0b suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 4de5194c23210bcbaab62a4339fae57b
Zero Day Initiative Advisory 11-151
Posted Apr 29, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-151 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP OpenView Data Protector. Authentication is not required to exploit this vulnerability. This specific flaw exists in the Backup Client Service (OmniInet.exe). The Backup Client Service listens on TCP port 5555 for communications between systems in the cell. The process has insufficient bounds checking on user-supplied data in a fixed-length buffer on the stack. Remote, unauthenticated attackers can exploit this vulnerability by sending malformed bm message packets to the target, which could ultimately lead to arbitrary code execution under the context of the SYSTEM user.

tags | advisory, remote, arbitrary, tcp, code execution
advisories | CVE-2011-1735
MD5 | 054aaeaf23a49aa8a902cb7926cc4c40
Zero Day Initiative Advisory 11-150
Posted Apr 29, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-150 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP OpenView Data Protector. Authentication is not required to exploit this vulnerability. This specific flaw exists in the Backup Client Service (OmniInet.exe). The Backup Client Service listens on TCP port 5555 for communications between systems in the cell. The process has insufficient bounds checking on user-supplied data in a fixed-length buffer on the stack. Remote, unauthenticated attackers can exploit this vulnerability by sending malformed omniiaputil message packets to the target, which could ultimately lead to arbitrary code execution under the context of the SYSTEM user.

tags | advisory, remote, arbitrary, tcp, code execution
advisories | CVE-2011-1734
MD5 | fc6243ed07513d2305b1dd2d6d350117
Zero Day Initiative Advisory 11-149
Posted Apr 29, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-149 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP OpenView Data Protector. Authentication is not required to exploit this vulnerability. This specific flaw exists in the Backup Client Service (OmniInet.exe). The Backup Client Service listens on TCP port 5555 for communications between systems in the cell. The process has insufficient bounds checking on user-supplied data in a fixed-length buffer on the stack. Remote, unauthenticated attackers can exploit this vulnerability by sending malformed HPFGConfig message packets to the target, which could ultimately lead to arbitrary code execution under the context of the SYSTEM user.

tags | advisory, remote, arbitrary, tcp, code execution
advisories | CVE-2011-1733
MD5 | 71f0dadb0178e5ea3ecdf13331211535
Zero Day Initiative Advisory 11-148
Posted Apr 29, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-148 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP OpenView Data Protector. Authentication is not required to exploit this vulnerability. This specific flaw exists in the Backup Client Service (OmniInet.exe). The Backup Client Service listens on TCP port 5555 for communications between systems in the cell. The process has insufficient bounds checking on user-supplied data in a fixed-length buffer on the stack. Remote, unauthenticated attackers can exploit this vulnerability by sending malformed stutil message packets to the target, which could ultimately lead to arbitrary code execution under the context of the SYSTEM user.

tags | advisory, remote, arbitrary, tcp, code execution
advisories | CVE-2011-1732
MD5 | 3089d396af51f4c77643b443ed2cc36a
Joomla 1.6.0 SQL Injection / PHP Execution
Posted Apr 29, 2011
Authored by James Bercegay | Site metasploit.com

A vulnerability was discovered by Aung Khant that allows for exploitable SQL Injection attacks against a Joomla 1.6.0 install. This exploit attempts to leverage the SQL Injection to extract admin credentials, and use those credentials to execute arbitrary PHP code against the target. The vulnerability is due to a validation issue in /components/com_content/models/category.php that erroneously uses the "string" type whenever filtering the user supplied input. This issue was fixed by performing a whitelist check of the user supplied order data against the allowed order types, and also escaping the input.

tags | exploit, arbitrary, php, sql injection
advisories | CVE-2011-1151
MD5 | 1ad33dfea9c4661343e83233196f0d96
RSA Data Loss Prevention Cross Site Scripting
Posted Apr 29, 2011
Site emc.com

A potential cross site scripting vulnerability due to improper input validation that could be exploited in certain situations has been identified in RSA DLP Enterprise Manager versions 8.x.

