what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 47 RSS Feed

Files Date: 2011-06-17

AlgoPars Software Co SQL Injection
Posted Jun 17, 2011
Authored by Bl4ck.Viper

AlgoPars Software Co suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | cb80b84e4a89dc7d1369a13d116cdf146b6a561999dba164d3f6f8553ea40f51
Packet Fence 2.2.1
Posted Jun 17, 2011
Site packetfence.org

PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.

Changes: Minor release focusing on stability. There's new hardware support: AeroHIVE AP, Dlink DES3550, DGS3200, and HP ProCurve 5400 series. Improved support for ExtremeNetworks Summit series. Enhancements include an improved user experience with iPod, iPhone, and iPad, performance improvements, documentation updates, and other minor polish. Issues fixed include a very important Cisco problem related to Voice over IP, a node expiration problem, Nortel switch problems, and some installer errors.
tags | tool, remote
systems | unix
SHA-256 | ac46269507cda5773554b5fa288a540d4d815b375884ab3939dd48747c846c15
Adobe Reader / Acrobat 10.0.1 Denial Of Service
Posted Jun 17, 2011
Authored by Soroush Dalili

This is a proof of concept denial of service exploit for Adobe Reader / Acrobat 10.0.1.

tags | exploit, denial of service, proof of concept
systems | linux
SHA-256 | f4707181a5488c9a9c04dd3216eef79a7d475b24d554758aac8d2f6d346f71c2
Red Hat Security Advisory 2011-0882-01
Posted Jun 17, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-0882-01 - This package provides jabberd 2, an Extensible Messaging and Presence Protocol server used for XML based communication. It was found that the jabberd daemon did not properly detect recursion during entity expansion. A remote attacker could provide a specially-crafted XML file containing a large number of nested entity references, which once processed by the jabberd daemon, could lead to a denial of service.

tags | advisory, remote, denial of service, protocol
systems | linux, redhat
advisories | CVE-2011-1755
SHA-256 | 1110695f1e97b5b4f6657fd235000165d4abbff25d96cadd1d93de7d9b0af48e
Red Hat Security Advisory 2011-0881-01
Posted Jun 17, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-0881-01 - This package provides jabberd 2, an Extensible Messaging and Presence Protocol server used for XML based communication. It was found that the jabberd daemon did not properly detect recursion during entity expansion. A remote attacker could provide a specially-crafted XML file containing a large number of nested entity references, which once processed by the jabberd daemon, could lead to a denial of service.

tags | advisory, remote, denial of service, protocol
systems | linux, redhat
advisories | CVE-2011-1755
SHA-256 | d5b543350c6b219c4dba13b68ad6d5967dcdb4d359eb2678d8220aff9794bd24
Debian Security Advisory 2263-1
Posted Jun 17, 2011
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2263-1 - It was discovered that Movable Type, a weblog publishing system, contains several security vulnerabilities.

tags | advisory, vulnerability
systems | linux, debian
SHA-256 | 8fc54eb762cee66133b2d40eae0d58683f681c792f3c0ff4b4ee21e596413b40
Red Hat Security Advisory 2011-0880-01
Posted Jun 17, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-0880-01 - This update corrects several security vulnerabilities in the IBM Java Runtime Environment shipped as part of Red Hat Network Satellite 5.4.1. In a typical operating environment, these are of low security risk as the runtime is not used on untrusted applets. This update fixes several vulnerabilities in the IBM Java 2 Runtime Environment. Detailed vulnerability descriptions are linked from the IBM "Security alerts" page, listed in the References section. Various other issues were also addressed.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2009-3555, CVE-2010-1321, CVE-2010-3541, CVE-2010-3548, CVE-2010-3549, CVE-2010-3550, CVE-2010-3551, CVE-2010-3553, CVE-2010-3555, CVE-2010-3556, CVE-2010-3557, CVE-2010-3558, CVE-2010-3560, CVE-2010-3562, CVE-2010-3563, CVE-2010-3565, CVE-2010-3566, CVE-2010-3568, CVE-2010-3569, CVE-2010-3571, CVE-2010-3572, CVE-2010-3573, CVE-2010-3574, CVE-2010-4422, CVE-2010-4447, CVE-2010-4448, CVE-2010-4452, CVE-2010-4454
SHA-256 | 23e57d99b78195d5d080dfd7d6831e809d977086b9839464c667dc791c8b7697
Red Hat Security Advisory 2011-0879-01
Posted Jun 17, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-0879-01 - Red Hat Network Satellite provides a solution to organizations requiring absolute control over and privacy of the maintenance and package deployment of their servers. It allows organizations to utilize the benefits of the Red Hat Network without having to provide public Internet access to their servers or other client systems. It was found that RHN Satellite did not protect against Cross-Site Request Forgery attacks. If an authenticated RHN Satellite user visited a specially-crafted web page, it could lead to unauthorized command execution with the privileges of that user, for example, creating a new user account, granting administrator privileges to user accounts, disabling the account of the current user, and so on. Various other issues were also addressed.

