exploit the possibilities
Showing 1 - 20 of 20 RSS Feed

Files Date: 2011-05-23

Magix Musik Maker 16 .mmm Stack Buffer Overflow
Posted May 23, 2011
Authored by corelanc0d3r, Acidgen | Site metasploit.com

This Metasploit module exploits a stack buffer overflow in Magix Musik Maker 16. When opening a specially crafted arrangement file (.mmm) in the application, an unsafe strcpy() will allow you to overwrite a SEH handler. This exploit bypasses DEP & ASLR, and works on XP, Vista & Windows 7. Egghunter is used, and might require up to several seconds to receive a shell.

tags | exploit, overflow, shell
systems | windows, 7
advisories | OSVDB-72455
MD5 | 570e91a977ec5caabe84bd083c0b5756
Mandriva Linux Security Advisory 2011-098
Posted May 23, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-098 - Cross-site scripting vulnerability in the WEBrick HTTP server in Ruby allows remote attackers to inject arbitrary web script or HTML via a crafted URI that triggers a UTF-7 error page. The safe-level feature in Ruby allows context-dependent attackers to modify strings via the Exception#to_s method, as demonstrated by changing an intended pathname. The VpMemAlloc function in bigdecimal.c in the BigDecimal class in Ruby does not properly allocate memory, which allows context-dependent attackers to execute arbitrary code or cause a denial of service via vectors involving creation of a large BigDecimal value within a 64-bit process, related to an integer truncation issue. The updated packages have been patched to correct this issue.

tags | advisory, remote, web, denial of service, arbitrary, xss, ruby
systems | linux, mandriva
advisories | CVE-2010-0541, CVE-2011-1005, CVE-2011-0188
MD5 | bf9c5c468d4c6b83ad35c7574a0a9f91
Mandriva Linux Security Advisory 2011-097
Posted May 23, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-097 - Cross-site scripting vulnerability in the WEBrick HTTP server in Ruby allows remote attackers to inject arbitrary web script or HTML via a crafted URI that triggers a UTF-7 error page. The FileUtils.remove_entry_secure method in Ruby allows local users to delete arbitrary files via a symlink attack. The safe-level feature in Ruby allows context-dependent attackers to modify strings via the Exception#to_s method, as demonstrated by changing an intended pathname. The VpMemAlloc function in bigdecimal.c in the BigDecimal class in Ruby does not properly allocate memory, which allows context-dependent attackers to execute arbitrary code or cause a denial of service via vectors involving creation of a large BigDecimal value within a 64-bit process, related to an integer truncation issue.

tags | advisory, remote, web, denial of service, arbitrary, local, xss, ruby
systems | linux, mandriva
advisories | CVE-2010-0541, CVE-2011-1004, CVE-2011-1005, CVE-2011-0188
MD5 | 4d40ec180f11e6f686d6e8c226b68118
vBulletin 4.0.x SQL Injection / Cross Site Request Forgery
Posted May 23, 2011
Authored by KedAns-Dz

vBulletin version 4.0.x suffers from a remote SQL injection vulnerability that can be leveraged using a cross site request forgery vulnerability.

tags | exploit, remote, sql injection, csrf
MD5 | 63475bff67581fced54ceec751edbeb1
Pligg CMS 1.1.4 Cross Site Request Forgery
Posted May 23, 2011
Authored by KedAns-Dz

Pligg CMS version 1.1.4 suffers from multiple cross site request forgery vulnerabilities.

tags | exploit, vulnerability, csrf
MD5 | 5749b2a97a42afd20a35bbad11bab9e2
BadAss 0.6 Beta
Posted May 23, 2011
Authored by blass

BadAss is a Ruby script that makes it very easy to perform cracking attacks, port scanning, and more.

