what you don't know can hurt you
Showing 1 - 25 of 34 RSS Feed

Files Date: 2011-07-19

Debian Security Advisory 2280-1
Posted Jul 19, 2011
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2280-1 - It was discovered that libvirt, a library for interfacing with different virtualization systems, is prone to an integer overflow. Additionally, the stable version is prone to a denial of service, because its error reporting is not thread-safe.

tags | advisory, denial of service, overflow
systems | linux, debian
advisories | CVE-2011-2511, CVE-2011-1486
MD5 | 08fa914d8f8a3a4c31895f9b625b3866
FreeFloat FTP Server REST Buffer Overflow
Posted Jul 19, 2011
Authored by C4SS!0 G0M3S, KaHPeSeSe | Site metasploit.com

This Metasploit module exploits a FreeFloat FTP Server Buffer Overflow found in the REST command.

tags | exploit, overflow
MD5 | c5bdbb0f0f316cbac6d0e94b9098ae04
FreeFloat FTP Server 1.0 ACCL Buffer Overflow
Posted Jul 19, 2011
Authored by mortis

FreeFloat FTP server version 1.0 ACCL buffer overflow exploit that binds a shell to port 4444.

tags | exploit, overflow, shell
MD5 | 96498897fa02db0e8cb5cf459edfa0b8
Lotus Domino Denial Of Service
Posted Jul 19, 2011

Lotus Domino version 8.5.3 suffers from a denial of service vulnerability when parsing malformed .ics files.

tags | exploit, denial of service
MD5 | f5f5ee8c861b0e6d535ad084b3610795
Debian Security Advisory 2279-1
Posted Jul 19, 2011
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2279-1 - It was discovered that libapache2-mod-authnz-external, an apache authentication module, is prone to an SQL injection via the $user parameter.

tags | advisory, sql injection
systems | linux, debian
advisories | CVE-2011-2688
MD5 | 857f53a2c2d3be4a6cb0f2095def9b43
Red Hat Security Advisory 2011-0959-01
Posted Jul 19, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-0959-01 - Mutt is a text-mode mail user agent. A flaw was found in the way Mutt verified SSL certificates. When a server presented an SSL certificate chain, Mutt could ignore a server hostname check failure. A remote attacker able to get a certificate from a trusted Certificate Authority could use this flaw to trick Mutt into accepting a certificate issued for a different hostname, and perform man-in-the-middle attacks against Mutt's SSL connections. All Mutt users should upgrade to this updated package, which contains a backported patch to correct this issue. All running instances of Mutt must be restarted for this update to take effect.

tags | advisory, remote
systems | linux, redhat
advisories | CVE-2011-1429
MD5 | b410278fef774d9b3df678d19a0a978e
Agent Image SQL Injection
Posted Jul 19, 2011
Authored by Ehsan_Hp200

Agent Image suffers from a remote SQL injection vulnerability in news_detail.php.

tags | exploit, remote, php, sql injection
MD5 | 78dce31508fa4b2b04917e571cfaf6f1
SD Professionals LLC SQL Injection
Posted Jul 19, 2011
Authored by Ehsan_Hp200

SD Professionals LLC maintained sites appear to suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 7cb511c6f0a4eb999948c195c3db469e
Dow Group SQL Injection
Posted Jul 19, 2011
Authored by Ehsan_Hp200

Dow Group suffers from a remote SQL injection vulnerability in sub.php.

tags | exploit, remote, php, sql injection
MD5 | 0dddd27476247a322e1b8d59805d8ba0
Centralia SQL Injection
Posted Jul 19, 2011
Authored by Netrondoank

Centralia suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | f9e52c74f03d22d21a9db6c4867dd8e5
Techforge Script SQL Injection
Posted Jul 19, 2011
Authored by HeRoTuRK

Techforge Script suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 313533bb92365361589467f43b17fd64
Neudimenxion CMS SQL Injection
Posted Jul 19, 2011
Authored by Netrondoank

Neudimenxion CMS suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | e587d982333d6bcb85ceda3a6b27236a
WordPress Security Scanner 1.0
Posted Jul 19, 2011
Authored by Ryan Dewhurst | Site code.google.com

WordPress Security Scanner can perform username enumeration, weak password cracking, version / vulnerability / plugin enumeration, and more.

