what you don't know can hurt you
Showing 1 - 25 of 38 RSS Feed

Files Date: 2011-09-02

Zero Day Initiative Advisory 11-279
Posted Sep 2, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-279 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Witness Systems eQuality Suite. This application is bundled with Nortel Contact Recording and Quality Monitoring Suite. Authentication is not required to exploit this vulnerability. The flaw exists within the Unify2.exe component which listens by default on TCP port 6821. When handling a packet type the process trusts a remaining packet length value provided by the user and blindly copies user supplied data into a fixed-length buffer on the stack. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the SYSTEM user.

tags | advisory, remote, arbitrary, tcp
MD5 | 9769221cd95c31239a20fab1a709a858
Zero Day Initiative Advisory 11-278
Posted Sep 2, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-278 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell Cloud Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within how the application implements an RPC method. Due to incompletely initializing an object, the application will store a partially initialized session. This partially initialized session will allow one to make privileged RPC calls to the server. This can lead to code execution under the context of the service.

tags | advisory, remote, arbitrary, code execution
advisories | CVE-2011-2654
MD5 | b848f719404ad856627c7158e12ff871
Simple x64 XOR Shellcode Obfuscation
Posted Sep 2, 2011
Authored by entropy | Site phiral.net

This is part two of the Simple x64 XOR Shellcode Encoder / Loader paper that adds in simple obfuscation.

tags | paper, shell, shellcode
MD5 | 88cac72f492283602b99e7936a34179a
Red Hat Security Advisory 2011-1248-01
Posted Sep 2, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-1248-01 - This package contains the set of CA certificates chosen by the Mozilla Foundation for use with the Internet Public Key Infrastructure. It was found that a Certificate Authority issued fraudulent HTTPS certificates. This update removes that CA's root certificate from the ca-certificates package, rendering any HTTPS certificates signed by that CA as untrusted. All users should upgrade to this updated package. After installing the update, all applications using the ca-certificates package must be restarted for the changes to take effect.

tags | advisory, web, root
systems | linux, redhat
MD5 | 622a8a6d64c71b57854b6aa4af5c3ef5
SaurusCMS-CE 4.7 Remote File Inclusion
Posted Sep 2, 2011
Authored by KedAns-Dz

SaurusCMS-CE version 4.7 suffers from remote file inclusion vulnerabilities.

tags | exploit, remote, vulnerability, code execution, file inclusion
MD5 | c5f5d62fe9b39d1f1e6fcc84a865dcdc
Manifattura Web SQL Injection
Posted Sep 2, 2011
Authored by Ehsan_Hp200

Manifattura Web suffers from a remote SQL injection vulnerability.

tags | exploit, remote, web, sql injection
MD5 | f794562e09c6e2c94c856364c306f8d9
Loop SQL Injection
Posted Sep 2, 2011
Authored by Ehsan_Hp200

Loop suffers from a remote SQL injection vulnerability in ricetta.php.

tags | exploit, remote, php, sql injection
MD5 | f3ca0ad52314fe1dabc90dd28afcf6f7
Virtualismi Cross Site Scripting
Posted Sep 2, 2011
Authored by Ehsan_Hp200

Virtualismi suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | f64cc138ec68945c1b420eccaac2c803
BisonFTP 3.5 Buffer Overflow
Posted Sep 2, 2011
Authored by KedAns-Dz

BisonFTP server version 3.5 MKD remote buffer overflow crash exploit.

tags | exploit, remote, overflow
MD5 | 832375c0ce4ef50d07e51dd20f6546ec
ACal 2.2.6 Cross Site Scripting
Posted Sep 2, 2011
Authored by T0xic

ACal version 2.2.6 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 4d079c6c842fbdecfa2961ad78063165
BroadWin WebAccess Client Format String / Memory Corruption
Posted Sep 2, 2011
Authored by Luigi Auriemma | Site aluigi.org

BroadWin WebAccess Client with bwocxrun.ocx versions 1.0.0.10 and below suffer from format string and memory corruption vulnerabilities. The OcxSpool function is affected by a format string vulnerability caused by the usage of the Msg string provided by the attacker directly with vsprintf() without the required format argument. WriteTextData and CloseFile allow to corrupt arbitrary zones of the memory through a fully controllable stream identifier in fclose() and fwrite().

tags | exploit, arbitrary, vulnerability
systems | linux
MD5 | d938955baaf2638ba8313699f173b625
Ubuntu Security Notice USN-1197-2
Posted Sep 2, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1197-2 - USN-1197-1 fixed a vulnerability in Firefox with regard to the DigiNotar certificate authority. This update provides the corresponding updates for Thunderbird. We are aware that the DigiNotar Root CA Certificate is still shown as trusted in the Thunderbird certificate manager. This is due to Thunderbird using the system version of the Network Security Service libraries (NSS). Thunderbird will actively distrust any certificate signed by this DigiNotar Root CA certificate. This means that users will still get an untrusted certificate warning when accessing a service through Thunderbird that presents a certificate signed by this DigiNotar Root CA certificate. Various other issues were also addressed.

