what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 36 RSS Feed

Files Date: 2011-08-24

Alfazeta SQL Injection
Posted Aug 24, 2011
Authored by Ehsan_Hp200

Alfazeta suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | e7e2c2d3fc07666352809d311d935fb9edb9fb9cac33eeef99f2920f9d4c63b3
Zorp Proxy Firewall Suite 3.9.2
Posted Aug 24, 2011
Authored by Balazs Scheidler | Site balabit.com

Zorp is a proxy firewall suite with its core architecture built around today's security demands. It uses application level proxies, is modular and component based, uses a script language to describe policy decisions, makes it possible to monitor encrypted traffic, lets you override client actions, and lets you protect your servers with its built in IDS capabilities.

Changes: Proxies have been added (POP3 and SMTP). The program stacking feature is extended (decisions can be made about the traffic based on the result returned by an external program).
tags | tool, firewall
systems | unix
SHA-256 | fa7153f409e721608f962300415cd744516afae4772594ad9b060ca5a0cf7718
Help Request System 1.1g Cross Site Request Forgery
Posted Aug 24, 2011
Authored by G13

Help Request System version 1.1g suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | 329c4657fd3d6c6be092bcd0113cf1aa8a274084272777d8bd4a39f271d75820
AlstraSoft E-Friends Social Networking Script Cross Site Scripting
Posted Aug 24, 2011
Authored by Eyup CELIK

AlstraSoft E-Friends Social Networking Script suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 1ace5ae770ca6a3ea046554176fe3f365a5c26e75cd1df0c909b47be91ec1a1b
VicBlog SQL Injection
Posted Aug 24, 2011
Authored by Eyup CELIK

VicBlog suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 0f4a06b231d5fd6de81b727dc6e18a4b8725910b928aa3274480e8422e3ca978
Apache Wicket 1.4.x Cross Site Scripting
Posted Aug 24, 2011
Authored by Sven Krewitt

Apache Wicket version 1.4.x suffers from a cross site scripting vulnerability.

tags | advisory, xss
advisories | CVE-2011-2712
SHA-256 | 9d87eb45b2ffcd8b3e5d95c70dbb91a574fa76f889edb2004d29a8fbcd9e71bc
H4ckCity Auto T00ls 1.0
Posted Aug 24, 2011
Authored by Farbod Mahini | Site h4ckcity.org

This perl script performs a variety of auto-rooting and shell install attempts on a given host once a shell is obtained.

tags | tool, shell, root, perl, rootkit
systems | unix
SHA-256 | b0cc1594ea4f50c159650a89af0baaf2a3e7692cd196414dd2e258a9403aebe6
Secunia Security Advisory 45695
Posted Aug 24, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in the Linux Kernel, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service, kernel
systems | linux
SHA-256 | ddb83c791affff491a1f1c4262d763b277fb5c3ead633763d79a54be3cf08e85
Secunia Security Advisory 45766
Posted Aug 24, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in CommodityRentals Real Estate Script, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
SHA-256 | a7e11fde4786ae6a831b3bce6715f7c67298983c4b0869f734816f1ff9898465
Secunia Security Advisory 45766
Posted Aug 24, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in CommodityRentals Real Estate Script, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
SHA-256 | a7e11fde4786ae6a831b3bce6715f7c67298983c4b0869f734816f1ff9898465
Secunia Security Advisory 45745
Posted Aug 24, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for libvirt. This fixes a vulnerability, which can be exploited by malicious users to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.

tags | advisory, denial of service
systems | linux, redhat
SHA-256 | 93a6cd2d0772934f2667adfc40e8834e5981c1284fd6c14c18da9f172f25cffb
Secunia Security Advisory 45744
Posted Aug 24, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for system-config-printer. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.

tags | advisory
systems | linux, redhat
SHA-256 | 0a68082b956f556170b95ae206bcac01efe26772a84f0f3762bdfd279a340b41
Secunia Security Advisory 45746
Posted Aug 24, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Red Hat has issued an update for the kernel. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to disclose certain system information, bypass certain security restrictions, and cause a DoS (Denial of Service) and by malicious people to potentially compromise a vulnerable system.

tags | advisory, denial of service, kernel, local, vulnerability
systems | linux, redhat
SHA-256 | bfbff9d47873a29539d479fc03f34334cbf79000ae5becd18f7394d73ca0116a
Secunia Security Advisory 45747
Posted Aug 24, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ubuntu has issued an update for ecryptfs-utils. This fixes a security issue, which can be exploited by malicious, local users to perform certain actions with escalated privileges.

tags | advisory, local
systems | linux, ubuntu
SHA-256 | 02b8621a22a1175195155bb6aeff5b6fecc55fc13600815f160f923f9a1d71c5
Secunia Security Advisory 45764
Posted Aug 24, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Tourismscripts Hotel Portal Script, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
SHA-256 | 683d1c7f6d7061817832e0d07020d45fb4116f8d063e6c2962f02e76819cf698
Secunia Security Advisory 45606
Posted Aug 24, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Kingcope has discovered a vulnerability in Apache HTTP Server, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, web, denial of service
SHA-256 | 71b9eebcf61d04c5330a43520789ea82ee76415ec7c0e2a29eeb5b56eafee71b
Secunia Security Advisory 45675
Posted Aug 24, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been discovered in ManageEngine ServiceDesk Plus, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to conduct cross-site scripting attacks.