tags | tool, scanner
systems | unix
MD5 | 4cc0cb9504a7fb04440f261720449e16
Iconics GENESIS32 Integer Overflow
Posted Jul 19, 2011
Authored by Luigi Auriemma, corelanc0d3r, Lincoln | Site metasploit.com

Iconics GENESIS32 version 9.21.201.01 suffers from an integer overflow vulnerability. The GenBroker service on port 38080 is affected by three integer overflow vulnerabilities while handling opcode 0x4b0, which is caused by abusing the the memory allocations needed for the number of elements passed by the client. This results unexpected behaviors such as direct registry calls, memory location calls, or arbitrary remote code execution. Please note that in order to ensure reliability, this exploit will try to open calc (hidden), inject itself into the process, and then open up a shell session. Also, DEP bypass is supported.

tags | exploit, remote, overflow, arbitrary, shell, registry, vulnerability, code execution
MD5 | 598c01f621d3562c965ff0d9cbaa8d3c
Zero Day Initiative Advisory 11-236
Posted Jul 19, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-236 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of EMC Documentum eRoom Indexing Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the bundled implementation of OpenText's HummingBird Connector. When parsing a particular packet received from a TCP connection, the application will attempt to copy part of the packet's contents into a buffer located on the stack. Due to not completely accommodating for the size of the data in the packet, the application will overwrite variables positioned after the buffer. This can lead to code execution under the context of the server.

tags | advisory, remote, arbitrary, tcp, code execution
advisories | CVE-2011-1741
MD5 | 7cbb9e158f54922fc32daaa083f5a247
Red Hat Security Advisory 2011-0953-01
Posted Jul 19, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-0953-01 - system-config-firewall is a graphical user interface for basic firewall setup. It was found that system-config-firewall used the Python pickle module in an insecure way when sending data to the privileged back-end mechanism. A local user authorized to configure firewall rules using system-config-firewall could use this flaw to execute arbitrary code with root privileges, by sending a specially-crafted serialized object.

tags | advisory, arbitrary, local, root, python
systems | linux, redhat
advisories | CVE-2011-2520
MD5 | cdb3acbda8d36c1862844c7a30f4aab6
Mandriva Linux Security Advisory 2011-114
Posted Jul 19, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-114 - oggparsevorbis.c in FFmpeg 0.5 does not properly perform certain pointer arithmetic, which might allow remote attackers to obtain sensitive memory contents and cause a denial of service via a crafted file that triggers an out-of-bounds read. vorbis_dec.c in FFmpeg 0.5 uses an assignment operator when a comparison operator was intended, which might allow remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted file that modifies a loop counter and triggers a heap-based buffer overflow. Various other issues were also addressed.

tags | advisory, remote, denial of service, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2009-4632, CVE-2009-4633, CVE-2009-4634, CVE-2009-4635, CVE-2009-4636, CVE-2009-4640, CVE-2010-3429, CVE-2010-4704, CVE-2011-0722, CVE-2011-0723
MD5 | 11781717ba26baa96445fb242f81e108
Red Hat Security Advisory 2011-0952-01
Posted Jul 19, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-0952-01 - JBoss Enterprise SOA Platform is the next-generation ESB and business process automation infrastructure. JBoss Enterprise SOA Platform allows IT to leverage existing, modern, and future integration methodologies to dramatically improve business process execution speed and quality. It was found that the fix for CVE-2011-1484 was incomplete: JBoss Seam 2 did not block access to all malicious JBoss Expression Language constructs in page exception handling, allowing arbitrary Java methods to be executed. A remote attacker could use this flaw to execute arbitrary code via a specially-crafted URL provided to certain applications based on the JBoss Seam 2 framework.

tags | advisory, java, remote, arbitrary
systems | linux, redhat
advisories | CVE-2011-2196
MD5 | 8b73999f7f6e586da25a1e2fe6ceb3f1
What Is A Vulnerability Assessment?
Posted Jul 19, 2011
Site demyo.com

Whitepaper called What is a vulnerability assessment?

