exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 31 RSS Feed

Files Date: 2011-06-30

AeroMail 2.80 Cross Site Request Forgery / Cross Site Scripting
Posted Jun 30, 2011
Authored by Justin C. Klein Keane

AeroMail version 2.80 suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | advisory, vulnerability, xss, csrf
SHA-256 | 7d8348ae426db7749bce33b433bb0507a0f5501f057b7a688857e2ebaf601f48
OpenSSH 3.5p1 Remote Root Exploit For FreeBSD
Posted Jun 30, 2011
Authored by Kingcope

Remote root exploit for OpenSSH version 3.5p1 on FreeBSD that affects versions 4.9 and 4.11. Other versions may also be affected. The bug appears to reside in auth2-pam-freebsd.c.

tags | exploit, remote, root
systems | freebsd
SHA-256 | b0a72514bab1b654a9acc1539d19dc102efa3d5f89c49d95b1b5b7dae0a88734
Bottay IRC Bot 2.2
Posted Jun 30, 2011
Authored by Burtay

Bottay IRC Bot can perform s a battery of tests against a given system including, but not limited to, SQL injection, cross site scripting, Joomla/Wordpress detection, port scanning, denial of service, and more.

tags | denial of service, xss, sql injection
SHA-256 | 18bd6eb21ba923dcc2bba1cd7d4cd17791dc289e5163fed5252aeb3105cf92ed
Yakamoz phpMyAdmin Finder
Posted Jun 30, 2011
Authored by Bl4ck.Viper

This is a simple perl script that enumerates various possible directories on a given website in order to determine whether or not a phpMyAdmin instance may be installed.

tags | tool, scanner, perl
systems | unix
SHA-256 | 1f00827393ec5f0b4d92aa4c0dfd1657cfa2e7a567c31c7aec7d9e2d47baf1dc
Asterisk 1.8.x SIP User Enumeration
Posted Jun 30, 2011
Authored by Francesco Tornieri

The INVITE method in use by Asterisk version 1.8.4.4 allows for remote user enumeration.

tags | exploit, remote
SHA-256 | c8d09e1a6bc234ffc02445e7446b5216f7017ea2bb2d57463d5af6d921a8ff5c
Kaillera Emulation Clients Buffer Overflow
Posted Jun 30, 2011
Authored by Sil3nt_Dre4m

Multiple emulation clients that leverage Kaillera suffer from buffer overflow vulnerabilities.

tags | exploit, overflow, vulnerability
SHA-256 | 79d3121b571aa1e6fc233145d27b1fdb99bb91f00a3ce4de2fd922d7981dffbd
Zero Day Initiative Advisory 11-231
Posted Jun 30, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-231 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within how the application parses a Matrix structure within a particular opcode embedded within a .pict file. When using this Matrix structure to transform image data, the application will miscalculate an index to represent a row of an object. This will cause the application to write outside the bounds of the array of objects which can lead to code execution under the context of the application.

tags | advisory, remote, arbitrary, code execution
systems | apple
advisories | CVE-2010-3790
SHA-256 | 93fa8a497789de659332c2262fd9a29a4c4a50320b59ebd628b329dde7d74b9c
Core Security Technologies Advisory 2011.0606
Posted Jun 30, 2011
Authored by Core Security Technologies, Nahuel Riva | Site coresecurity.com

Core Security Technologies Advisory - HP Data Protector is an automated backup and recovery software for single-server to enterprise environments. A vulnerability in HP Data Protector could allow a remote attacker to execute arbitrary code. The vulnerability is triggered by sending a request to port 5555 of a host running the "data protector inet" service, part of HP Data Protector.

tags | exploit, remote, arbitrary
advisories | CVE-2011-1866
SHA-256 | efa1df6ff293fc879184a56101095c205856a98933d395ba652967d9bb7600a0
OpenBSD/x86 reboot Shellcode
Posted Jun 30, 2011
Authored by KedAns-Dz

178 bytes small sys_execve ('/bin/sh -c "reboot"') OpenBSD/x86 shellcode.

