what you don't know can hurt you
Showing 1 - 25 of 36 RSS Feed

Files Date: 2011-08-24

Alfazeta SQL Injection
Posted Aug 24, 2011
Authored by Ehsan_Hp200

Alfazeta suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | d117e9a84deb3861d7dd0bafdcda3f77
Zorp Proxy Firewall Suite 3.9.2
Posted Aug 24, 2011
Authored by Balazs Scheidler | Site balabit.com

Zorp is a proxy firewall suite with its core architecture built around today's security demands. It uses application level proxies, is modular and component based, uses a script language to describe policy decisions, makes it possible to monitor encrypted traffic, lets you override client actions, and lets you protect your servers with its built in IDS capabilities.

Changes: Proxies have been added (POP3 and SMTP). The program stacking feature is extended (decisions can be made about the traffic based on the result returned by an external program).
tags | tool, firewall
systems | unix
MD5 | 140e8eaa253e9dcbc9313d05534b199c
Help Request System 1.1g Cross Site Request Forgery
Posted Aug 24, 2011
Authored by G13

Help Request System version 1.1g suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | 3eb79d8341238a25b4d0148f5dee69aa
AlstraSoft E-Friends Social Networking Script Cross Site Scripting
Posted Aug 24, 2011
Authored by Eyup CELIK

AlstraSoft E-Friends Social Networking Script suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 0e239bf64b6ac72c3128f38ae306af80
VicBlog SQL Injection
Posted Aug 24, 2011
Authored by Eyup CELIK

VicBlog suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | e7bf3f526481f6f670d8856fdb56ae9e
Apache Wicket 1.4.x Cross Site Scripting
Posted Aug 24, 2011
Authored by Sven Krewitt

Apache Wicket version 1.4.x suffers from a cross site scripting vulnerability.

tags | advisory, xss
advisories | CVE-2011-2712
MD5 | 240935604c47a109485bc1b0c09a6d51
H4ckCity Auto T00ls 1.0
Posted Aug 24, 2011
Authored by Farbod Mahini | Site h4ckcity.org

This perl script performs a variety of auto-rooting and shell install attempts on a given host once a shell is obtained.

tags | tool, shell, root, perl, rootkit
systems | unix
MD5 | 5c1eb6df84676039b26b56dda73f62b3
Secunia Security Advisory 45695
Posted Aug 24, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in the Linux Kernel, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service, kernel
systems | linux
MD5 | f3d8c366631c7c284a7924934e38a199
Secunia Security Advisory 45766
Posted Aug 24, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in CommodityRentals Real Estate Script, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
MD5 | bd01dca6ec0520b12f81c6c1ad3a5c91
Secunia Security Advisory 45766
Posted Aug 24, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in CommodityRentals Real Estate Script, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
MD5 | bd01dca6ec0520b12f81c6c1ad3a5c91
Secunia Security Advisory 45745
Posted Aug 24, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for libvirt. This fixes a vulnerability, which can be exploited by malicious users to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.

tags | advisory, denial of service
systems | linux, redhat
MD5 | 87c30f8d5266577d79e0bdcdc67d8022
Secunia Security Advisory 45744
Posted Aug 24, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for system-config-printer. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.

tags | advisory
systems | linux, redhat
MD5 | dc19b3449d8ef1f3c2e09f8d4127acbe
Secunia Security Advisory 45746
Posted Aug 24, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for the kernel. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to disclose certain system information, bypass certain security restrictions, and cause a DoS (Denial of Service) and by malicious people to potentially compromise a vulnerable system.

tags | advisory, denial of service, kernel, local, vulnerability
systems | linux, redhat
MD5 | eb63f1f62a9068fcda63073b078c0153
Secunia Security Advisory 45747
Posted Aug 24, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for ecryptfs-utils. This fixes a security issue, which can be exploited by malicious, local users to perform certain actions with escalated privileges.

tags | advisory, local
systems | linux, ubuntu
MD5 | 9dd4196c5e124abf5d54f38798258a27
Secunia Security Advisory 45764
Posted Aug 24, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Tourismscripts Hotel Portal Script, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
MD5 | 2189e4b52fad3651191beb87716b518b
Secunia Security Advisory 45606
Posted Aug 24, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Kingcope has discovered a vulnerability in Apache HTTP Server, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, web, denial of service
MD5 | fb41183bffc4ec8732b200df8c6ca092
Secunia Security Advisory 45675
Posted Aug 24, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been discovered in ManageEngine ServiceDesk Plus, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss
MD5 | 23883f7986a10502b9064200534ea114
Secunia Security Advisory 45740
Posted Aug 24, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Anil Aphale has reported a vulnerability in the F-Secure Gadget Resource Handler ActiveX Control, which can be exploited by malicious people to compromise a user's system.

tags | advisory, activex
MD5 | 543a8f641f945faf66de3d8274c96a68
Secunia Security Advisory 45712
Posted Aug 24, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in Free Help Desk, which can be exploited by malicious people to conduct cross-site request forgery attacks.

