exploit the possibilities
Showing 1 - 25 of 31 RSS Feed

Files Date: 2011-09-21

Ubuntu Security Notice USN-1212-1
Posted Sep 21, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1212-1 - Goldwyn Rodrigues discovered that the OCFS2 filesystem did not correctly clear memory when writing certain file holes. A local attacker could exploit this to read uninitialized data from the disk, leading to a loss of privacy. Timo Warns discovered that the LDM disk partition handling code did not correctly handle certain values. By inserting a specially crafted disk device, a local attacker could exploit this to gain root privileges. Various other issues were also addressed.

tags | advisory, local, root
systems | linux, ubuntu
advisories | CVE-2011-0463, CVE-2011-1017, CVE-2011-1020, CVE-2011-1078, CVE-2011-1079, CVE-2011-1080, CVE-2011-1160, CVE-2011-1170, CVE-2011-1171, CVE-2011-1172, CVE-2011-1173, CVE-2011-1180, CVE-2011-1182, CVE-2011-1493, CVE-2011-1494, CVE-2011-1495, CVE-2011-1577, CVE-2011-1581, CVE-2011-1593, CVE-2011-1598, CVE-2011-1745, CVE-2011-1746, CVE-2011-1748, CVE-2011-1770, CVE-2011-1771, CVE-2011-1833, CVE-2011-2022, CVE-2011-2484
MD5 | bb1d77163194f3843168c4d7dba75680
Ubuntu Security Notice USN-1211-1
Posted Sep 21, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1211-1 - It was discovered that the /proc filesystem did not correctly handle permission changes when programs executed. A local attacker could hold open files to examine details about programs running with higher privileges, potentially increasing the chances of exploiting additional vulnerabilities. Dan Rosenberg discovered that the X.25 Rose network stack did not correctly handle certain fields. If a system was running with Rose enabled, a remote attacker could send specially crafted traffic to gain root privileges. Various other issues were also addressed.

tags | advisory, remote, local, root, vulnerability
systems | linux, ubuntu
advisories | CVE-2011-1020, CVE-2011-1493, CVE-2011-1833, CVE-2011-2492, CVE-2011-2689, CVE-2011-2699, CVE-2011-2918
MD5 | 1f78357cda554fe06c3cdf7c4670479a
Trusteer Rapport Key Decryptor / Keylogger
Posted Sep 21, 2011
Authored by mu-b | Site digit-labs.org

Trusteer Rapport key decryptor / keylogger exploit that uses Trusteer's own functionality to 'decrypt' keys directly.

tags | exploit
MD5 | 1980972b0cf6bbceaeffb67e2559a2f7
Trusteer Rapport Key Encryption Switch Off
Posted Sep 21, 2011
Authored by mu-b | Site digit-labs.org

Trusteer Rapport key encryption switch off exploit that switches off anti-keylogger protections on OS X allowing your already existing keylogger to function correctly once again.

tags | exploit
systems | apple, osx
MD5 | 8c27a12061333fd9b92e49828842ae3c
Hack.lu 2011 IPv6 Security Presentation
Posted Sep 21, 2011
Authored by Fernando Gont

These are the slides for the IPv6 security talk given at Hack.lu 2011.

tags | paper
MD5 | 7ef53f72a2b8d5ecd427cde5cc10ef84
Clickjacking For Shells
Posted Sep 21, 2011
Authored by Andrew Horton | Site security-assessment.com

Whitepaper called Clickjacking for Shells. Two years after the world was warned about clickjacking, popular web apps are still vulnerable and no web app exploits have been published. With many security pros considering clickjacking to have mere nuisance value on social networks, the attack is grossly underestimated. In this presentation, the author demonstrates step by step how to identify vulnerable applications, how to write exploits that attack web apps and also how to protect against clickjacking.

tags | paper, web, shell
MD5 | 92e4924002079bb3c456c65201f796ab
TunerLabs SQL Injection
Posted Sep 21, 2011
Authored by nGa Sa Lu

TunerLabs suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 044c83187a90aca0823c07408bfe189e
Dolphin Browser HD Cross Application Scripting
Posted Sep 21, 2011
Authored by Yair Amit, Roee Hay

Dolphin Browser HD versions prior to 6.1.0 suffer from a cross applications scripting vulnerability.

tags | exploit
advisories | CVE-2011-2357
MD5 | 826ca615f66eec0b96c8a93b6448b8a9
Secunia Security Advisory 46100
Posted Sep 21, 2011
Site secunia.com

Secunia Security Advisory -

Secunia Security Advisory 46100
Posted Sep 21, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in the Rent-A-Car plugin for WordPress, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
MD5 | ebb941f6fa6b09202263241ca72aab93
Secunia Security Advisory 46108
Posted Sep 21, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in the LISL Last-Image Slider plugin for WordPress, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
MD5 | a23ca170f1183498e1bff1795a7edb66
Secunia Security Advisory 46036
Posted Sep 21, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in the Auto Attachments plugin for WordPress, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
MD5 | 817cc975d3a93fbf6c881797fbc557cc
Secunia Security Advisory 46088
Posted Sep 21, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in the Category List Portfolio Page plugin for WordPress, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory
MD5 | d290476d9e0ef7e153dd2afea8820253
TOR Virtual Network Tunneling Tool 0.2.2.33
Posted Sep 21, 2011
Authored by Roger Dingledine | Site tor.eff.org

Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).

