exploit the possibilities
Showing 1 - 16 of 16 RSS Feed

Files Date: 2011-10-10

Gentoo Linux Security Advisory 201110-07
Posted Oct 10, 2011
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201110-7 - A denial of service vulnerability was found in vsftpd. Versions less than 2.3.4 are affected.

tags | advisory, denial of service
systems | linux, gentoo
advisories | CVE-2011-0762
MD5 | 071a483efb83f9e32ea25d03a2c9ef77
Gentoo Linux Security Advisory 201110-06
Posted Oct 10, 2011
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201110-6 - Multiple vulnerabilities were found in PHP, the worst of which leading to remote execution of arbitrary code. Versions less than 5.3.8 are affected.

tags | advisory, remote, arbitrary, php, vulnerability
systems | linux, gentoo
advisories | CVE-2006-7243, CVE-2009-5016
MD5 | f1866bbdb8beeb7ee9e276f39c351eb3
Gentoo Linux Security Advisory 201110-05
Posted Oct 10, 2011
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201110-5 - Multiple vulnerabilities were found in GnuTLS, allowing for easier man-in-the-middle attacks. Versions less than 2.10.0 are affected.

tags | advisory, vulnerability
systems | linux, gentoo
advisories | CVE-2009-2730, CVE-2009-3555
MD5 | ade17659213d450db1d12c5321ec7c49
Gentoo Linux Security Advisory 201110-04
Posted Oct 10, 2011
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201110-4 - Multiple vulnerabilities were found in Dovecot, the worst of which allowing for remote execution of arbitrary code. Versions less than 2.0.13 are affected.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2009-3235, CVE-2009-3897
MD5 | 4138cdc6682d20f1462e3e16c705bae0
Gentoo Linux Security Advisory 201110-03
Posted Oct 10, 2011
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201110-3 - Multiple vulnerabilities were found in Bugzilla, the worst of which leading to privilege escalation. Versions less than 3.6.6 are affected.

tags | advisory, vulnerability
systems | linux, gentoo
MD5 | 5847bc1849bb8bac167c50ce8d372a4d
Mandriva Linux Security Advisory 2011-147
Posted Oct 10, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-147 - The gif_read_lzw function in filter/image-gif.c in CUPS 1.4.8 and earlier does not properly handle the first code word in an LZW stream, which allows remote attackers to trigger a heap-based buffer overflow, and possibly execute arbitrary code, via a crafted stream, a different vulnerability than CVE-2011-2896. The updated packages have been patched to correct this issue.

tags | advisory, remote, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2011-3170
MD5 | 25b43b4ad50e47e7c390855de6f8c0bf
Mandriva Linux Security Advisory 2011-146
Posted Oct 10, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-146 - The cupsDoAuthentication function in auth.c in the client in CUPS before 1.4.4, when HAVE_GSSAPI is omitted, does not properly handle a demand for authorization, which allows remote CUPS servers to cause a denial of service via HTTP_UNAUTHORIZED responses. The LZW decompressor in the LWZReadByte function in giftoppm.c in the David Koblas GIF decoder in PBMPLUS, as used in the gif_read_lzw function in filter/image-gif.c in CUPS before 1.4.7, the LZWReadByte function in plug-ins/common/file-gif-load.c in GIMP 2.6.11 and earlier, the LZWReadByte function in img/gifread.c in XPCE in SWI-Prolog 5.10.4 and earlier, and other products, does not properly handle code words that are absent from the decompression table when encountered, which allows remote attackers to trigger an infinite loop or a heap-based buffer overflow, and possibly execute arbitrary code, via a crafted compressed stream, a related issue to and CVE-2011-2895. The gif_read_lzw function in filter/image-gif.c in CUPS 1.4.8 and earlier does not properly handle the first code word in an LZW stream, which allows remote attackers to trigger a heap-based buffer overflow, and possibly execute arbitrary code, via a crafted stream, a different vulnerability than CVE-2011-2896.

tags | advisory, remote, denial of service, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2010-2432, CVE-2011-2896, CVE-2011-3170
MD5 | c3297e2dac2c629c7f9f0bccbf1676d3
Debian Security Advisory 2322-1
Posted Oct 10, 2011
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2322-1 - Several vulnerabilities were discovered in Bugzilla, a web-based bug tracking system.

tags | advisory, web, vulnerability
systems | linux, debian
advisories | CVE-2010-4567, CVE-2010-4568, CVE-2010-4572, CVE-2011-0046, CVE-2011-0048, CVE-2011-2379, CVE-2011-2380, CVE-2011-2381, CVE-2011-2978
MD5 | e5a2013c51f80f9b4f930f089daa7913
Debian Security Advisory 2321-1
Posted Oct 10, 2011
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2321-1 - A cross-site scriping vulnerability was discovered in the rst parser of Moin, a Python clone of WikiWiki.

tags | advisory, python
systems | linux, debian
advisories | CVE-2011-1058
MD5 | 2abb580c55b796c9aaa56f706b288e7f
Mandriva Linux Security Advisory 2011-145
Posted Oct 10, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-145 - Double free vulnerabilities in libxml2 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted XPath expression and via vectors related to XPath handling.

