exploit the possibilities
Showing 1 - 25 of 35 RSS Feed

Files Date: 2011-05-16

7-Technologies IGSS <= v9.00.00 b11063 IGSSdataServer.exe Stack Overflow
Posted May 16, 2011
Authored by Luigi Auriemma, corelanc0d3r, sinn3r, Lincoln | Site metasploit.com

This Metasploit module exploits a vulnerability in the igssdataserver.exe component of 7-Technologies IGSS up to version 9.00.00 b11063. While processing a ListAll command, the application fails to do proper bounds checking before copying data into a small buffer on the stack. This causes a buffer overflow and allows to overwrite a structured exception handling record on the stack, allowing for unauthenticated remote code execution.

tags | exploit, remote, overflow, code execution
advisories | CVE-2011-1567
MD5 | 869f7bc482600120671a510bc7e91bee
allocPSA 1.7.4 Cross Site Scripting
Posted May 16, 2011
Authored by AutoSec Tools | Site autosectools.com

A reflected cross site scripting vulnerability in allocPSA version 1.7.4 can be exploited to execute arbitrary JavaScript.

tags | exploit, arbitrary, javascript, xss
MD5 | d432b4a60a05f3ffefd7906a22d72692
docMGR 1.1.2 Cross Site Scripting
Posted May 16, 2011
Authored by AutoSec Tools | Site autosectools.com

A reflected cross site scripting vulnerability in docMGR version 1.1.2 can be exploited to execute arbitrary JavaScript.

tags | exploit, arbitrary, javascript, xss
MD5 | 399249f3f5935110f32160f988da86e1
eFront 3.6.9 Build 10653 Local File Inclusion
Posted May 16, 2011
Authored by AutoSec Tools | Site autosectools.com

A local file inclusion vulnerability in eFront version 3.6.9 build 10653 can be exploited to include arbitrary files.

tags | exploit, arbitrary, local, file inclusion
MD5 | 5a8832e62ed0e4fbc1db9193480676bd
eFront 3.6.9 Build 10653 Cross Site Scripting
Posted May 16, 2011
Authored by AutoSec Tools | Site autosectools.com

A reflected cross site scripting vulnerability in eFront version 3.6.9 build 10653 can be exploited to execute arbitrary JavaScript.

tags | exploit, arbitrary, javascript, xss
MD5 | 1b7cc107ef3d542af5d4441d16fb9890
HTML2PDF 4.02 Cross Site Scripting
Posted May 16, 2011
Authored by AutoSec Tools | Site autosectools.com

A reflected cross site scripting vulnerability in HTML2PDF version 4.02 can be exploited to execute arbitrary JavaScript.

tags | exploit, arbitrary, javascript, xss
MD5 | 3008e2c30cf15cf0de464aee7f898181
Jcow 4.2.1 Local File Inclusion
Posted May 16, 2011
Authored by AutoSec Tools | Site autosectools.com

A local file inclusion vulnerability in Jcow version 4.2.1 can be exploited to include arbitrary files.

tags | exploit, arbitrary, local, file inclusion
MD5 | c487a05b5011c4855593b8756121ba47
NoticeBoardPro 1.0 Shell Upload
Posted May 16, 2011
Authored by AutoSec Tools | Site autosectools.com

An arbitrary upload vulnerability in NoticeBoardPro version 1.0 can be exploited to upload a PHP shell.

tags | exploit, arbitrary, shell, php
MD5 | cf00815ea48630a0b4acc6dcf614bce3
NoticeBoardPro 1.0 SQL Injection
Posted May 16, 2011
Authored by AutoSec Tools | Site autosectools.com

A SQL injection vulnerability in NoticeBoardPro version 1.0 can be exploited to extract arbitrary data. In some environments it may be possible to create a PHP shell.

tags | exploit, arbitrary, shell, php, sql injection
MD5 | 9db7286ae9b904647244b2112c46c281
openQRM 4.8 Cross Site Scripting
Posted May 16, 2011
Authored by AutoSec Tools | Site autosectools.com

A reflected cross site scripting vulnerability in openQRM version 4.8 can be exploited to execute arbitrary JavaScript.

tags | exploit, arbitrary, javascript, xss
MD5 | c25d976c101c5a0541b325eecbaeeae8
phpMyChat Plus 1.93 Local File Inclusion
Posted May 16, 2011
Authored by AutoSec Tools | Site autosectools.com

A local file inclusion vulnerability in phpMyChat Plus version 1.93 can be exploited to include arbitrary files.

tags | exploit, arbitrary, local, file inclusion
MD5 | a49ec3d6362e9e45be93f11fc3c6f583
Vanilla Forum 2.0.17.9 Local File Inclusion
Posted May 16, 2011
Authored by AutoSec Tools | Site autosectools.com

A local file inclusion vulnerability in Vanilla Forum version 2.0.17.9 can be exploited to include arbitrary files.