tags | advisory, xss
advisories | CVE-2011-1423
MD5 | 17fed28c27fca6e2db0341cd1094a078
HP Security Bulletin HPSBMA02668 SSRT100474
Posted Apr 29, 2011
Authored by HP | Site hp.com

HP Security Bulletin HPSBMA02668 SSRT100474 - Potential security vulnerabilities have been identified with HP OpenView Storage Data Protector. These vulnerabilities could be remotely exploited to execute arbitrary code. Revision 1 of this advisory.

tags | advisory, arbitrary, vulnerability
advisories | CVE-2011-1728, CVE-2011-1729, CVE-2011-1730, CVE-2011-1731, CVE-2011-1732, CVE-2011-1733, CVE-2011-1734, CVE-2011-1735, CVE-2011-1736
MD5 | 943ca04a13392d26d2dd20cd0912eca4
Zero Day Initiative Advisory 11-147
Posted Apr 29, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-147 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP OpenView Data Protector. Authentication is not required to exploit this vulnerability. This specific flaw exists in the Backup Client Service (OmniInet.exe). The Backup Client Service listens on TCP port 5555 for communications between systems in the cell. The process has insufficient bounds checking on user-supplied data in a fixed-length buffer on the stack. Remote, unauthenticated attackers can exploit this vulnerability by sending malformed EXEC_INTEGUTIL message packets to the target, which could ultimately lead to arbitrary code execution under the context of the SYSTEM user.

tags | advisory, remote, arbitrary, tcp, code execution
advisories | CVE-2011-1731
MD5 | 6bfc6e66b9d40dc7006f9490a502cd70
Zero Day Initiative Advisory 11-146
Posted Apr 29, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-146 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP OpenView Data Protector. Authentication is not required to exploit this vulnerability. This specific flaw exists in the Backup Client Service (OmniInet.exe). The Backup Client Service listens on TCP port 5555 for communications between systems in the cell. The process has insufficient bounds checking on user-supplied data in a fixed-length buffer on the stack. Remote, unauthenticated attackers can exploit this vulnerability by sending malformed EXEC_SCRIPT message packets to the target, which could ultimately lead to arbitrary code execution under the context of the SYSTEM user.

tags | advisory, remote, arbitrary, tcp, code execution
advisories | CVE-2011-1730
MD5 | 2cdc88a59056b589c656bb72e5a42daf
Zero Day Initiative Advisory 11-145
Posted Apr 29, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-145 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP OpenView Data Protector. Authentication is not required to exploit this vulnerability. This specific flaw exists in the Backup Client Service (OmniInet.exe). The Backup Client Service listens on TCP port 5555 for communications between systems in the cell. The process has insufficient bounds checking on user-supplied data in a fixed-length buffer on the stack. Remote, unauthenticated attackers can exploit this vulnerability by sending malformed GET_FILE message packets to the target, which could ultimately lead to arbitrary code execution under the context of the SYSTEM user.

tags | advisory, remote, arbitrary, tcp, code execution
advisories | CVE-2011-1729
MD5 | d44c6bb597ff144dd79a8eba240faa12
Zero Day Initiative Advisory 11-144
Posted Apr 29, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-144 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP OpenView Data Protector. Authentication is not required to exploit this vulnerability. This specific flaw exists in the Backup Client Service (OmniInet.exe). The Backup Client Service listens on TCP port 5555 for communications between systems in the cell. The process has insufficient bounds checking on user-supplied data in a fixed-length buffer on the stack. Remote, unauthenticated attackers can exploit this vulnerability by sending malformed EXEC_BAR message packets to the target, which could ultimately lead to arbitrary code execution under the context of the SYSTEM user.

tags | advisory, remote, arbitrary, tcp, code execution
advisories | CVE-2011-1728
MD5 | 1e43902241da8f1561e22993aac1ac83
Secunia Security Advisory 44365
Posted Apr 29, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for thunderbird. This fixes multiple vulnerabilities, which can be exploited by malicious people to disclose sensitive information and compromise a user's system.

