exploit the possibilities
Showing 1 - 25 of 43 RSS Feed

Files Date: 2011-06-07

Mandriva Linux Security Advisory 2011-107
Posted Jun 7, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-107 - fetchmail 4.6.3 through 6.3.16, when debug mode is enabled, does not properly handle invalid characters in a multi-character locale, which allows remote attackers to cause a denial of service (memory consumption and application crash) via a crafted message header or POP3 UIDL list. fetchmail 5.9.9 through 6.3.19 does not properly limit the wait time after issuing a STLS request, which allows remote servers to cause a denial of service by acknowledging the request but not sending additional packets.

tags | advisory, remote, denial of service
systems | linux, mandriva
advisories | CVE-2010-1167, CVE-2011-1947
MD5 | 2c9d8069cdd9c984c649ba3cabdf234b
BLOG:CMS 4.2.1.f Cross Site Scripting
Posted Jun 7, 2011
Authored by Stefan Schurtz

BLOG:CMS version 4.2.1.f suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 6eeeedc56ead5890b50f450bd87c4559
Dataface Local File Inclusion
Posted Jun 7, 2011
Authored by ItSecTeam

Dataface suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
MD5 | 12382daff3b35c479cab71ebbf0c2514
Cisco AnyConnect VPN Client ActiveX URL Property Download and Execute
Posted Jun 7, 2011
Authored by bannedit | Site metasploit.com

This Metasploit module exploits a vulnerability in the Cisco AnyConnect VPN client vpnweb.ocx ActiveX control. This control is typically used to install the VPN client. An attacker can set the 'url' property which is where the control tries to locate the files needed to install the client. The control tries to download two files from the site specified within the 'url' property. One of these files it will be stored in a temporary directory and executed.

tags | exploit, activex
systems | cisco
advisories | CVE-2011-2039, OSVDB-72714
MD5 | 1b27d8b0751a48bb18313420f6d1338d
Secunia Security Advisory 44825
Posted Jun 7, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in KMPlayer, which can be exploited by malicious people to compromise a user's system.

tags | advisory
MD5 | 350332466da4378ce257cc89a8639215
Secunia Security Advisory 44737
Posted Jun 7, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Zhang Boyang FTP Server, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
MD5 | 96ca8c24412a8db5d4a39c7082831a1b
Secunia Security Advisory 44817
Posted Jun 7, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for libxml2. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise an application using the library.

tags | advisory, denial of service
systems | linux, debian
MD5 | dbcfc192bed6cd55440289a9081c44d6
Secunia Security Advisory 44823
Posted Jun 7, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in 1 Click UnZip, which can be exploited by malicious people to compromise a user's system.

tags | advisory
MD5 | 7109c02aca5ef201fd9988573ac96096
Secunia Security Advisory 44868
Posted Jun 7, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fedora has issued an update for gimp. This fixes multiple vulnerabilities, which can be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability
systems | linux, fedora
MD5 | 355d3396ee6d893890c1bd3f37edaa78
Secunia Security Advisory 44865
Posted Jun 7, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fedora has issued an update for unbound. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | linux, fedora
MD5 | c35d289cade697002d2c97d33b7e432f
Secunia Security Advisory 44867
Posted Jun 7, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fedora has issued an update for mumble. This fixes a vulnerability, which can be exploited by malicious users to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | linux, fedora
MD5 | 8d8abe90b43672b152c5381aef5238e0
Secunia Security Advisory 44872
Posted Jun 7, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for flash-plugin. This fixes a vulnerability, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
systems | linux, redhat
MD5 | 3c66b1b5fa59e1d6a091e078c64c4fa0
Zero Day Initiative Advisory 11-181
Posted Jun 7, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-181 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell iPrint Client. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The flaw exists within the nipplib component which is used by both the ActiveX and Netscape compatible browser plugins. When handling the op-printer-list-all-jobs parameter from the user specified printer-url the process blindly copies user supplied data into a fixed-length buffer on the stack. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the browser.

tags | advisory, remote, arbitrary, activex
advisories | CVE-2011-1707
MD5 | a9b65da0db0ccb2bbf513b185b46a219
Zero Day Initiative Advisory 11-180
Posted Jun 7, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-180 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell iPrint Client. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The flaw exists within the nipplib component which is used by both the ActiveX and Netscape compatible browser plugins. When handling the op-printer-list-all-jobs parameter from the user specified printer-url the process blindly copies user supplied data into a fixed-length buffer on the stack. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the browser.

tags | advisory, remote, arbitrary, activex
advisories | CVE-2011-1708
MD5 | dbc004a9e71c68253411bf5b6ed6c8b7
IBM Tivoli Endpoint 4.1.1 Buffer Overflow / Hard-Coded Credentials
Posted Jun 7, 2011
Authored by Jeremy Brown

IBM Tivoli Endpoint version 4.1.1 remote SYSTEM exploit that leverages hard-coded base64 encoded authentication credentials in lcfd.exe and a stack-based buffer overflow when parsing HTTP variable values. Spawns a reverse shell to port 4444.

tags | exploit, remote, web, overflow, shell
MD5 | d362cf0faaea6135df8339096fcdd871
Directory Traversal Scanner 1.0.1.0
Posted Jun 7, 2011
Authored by AutoSec Tools | Site autosectools.com

This is a directory traversal scanner written in C# that audits HTTP servers and web applications. Complete source included.

