exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 55 RSS Feed

Files Date: 2011-08-16

Zero Day Initiative Advisory 11-263
Posted Aug 16, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-263 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Symantec Veritas Storage Foundation Administrator Service. Authentication is not required to exploit this vulnerability. The specific flaw exists within vxsvc.exe. The problem affecting the part of the server running on TCP port 2148 is an integer overflow in the function vxveautil.value_binary_unpack during the handling of the ascii strings (opcode 6) where the 32-bit field supplied by the attacker is used for allocating a destination buffer by adding an additional byte to its value. This integer overflow can be used to create a small allocation which will be subsequently overflowed, allowing the attacker to execute arbitrary code under the context of the SYSTEM.

tags | advisory, remote, overflow, arbitrary, tcp
advisories | CVE-2011-0547
SHA-256 | 0fcbff142d7610a53b48282940d56393214feea54905383c4a36f0cf94dbadb5
Check Point Security Management Symlink Vulnerabilities
Posted Aug 16, 2011
Authored by Matthew Flanagan

Check Point Security Management Products suffer from multiple symlink vulnerabilities. Due to the combination of inadequate file checks, predictable file names and writing of temporary configuration files to /tmp it is possible for a unprivileged local user to exploit the post-installation script to overwrite arbitrary files on the security management system through symlink following. The script also contains a second-order symlink vulnerability which makes it possible for an attacker to gain control of the SMS configuration file: $FWDIR/conf/sofaware/SWManagementServer.ini.

tags | advisory, arbitrary, local, vulnerability
advisories | CVE-2011-2664
SHA-256 | 9c9530656dc7486ce3d99175a4a77905ed90e3d797246e746914fe8311174a28
Mozilla Firefox 3.6.16 mChannel Object Use After Free
Posted Aug 16, 2011
Authored by mr_me

Mozilla Firefox version 3.6.16 mChannel Object use-after-free exploit for Windows 7.

tags | exploit
systems | windows
SHA-256 | 1e44b9126b0d7869d8928eb0f6c65977f1d59a9eb27da3b8a266464e729e227d
Zero Day Initiative Advisory 11-262
Posted Aug 16, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-262 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Symantec Veritas Storage Foundation. Authentication is not required to exploit this vulnerability. The specific flaw exists within the vxsvc.exe process. The problem affecting the part of the server running on TCP port 2148 is an integer overflow in the function vxveautil.value_binary_unpack where a 32-bit field holds a value that, through some calculation, can be used to create a smaller heap buffer than required to hold user-supplied data. This can be leveraged to cause an overflow of the heap buffer, allowing the attacker to execute arbitrary code under the context of SYSTEM.

tags | advisory, remote, overflow, arbitrary, tcp
advisories | CVE-2011-0547
SHA-256 | 369c480b1433f3a1b7d765b6183a369c5a8cb2b449ae0983ec599f68611a09fd
Microsoft Windows 7 Ultimate RPC Denial Of Service
Posted Aug 16, 2011
Authored by Michael Burgbacher, Thomas Unterleitner | Site barracudanetworks.com

Microsoft Windows 7 Ultimate SP1 32 bit and 64 bit suffers from a RPC denial of service vulnerability due to mishandling of malformed DHCPv6 packets.

tags | advisory, denial of service
systems | windows
SHA-256 | c5dce36fdf75da8e6e2691aa8865253724e1cb7f7bd8fe3cf50839029dafad31
Zero Day Initiative Advisory 11-261
Posted Aug 16, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-261 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Easy Printer Care. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the XMLSimpleAccessor class ActiveX control (CLSID 466576F3-19B6-4FF1-BD48-3E0E1BFB96E9). The SaveXML() method is vulnerable to directory traversal, which allows an attacker to write arbitrary content to the filesystem. A remote attacker could leverage this vulnerability to gain code execution under the context of the web browser.

tags | advisory, remote, web, arbitrary, code execution, activex
advisories | CVE-2011-2404
SHA-256 | 977a07c8783022390a2076d71e7c65838ea903374ca8c321c181d7450fe5e5d5
Sagem Router Fast 3304 / 3464 / 3504 Telnet Bypass
Posted Aug 16, 2011
Authored by Elouafiq Ali