tags | x86, shellcode
systems | openbsd
SHA-256 | 94d36b3d5311044309d26bc0029d3da5204b148e3ef361130577c6b4cdbffb0a
Tagonet Portal SQL Injection
Posted Jun 30, 2011
Authored by Net.Edit0r

Tagonet Portal suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | fd067009a97cf61041b5f28f67558f812429396380603567e630c3b7ff0e05df
Ubuntu Security Notice USN-1149-2
Posted Jun 30, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1149-2 - USN-1149-1 fixed vulnerabilities in Firefox. Unfortunately, a regression was introduced that prevented cookies from being stored properly when the hostname was a single character. This update fixes the problem.

tags | advisory, vulnerability
systems | linux, ubuntu
advisories | CVE-2011-2374, CVE-2011-2376
SHA-256 | b0030ac11bbbf369d43ec84e244c221f725cfc7e87e72a43fe5febc8c991e4f7
Core Security Technologies Advisory 2011.0514
Posted Jun 30, 2011
Authored by Core Security Technologies, Oren Isacson | Site coresecurity.com

Core Security Technologies Advisory - HP Data Protector is an automated backup and recovery software for single-server to enterprise environments. Multiple vulnerabilities have been found in HP Data Protector that could allow a remote attacker to execute arbitrary code and lead to denial of service conditions. The vulnerabilities are triggered by sending a request to port 5555 of a host running the "data protector inet" service, part of HP Data Protector. The request has several parameters, including an opcode. By sending requests with specially crafted parameters, the different bugs can be triggered.

tags | exploit, remote, denial of service, arbitrary, vulnerability
advisories | CVE-2011-1865, CVE-2011-1514, CVE-2011-1515
SHA-256 | f98a13749e7a39ecb264fe5f8d281306487eb2c3e90b78c64ce6d9396ad34261
del2info Windows Analyzer 0.1
Posted Jun 30, 2011
Authored by Filip Szymanski | Site code.google.com

The del2info utility was written to analyze Windows Recycle Bin INFO2 and $I?????? files. It can extract file deletion time, original path, and size of deleted files and whether they have been moved from the Recycle Bin. It supports files from Windows 2000 to 7.

systems | windows, unix
SHA-256 | fa2edd460df117e52c39ad39b8b0f0b417b334196c7359a880ad8fe1e451c3c8
Zero Day Initiative Advisory 11-230
Posted Jun 30, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-230 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Quicktime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way Quicktime handles Apple Lossless Audio Codec streams. While parsing the sample description for the 'alac' codec an integer wrap can occur that results in the allocation of a memory buffer that is smaller than intended. When Quicktime writes to this buffer it causes a memory corruption that can lead to remote code execution under the context of the current user.

tags | advisory, remote, arbitrary, code execution
systems | apple
advisories | CVE-2011-0211
SHA-256 | d8034660e6963425225158849ca792e846c8746451dad4749976d745f85b8dd1
PHPnuke MT 8.3.5 ckfinder Shell Upload
Posted Jun 30, 2011
Authored by Net.Edit0r

PHPnuke MT version 8.3.5 suffers from a ckfinder related shell upload vulnerability.

tags | exploit, shell
SHA-256 | 5bbbecbade42cde659b1d59dacca2454d8b777cfecb32e28c9b2e431dc918a49
Zero Day Initiative Advisory 11-229
Posted Jun 30, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-229 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within how the application parses a specially formatted RIFF WAV file. When parsing a fmt chunk within the file, the application will use a 32-bit field to calculate the size of a buffer to allocate. Before the allocation, the application will add 0x14 bytes to the result. Due to restrictions imposed on the implementation of this component by the language and it's platform, an integer overflow can be made to occur. This can lead to code execution under the context of the application.

tags | advisory, remote, overflow, arbitrary, code execution
systems | apple
advisories | CVE-2011-0209
SHA-256 | cc0afeb7e583655aea518f9cb5b7f91713d652a00274049f8893af656f0739f7
J Software Solutions SQL Injection
Posted Jun 30, 2011
Authored by eXeSoul

