exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 20 of 20 RSS Feed

Files Date: 2011-05-23

Magix Musik Maker 16 .mmm Stack Buffer Overflow
Posted May 23, 2011
Authored by corelanc0d3r, Acidgen | Site metasploit.com

This Metasploit module exploits a stack buffer overflow in Magix Musik Maker 16. When opening a specially crafted arrangement file (.mmm) in the application, an unsafe strcpy() will allow you to overwrite a SEH handler. This exploit bypasses DEP & ASLR, and works on XP, Vista & Windows 7. Egghunter is used, and might require up to several seconds to receive a shell.

tags | exploit, overflow, shell
systems | windows
advisories | OSVDB-72455
SHA-256 | 270a3316873b5bc88495642eac3f7de2a3221c8b7aa36519b966bed7c9dff806
Mandriva Linux Security Advisory 2011-098
Posted May 23, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-098 - Cross-site scripting vulnerability in the WEBrick HTTP server in Ruby allows remote attackers to inject arbitrary web script or HTML via a crafted URI that triggers a UTF-7 error page. The safe-level feature in Ruby allows context-dependent attackers to modify strings via the Exception#to_s method, as demonstrated by changing an intended pathname. The VpMemAlloc function in bigdecimal.c in the BigDecimal class in Ruby does not properly allocate memory, which allows context-dependent attackers to execute arbitrary code or cause a denial of service via vectors involving creation of a large BigDecimal value within a 64-bit process, related to an integer truncation issue. The updated packages have been patched to correct this issue.

tags | advisory, remote, web, denial of service, arbitrary, xss, ruby
systems | linux, mandriva
advisories | CVE-2010-0541, CVE-2011-1005, CVE-2011-0188
SHA-256 | c941433f0af830382d2f5cef03846e0594fa90093d37e8faa51dbc590703d07c
Mandriva Linux Security Advisory 2011-097
Posted May 23, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-097 - Cross-site scripting vulnerability in the WEBrick HTTP server in Ruby allows remote attackers to inject arbitrary web script or HTML via a crafted URI that triggers a UTF-7 error page. The FileUtils.remove_entry_secure method in Ruby allows local users to delete arbitrary files via a symlink attack. The safe-level feature in Ruby allows context-dependent attackers to modify strings via the Exception#to_s method, as demonstrated by changing an intended pathname. The VpMemAlloc function in bigdecimal.c in the BigDecimal class in Ruby does not properly allocate memory, which allows context-dependent attackers to execute arbitrary code or cause a denial of service via vectors involving creation of a large BigDecimal value within a 64-bit process, related to an integer truncation issue.

tags | advisory, remote, web, denial of service, arbitrary, local, xss, ruby
systems | linux, mandriva
advisories | CVE-2010-0541, CVE-2011-1004, CVE-2011-1005, CVE-2011-0188
SHA-256 | b4b5b329ab9f90d2cf477e7443536a822964f07e1ebebf9360cc7de333949c6a
vBulletin 4.0.x SQL Injection / Cross Site Request Forgery
Posted May 23, 2011
Authored by KedAns-Dz

vBulletin version 4.0.x suffers from a remote SQL injection vulnerability that can be leveraged using a cross site request forgery vulnerability.

tags | exploit, remote, sql injection, csrf
SHA-256 | f9857c4738bd671fa3a07ef92ee6901ad48b101a0bda8bf8372d643d1114462e
Pligg CMS 1.1.4 Cross Site Request Forgery
Posted May 23, 2011
Authored by KedAns-Dz

Pligg CMS version 1.1.4 suffers from multiple cross site request forgery vulnerabilities.

tags | exploit, vulnerability, csrf
SHA-256 | 8cabab4755f3dfc3cf2c108c7bb0bff9c1319b5ac6edc5c8870afcae353cccd3
BadAss 0.6 Beta
Posted May 23, 2011
Authored by blass

BadAss is a Ruby script that makes it very easy to perform cracking attacks, port scanning, and more.