tags | advisory, csrf
MD5 | b0ab467fbf35c98871b23ca78f0ceb70
Secunia Security Advisory 45765
Posted Aug 24, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Eyup CELIK has discovered a vulnerability in Shopzilla Comparison Shopping Script, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
MD5 | 571c88bfde9dca729697cf060c1bcff2
Zero Day Initiative Advisory 11-276
Posted Aug 24, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-276 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The flaw exists within the sequenceParameterSetNALUnit component. When handling the num_ref_frames_in_pic_order_cnt_cycle value the size is not validated and the process blindly copies user supplied data from offset_for_ref_frame into a fixed-length buffer on the stack. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the browser.

tags | advisory, remote, arbitrary
advisories | CVE-2011-2140
MD5 | 8daf109e58af3e4c41994df3820e086d
Zero Day Initiative Advisory 11-275
Posted Aug 24, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-275 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of EMC AutoStart. Authentication is not required to exploit this vulnerability. The specific flaw exists in the Agent Service (ftAgent.exe). The Agent Service listens on TCP port 8045 for communications between AutoStart nodes. When handling messages with opcode 0x11 the process performs arithmetic on an unvalidated user-supplied value used to determine the size of a new heap buffer, allowing a potential integer wrap to cause a heap buffer overflow. Remote unauthenticated attackers can exploit this vulnerability by sending malformed message packets to the target, which can ultimately lead to arbitrary code execution under the context of the SYSTEM user.

tags | advisory, remote, overflow, arbitrary, tcp, code execution
advisories | CVE-2011-2735
MD5 | dff66b2690cadc73887000e2accb602e
Zero Day Initiative Advisory 11-274
Posted Aug 24, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-274 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of EMC AutoStart. Authentication is not required to exploit this vulnerability. The specific flaw exists in the Agent Service (ftAgent.exe). The Agent Service listens on TCP port 8045 for communications between AutoStart nodes. When handling messages with opcode 0x140 the process performs arithmetic on an unvalidated user-supplied value used to determine the size of a new heap buffer, allowing a potential integer wrap to cause a heap buffer overflow. Remote, unauthenticated attackers can exploit this vulnerability by sending malformed message packets to the target, which can ultimately lead to arbitrary code execution under the context of the SYSTEM user.

tags | advisory, remote, overflow, arbitrary, tcp, code execution
advisories | CVE-2011-2735
MD5 | ad0797e98ba3f28698804587718e67dd
Zero Day Initiative Advisory 11-273
Posted Aug 24, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-273 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of EMC AutoStart High Availability. Authentication is not required to exploit this vulnerability. The specific flaw exists within the packet error handling of the application. When building an error message to log an error, the application will use a user-supplied string from the packet as an argument to a function containing a format string. The result of this function is written to a statically sized buffer located on the stack. This will lead to code execution under the context of the service.

tags | advisory, remote, arbitrary, code execution
advisories | CVE-2011-2735
MD5 | d608d058d8abfeaf22bef219cc55d46e
Red Hat Security Advisory 2011-1197-01
Posted Aug 24, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-1197-01 - Updated libvirt packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 6. The libvirt library is a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. In addition, libvirt provides tools for remotely managing virtualized systems. An integer overflow flaw was found in libvirtd's RPC call handling. An attacker able to establish read-only connections to libvirtd could trigger this flaw by calling virDomainGetVcpus() with specially-crafted parameters, causing libvirtd to crash.

tags | advisory, overflow
systems | linux, redhat
advisories | CVE-2011-2511
MD5 | 8cf2ef4d8979679d79bca2b7acb6bd24
Page 1 of 2
Back12Next

File Archive:

July 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    13 Files
  • 2
    Jul 2nd
    12 Files
  • 3
    Jul 3rd
    1 Files
  • 4
    Jul 4th
    2 Files
  • 5
    Jul 5th
    34 Files
  • 6
    Jul 6th
    21 Files
  • 7
    Jul 7th
    21 Files
  • 8
    Jul 8th
    13 Files
  • 9
    Jul 9th
    6 Files
  • 10
    Jul 10th
    1 Files
  • 11
    Jul 11th
    3 Files
  • 12
    Jul 12th
    15 Files
  • 13
    Jul 13th
    19 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    15 Files
  • 16
    Jul 16th
    9 Files
  • 17
    Jul 17th
    2 Files
  • 18
    Jul 18th
    2 Files
  • 19
    Jul 19th
    19 Files
  • 20
    Jul 20th
    21 Files
  • 21
    Jul 21st
    53 Files
  • 22
    Jul 22nd
    14 Files
  • 23
    Jul 23rd
    14 Files
  • 24
    Jul 24th
    1 Files
  • 25
    Jul 25th
    1 Files
  • 26
    Jul 26th
    21 Files
  • 27
    Jul 27th
    8 Files
  • 28
    Jul 28th
    9 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close