tags | paper
MD5 | d47e74bceae27c15d2b3218474350a38
Mandriva Linux Security Advisory 2011-112
Posted Jul 19, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-112 - oggparsevorbis.c in FFmpeg 0.5 does not properly perform certain pointer arithmetic, which might allow remote attackers to obtain sensitive memory contents and cause a denial of service via a crafted file that triggers an out-of-bounds read. vorbis_dec.c in FFmpeg 0.5 uses an assignment operator when a comparison operator was intended, which might allow remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted file that modifies a loop counter and triggers a heap-based buffer overflow. Various other issues were also addressed.

tags | advisory, remote, denial of service, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2009-4632, CVE-2009-4633, CVE-2009-4634, CVE-2009-4635, CVE-2009-4636, CVE-2009-4639, CVE-2009-4640, CVE-2010-3429, CVE-2010-4704, CVE-2011-0723
MD5 | 5ef84bf7d97b6bfc0465e19f371066db
Red Hat Security Advisory 2011-0951-01
Posted Jul 19, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-0951-01 - The JBoss Seam 2 framework is an application framework for building web applications in Java. It was found that the fix for CVE-2011-1484 was incomplete: JBoss Seam 2 did not block access to all malicious JBoss Expression Language constructs in page exception handling, allowing arbitrary Java methods to be executed. A remote attacker could use this flaw to execute arbitrary code via a specially-crafted URL provided to certain applications based on the JBoss Seam 2 framework.

tags | advisory, java, remote, web, arbitrary
systems | linux, redhat
advisories | CVE-2011-2196
MD5 | 53f7b9f13747ac8242226cd65de00bb0
Freefloat FTP 1.0 ABOR Buffer Overflow
Posted Jul 19, 2011
Authored by Craig Freyman

Freefloat FTP version 1.0 ABOR buffer overflow exploit.

tags | exploit, overflow
MD5 | 2e14b23a633580ff1cb712a88c328ba2
112 Bytes Win32/PerfectXp-pc1/sp3 Add Admin Shellcode
Posted Jul 19, 2011
Authored by KaHPeSeSe

112 bytes small Win32/PerfectXp-pc1/sp3 (Tr) add administrator shellcode.

tags | shellcode, add administrator
systems | windows
MD5 | 0afd8039e46e9242f28451e8fcc78696
GDI+ CreateDashedPath Integer Overflow
Posted Jul 19, 2011
Authored by Abysssec, Nicolas Joly | Site abysssec.com

GDI+ CreateDashedPath suffers from an integer overflow vulnerability in gdiplus.dll.

tags | exploit, overflow
systems | linux
advisories | CVE-2011-0041
MD5 | b6254f6d6d9996effadd641c9b2d3f48
Red Hat Security Advisory 2011-0950-01
Posted Jul 19, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-0950-01 - The JBoss Seam 2 framework is an application framework for building web applications in Java. It was found that the fix for CVE-2011-1484 was incomplete: JBoss Seam 2 did not block access to all malicious JBoss Expression Language constructs in page exception handling, allowing arbitrary Java methods to be executed. A remote attacker could use this flaw to execute arbitrary code via a specially-crafted URL provided to certain applications based on the JBoss Seam 2 framework.

tags | advisory, java, remote, web, arbitrary
systems | linux, redhat
advisories | CVE-2011-2196
MD5 | ba9d8427ae712a98af3f6a015aba6608
Page 1 of 2
Back12Next

File Archive:

October 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    16 Files
  • 2
    Oct 2nd
    1 Files
  • 3
    Oct 3rd
    1 Files
  • 4
    Oct 4th
    24 Files
  • 5
    Oct 5th
    24 Files
  • 6
    Oct 6th
    11 Files
  • 7
    Oct 7th
    14 Files
  • 8
    Oct 8th
    19 Files
  • 9
    Oct 9th
    1 Files
  • 10
    Oct 10th
    0 Files
  • 11
    Oct 11th
    7 Files
  • 12
    Oct 12th
    15 Files
  • 13
    Oct 13th
    26 Files
  • 14
    Oct 14th
    10 Files
  • 15
    Oct 15th
    6 Files
  • 16
    Oct 16th
    2 Files
  • 17
    Oct 17th
    1 Files
  • 18
    Oct 18th
    14 Files
  • 19
    Oct 19th
    15 Files
  • 20
    Oct 20th
    20 Files
  • 21
    Oct 21st
    12 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close