Changes: Replaced Voidssh by SSH brute Force for more accuracy.
tags | tool, ruby
systems | unix
MD5 | 926326b10289a7abad33d446a17327b3
Mandriva Linux Security Advisory 2011-095-1
Posted May 23, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-095 - It was discovered that the fix for CVE-2011-0419 under certain conditions could cause a denial-of-service attack in APR.

tags | advisory
systems | linux, mandriva
advisories | CVE-2011-0419, CVE-2011-1928
MD5 | d275ab912f5f2e4ebcf499cb9451c281
Homepages Admin SQL Injection
Posted May 23, 2011
Authored by eXeSoul

Homepages Admin suffers from a remote SQL injection vulnerability that allows for authentication bypass. An attacker can then upload a php shell.

tags | exploit, remote, shell, php, sql injection
MD5 | 78b78b0ea1fb618247e4fc6eb9035a06
Cisco Router Advertisement Guarding Bypass
Posted May 23, 2011
Authored by van Hauser

Cisco switches that support the Router Advertisement Guarding feature suffer from a bypass vulnerability.

tags | advisory, bypass
systems | cisco
MD5 | 55ebfb12cad053d2909c809427df4ffa
Joomla Maplocator SQL Injection
Posted May 23, 2011
Authored by Fl0riX

The Joomla Maplocator component suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 05434cb18f7b97df6271e4709c62c598
Secunia Security Advisory 44684
Posted May 23, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fedora has issued an update for mediawiki. This fixes two vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting attacks and bypass certain security restrictions.

tags | advisory, vulnerability, xss
systems | linux, fedora
MD5 | 9407301f4589e0bc39d3f89f5f4a835c
Secunia Security Advisory 44641
Posted May 23, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A weakness and a vulnerability have been reported in phpMyAdmin, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to conduct spoofing attacks.

tags | advisory, spoof
MD5 | e45886019349ee354f26035cef878d06
Secunia Security Advisory 44680
Posted May 23, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Dirmngr, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
MD5 | 7924265caa5b0bbd9ccf10408dbb5c51
Secunia Security Advisory 44663
Posted May 23, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Gjoko Krstic has discovered multiple vulnerabilities in Tugux, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks.

tags | advisory, vulnerability, xss, sql injection
MD5 | 68a025aaba0528e568eac90a0ca6f971
Secunia Security Advisory 44688
Posted May 23, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for firefox3-pango. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise an application using the library.

tags | advisory, denial of service
systems | linux, suse
MD5 | c04aea1e0235edece8a1e084de303134
Secunia Security Advisory 44689
Posted May 23, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for thunar. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a user's system.

tags | advisory
systems | linux, suse
MD5 | 68fea5b04415942517c7d21882777dde
Secunia Security Advisory 44690
Posted May 23, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for opera. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.

tags | advisory
systems | linux, suse
MD5 | d72d1d94afb4a22d969db90797c367cb
Secunia Security Advisory 44664
Posted May 23, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue has been discovered in chillyCMS, which can be exploited by malicious people to disclose sensitive information.

tags | advisory
MD5 | 7393903856f649bd567e652e7cf8eb91
Secunia Security Advisory 44613
Posted May 23, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for apr. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | linux, debian
MD5 | 24452649935fd5b992a34b989d4c1c98
Secunia Security Advisory 44608
Posted May 23, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in SystemTap, which can be exploited by malicious, local users to cause a DoS (Denial of Service).

tags | advisory, denial of service, local, vulnerability
MD5 | af699cacedf0bc06a35e2343b0c117c8
Page 1 of 1
Back1Next

File Archive:

May 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    1 Files
  • 2
    May 2nd
    4 Files
  • 3
    May 3rd
    26 Files
  • 4
    May 4th
    17 Files
  • 5
    May 5th
    3 Files
  • 6
    May 6th
    32 Files
  • 7
    May 7th
    11 Files
  • 8
    May 8th
    2 Files
  • 9
    May 9th
    2 Files
  • 10
    May 10th
    13 Files
  • 11
    May 11th
    17 Files
  • 12
    May 12th
    22 Files
  • 13
    May 13th
    11 Files
  • 14
    May 14th
    9 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    0 Files
  • 17
    May 17th
    0 Files
  • 18
    May 18th
    0 Files
  • 19
    May 19th
    0 Files
  • 20
    May 20th
    0 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close