tags | advisory, root
systems | linux, ubuntu
MD5 | c94e19eb17ad3acd4fe7a6b3f05e9ada
Free MP3 CD Ripper 1.1 Local Buffer Overflow
Posted Sep 2, 2011
Authored by KedAns-Dz, X-h4ck | Site metasploit.com

This Metasploit module exploits a stack buffer overflow in version 1.1 of Free MP3 CD Ripper. By creating a specially crafted .wav file, an attacker may be able to execute arbitrary code.

tags | exploit, overflow, arbitrary
MD5 | a3e9acec0f9a9b4986736ffc45c3da58
Cerberus FTP Server 4.0.9.8 Buffer Overflow
Posted Sep 2, 2011
Authored by KedAns-Dz

Cerberus FTP Server version 4.0.9.8 REST remote buffer overflow crash exploit.

tags | exploit, remote, overflow
MD5 | adef840bd24052f25a22733d9020c605
Route Optimized Ad-Hoc On-Demand Distance Vector Routing Protocol
Posted Sep 2, 2011
Authored by Dinesh Shetty

Whitepaper called Optimized Ad-Hoc On-Demand Distance Vector Routing Protocol.

tags | paper, protocol
MD5 | 3d4cb941a64e19c47851917d12270180
TPLINK TD-8810 Cross Site Request Forgery
Posted Sep 2, 2011
Authored by C4SS!0 G0M3S

TPLINK TD-8810 cross site request forgery exploit that performs a reboot of the modem.

tags | exploit, csrf
MD5 | 68cd8397c279e94d4f185443f6005632
Help Request System 1.1a SQL Injection
Posted Sep 2, 2011
Authored by Yuri Goltsev | Site ptsecurity.com

Help Request System versions 1.1a and below suffer from a remote SQL injection vulnerability.

tags | advisory, remote, sql injection
MD5 | 0fcc3e998c0eb857121f3a6099b50cae
ITT Web SQL Injection
Posted Sep 2, 2011
Authored by Ehsan_Hp200

ITT Web suffers from a remote SQL injection vulnerability.

tags | exploit, remote, web, sql injection
MD5 | 6c32537c349fda7e8c25aad6ec3b59d4
ph5gruppo SQL Injection
Posted Sep 2, 2011
Authored by Ehsan_Hp200

ph5gruppo suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 21a99cf562816086d21bf2d3d8c70ada
KnFTPd 1.0.0 Buffer Overflow
Posted Sep 2, 2011
Authored by Qixu Liu

KnFTPd FTP server version 1.0.0 suffers from buffer overflow vulnerabilities. Dozens of FTP commands are affected. Proof of concept exploit included.

tags | exploit, overflow, vulnerability, proof of concept
MD5 | 8067b404ed00ba39c2ea5cb169b2886b
The Hacker News Magazine Issue 04
Posted Sep 2, 2011
Authored by thehackernews | Site thehackernews.com

The Hacker News Magazine issue 04, released September, 2011. This magazine sums up recent news events in the hacker community.

tags | magazine
MD5 | f269ee24793fba027ec9cf33e00ab0a7
DVD X Player 5.5 .plf PlayList Buffer Overflow
Posted Sep 2, 2011
Authored by n00b, sinn3r, sickness | Site metasploit.com

This Metasploit module exploits a stack-based buffer overflow on DVD X Player 5.5 Pro and Standard. By supplying a long string of data in a plf file (playlist), the MediaPlayerCtrl.dll component will attempt to extract a filename out of the string, and then copy it on the stack without any proper bounds checking, which causes a buffer overflow, and results arbitrary code execution under the context of the user. This Metasploit module has been designed to target common Windows systems such as: Windows XP SP2/SP3, Windows Vista, and Windows 7.

tags | exploit, overflow, arbitrary, code execution
systems | windows, xp, vista, 7
advisories | CVE-2007-3068, OSVDB-36956
MD5 | 8d32c2e58191795b07f93bda0d49f7d6
WordPress VideoWhisper Video Presentation 1.1 SQL Injection
Posted Sep 2, 2011
Authored by Miroslav Stampar

WordPress VideoWhisper Video Presentation plugin versions 1.1 and below suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | c798d8cd2df010f9d1e4a5c50e070d24
Secunia Security Advisory 45820
Posted Sep 2, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Luigi Auriemma has discovered multiple vulnerabilities in BroadWin WebAccess Client, which can be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability
MD5 | 5d130babdd77594c0ca83e9a801815c0
Secunia Security Advisory 45732
Posted Sep 2, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Cisco has acknowledged a vulnerability in Cisco Quad, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service
systems | cisco
MD5 | d0fee8f512c03d23dfaf72f70fb3c164
Page 1 of 2
Back12Next

File Archive:

November 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    28 Files
  • 2
    Nov 2nd
    1 Files
  • 3
    Nov 3rd
    1 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    19 Files
  • 6
    Nov 6th
    65 Files
  • 7
    Nov 7th
    22 Files
  • 8
    Nov 8th
    18 Files
  • 9
    Nov 9th
    1 Files
  • 10
    Nov 10th
    1 Files
  • 11
    Nov 11th
    11 Files
  • 12
    Nov 12th
    65 Files
  • 13
    Nov 13th
    27 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    0 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close