what you don't know can hurt you
Showing 1 - 18 of 18 RSS Feed

Files Date: 2011-09-16

iBrowser Plugin 1.4.1 Local File Inclusion
Posted Sep 16, 2011
Authored by LiquidWorm | Site zeroscience.mk

iBrowser plugin version 1.4.1 suffers from a local file inclusion vulnerability / file disclosure vulnerability when input passed thru the 'lang' parameter to ibrowser.php, loadmsg.php, rfiles.php and symbols.php is not properly verified before being used to include files. This can be exploited to include files from local resources with directory traversal attacks and URL encoded NULL bytes.

tags | exploit, local, php, file inclusion
SHA-256 | a153b7a4a47ff146d91e0d79e554e424553ad4ca1efa41e15eaa049ec8a0b46d
Hacking Wifi Networks On Windows
Posted Sep 16, 2011
Authored by Kevin John

This is an e-book called Hacking Wifi Networks On Windows. It primarily focuses on cracking WEP.

tags | paper
systems | windows
SHA-256 | 27337d4f71becb39e2b9e4355352494736f4a9f97170b086769dab940dd0e2f9
ZeroNights 2011 Call For Papers
Posted Sep 16, 2011
Authored by ZeroNights CFP | Site zeronights.org

The ZeroNights 2011 Call For Papers has been announced. It will be held in Saint-Petersburg, Russia on the 25th of November.

tags | paper, conference
SHA-256 | 54f7a0de97801f1e51a857091337fddb53bae6cb6928955482679fdf7afcd177
SAP Crystal Report Server Cross Site Scripting
Posted Sep 16, 2011
Authored by Dmitry Chastuhin

SAP Crystal Report Server 2008 suffers from a cross site scripting vulnerability.

tags | advisory, xss
SHA-256 | 5d317ae48eb94648a5577e2a7ecbcc8a552c5f1dd2741d04fd386f0cc7d2d72f
SAP NetWeaver Information Disclosure
Posted Sep 16, 2011
Authored by Dmitriy Chastuchin

SAP NetWeaver suffers from an ipcpricing information disclosure vulnerability.

tags | advisory, info disclosure
SHA-256 | f625ce738f7a43d442cf465887a9c7c56ad9a8aaa71fb6e7ea81ef2d91773df2
Card Sharj SQL Injection
Posted Sep 16, 2011
Authored by Net.Edit0r

Card Sharj suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
SHA-256 | 00174e0df37ba26c5e7d8098d60774ad35617d9cb21acffa02a1b7e1e94afc46
Adobe Reader X Sandbox Bypass
Posted Sep 16, 2011
Authored by Zhenhua Liu | Site fortinet.com

Adobe Reader X suffers from a sandbox bypass vulnerability.

tags | advisory, bypass
SHA-256 | 9da44ca25607b6788dfb6efbe18fce72d3cb353aca2ee8eba8a621e745be983d
My MP3 Player 3.0 DEP Bypass
Posted Sep 16, 2011
Authored by Blake

My MP3 Player version 3.0 buffer overflow exploit with DEP bypass.

tags | exploit, overflow, bypass
SHA-256 | b54cbd0865162eb25b5c22342efed86f3a18573bfb45a369f7c7720750c06179
Mini-Stream Ripper 2.9.7 DEP Bypass
Posted Sep 16, 2011
Authored by Blake

Mini-Stream Ripper version 2.9.7 buffer overflow exploit with DEP bypass.

tags | exploit, overflow, bypass
SHA-256 | adab7efd625de89ea37ad48d9dc534b72cc56c9f5bf0af4fbf105a62532378b7
Red Hat Security Advisory 2011-1313-01
Posted Sep 16, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-1313-01 - JBoss Web Services Native is a web service framework included as part of JBoss Enterprise BRMS Platform. It implements the JAX-WS specification. It was found that JBoss Web Services Native did not properly protect against recursive entity resolution when processing Document Type Definitions. A remote attacker could exploit this flaw by sending a specially-crafted HTTP POST request to a deployed web service, causing excessive CPU and memory consumption on the system hosting that service. If the attack is repeated to consume all available network sockets, the server will become unavailable.

tags | advisory, remote, web
systems | linux, redhat
advisories | CVE-2011-1483
SHA-256 | bcce8533979c638668151132f981467813cec5cba502f114c265c6c93313102f
Red Hat Security Advisory 2011-1312-01
Posted Sep 16, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-1312-01 - JBoss Web Services Native is a web service framework included as part of JBoss Enterprise Application Platform. It implements the JAX-WS specification. It was found that JBoss Web Services Native did not properly protect against recursive entity resolution when processing Document Type Definitions. A remote attacker could exploit this flaw by sending a specially-crafted HTTP POST request to a deployed web service, causing excessive CPU and memory consumption on the system hosting that service. If the attack is repeated to consume all available network sockets, the server will become unavailable.

tags | advisory, remote, web
systems | linux, redhat
advisories | CVE-2011-1483
SHA-256 | f674c959b4fadafa704f6a8f6a5d9ce06d0eff03b9fde2aa39d8272bf997d3e0
Red Hat Security Advisory 2011-1311-01
Posted Sep 16, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-1311-01 - JBoss Web Services Native is a web service framework included as part of JBoss Enterprise Portal Platform. It implements the JAX-WS specification. It was found that JBoss Web Services Native did not properly protect against recursive entity resolution when processing Document Type Definitions. A remote attacker could exploit this flaw by sending a specially-crafted HTTP POST request to a deployed web service, causing excessive CPU and memory consumption on the system hosting that service. If the attack is repeated to consume all available network sockets, the server will become unavailable.