Changes: UI improvements. Fixed a timeout. Settings are now saved upon exit. Several fuzz string updates and more.
tags | tool, web, scanner
systems | unix
MD5 | 798bbe1106f4280b2e657657f6a283b3
ProFTP Searcher PHP Script
Posted Jun 7, 2011
Authored by Burtay

This php script scans for ProFTP instances when provided an IP range.

tags | tool, scanner, php
systems | unix
MD5 | 2035b462d4ef9fc530bb87c3e4c435de
Ubuntu Security Notice USN-1122-3
Posted Jun 7, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1122-3 - USN-1122-2 fixed vulnerabilities in Thunderbird on Ubuntu 11.04. A regression was introduced which caused Thunderbird to display an empty menu bar. This update fixes the problem. It was discovered that there was a vulnerability in the memory handling of certain types of content. An attacker could exploit this to possibly run arbitrary code as the user running Thunderbird. It was discovered that Thunderbird incorrectly handled certain JavaScript requests. If JavaScript were enabled, an attacker could exploit this to possibly run arbitrary code as the user running Thunderbird. Various other issues were also addressed

tags | advisory, arbitrary, javascript, vulnerability
systems | linux, ubuntu
advisories | CVE-2011-0065, CVE-2011-0066, CVE-2011-0067, CVE-2011-0069, CVE-2011-0070, CVE-2011-0071, CVE-2011-0072, CVE-2011-0073, CVE-2011-0074, CVE-2011-0075, CVE-2011-0077, CVE-2011-0078, CVE-2011-0080, CVE-2011-0081, CVE-2011-1202
MD5 | 12bd736482854ed47851c4b6bbf72ec9
Zero Day Initiative Advisory 11-179
Posted Jun 7, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-179 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell iPrint Client. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The flaw exists within the nipplib component which is used by both the ActiveX and Netscape compatible browser plugins. When handling the iprint-client-config-info parameter from the user specified printer-url the process blindly copies user supplied data into a fixed-length buffer on the stack. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the browser.

tags | advisory, remote, arbitrary, activex
advisories | CVE-2011-1706
MD5 | ecff4597b99dc5362ea947624abe8253
1ClickUnzip 3.00 Heap Overflow
Posted Jun 7, 2011
Authored by C4SS!0 G0M3S

1ClickUnzip version 3.00 heap overflow exploit that creates a malicious .zip file.

tags | exploit, overflow
MD5 | e9e2f9b3f5a066d3f671ace126dd0133
Mevlana Content Management System SQL Injection
Posted Jun 7, 2011
Authored by RoAd_KiLlEr

Mevlana Content Management System suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 68b4ed0b73140a6502d4a63217111123
Debian Security Advisory 2255-1
Posted Jun 7, 2011
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2255-1 - Chris Evans discovered that libxml was vulnerable to buffer overflows, which allowed a crafted XML input file to potentially execute arbitrary code.

tags | advisory, overflow, arbitrary
systems | linux, debian
MD5 | 1c11c567edc13e5096524b82d6ecaedf
KMPlayer 3.0.0.1440 Buffer Overflow
Posted Jun 7, 2011
Authored by dookie, ronin

KMPlayer version 3.0.0.1440 buffer overflow exploit with DEP bypass that creates a malicious mp3 file.

tags | exploit, overflow
MD5 | 091780e997e5bd529e1f22617812c998
Zero Day Initiative Advisory 11-178
Posted Jun 7, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-178 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell iPrint Client. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The flaw exists within the nipplib component which is used by both the ActiveX and Netscape compatible browser plugins. When handling the client-file-name parameter from the user specified printer-url the process blindly copies user supplied data into a fixed-length buffer on the heap. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the browser.

tags | advisory, remote, arbitrary, activex
advisories | CVE-2011-1705
MD5 | c5f4bad649d2b11fba2de0aac01c9eb1
CoolPlayer Portable 2.19.2 (.m3u) Stack Buffer Overflow
Posted Jun 7, 2011
Authored by KedAns-Dz, Securityxxxpert | Site metasploit.com

This Metasploit module exploits a stack buffer overflow in CoolPlayer Portable version 2.19.2 by creating a specially crafted .m3u file.

tags | exploit, overflow
MD5 | fda758b57127dacd8ec5226427dc3171
Page 1 of 2
Back12Next

File Archive:

December 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    1 Files
  • 2
    Dec 2nd
    16 Files
  • 3
    Dec 3rd
    17 Files
  • 4
    Dec 4th
    23 Files
  • 5
    Dec 5th
    11 Files
  • 6
    Dec 6th
    10 Files
  • 7
    Dec 7th
    1 Files
  • 8
    Dec 8th
    1 Files
  • 9
    Dec 9th
    15 Files
  • 10
    Dec 10th
    30 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close