Sagem Router Fast versions 3304, 3464, and 3504 remote telnet authentication bypass exploit.

tags | exploit, remote, bypass
SHA-256 | 1fe135275c9cd49eeac9517457a7fdd1233d171f3c101cf87644b2e6a4f3a9f4
Zero Day Initiative Advisory 11-260
Posted Aug 16, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-260 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Nortel Media Application Server. Authentication is not required to exploit this vulnerability. The flaw exists within the cstore.exe component which listens by default on TCP port 52005. When handling a CONTENT_STORE_ADMIN_REQ packet type the process trusts length value provided by the 'cs_anams' parameter and blindly copies user supplied data into a fixed-length buffer on the stack. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the SYSTEM user.

tags | advisory, remote, arbitrary, tcp
SHA-256 | 7779f3c7bb1a89ef01d022bbb09d2fc249844c39f363a24524bad1945afac2fe
Zero Day Initiative Advisory 11-259
Posted Aug 16, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-259 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way QuickTime handles corrupt Sample Size atoms. When the value for 'Number of Entries' in this atom differs from the 'Number of Entries' in the Time-To-Sample atom, QuickTime will fill the Atom Sample Table with uninitialized data read from memory. This can later on result in a heap overflow when the data is used to calculate a loop counter to fill a heap buffer.

tags | advisory, remote, overflow, arbitrary
systems | apple
advisories | CVE-2011-0251
SHA-256 | 4042c59dc976e1482717baaf40d66c37a84d10130895354cee891e7e9212fb8e
Zero Day Initiative Advisory 11-258
Posted Aug 16, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-258 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way Quicktime handles the Sample-to-Chunks table in media files with 'twos' audio codec. If a value for 'samples per chunk' is bigger than 8 times the sample rate from the 'Sample Description Atom' it will cause a buffer overflow during the parsing of the atom sample table. This can result in remote code execution under the context of the current user.

tags | advisory, remote, overflow, arbitrary, code execution
systems | apple
advisories | CVE-2011-0249
SHA-256 | 750e0fd65e0457f33544cbda420a5aff5e0d6dcfe999be68d9fd684d7a74ea65
WordPress IP-Logger 3.0 SQL Injection
Posted Aug 16, 2011
Authored by Miroslav Stampar

WordPress IP-Logger plugin versions 3.0 and below suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 6e6ca5b4fa9f5919691469be6ce948364415e86dc3af82231bf9542d13f95415
Code Widgets Databound Shopping Cart SQL Injection
Posted Aug 16, 2011
Authored by L0rd CrusAd3r

Code Widgets Databound Shopping Cart suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | da741b279e7afb90745376c9e4895675884a96a5a94b87d0eb4aaa9385bcd68a
Code Widgets Web Based Help System SQL Injection
Posted Aug 16, 2011
Authored by L0rd CrusAd3r

Code Widgets Web-based Help System Web Application suffers from a remote SQL injection vulnerability.

tags | exploit, remote, web, sql injection
SHA-256 | 9066dc62caaabf0747d9e2758cfbafbb77937ff7404956478482ea2e107341c3
Zero Day Initiative Advisory 11-257
Posted Aug 16, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-257 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple's QuickTime Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within how the application parses a frame within an H.264 encoded movie. When processing a particular set of flags of a structure, the application will use a length that is defined within the structure to copy data into a statically sized buffer on the stack. Due to the application failing to check the bounds of this length, the application will write outside the bounds of the buffer which can lead to code execution under the context of the application.

tags | advisory, remote, arbitrary, code execution
systems | apple
advisories | CVE-2011-0247
SHA-256 | cdb1fff5d1189aa470f9941b86f7f44595f91c34c0571417c67f93bf2b3f6afb
Dpconsulenze SQL Injection
Posted Aug 16, 2011
Authored by Ehsan_Hp200

Dpconsulenze suffers from a remote SQL injection vulnerability in dettaglio.php.