tags | advisory, remote, web
systems | linux, redhat
advisories | CVE-2011-1483
SHA-256 | 3a011bc6de5554c758d0b9fa6c9334f214bc04d0eea99bd443d11a05a1ad832e
Red Hat Security Advisory 2011-1310-01
Posted Sep 16, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-1310-01 - JBoss Web Services Native is a web service framework included as part of JBoss Enterprise Application Platform. It implements the JAX-WS specification. It was found that JBoss Web Services Native did not properly protect against recursive entity resolution when processing Document Type Definitions. A remote attacker could exploit this flaw by sending a specially-crafted HTTP POST request to a deployed web service, causing excessive CPU and memory consumption on the system hosting that service. If the attack is repeated to consume all available network sockets, the server will become unavailable.

tags | advisory, remote, web
systems | linux, redhat
advisories | CVE-2011-1483
SHA-256 | a31bba9cc3ae91ff188a9cc9203f8da900de211d6981af12ab071393fae6af1a
Red Hat Security Advisory 2011-1309-01
Posted Sep 16, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-1309-01 - JBoss Enterprise Application Platform is the market-leading platform for innovative and scalable Java applications. JBoss Enterprise Application Platform integrates the JBoss Application Server with JBoss Hibernate and JBoss Seam into a complete and simple enterprise solution. JBoss Web Services Native is a web service framework included as part of JBoss Enterprise Application Platform. It implements the JAX-WS specification. It was found that JBoss Web Services Native did not properly protect against recursive entity resolution when processing Document Type Definitions. A remote attacker could exploit this flaw by sending a specially-crafted HTTP POST request to a deployed web service, causing excessive CPU and memory consumption on the system hosting that service. If the attack is repeated to consume all available network sockets, the server will become unavailable.

tags | advisory, java, remote, web
systems | linux, redhat
advisories | CVE-2011-1483
SHA-256 | 4405b67f4aeda82db06f3d697104eafbd0885396c23ef06fdd16cc7853e83719
Red Hat Security Advisory 2011-1308-01
Posted Sep 16, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-1308-01 - JBoss Web Services Native is a web service framework included as part of JBoss Communications Platform. It implements the JAX-WS specification. It was found that JBoss Web Services Native did not properly protect against recursive entity resolution when processing Document Type Definitions. A remote attacker could exploit this flaw by sending a specially-crafted HTTP POST request to a deployed web service, causing excessive CPU and memory consumption on the system hosting that service. If the attack is repeated to consume all available network sockets, the server will become unavailable.

tags | advisory, remote, web
systems | linux, redhat
advisories | CVE-2011-1483
SHA-256 | ea964738f1be59a4557cc2b56dc3bbbea521cae78a84bed00c60d2b4417d6898
Red Hat Security Advisory 2011-1307-01
Posted Sep 16, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-1307-01 - JBoss Web Services Native is a web service framework included as part of JBoss Enterprise Portal Platform. It implements the JAX-WS specification. It was found that JBoss Web Services Native did not properly protect against recursive entity resolution when processing Document Type Definitions. A remote attacker could exploit this flaw by sending a specially-crafted HTTP POST request to a deployed web service, causing excessive CPU and memory consumption on the system hosting that service. If the attack is repeated to consume all available network sockets, the server will become unavailable.

tags | advisory, remote, web
systems | linux, redhat
advisories | CVE-2011-1483
SHA-256 | cbd71fe2dde78be667b43b0a399f1b66f17d766d8629c56c48326376cb041dad
Red Hat Security Advisory 2011-1306-01
Posted Sep 16, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-1306-01 - The jbossws-common package provides JBoss Web Services Native, a web service framework included as part of JBoss Enterprise Application Platform. It implements the JAX-WS specification. It was found that JBoss Web Services Native did not properly protect against recursive entity resolution when processing Document Type Definitions. A remote attacker could exploit this flaw by sending a specially-crafted HTTP POST request to a deployed web service, causing excessive CPU and memory consumption on the system hosting that service. If the attack is repeated to consume all available network sockets, the server will become unavailable.

tags | advisory, remote, web
systems | linux, redhat
advisories | CVE-2011-1483
SHA-256 | 53a2c62ad66a1a6a43bdc577ce1ca6419fe718721d2bb3a0111dfe72aebc2b2e
Red Hat Security Advisory 2011-1305-01
Posted Sep 16, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-1305-01 - JBoss Web Services Native is a web service framework included as part of JBoss Enterprise SOA Platform. It implements the JAX-WS specification. It was found that JBoss Web Services Native did not properly protect against recursive entity resolution when processing Document Type Definitions. A remote attacker could exploit this flaw by sending a specially-crafted HTTP POST request to a deployed web service, causing excessive CPU and memory consumption on the system hosting that service. If the attack is repeated to consume all available network sockets, the server will become unavailable.

tags | advisory, remote, web
systems | linux, redhat
advisories | CVE-2011-1483
SHA-256 | 8841a70ed396dd48e91337e711c2c99e21af87c85ce24c3935c6d6a4c1eef571
Page 1 of 1
Back1Next

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    26 Files
  • 18
    May 18th
    4 Files
  • 19
    May 19th
    17 Files
  • 20
    May 20th
    2 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    6 Files
  • 24
    May 24th
    19 Files
  • 25
    May 25th
    5 Files
  • 26
    May 26th
    12 Files
  • 27
    May 27th
    12 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close