tags | exploit, arbitrary, local, file inclusion
MD5 | 5a698e836f5fe05510852e091d594751
Mandriva Linux Security Advisory 2011-087
Posted May 16, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-087 - The rfbSendFramebufferUpdate function in server/libvncserver/rfbserver.c in vino-server in Vino 2.x before 2.28.3, 2.32.x before 2.32.2, 3.0.x before 3.0.2, and 3.1.x before 3.1.1, when raw encoding is used, allows remote authenticated users to cause a denial of service X position or Y position value in a framebuffer update request that triggers an out-of-bounds memory access, related to the rfbTranslateNone and rfbSendRectEncodingRaw functions. The rfbSendFramebufferUpdate function in server/libvncserver/rfbserver.c in vino-server in Vino 2.x before 2.28.3, 2.32.x before 2.32.2, 3.0.x before 3.0.2, and 3.1.x before 3.1.1, when tight encoding is used, allows remote authenticated users to cause a denial of service via crafted dimensions in a framebuffer update request that triggers an out-of-bounds read operation. The updated packages have been upgraded to 2.28.3 which is not vulnerable to these issues.

tags | advisory, remote, denial of service
systems | linux, mandriva
advisories | CVE-2011-0904, CVE-2011-0905
MD5 | 1b498807cd87cc13c45dbde8c0fc0dec
WebTech 2011 Conference Call For Papers
Posted May 16, 2011
Site webtechcon.de

The WebTech 2011 Call For Papers has been announced. It will take place from October 10th through the 12th, 2011 in Mainz, Germany.

tags | paper, conference
MD5 | ca1f1a4236224b143ad19791c168c3a3
Novell LDAP-SSL Daemon Denial Of Service
Posted May 16, 2011
Authored by Knud | Site nsense.fi

nSense Vulnerability Research Security Advisory - It is possible to cause a denial of service in Novell's LDAP-SSL daemon due to the system blindly allocating a user-specified amount of memory. Exploiting the issue on a Netware system will cause a system-wide DoS condition.

tags | exploit, denial of service
MD5 | a791f52dcdee4e87453f0436bc82a938
Vmware vSphere Management Assistant (vMA) Privilege Escalation
Posted May 16, 2011
Authored by @drk1wi

Vmware vSphere Management Assistant (vMA) suffers from a local privilege escalation vulnerability.

tags | exploit, local
MD5 | 091f38d27cf49bbcf2609267ca2f8b73
QuickRecon 0.3
Posted May 16, 2011
Authored by Filip Szymanski

QuickRecon is a python script for simple information gathering. It attempts to find subdomain names, perform zone transfers and gathers emails from Google and Bing.

Changes: Qt4 based GUI. Improved Code.
tags | tool, scanner, python
systems | unix
MD5 | 87af04213091078b37aef1399f9a71c0
Steam Cloud Denial Of Service
Posted May 16, 2011
Authored by David R. Klein

Steam Cloud suffers from a denial of service vulnerability.

tags | exploit, denial of service
MD5 | a7894bcdbca12389a00dd9e8957dcd53
Mandriva Linux Security Advisory 2011-086
Posted May 16, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-086 - A race condition flaw was found in the PolicyKit pkexec utility and polkitd daemon. A local user could use this flaw to appear as a privileged user to pkexec, allowing them to execute arbitrary commands as root by running those commands with pkexec. The updated packages have been patched to correct this issue.

tags | advisory, arbitrary, local, root
systems | linux, mandriva
advisories | CVE-2011-1485
MD5 | 9392cb5f3431b7872e0d06add1150440
BadAss 0.5 Beta
Posted May 16, 2011
Authored by blass

BadAss is a Ruby script that makes it very easy to perform cracking attacks, port scanning, and more.

Changes: Interface re-written from scratch. New ruby scripts added. Various other additions.
tags | tool, ruby
systems | unix
MD5 | 5db978d2ddd57d205a746af9444cf6c1
Secunia Security Advisory 44600
Posted May 16, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Alexander Gavrun has discovered a vulnerability in Winamp, which can be exploited by malicious people to compromise a user's system.

tags | advisory
MD5 | 415b0c1ea3a1cba20f511e530befe6d3
Secunia Security Advisory 44513
Posted May 16, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in GuppY, which can be exploited by malicious people to conduct cross-site request forgery attacks.

tags | advisory, csrf
MD5 | 6319f7a957bbfe53e539ce274841b8d8
Secunia Security Advisory 44592
Posted May 16, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - AutoSec Tools has discovered a vulnerability in allocPSA, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
MD5 | 26ff7874f26615ed43e949330b46b1a8
Secunia Security Advisory 44577
Posted May 16, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in Crucible, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss
MD5 | 3c89beafb9b0dde3b5ff2ab82d749028
Secunia Security Advisory 44619
Posted May 16, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fedora has issued an update for perl-Mojolicious. This fixes two vulnerabilities, where one has an unknown impact and the other can be exploited by malicious users to conduct script insertion attacks.

tags | advisory, perl, vulnerability
systems | linux, fedora
MD5 | df2aca69a12390a8c9d8811d25ae4d24
Page 1 of 2
Back12Next

File Archive:

August 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    10 Files
  • 2
    Aug 2nd
    8 Files
  • 3
    Aug 3rd
    2 Files
  • 4
    Aug 4th
    1 Files
  • 5
    Aug 5th
    15 Files
  • 6
    Aug 6th
    79 Files
  • 7
    Aug 7th
    16 Files
  • 8
    Aug 8th
    10 Files
  • 9
    Aug 9th
    10 Files
  • 10
    Aug 10th
    0 Files
  • 11
    Aug 11th
    6 Files
  • 12
    Aug 12th
    26 Files
  • 13
    Aug 13th
    15 Files
  • 14
    Aug 14th
    19 Files
  • 15
    Aug 15th
    52 Files
  • 16
    Aug 16th
    11 Files
  • 17
    Aug 17th
    1 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close