Changes: This release fixes several bugs and includes a slight tweak to Tor's TLS handshake which makes relays and bridges which run this new version reachable from Iran again.
tags | tool, remote, local, peer2peer
systems | unix
MD5 | ea99aba49694bb982d2fccc57a70d58e
Bypassing Microsoft Internet Explorer's XSS Filter
Posted Sep 21, 2011
Authored by Michael Brooks

This is a whitepaper is called Bypassing Microsoft's Internet Explorer Cross Site Scripting Filter.

tags | paper, xss, bypass
MD5 | 4ef3b953655d52de6b79fb0909d0a574
EViews 7.0.0.1 Memory Corruption / Heap Overflow
Posted Sep 21, 2011
Authored by Luigi Auriemma | Site aluigi.org

EViews versions 7.0.0.1 and below suffer from memory corruption and heap overflow vulnerabilities.

tags | exploit, overflow, vulnerability
systems | linux
MD5 | 4cd2b320008248fffa5a1d069dc5c546
MetaServer RT 3.2.1.450 Heap Overflow / Denial Of Service
Posted Sep 21, 2011
Authored by Luigi Auriemma | Site aluigi.org

MetaServer RT versions 3.2.1.450 and below suffer from heap overflow and denial of service vulnerabilities.

tags | exploit, denial of service, overflow, vulnerability
MD5 | 176f22aa3c0c5c00117f93338be66ccb
Secunia Security Advisory 46095
Posted Sep 21, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in JasperReports Server, which can be exploited by malicious people to conduct cross-site request forgery attacks.

tags | advisory, csrf
MD5 | 1008560f57f6f3d16bcc42f24fa54f1c
SharePoint 2007 / 2010 And DotNetNuke File Disclosure
Posted Sep 21, 2011
Authored by Nicolas Gregoire

SharePoint 2007 / 2010 and DotNetNuke versions prior to 6 suffer from a file disclosure vulnerability.

tags | exploit, info disclosure
advisories | CVE-2011-1892
MD5 | 6a326646b36ed624b8f7d616a21f8a63
AVCon Buffer Overflow With DEP Bypass
Posted Sep 21, 2011
Authored by Blake

AVCon H323 DEP bypass SEH overwrite exploits that generates malicious input.

tags | exploit, bypass
MD5 | 63512154b1a38422fb3ebea1705c16c3
ScriptFTP 3.3 Buffer Overflow
Posted Sep 21, 2011
Authored by modpr0be

ScriptFTP versions 3.3 and below suffer from a buffer overflow vulnerability.

tags | exploit, overflow
MD5 | acb73347ac255641916b16c44e31b839
Cisco Security Advisory 20110920-ise
Posted Sep 21, 2011
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Cisco Identity Services Engine (ISE) contains a set of default credentials for its underlying database. A remote attacker could use those credentials to modify the device configuration and settings or gain complete administrative control of the device. Cisco will release free software updates that address this vulnerability on September 30th, 2011. There is no workaround for this vulnerability.

tags | advisory, remote
systems | cisco
advisories | CVE-2011-3290
MD5 | f78d5c79e6c8e9f67c6a030e80521ee7
Red Hat Security Advisory 2011-1321-01
Posted Sep 21, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-1321-01 - The kernel packages contain the Linux kernel. A flaw in skb_gro_header_slow() in the Linux kernel could lead to GRO fields being left in an inconsistent state. An attacker on the local network could use this flaw to trigger a denial of service.

tags | advisory, denial of service, kernel, local
systems | linux, redhat
advisories | CVE-2011-2723
MD5 | bd7dc69e9df6d005d74147502fb473e1
i-Gallery 4.1 Source Code Disclosure
Posted Sep 21, 2011
Authored by kurdish hackers team | Site kurdteam.org

i-Gallery version 4.1 suffers from a remote source code disclosure vulnerability.

tags | exploit, remote, info disclosure
MD5 | e379175a4b344d3907bec37cba21644e
i-Gallery 3.4 Source Code Disclosure
Posted Sep 21, 2011
Authored by kurdish hackers team | Site kurdteam.org

i-Gallery version 3.4 suffers from a remote source code disclosure vulnerability.

tags | exploit, remote, info disclosure
MD5 | e6aa09eab68bdffbd94d5b3a7478bbe3
Page 1 of 2
Back12Next

File Archive:

March 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    19 Files
  • 2
    Mar 2nd
    15 Files
  • 3
    Mar 3rd
    30 Files
  • 4
    Mar 4th
    13 Files
  • 5
    Mar 5th
    9 Files
  • 6
    Mar 6th
    0 Files
  • 7
    Mar 7th
    0 Files
  • 8
    Mar 8th
    0 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    0 Files
  • 12
    Mar 12th
    0 Files
  • 13
    Mar 13th
    0 Files
  • 14
    Mar 14th
    0 Files
  • 15
    Mar 15th
    0 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    0 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close