tags | exploit, remote, php, sql injection
SHA-256 | d6504a41cd4904a4dcc02a833504dd1dd059cc3549adf20277125a59f6b53fd7
KvVM SQL Injection
Posted Aug 16, 2011
Authored by Skote Vahshat

KvVM suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 6d9315aac44739538bddfb4187bc836411347339c7fbab53a68c77bed7a3c53b
phpList 2.10.14 Improper Access Control / Information Leakage
Posted Aug 16, 2011
Authored by Davide Canali

phpList versions 2.10.1 through 2.10.14 suffer from improper access control and information leakage vulnerabilities.

tags | advisory, vulnerability
SHA-256 | b3615532e16776b5cf2859f7aede85c346cb7619bc40fc4060021b24f356ae2f
Code Widget Database Driven Product Catalogue SQL Injection
Posted Aug 16, 2011
Authored by L0rd CrusAd3r

Code Widget Database Driven Product Catalogue suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 32cb5f176c11e552091323187ccae1f0cea34e4ab14f2d961a343187063052ae
Dedacom SQL Injection
Posted Aug 16, 2011
Authored by Ehsan_Hp200

Dedacom suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | ee75ccdcffa8c7f959452981fff2ef9b1eeccab4dcf3108bd92e8226a2deb9d3
Code Widgets Web-based Alpha Tabbed Address Book SQL Injection
Posted Aug 16, 2011
Authored by L0rd CrusAd3r

Code Widgets Web-based Alpha Tabbed Address Book suffers from a remote SQL injection vulnerability.

tags | exploit, remote, web, sql injection
SHA-256 | d46ce0592e59ffd2edd98f7f1d58ae2bdb83f70a57a0dc98d9289899221e7c6e
Code Widgets SpiderTrap-Spider,Robot and Harvester Blocking SQL Injection
Posted Aug 16, 2011
Authored by L0rd CrusAd3r

Code Widgets SpiderTrap-Spider,Robot and Harvester Blocking suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | a1885c295400b3789e198665fb1d935f92e721da81a26fd30b3fa24373b2fcb2
Zero Day Initiative Advisory 11-256
Posted Aug 16, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-256 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way QuickTime parses QuickTime Media Link (.qtl) files. The code which parses the .qtl parameter files fails to properly validate the size of the src parameter before copying it into a fixed length stack buffer. By supplying an overly long value for the src parameter, an attacker can leverage this flaw to execute malicious code within the context of the browser.

tags | advisory, remote, arbitrary
systems | apple
advisories | CVE-2011-0248
SHA-256 | 5306ec97e09c85dea4b3f2a494f14a62a4532c3063b3a7f6c4c9855dcebff5e1
phpWebSite Userpage Cross Site Scripting
Posted Aug 16, 2011
Authored by Ehsan_Hp200

The phpWebSite Userpage module suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | d8503ff48c835602b89771890805b97e089e05233297a4720d724b9a262f3788
Zero Day Initiative Advisory 11-255
Posted Aug 16, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-255 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within how the application parses a frame within an H.264 encoded movie. When processing a particular set of flags of a structure, the application will use a length that is defined within the structure to copy data into a statically sized buffer on the stack. Due to the application failing to check the bounds of this length, the application will write outside the bounds of the buffer which can lead to code execution under the context of the application.

tags | advisory, remote, arbitrary, code execution
systems | apple
advisories | CVE-2011-0247
SHA-256 | eb22a6085f298a0e2ddb2331f396d5648396388c8b27503cb5dcb3901124e6fa
Zero Day Initiative Advisory 11-254
Posted Aug 16, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-254 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way QuickTime handles the 'trun' atom. QuickTime uses user supplied data in the 'sampleCount' field to calculate a buffer size. An integer wrap can occur that results in the allocation of a memory buffer that is smaller than intended. When QuickTime writes to this buffer it causes a memory corruption that can lead to remote code execution under the context of the current user.

tags | advisory, remote, arbitrary, code execution
systems | apple
advisories | CVE-2011-0256
SHA-256 | 2eae2f1a2ecaad9be0997ec66789b0041464a81dabe75da74fdd5dc2b482aa7c
Page 1 of 3
Back123Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close