Changes: Replaced Voidssh by SSH brute Force for more accuracy.
tags | tool, ruby
systems | unix
SHA-256 | cc969c821f770dd276e32740bd727d5ebbd49e568f7070daadb0f14da4d42b3f
Mandriva Linux Security Advisory 2011-095-1
Posted May 23, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-095 - It was discovered that the fix for CVE-2011-0419 under certain conditions could cause a denial-of-service attack in APR.

tags | advisory
systems | linux, mandriva
advisories | CVE-2011-0419, CVE-2011-1928
SHA-256 | aee7c9b916aac108d9dc237d107aef2724cb3ece79267c7664d931b1efbc8e0a
Homepages Admin SQL Injection
Posted May 23, 2011
Authored by eXeSoul

Homepages Admin suffers from a remote SQL injection vulnerability that allows for authentication bypass. An attacker can then upload a php shell.

tags | exploit, remote, shell, php, sql injection
SHA-256 | 6684b565beb5170192ff35a07632c64d22a4fc4fa000765a30e120773848069c
Cisco Router Advertisement Guarding Bypass
Posted May 23, 2011
Authored by van Hauser

Cisco switches that support the Router Advertisement Guarding feature suffer from a bypass vulnerability.

tags | advisory, bypass
systems | cisco
SHA-256 | dfb1b1f1370ed0fca6b3fc2310596a2d8f28ec7855e6e6b5c7a6ae568fec009c
Joomla Maplocator SQL Injection
Posted May 23, 2011
Authored by Fl0riX

The Joomla Maplocator component suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 06a0ca2a7aa9915e32916356e3b9edf4e7814fec6bfb1a30a74fffb8c8c408fc
Secunia Security Advisory 44684
Posted May 23, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fedora has issued an update for mediawiki. This fixes two vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting attacks and bypass certain security restrictions.

tags | advisory, vulnerability, xss
systems | linux, fedora
SHA-256 | 299651cb44686cb4a1f351c9e0f818304902a6a826ac57aeadfa4580c0e7110d
Secunia Security Advisory 44641
Posted May 23, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A weakness and a vulnerability have been reported in phpMyAdmin, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to conduct spoofing attacks.

tags | advisory, spoof
SHA-256 | 39cc1f2c0deb8769ab994b6b983c541c6cab6b812cc578af9ebe1de76d332c54
Secunia Security Advisory 44680
Posted May 23, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Dirmngr, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
SHA-256 | 2c98e1a0bc092d3b2c71571730448c557d175b8103ad1b6245224c7ed73e168c
Secunia Security Advisory 44663
Posted May 23, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Gjoko Krstic has discovered multiple vulnerabilities in Tugux, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks.

tags | advisory, vulnerability, xss, sql injection
SHA-256 | 1fb6583bb3d9eda85019308f9948fa4c79e7494b70406b572e3e13013cd19bd2
Secunia Security Advisory 44688
Posted May 23, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for firefox3-pango. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise an application using the library.

tags | advisory, denial of service
systems | linux, suse
SHA-256 | 9b83cdecf1af4b6938f2646900eb3531cc65ba5982ca4c367aae6ff69886371e
Secunia Security Advisory 44689
Posted May 23, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for thunar. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a user's system.

tags | advisory
systems | linux, suse
SHA-256 | ad286b916648d05ac28a83018a306d02d34c97b22c783843cbbff36a25acc254
Secunia Security Advisory 44690
Posted May 23, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for opera. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.

tags | advisory
systems | linux, suse
SHA-256 | a802dc61854973b8b4747045bab5d34e9e985f63d8b261e04b94126c769ccfb2
Secunia Security Advisory 44664
Posted May 23, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue has been discovered in chillyCMS, which can be exploited by malicious people to disclose sensitive information.

tags | advisory
SHA-256 | 57a8fd26e9498fd82c90d216ac203a2e45c49fd42c2dff0cece32e45122bf95f
Secunia Security Advisory 44613
Posted May 23, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for apr. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | linux, debian
SHA-256 | 04b5f8b8242dcbdbe77aef39c67da213661710b7e9444db07192705ce56cd5b0
Secunia Security Advisory 44608
Posted May 23, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in SystemTap, which can be exploited by malicious, local users to cause a DoS (Denial of Service).

tags | advisory, denial of service, local, vulnerability
SHA-256 | 30542cbb78ba5728d350f8244d25cedc6fe4987c1489686230feb0ed41ffd15b
Page 1 of 1
Back1Next

File Archive:

December 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    2 Files
  • 2
    Dec 2nd
    12 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close