the original cloud security
Showing 1 - 25 of 55 RSS Feed

Files Date: 2011-08-16

Zero Day Initiative Advisory 11-263
Posted Aug 16, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-263 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Symantec Veritas Storage Foundation Administrator Service. Authentication is not required to exploit this vulnerability. The specific flaw exists within vxsvc.exe. The problem affecting the part of the server running on TCP port 2148 is an integer overflow in the function vxveautil.value_binary_unpack during the handling of the ascii strings (opcode 6) where the 32-bit field supplied by the attacker is used for allocating a destination buffer by adding an additional byte to its value. This integer overflow can be used to create a small allocation which will be subsequently overflowed, allowing the attacker to execute arbitrary code under the context of the SYSTEM.

tags | advisory, remote, overflow, arbitrary, tcp
advisories | CVE-2011-0547
MD5 | ca42f0f0f0333249c60fa85018a640f9
Check Point Security Management Symlink Vulnerabilities
Posted Aug 16, 2011
Authored by Matthew Flanagan

Check Point Security Management Products suffer from multiple symlink vulnerabilities. Due to the combination of inadequate file checks, predictable file names and writing of temporary configuration files to /tmp it is possible for a unprivileged local user to exploit the post-installation script to overwrite arbitrary files on the security management system through symlink following. The script also contains a second-order symlink vulnerability which makes it possible for an attacker to gain control of the SMS configuration file: $FWDIR/conf/sofaware/SWManagementServer.ini.

tags | advisory, arbitrary, local, vulnerability
advisories | CVE-2011-2664
MD5 | 4181d3bab8cdf63f1fc2964200d7a025
Mozilla Firefox 3.6.16 mChannel Object Use After Free
Posted Aug 16, 2011
Authored by mr_me

Mozilla Firefox version 3.6.16 mChannel Object use-after-free exploit for Windows 7.

tags | exploit
systems | windows, 7
MD5 | 515bde32dc4b5941183512d203cc1802
Zero Day Initiative Advisory 11-262
Posted Aug 16, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-262 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Symantec Veritas Storage Foundation. Authentication is not required to exploit this vulnerability. The specific flaw exists within the vxsvc.exe process. The problem affecting the part of the server running on TCP port 2148 is an integer overflow in the function vxveautil.value_binary_unpack where a 32-bit field holds a value that, through some calculation, can be used to create a smaller heap buffer than required to hold user-supplied data. This can be leveraged to cause an overflow of the heap buffer, allowing the attacker to execute arbitrary code under the context of SYSTEM.

tags | advisory, remote, overflow, arbitrary, tcp
advisories | CVE-2011-0547
MD5 | 2ae439c9a9f277f57dc9b52c565cc59e
Microsoft Windows 7 Ultimate RPC Denial Of Service
Posted Aug 16, 2011
Authored by Michael Burgbacher, Thomas Unterleitner | Site barracudanetworks.com

Microsoft Windows 7 Ultimate SP1 32 bit and 64 bit suffers from a RPC denial of service vulnerability due to mishandling of malformed DHCPv6 packets.

tags | advisory, denial of service
systems | windows, 7
MD5 | da632209ce74b10060375b4448c3ebac
Zero Day Initiative Advisory 11-261
Posted Aug 16, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-261 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Easy Printer Care. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the XMLSimpleAccessor class ActiveX control (CLSID 466576F3-19B6-4FF1-BD48-3E0E1BFB96E9). The SaveXML() method is vulnerable to directory traversal, which allows an attacker to write arbitrary content to the filesystem. A remote attacker could leverage this vulnerability to gain code execution under the context of the web browser.

tags | advisory, remote, web, arbitrary, code execution, activex
advisories | CVE-2011-2404
MD5 | b8563f79d877f267109c028d20f04104
Sagem Router Fast 3304 / 3464 / 3504 Telnet Bypass
Posted Aug 16, 2011
Authored by Elouafiq Ali