tags | advisory, web, csrf
systems | linux, redhat
advisories | CVE-2009-4139
SHA-256 | 57cd463dbaf289e333106899b57f173975b34eaa6fa399b66cf2c25c2b6269c9
Rapid Full Download Cross Site Scripting
Posted Jun 17, 2011
Authored by Bl4ck.Viper

Rapid Full Download suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | fbe0605fdd813b383bc91fde5c694b932966bbe956980781c33f65dc3f3393fe
Ubuntu Security Notice USN-1154-1
Posted Jun 17, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1154-1 - It was discovered that a heap overflow in the AWT FileDialog.show() method could allow an attacker to cause a denial of service through an application crash or possibly execute arbitrary code. It was discovered that integer overflows in the JPEGImageReader readImage() function and the SunLayoutEngine nativeLayout() function could allow an attacker to cause a denial of service through an application crash or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, overflow, arbitrary
systems | linux, ubuntu
advisories | CVE-2011-0862, CVE-2011-0815, CVE-2011-0822, CVE-2011-0862, CVE-2011-0864, CVE-2011-0865, CVE-2011-0867, CVE-2011-0868, CVE-2011-0869, CVE-2011-0870, CVE-2011-0871, CVE-2011-0872
SHA-256 | b8678edae4561e9f93f6e10ebcdb337635cb2b334bf27aa584409a4de58814ef
vBulletin VBExperience Cross Site Scripting
Posted Jun 17, 2011
Authored by Mr.ThieF

The vBExperience add-on as shipped with vBulletin versions 3.x.x and 4.x.x suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | e45483003574c24072a4ea684eb504b8ab7dfaaaf34ed36b7ffdcec312891b79
WeBid 1.0.2 Cross Site Scripting / SQL Injection
Posted Jun 17, 2011
Authored by Saif El-Sherei

WeBid version 1.0.2 suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
SHA-256 | 0bce39b5bffc7a4bc13046662ad8b39b8fab588076ace249f26f92528f70f715
Essential PIM 4.22 Outdated Libraries
Posted Jun 17, 2011
Authored by Stefan Kanthak

Essential PIM version 4.22 is shipping with multiple outdated and vulnerable libraries.

tags | advisory
SHA-256 | 1c8068f330cbf75f9c18acb0f6c9b09b5389bace36fd4ae4a08117062a144c41
MS11-050 IE mshtml!CObjectElement Use After Free
Posted Jun 17, 2011
Authored by d0c_s4vage | Site metasploit.com

This Metasploit module exploits a use-after-free vulnerability in Internet Explorer. The vulnerability occurs when an invalid object tag exists and other elements overlap/cover where the object tag should be when rendered (due to their styles/positioning). The mshtml!CObjectElement is then freed from memory because it is invalid. However, the mshtml!CDisplay object for the page continues to keep a reference to the freed <object> and attempts to call a function on it, leading to the use-after-free.

tags | exploit
advisories | CVE-2011-1256, OSVDB-72948
SHA-256 | b32377ac3beaa1414985310c6140cd9cbefd81ce42b9a9337bf648771c0e9476
Braa SNMP Scanner 0.82
Posted Jun 17, 2011
Authored by Mateusz Golicz

Braa is a mass snmp scanner. The intended usage of such a tool is of course making SNMP queries - but unlike snmpget or snmpwalk from net-snmp, it is able to query dozens or hundreds of hosts simultaneously, and in a single process. Thus, it consumes very few system resources and does the scanning VERY fast.