tags | advisory, remote, denial of service, vulnerability
systems | linux, mandriva
advisories | CVE-2011-2821, CVE-2011-2834
MD5 | 52e8b3d4dd3c025b8c292f3ee81b3eed
Mandriva Linux Security Advisory 2011-131-1
Posted Oct 10, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-131 - Multiple vulnerabilities has been discovered and corrected in libxml/libxml2. Integer overflow in xpath.c in libxml2 2.6.x through 2.6.32 and 2.7.x through 2.7.8, and libxml 1.8.16 and earlier, allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via a crafted XML file that triggers a heap-based buffer overflow when adding a new namespace node, related to handling of XPath expressions. The updated packages have been patched to correct this issue. Packages were missing for Mandriva Linux 2011 with the MDVSA-2011:131 advisory which are now being provided.

tags | advisory, denial of service, overflow, arbitrary, vulnerability
systems | linux, mandriva
advisories | CVE-2011-1944
MD5 | bd0fa6cd717823a80e8b8e49c3103800
ScriptFTP 3.3 Remote Buffer Overflow
Posted Oct 10, 2011
Authored by mr_me, TecR0c | Site metasploit.com

AmmSoft's ScriptFTP client is susceptible to a remote buffer overflow vulnerability that is triggered when processing a sufficiently long filename during a FTP LIST command resulting in overwriting the exception handler. Social engineering of executing a specially crafted ftp file by double click will result in connecting to our malicious server and perform arbitrary code execution which allows the attacker to gain the same rights as the user running ScriptFTP.

tags | exploit, remote, overflow, arbitrary, code execution
advisories | CVE-2011-3976, OSVDB-75633
MD5 | e540826b848295b079627e0d679021e3
ACDSee FotoSlate PLP File id Parameter Overflow
Posted Oct 10, 2011
Authored by Parvez Anwar, juan vazquez | Site metasploit.com

This Metasploit module exploits a buffer overflow in ACDSee FotoSlate 4.0 Build 146 via a specially crafted id parameter in a String element. When viewing a malicious PLP file with the ACDSee FotoSlate product, a remote attacker could overflow a buffer and execute arbitrary code. This exploit has been tested on systems such as Windows XP SP3, Windows Vista, and Windows 7.

tags | exploit, remote, overflow, arbitrary
systems | windows, xp, vista, 7
advisories | CVE-2011-2595, OSVDB-75425
MD5 | dc97219886104e2e0f19efe547d104d7
Spreecommerce 0.60.1 Arbitrary Command Execution
Posted Oct 10, 2011
Authored by joernchen | Site metasploit.com

This Metasploit module exploits an arbitrary command execution vulnerability in the Spreecommerce search. Unvalidated input is called via the Ruby send method allowing command execution.

tags | exploit, arbitrary, ruby
advisories | OSVDB-76011
MD5 | c5507048e088c83936d0f914767dec99
Snortreport Remote Command Execution
Posted Oct 10, 2011
Authored by Paul Rascagneres | Site metasploit.com

This Metasploit module exploits an arbitrary command execution vulnerability in nmap.php and nbtscan.php scripts.

tags | exploit, arbitrary, php
MD5 | 7471496d8150414059f36f9834d1887f
myBB 1.6.4 Backdoor Exploit
Posted Oct 10, 2011
Authored by tdz | Site metasploit.com

myBB is a popular open source PHP forum software. Version 1.6.4 contained an unauthorized backdoor, distributed as part of the vendor's source package.

tags | exploit, php
MD5 | c88c958abba17928ff45c363b970e705
Page 1 of 1
Back1Next

File Archive:

September 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    20 Files
  • 2
    Sep 2nd
    15 Files
  • 3
    Sep 3rd
    15 Files
  • 4
    Sep 4th
    4 Files
  • 5
    Sep 5th
    1 Files
  • 6
    Sep 6th
    1 Files
  • 7
    Sep 7th
    15 Files
  • 8
    Sep 8th
    27 Files
  • 9
    Sep 9th
    7 Files
  • 10
    Sep 10th
    16 Files
  • 11
    Sep 11th
    9 Files
  • 12
    Sep 12th
    0 Files
  • 13
    Sep 13th
    0 Files
  • 14
    Sep 14th
    25 Files
  • 15
    Sep 15th
    15 Files
  • 16
    Sep 16th
    15 Files
  • 17
    Sep 17th
    15 Files
  • 18
    Sep 18th
    12 Files
  • 19
    Sep 19th
    1 Files
  • 20
    Sep 20th
    1 Files
  • 21
    Sep 21st
    15 Files
  • 22
    Sep 22nd
    21 Files
  • 23
    Sep 23rd
    8 Files
  • 24
    Sep 24th
    15 Files
  • 25
    Sep 25th
    4 Files
  • 26
    Sep 26th
    1 Files
  • 27
    Sep 27th
    1 Files
  • 28
    Sep 28th
    20 Files
  • 29
    Sep 29th
    15 Files
  • 30
    Sep 30th
    91 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close