Sagem Router Fast versions 3304, 3464, and 3504 remote telnet authentication bypass exploit.

tags | exploit, remote, bypass
MD5 | ef066cfa86690ffc765a5805926aca29
Zero Day Initiative Advisory 11-260
Posted Aug 16, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-260 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Nortel Media Application Server. Authentication is not required to exploit this vulnerability. The flaw exists within the cstore.exe component which listens by default on TCP port 52005. When handling a CONTENT_STORE_ADMIN_REQ packet type the process trusts length value provided by the 'cs_anams' parameter and blindly copies user supplied data into a fixed-length buffer on the stack. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the SYSTEM user.

tags | advisory, remote, arbitrary, tcp
MD5 | c341f15580663a71121fd4821ba55a50
Zero Day Initiative Advisory 11-259
Posted Aug 16, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-259 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way QuickTime handles corrupt Sample Size atoms. When the value for 'Number of Entries' in this atom differs from the 'Number of Entries' in the Time-To-Sample atom, QuickTime will fill the Atom Sample Table with uninitialized data read from memory. This can later on result in a heap overflow when the data is used to calculate a loop counter to fill a heap buffer.

tags | advisory, remote, overflow, arbitrary
systems | apple
advisories | CVE-2011-0251
MD5 | 1f067fbde4f0ddcbaca11a829cafea16
Zero Day Initiative Advisory 11-258
Posted Aug 16, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-258 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way Quicktime handles the Sample-to-Chunks table in media files with 'twos' audio codec. If a value for 'samples per chunk' is bigger than 8 times the sample rate from the 'Sample Description Atom' it will cause a buffer overflow during the parsing of the atom sample table. This can result in remote code execution under the context of the current user.

tags | advisory, remote, overflow, arbitrary, code execution
systems | apple
advisories | CVE-2011-0249
MD5 | 30ea38a3e37114f4d0e42c79d4c4fcc8
WordPress IP-Logger 3.0 SQL Injection
Posted Aug 16, 2011
Authored by Miroslav Stampar

WordPress IP-Logger plugin versions 3.0 and below suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 5047f9f1215bbacf03344ad7652dd36f
Code Widgets Databound Shopping Cart SQL Injection
Posted Aug 16, 2011
Authored by L0rd CrusAd3r

Code Widgets Databound Shopping Cart suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 1e23e54999b29fb0f0186135668f469b
Code Widgets Web Based Help System SQL Injection
Posted Aug 16, 2011
Authored by L0rd CrusAd3r

Code Widgets Web-based Help System Web Application suffers from a remote SQL injection vulnerability.

tags | exploit, remote, web, sql injection
MD5 | fa5c6278a741baa1ed040c03e5d10472
Zero Day Initiative Advisory 11-257
Posted Aug 16, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-257 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple's QuickTime Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within how the application parses a frame within an H.264 encoded movie. When processing a particular set of flags of a structure, the application will use a length that is defined within the structure to copy data into a statically sized buffer on the stack. Due to the application failing to check the bounds of this length, the application will write outside the bounds of the buffer which can lead to code execution under the context of the application.

tags | advisory, remote, arbitrary, code execution
systems | apple
advisories | CVE-2011-0247
MD5 | b20c6e64671506f7c85a9de1de95eaf5
Dpconsulenze SQL Injection
Posted Aug 16, 2011
Authored by Ehsan_Hp200

Dpconsulenze suffers from a remote SQL injection vulnerability in dettaglio.php.

tags | exploit, remote, php, sql injection
MD5 | a2cd1c69922c1b5c1e9b90df97068462
KvVM SQL Injection
Posted Aug 16, 2011
Authored by Skote Vahshat

KvVM suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | e6fae082002bee9b05ea3890e1f29927
phpList 2.10.14 Improper Access Control / Information Leakage
Posted Aug 16, 2011
Authored by Davide Canali

phpList versions 2.10.1 through 2.10.14 suffer from improper access control and information leakage vulnerabilities.