J Software Solutions suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 323a8dfd100e64a87696245ce193cbf7e6859e0ece4c863d30d4ef770c61ab41
Debian Security Advisory 2266-1
Posted Jun 30, 2011
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2266-1 - Several vulnerabilities were discovered in PHP, which could lead to denial of service or potentially the execution of arbitrary code.

tags | advisory, denial of service, arbitrary, php, vulnerability
systems | linux, debian
advisories | CVE-2010-2531, CVE-2011-0420, CVE-2011-0421, CVE-2011-0708, CVE-2011-1153, CVE-2011-1466, CVE-2011-1471, CVE-2011-2202
SHA-256 | 40ee0fdcf0a402b4e148929bf52520da5205fe15c50c8dae5bbc534b47bdd4b6
SmallFTPd 1.0.3-fix Denial Of Service
Posted Jun 30, 2011
Authored by Myo Soe

SmallFTPd versions 1.0.3-fix and below suffer from a denial of service vulnerability.

tags | advisory, denial of service
SHA-256 | 357d42dc0e210b67dc4190a596afff45fb42d94b2bb60535a42f73a07134267c
Zero Day Initiative Advisory 11-228
Posted Jun 30, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-228 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari on Windows and multiple applications on OSX. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The flaw exists within the ColorSync component which is used when handling image files containing embedded ICC data. When handling the ncl2 tag the process miscalculates an integer value used in a memory allocation. This buffer is later used as a destination when copying user controlled data. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the user running the application.

tags | advisory, remote, arbitrary
systems | windows, apple
advisories | CVE-2011-0200
SHA-256 | 28f0c86a7153f8ab01da15469d3e82484598e321f5062bb00f5e5d3205b4d7be
Secunia Security Advisory 45124
Posted Jun 30, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for the kernel. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to disclose certain sensitive and system information, bypass certain security restrictions, conduct session hijacking attacks, cause a DoS (Denial of Service), and potentially gain escalated privileges, by malicious people with physical access to potentially compromise a vulnerable system, and by malicious people to cause a DoS and potentially compromise a vulnerable system.

tags | advisory, denial of service, kernel, local, vulnerability
systems | linux, suse
SHA-256 | 4ffb77f3ab1f840fe32aa20e5965a64c20f6f4c30f495c2f6e02f642a6f1f57c
Secunia Security Advisory 45062
Posted Jun 30, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for php5. This fixes a weakness and multiple vulnerabilities, which can be exploited by malicious people to disclose system and potentially sensitive information, bypass certain security restrictions, cause a DoS (Denial of Service), and potentially compromise a vulnerable system.

tags | advisory, denial of service, vulnerability
systems | linux, debian
SHA-256 | 3a3fbac5cc5c6f1c77c0b45ef33359815c9bc9af5acc80a0a61d4d6faf84a236
Secunia Security Advisory 45122
Posted Jun 30, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fedora has issued an update for syslog-ng. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | linux, fedora
SHA-256 | 76da70b29460b6fb2d0831a5a018a86b72d5cab378e315123716e520add40816
Secunia Security Advisory 45116
Posted Jun 30, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for linux-mvl-dove. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to disclose certain sensitive and system information, bypass certain security restrictions, cause a DoS (Denial of Service), and potentially gain escalated privileges, by malicious people with physical access to potentially compromise a vulnerable system, and by malicious people to cause a DoS.

tags | advisory, denial of service, local, vulnerability
systems | linux, ubuntu
SHA-256 | 9c5f28fe3cae6804eadc073868c6d8fc7a2c8a11627c6c67822ddac717840b1b
Secunia Security Advisory 45106
Posted Jun 30, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in IBM WebSphere Portal and IBM Lotus Web Content Management, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, web, xss
SHA-256 | b52f9d1a2e59ace269deba03497414c879f53101c95bcde21f8adb3f84f5dc0f
Page 1 of 2
Back12Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close