tags | advisory, vulnerability, xss
SHA-256 | 4fcf54e5c577c5146d22a1d1b0f2ad696878b99fb0b393394afbc0c2ea7ba507
Secunia Security Advisory 45740
Posted Aug 24, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Anil Aphale has reported a vulnerability in the F-Secure Gadget Resource Handler ActiveX Control, which can be exploited by malicious people to compromise a user's system.

tags | advisory, activex
SHA-256 | 6686df81e01fc0e665187fca4c6a1ff9c86f04c469d9f84a154cb13af4158670
Secunia Security Advisory 45712
Posted Aug 24, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in Free Help Desk, which can be exploited by malicious people to conduct cross-site request forgery attacks.

tags | advisory, csrf
SHA-256 | 4ca3244621d1ae5edfab2a59c96fb1af5b0d32caac02d34462034b44ac3c60d8
Secunia Security Advisory 45765
Posted Aug 24, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Eyup CELIK has discovered a vulnerability in Shopzilla Comparison Shopping Script, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
SHA-256 | 3c37a5f02af67ab93133ab1285e1ec225557216a00e7aa8129d82894e44bfcf2
Zero Day Initiative Advisory 11-276
Posted Aug 24, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-276 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The flaw exists within the sequenceParameterSetNALUnit component. When handling the num_ref_frames_in_pic_order_cnt_cycle value the size is not validated and the process blindly copies user supplied data from offset_for_ref_frame into a fixed-length buffer on the stack. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the browser.

tags | advisory, remote, arbitrary
advisories | CVE-2011-2140
SHA-256 | e08b070091b795f87e546046e1c9d63568234479f3355f09c72d4b6d11889cbd
Zero Day Initiative Advisory 11-275
Posted Aug 24, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-275 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of EMC AutoStart. Authentication is not required to exploit this vulnerability. The specific flaw exists in the Agent Service (ftAgent.exe). The Agent Service listens on TCP port 8045 for communications between AutoStart nodes. When handling messages with opcode 0x11 the process performs arithmetic on an unvalidated user-supplied value used to determine the size of a new heap buffer, allowing a potential integer wrap to cause a heap buffer overflow. Remote unauthenticated attackers can exploit this vulnerability by sending malformed message packets to the target, which can ultimately lead to arbitrary code execution under the context of the SYSTEM user.

tags | advisory, remote, overflow, arbitrary, tcp, code execution
advisories | CVE-2011-2735
SHA-256 | 4472d24a47f68f6fe37528e24b7007cab02511745fc6c58a5f52efaa4096cfee
Zero Day Initiative Advisory 11-274
Posted Aug 24, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-274 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of EMC AutoStart. Authentication is not required to exploit this vulnerability. The specific flaw exists in the Agent Service (ftAgent.exe). The Agent Service listens on TCP port 8045 for communications between AutoStart nodes. When handling messages with opcode 0x140 the process performs arithmetic on an unvalidated user-supplied value used to determine the size of a new heap buffer, allowing a potential integer wrap to cause a heap buffer overflow. Remote, unauthenticated attackers can exploit this vulnerability by sending malformed message packets to the target, which can ultimately lead to arbitrary code execution under the context of the SYSTEM user.

tags | advisory, remote, overflow, arbitrary, tcp, code execution
advisories | CVE-2011-2735
SHA-256 | bf080c25cf7ed5223b661feb02b0fbc59089a06d8f53ea2bf8c3aa79a319a20f
Zero Day Initiative Advisory 11-273
Posted Aug 24, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-273 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of EMC AutoStart High Availability. Authentication is not required to exploit this vulnerability. The specific flaw exists within the packet error handling of the application. When building an error message to log an error, the application will use a user-supplied string from the packet as an argument to a function containing a format string. The result of this function is written to a statically sized buffer located on the stack. This will lead to code execution under the context of the service.

tags | advisory, remote, arbitrary, code execution
advisories | CVE-2011-2735
SHA-256 | 62ad84452673f5980d9432a20873597e7b2dc982e025209bf40e680a5292bfa4
Red Hat Security Advisory 2011-1197-01
Posted Aug 24, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-1197-01 - Updated libvirt packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 6. The libvirt library is a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. In addition, libvirt provides tools for remotely managing virtualized systems. An integer overflow flaw was found in libvirtd's RPC call handling. An attacker able to establish read-only connections to libvirtd could trigger this flaw by calling virDomainGetVcpus() with specially-crafted parameters, causing libvirtd to crash.

tags | advisory, overflow
systems | linux, redhat
advisories | CVE-2011-2511
SHA-256 | 31a1e73dbcf9570c1928d4f8c950e9a48bd851927e0dc5d2005acb78fa4abca6
Page 1 of 2
Back12Next

File Archive:

October 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    10 Files
  • 2
    Oct 2nd
    0 Files
  • 3
    Oct 3rd
    12 Files
  • 4
    Oct 4th
    15 Files
  • 5
    Oct 5th
    18 Files
  • 6
    Oct 6th
    0 Files
  • 7
    Oct 7th
    0 Files
  • 8
    Oct 8th
    0 Files
  • 9
    Oct 9th
    0 Files
  • 10
    Oct 10th
    0 Files
  • 11
    Oct 11th
    0 Files
  • 12
    Oct 12th
    0 Files
  • 13
    Oct 13th
    0 Files
  • 14
    Oct 14th
    0 Files
  • 15
    Oct 15th
    0 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close