tags | advisory, vulnerability
MD5 | 9a92de6a5a1a660145c219071a00e18c
Code Widget Database Driven Product Catalogue SQL Injection
Posted Aug 16, 2011
Authored by L0rd CrusAd3r

Code Widget Database Driven Product Catalogue suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 58cfe58ccc68525c95d9dfbdf245af6b
Dedacom SQL Injection
Posted Aug 16, 2011
Authored by Ehsan_Hp200

Dedacom suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 9e2388f05389003f3f426862d67bf6a6
Code Widgets Web-based Alpha Tabbed Address Book SQL Injection
Posted Aug 16, 2011
Authored by L0rd CrusAd3r

Code Widgets Web-based Alpha Tabbed Address Book suffers from a remote SQL injection vulnerability.

tags | exploit, remote, web, sql injection
MD5 | e24e86bad8c3dd5a0471472817bfd6ac
Code Widgets SpiderTrap-Spider,Robot and Harvester Blocking SQL Injection
Posted Aug 16, 2011
Authored by L0rd CrusAd3r

Code Widgets SpiderTrap-Spider,Robot and Harvester Blocking suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 35ed971209c5c1a00c3347979d187ab0
Zero Day Initiative Advisory 11-256
Posted Aug 16, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-256 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way QuickTime parses QuickTime Media Link (.qtl) files. The code which parses the .qtl parameter files fails to properly validate the size of the src parameter before copying it into a fixed length stack buffer. By supplying an overly long value for the src parameter, an attacker can leverage this flaw to execute malicious code within the context of the browser.

tags | advisory, remote, arbitrary
systems | apple
advisories | CVE-2011-0248
MD5 | 9bd1c2d1997629888ea5e5dc3c9b9b76
phpWebSite Userpage Cross Site Scripting
Posted Aug 16, 2011
Authored by Ehsan_Hp200

The phpWebSite Userpage module suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | ba85f9fa8c3d94123d8c718107e87f2c
Zero Day Initiative Advisory 11-255
Posted Aug 16, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-255 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within how the application parses a frame within an H.264 encoded movie. When processing a particular set of flags of a structure, the application will use a length that is defined within the structure to copy data into a statically sized buffer on the stack. Due to the application failing to check the bounds of this length, the application will write outside the bounds of the buffer which can lead to code execution under the context of the application.

tags | advisory, remote, arbitrary, code execution
systems | apple
advisories | CVE-2011-0247
MD5 | ca74c269c40c8f5c0afeca510bf04415
Zero Day Initiative Advisory 11-254
Posted Aug 16, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-254 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way QuickTime handles the 'trun' atom. QuickTime uses user supplied data in the 'sampleCount' field to calculate a buffer size. An integer wrap can occur that results in the allocation of a memory buffer that is smaller than intended. When QuickTime writes to this buffer it causes a memory corruption that can lead to remote code execution under the context of the current user.

tags | advisory, remote, arbitrary, code execution
systems | apple
advisories | CVE-2011-0256
MD5 | 5b1a7a3acf2bbbb117230c1d4ac18ca6
Page 1 of 3
Back123Next

File Archive:

July 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    2 Files
  • 2
    Jul 2nd
    3 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    4 Files
  • 5
    Jul 5th
    15 Files
  • 6
    Jul 6th
    15 Files
  • 7
    Jul 7th
    10 Files
  • 8
    Jul 8th
    2 Files
  • 9
    Jul 9th
    10 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    15 Files
  • 12
    Jul 12th
    19 Files
  • 13
    Jul 13th
    16 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    3 Files
  • 16
    Jul 16th
    2 Files
  • 17
    Jul 17th
    8 Files
  • 18
    Jul 18th
    11 Files
  • 19
    Jul 19th
    2 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close