what you don't know can hurt you
Showing 1 - 25 of 49 RSS Feed

Files Date: 2011-06-09

Ubuntu Security Notice USN-1146-1
Posted Jun 9, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1146-1 - Kees Cook discovered that some ethtool functions did not correctly clear heap memory. A local attacker with CAP_NET_ADMIN privileges could exploit this to read portions of kernel heap memory, leading to a loss of privacy. Kees Cook discovered that the IOWarrior USB device driver did not correctly check certain size fields. A local attacker with physical access could plug in a specially crafted USB device to crash the system or potentially gain root privileges. Various other issues were also addressed.

tags | advisory, kernel, local, root
systems | linux, ubuntu
advisories | CVE-2010-4655, CVE-2010-4656, CVE-2011-0463, CVE-2011-0695, CVE-2011-0712, CVE-2011-1012, CVE-2011-1017, CVE-2011-1593
MD5 | 71e6b39eab78b5479506bbaad126083f
byTolinet Agencia Blind SQL Injection
Posted Jun 9, 2011
Authored by Andrea Bocchetti

byTolinet Agencia suffers from a remote blind SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 99192d5be1a71b2e20da68e3e70fc00f
Pacer Edition CMS 2.1 Cross Site Scripting
Posted Jun 9, 2011
Authored by LiquidWorm | Site zeroscience.mk

Pacer Edition CMS suffers from a cross site scripting vulnerability when parsing user input to the 'email' parameter via POST method in 'admin/login/forgot/index.php'.

tags | exploit, php, xss
MD5 | 04332a8f5d83ca9a9cb3c22f9e157535
Pacer Edition CMS 2.1 Arbitrary File Deletion
Posted Jun 9, 2011
Authored by LiquidWorm | Site zeroscience.mk

Pacer Edition CMS version 2.1 remote arbitrary file deletion exploit.

tags | exploit, remote, arbitrary
MD5 | 6fa7455280f7689c775c516c148f3048
ClubHACK Magazine Issue 17
Posted Jun 9, 2011
Authored by clubhack | Site chmag.in

ClubHACK Magazine Issue 17 - Topics covered include pentesting your wireless, wi-fi tools, best practices for wi-fi networks, and forensics with Matriux.

tags | magazine
MD5 | 30bd3105664b47de50d066a8090f0d17
Tabnapping Phishing Proof Of Concept
Posted Jun 9, 2011
Authored by Aza Raskin | Site azarask.in

This is proof of concept chunk of javascript code that demonstrates the tabnapping phishing vulnerability that works across multiple browsers.

tags | exploit, javascript, proof of concept
MD5 | 0798eca412855d4d6368170233a1e226
Clam AntiVirus Toolkit 0.97.1
Posted Jun 9, 2011
Authored by Tomasz Kojm | Site clamav.net

Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a commandline scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.

Changes: This is a bugfix release recommended for all users.
tags | virus
systems | unix
MD5 | 4f3fb74ff1098c25eef8e10721478c29
EquiPCS SQL Injection
Posted Jun 9, 2011
Authored by Sideswipe

EquiPCS suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 888bb63e21e3f6311a72540ab518599f
John The Ripper 1.7.7 Jumbo 6
Posted Jun 9, 2011
Authored by Solar Designer | Site openwall.com

John the Ripper is a fast password cracker, currently available for many flavors of Unix, Windows, DOS, BeOS, and OpenVMS. Its primary purpose is to detect weak Unix passwords. It supports several crypt(3) password hash types commonly found on Unix systems, as well as Windows LM hashes. On top of this, many other hash types are added with contributed patches, and some are added in John the Ripper Pro. This is the community enhanced version.

Changes: Support for cracking OpenSSH's passphrase-protected SSH protocol 2 private keys (with OpenMP parallelization), password-protected PDF files with RC4 encryption, and some password-protected RAR archives has been added. Support for SybaseASE, hmailserver, and MediaWiki "B" type password hashes has been added. There were also many minor enhancements.
tags | cracker
systems | windows, unix, beos
MD5 | 5f58b600c6332ab8234fd40d842caed8
FreeBSD/x86 SmallBind TCP/31337 Shellcode
Posted Jun 9, 2011
Authored by KedAns-Dz

27 bytes small FreeBSD/x86 shellcode that binds a shell on port 31337.

tags | shell, x86, shellcode
systems | freebsd
MD5 | 3165388a38477a6cabe2c64269aeec79
Polycom IP Phone Password Disclosure
Posted Jun 9, 2011
Authored by Pr0T3cT10n

The Polycom IP Phone suffers from a remote password disclosure vulnerability.

tags | exploit, remote, info disclosure
MD5 | b1224d46a4db7227a0b3f7a58850767e
PDFill PDF Editor 8.0 Insecure Library Loading
Posted Jun 9, 2011
Authored by Rob Kraus | Site solutionary.com

PDFill PDF Editor version 8.0 suffers from an insecure library loading vulnerability.

tags | advisory
MD5 | 706f0d7e7d5c625798c43a9f1540fd4f
Aastra IP Phone 9480i Data Disclosure
Posted Jun 9, 2011
Authored by Pr0T3cT10n

The Aastra IP Phone 9480i web interface suffers from a data disclosure vulnerability.

tags | exploit, web, info disclosure
MD5 | 57b6bdfc3cf1c0312e6bf508d56db373
FreePBX 2.9.0.6 Shell Upload
Posted Jun 9, 2011
Authored by Tiago Ferreira

FreePBX version 2.9.0.6 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
MD5 | 6b94049bbc627fffc65881801ecfc7f7
Booxys Hotel 1.0 Cross Site Scripting
Posted Jun 9, 2011
Authored by Net.Edit0r