tags | advisory, vulnerability
systems | linux, redhat
MD5 | fd5609b077370a89c4ecfae3f0ea3e21
Secunia Security Advisory 44396
Posted Apr 29, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Alberto Ortega has discovered a vulnerability in eyeOS, which can be exploited by malicious users to conduct script insertion attacks.

tags | advisory
MD5 | 09a98cdafbb67207ac731bf429a17819
Secunia Security Advisory 43474
Posted Apr 29, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Parvez Anwar has discovered a vulnerability in Data Dynamics ActiveBar ActiveX Control, which can be exploited by malicious people to compromise a user's system.

tags | advisory, activex
MD5 | 32f7d3465fd0484dbbae6b1a84eed06f
Secunia Security Advisory 44364
Posted Apr 29, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A weakness has been reported in udisks, which can be exploited by malicious, local users to bypass certain security restrictions.

tags | advisory, local
MD5 | bd9e5c49c43bdd484534a9b3c72d2af1
John The Ripper 1.7.7
Posted Apr 29, 2011
Authored by Solar Designer | Site openwall.com

John the Ripper is a fast password cracker, currently available for many flavors of Unix, Windows, DOS, BeOS, and OpenVMS. Its primary purpose is to detect weak Unix passwords. It supports several crypt(3) password hash types commonly found on Unix systems, as well as Windows LM hashes. On top of this, many other hash types are added with contributed patches, and some are added in John the Ripper Pro. This is the community enhanced version.

Changes: The jumbo patch has been rebased to 1.7.7. Detection of ambiguous hash encodings has been implemented. Support for larger hash tables has been added for many hash types (most notably, NTLM). The "Apache MD5" "format" has been dropped (implemented in 1.7.7 proper). The --salt-list option has been dropped. Assorted other bugfixes, enhancements, and changes have been made.
tags | cracker
systems | windows, unix, beos
MD5 | b5fde123f4c5f230c5ccda3b765b2de2
phpGraphy 0.9.13b Cross Site Request Forgery / Cross Site Scripting
Posted Apr 29, 2011
Authored by High-Tech Bridge SA | Site htbridge.com

phpGraphy version 0.9.13b suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
MD5 | 761375171156f440cdf983d309ad40a4
Hashdays 2011 Call For Papers
Posted Apr 29, 2011
Site hashdays.ch

Hashdays 2011 Call For Papers - Hashdays is an international security technology and research conference which is preceded by several 2-day workshops delivering IT security training. The event features many international IT security experts sharing their deep technical knowledge in an open environment and takes place October 26th to 29th, 2011 in Lucerne.

tags | paper, conference
MD5 | 603a2a56f05963905cc12648019aab38
PACK (Password Analysis and Cracking Kit) 0.0.2
Posted Apr 29, 2011
Authored by Peter Kacherginsky

PACK (Password Analysis and Cracking Kit) is a toolkit that allows researchers to optimize their password cracking tasks, analyze previously cracked passwords, and implements a novel attack on corporate passwords using minimum password policy. The goal of this toolkit is to assist in automatic preparation for the "better than bruteforce" password attacks by analyzing common ways that people create passwords. After the analysis stage, the statistical database can be used to generate attack masks for common tools such as Hashcat, oclHashcat, and others.

tags | cracker
MD5 | 7113773406c31f69ea46012cafec38ca
Page 1 of 42
Back12345Next

File Archive:

December 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    15 Files
  • 2
    Dec 2nd
    2 Files
  • 3
    Dec 3rd
    1 Files
  • 4
    Dec 4th
    15 Files
  • 5
    Dec 5th
    15 Files
  • 6
    Dec 6th
    18 Files
  • 7
    Dec 7th
    17 Files
  • 8
    Dec 8th
    15 Files
  • 9
    Dec 9th
    13 Files
  • 10
    Dec 10th
    4 Files
  • 11
    Dec 11th
    41 Files
  • 12
    Dec 12th
    44 Files
  • 13
    Dec 13th
    25 Files
  • 14
    Dec 14th
    15 Files
  • 15
    Dec 15th
    28 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close