tags | tool, scanner
systems | unix
SHA-256 | d650d34cdf30fcbbbbf4e4f11c8f5d51fd5caa3cca58d620fa1d978b8c18919c
Secunia Security Advisory 44985
Posted Jun 17, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for libxml2. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise an application using the library.

tags | advisory, denial of service
systems | linux, ubuntu
SHA-256 | e9de96d7a27fe2ef47311fac6b645340abd8bea016be2663ae5d7fef45efb9ec
Secunia Security Advisory 44999
Posted Jun 17, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in GNU Troff, which can be exploited by malicious, local users to perform certain actions with escalated privileges.

tags | advisory, local
SHA-256 | 0c2f1086b1564a3ee08bc29d5ee4f71904c8da2139bc8d0d255ec2bf5ea10d66
Secunia Security Advisory 44960
Posted Jun 17, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for jabberd. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | linux, redhat
SHA-256 | e252a32eb3396b16ddd43c38e73f72749e52bf121868a4ce25eb996da5acb316
Secunia Security Advisory 44959
Posted Jun 17, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has acknowledged a vulnerability in Red Hat Network Satellite Server, which can be exploited by malicious people to conduct cross-site request forgery attacks.

tags | advisory, csrf
systems | linux, redhat
SHA-256 | 2059ff447bd990c3a1df7730d113062cf6715164e273cc7dd394fe76666911f2
Secunia Security Advisory 44921
Posted Jun 17, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - IBM has acknowledged a vulnerability in IBM Tivoli Business Service Manager, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory
SHA-256 | 5fd96d98ae5cf3b6dba7fafb39ee0f4b26a12552aa75a6fcf5d125259ac272be
Secunia Security Advisory 44942
Posted Jun 17, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for openjdk-6. This fixes multiple vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, manipulate certain data, cause a DoS (Denial of Service), compromise a user's system, and compromise a vulnerable system.

tags | advisory, denial of service, vulnerability
systems | linux, ubuntu
SHA-256 | 3a86f8fa57b00ff3aa37d3aa1925abcd8a167d8f1adcc9750f97f32370fbf73e
Secunia Security Advisory 44918
Posted Jun 17, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue has been reported in Digicom IP CAMERA 100W, which can be exploited by malicious people to bypass certain security restrictions.

tags | advisory
SHA-256 | 91d95bb3adba83a97264b94731cd7053d4be0fa5911392077d150a19352cf7f7
Secunia Security Advisory 44972
Posted Jun 17, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Context has reported a weakness in Mozilla Firefox, which can be exploited by malicious people to disclose potentially sensitive information.

tags | advisory
SHA-256 | f0b409c2e2d51fcd670dd1cd4e6a729b20f6cc503e7fc1735a74769815b3ce77
Secunia Security Advisory 44952
Posted Jun 17, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in Group-Office, which can be exploited by malicious users to conduct SQL injection attacks.

tags | advisory, vulnerability, sql injection
SHA-256 | 5744d13fef6bb2a05ad20708f4f3fe5698f096f7d0041eefe4ca9f465a1ae36d
Secunia Security Advisory 45000
Posted Jun 17, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A weakness has been reported in FreeBSD, which can be exploited by malicious, local users to disclose certain system information.

tags | advisory, local
systems | freebsd
SHA-256 | de742db5ec137cee565a182830a12f3a95334988a44609265d77b64cf5f58a61
Page 1 of 2
Back12Next

File Archive:

June 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    19 Files
  • 2
    Jun 2nd
    16 Files
  • 3
    Jun 3rd
    28 Files
  • 4
    Jun 4th
    0 Files
  • 5
    Jun 5th
    0 Files
  • 6
    Jun 6th
    19 Files
  • 7
    Jun 7th
    23 Files
  • 8
    Jun 8th
    11 Files
  • 9
    Jun 9th
    10 Files
  • 10
    Jun 10th
    4 Files
  • 11
    Jun 11th
    0 Files
  • 12
    Jun 12th
    0 Files
  • 13
    Jun 13th
    0 Files
  • 14
    Jun 14th
    0 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    0 Files
  • 18
    Jun 18th
    0 Files
  • 19
    Jun 19th
    27 Files
  • 20
    Jun 20th
    65 Files
  • 21
    Jun 21st
    10 Files
  • 22
    Jun 22nd
    8 Files
  • 23
    Jun 23rd
    6 Files
  • 24
    Jun 24th
    6 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close