Booxys Hotel version 1.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 2b3be526f91749818e51f716d4324044
HP Security Bulletin HPSBMA02631 SSRT100324
Posted Jun 9, 2011
Authored by HP | Site hp.com

HP Security Bulletin HPSBMA02631 SSRT100324 - A potential security vulnerability has been identified with HP OpenView Storage Data Protector. The vulnerability could be remotely exploited to execute arbitrary code. Revision 1 of this advisory.

tags | advisory, arbitrary
advisories | CVE-2011-1864
MD5 | 4a751040dfa49e7e1f6235dd128d28c5
Magneto ICMP ActiveX 4.0.0.20 ICMPSendEchoRequest Remote Code Execution
Posted Jun 9, 2011
Authored by KedAns-Dz, boahat | Site metasploit.com

This Metasploit module exploits a remote code execution vulnerability in Magneto ICMP ActiveX Control (OCX) version 4.0.0.20.

tags | exploit, remote, code execution, activex
MD5 | 093c742194adf883f8eff9204d0c4cdd
Prefix Technologies SQL Injection
Posted Jun 9, 2011
Authored by KedAns-Dz

Prefix Technologies suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | e799856ed4f3da61482f96f5c98cd76f
Zero Day Initiative Advisory 11-192
Posted Jun 9, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-192 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Java. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way Java webstart parses certain properties from the jnlp file. Due to insufficient quote escaping it is possible to supply additional command line parameters to the java process. By crafting such parameters, an attacker can execute remote code under the context of the user running the process.

tags | advisory, java, remote, arbitrary
advisories | CVE-2011-0863
MD5 | b27d262ee7ef6bf36113d7d810303811
Zero Day Initiative Advisory 11-191
Posted Jun 9, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-191 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Java Runtime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way Java handles color profiles. When parsing a color profile containing a 'scrn' tag, the process reads a user specified value describing the number of scrn objects in the file. This value is multiplied with the size of an scrn object possibly resulting in an integer overflow. This value is then used to allocate memory to hold all the scrn objects. By providing specific values it is possible to cause a memory corruption that can lead to remote code being executed under to user running the browser.

tags | advisory, java, remote, overflow, arbitrary
advisories | CVE-2011-0862
MD5 | c895ba257b889472c9e1e5883cc2ec25
Red Hat Security Advisory 2011-0862-01
Posted Jun 9, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-0862-01 - Subversion is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. The mod_dav_svn module is used with the Apache HTTP Server to allow access to Subversion repositories via HTTP. An infinite loop flaw was found in the way the mod_dav_svn module processed certain data sets. If the SVNPathAuthz directive was set to "short_circuit", and path-based access control for files and directories was enabled, a malicious, remote user could use this flaw to cause the httpd process serving the request to consume an excessive amount of system memory. Various other issues were also addressed.

tags | advisory, remote, web
systems | linux, redhat
advisories | CVE-2011-1752, CVE-2011-1783, CVE-2011-1921
MD5 | 86d938e640147e2fd937a76f09898688
7-Technologies IGSS 9 IGSSdataServer .RMS Rename Buffer Overflow
Posted Jun 9, 2011
Authored by Luigi Auriemma, sinn3r | Site metasploit.com

This Metasploit module exploits a vulnerability found on 7-Technologies IGSS 9. By supplying a long string of data to the 'Rename' (0x02), 'Delete' (0x03), or 'Add' (0x04) command, a buffer overflow condition occurs in IGSSdataServer.exe while handing an RMS report, which results arbitrary code execution under the context of the user. The attack is carried out in three stages. The first stage sends the final payload to IGSSdataServer.exe, which will remain in memory. The second stage sends the Add command so the process can find a valid ID for the Rename command. The last stage then triggers the vulnerability with the Rename command, and uses an egghunter to search for the shellcode that we sent in stage 1. The use of egghunter appears to be necessary due to the small buffer size, which cannot even contain our ROP chain and the final payload.

tags | exploit, overflow, arbitrary, shellcode, code execution
MD5 | 06fbc62d603706cbc91f88964ef39e91
Secunia Security Advisory 44888
Posted Jun 9, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for subversion. This fixes two vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service, vulnerability
systems | linux, redhat
MD5 | 7479c2c497761febbd1416882fe99e02
Secunia Security Advisory 44818
Posted Jun 9, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for java-1.6.0-sun. This fixes multiple vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, manipulate certain data, compromise a user's system, and compromise a vulnerable system.

tags | advisory, java, vulnerability
systems | linux, redhat
MD5 | d11cfc400a5e40b3a2dcbb21ced3a0f8
Secunia Security Advisory 44887
Posted Jun 9, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in the Horde_Auth Framework, which can be exploited by malicious people to bypass certain security features.

tags | advisory
MD5 | f88f6c5254024b62b72f01c8c4821797
Page 1 of 2
Back12Next

File Archive:

August 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    10 Files
  • 2
    Aug 2nd
    8 Files
  • 3
    Aug 3rd
    2 Files
  • 4
    Aug 4th
    1 Files
  • 5
    Aug 5th
    15 Files
  • 6
    Aug 6th
    79 Files
  • 7
    Aug 7th
    16 Files
  • 8
    Aug 8th
    10 Files
  • 9
    Aug 9th
    10 Files
  • 10
    Aug 10th
    0 Files
  • 11
    Aug 11th
    6 Files
  • 12
    Aug 12th
    26 Files
  • 13
    Aug 13th
    15 Files
  • 14
    Aug 14th
    19 Files
  • 15
    Aug 15th
    52 Files
  • 16
    Aug 16th
    11 Files
  • 17
    Aug 17th
    1 Files
  • 18
    Aug 18th
    1 Files
  • 19
    Aug 19th
    18 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close