exploit the possibilities
Showing 1 - 25 of 39 RSS Feed

Files Date: 2011-10-21

Gentoo Linux Security Advisory 201110-14
Posted Oct 21, 2011
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201110-14 - Multiple vulnerabilities were found in D-Bus, the worst of which allowing for a symlink attack. Versions less than 1.4.12 are affected.

tags | advisory, vulnerability
systems | linux, gentoo
advisories | CVE-2010-4352, CVE-2011-2200, CVE-2011-2533
MD5 | 70da99d491a5f3dc5c3a61c8e3482e49
Oracle Database Spatial SQL Injection
Posted Oct 21, 2011
Authored by Martin Rakhmanov | Site appsecinc.com

Team SHATTER Security Advisory - Oracle Database supports spatial datatypes. A SQL injection vulnerability exists in the handling of spatial indexes. Users with create table and create procedure privileges can elevate their privileges to SYSDBA.

tags | advisory, sql injection
advisories | CVE-2011-3512
MD5 | e08529db7d889b77fa6c6e0e66399cda
Oracle Database Account Management Protection Bypass
Posted Oct 21, 2011
Authored by Esteban Martinez Fayo | Site appsecinc.com

Team SHATTER Security Advisory - Oracle Database Vault provides additional protections from malicious privileged users. The protections include separation of duty for some tasks like user account management. Any user with SYSDBA privilege or DV_ACCTMGR role can bypass these protections and change any user's password (including Oracle Database Vault Owner user password) calling the OCIPasswordChange client API (the 'password' command in SqlPLUS uses this API).

tags | advisory, bypass
advisories | CVE-2011-2322, CVE-2011-3511
MD5 | 0d678abb8951e4e5b33a39a30bb28be7
Open EMR 4.0 SQL Injection
Posted Oct 21, 2011
Authored by Houssam Sahli, Mehdi Boukazoula

Open EMR version 4.0 suffers from multiple remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
MD5 | 5acf537ae942f9b7e88538ef39a71dda
Oracle Database CTXSYS.DRVDISP.TABLEFUNC_ASOWN Buffer Overflow
Posted Oct 21, 2011
Authored by Esteban Martinez Fayo | Site appsecinc.com

Team SHATTER Security Advisory - Oracle Database Server provides the CTXSYS.DRVDISP package that is part of Oracle Text component. This package contains the function TABLEFUNC_ASOWN which is vulnerable to buffer overflow attacks when it is called with a long string in their parameters.

tags | advisory, overflow
advisories | CVE-2011-2301
MD5 | 50ad7e842ac32d4e10e36a4484393ab8
HWK Wireless Auditing Tool 0.3.1
Posted Oct 21, 2011
Authored by atzeton | Site sourceforge.net

hwk is used for wireless audits, fuzzing and stress testing under Linux. It provides various modes as wireless deauthentication and authentication flooding using a monitor mode interface as well as probe response and beacon fuzzing. Furthermore it comes with some basic injection testing and focusing modes.

tags | tool, wireless
systems | linux, unix
MD5 | 5a3baf8d1e46cfca62907ea7210d9eac
Mandriva Linux Security Advisory 2011-158
Posted Oct 21, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-158 - Multiple vulnerabilities have been found and corrected in phpmyadmin. Missing sanitization on the table, column and index names leads to XSS vulnerabilities. When the js_frame parameter of phpmyadmin.css.php is defined as an array, an error message shows the full path of this file, leading to possible further attacks. Other issues were also addressed.

tags | advisory, php, vulnerability
systems | linux, mandriva
advisories | CVE-2011-3181, CVE-2011-3646, CVE-2011-4064
MD5 | 4e4392acf835ce1f9b1c4af558abfd7e
Cyclope Internet Filtering Proxy 4.0 Denial Of Service
Posted Oct 21, 2011
Authored by loneferret

Cyclope Internet Filtering Proxy version 4.0 suffers from a denial of service vulnerability.

tags | exploit, denial of service
MD5 | a89e7949b5dbffc46f231beb1a25dedf
Sports PHool 1.0 Remote File Inclusion
Posted Oct 21, 2011
Authored by cr4wl3r

Sports PHool versions 1.0 and below remote file inclusion exploit.

tags | exploit, remote, code execution, file inclusion
MD5 | e381a3d77f903d1051b6b25a93238ddd
Microsoft Internet Explorer X-UA-COMPATIBLE Use-After-Free
Posted Oct 21, 2011
Authored by Nicolas Joly, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a vulnerability in Microsoft Internet Explorer. The vulnerability is caused by a use-after-free error in the "mshtml.dll" component when processing the "X-UA-COMPATIBLE" keyword of a "META" tag, which could be exploited by remote attackers to compromise a vulnerable system via a specially crafted web page.

tags | advisory, remote, web
MD5 | d0917ede7f3ba13b501c89768c34c464
WordPress ThemeCity Cross Site Scripting
Posted Oct 21, 2011
Authored by Mr.PaPaRoSSe

WordPress ThemeCity suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 2be45cf56cfe8b3ce4d7d819faf6ef00
Mandriva Linux Security Advisory 2011-157
Posted Oct 21, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-157 - FreeType allows remote attackers to execute arbitrary code or cause a denial of service via a crafted font. A regression was found in freetype2 in Mandriva Enterprise Server 5 that caused ugly font rendering with firefox. Additionally, improvements concerning the LZW handling (as noted in the freetype-2.4.7 version) was added. The updated packages have been patched to correct these issues.

tags | advisory, remote, denial of service, arbitrary
systems | linux, mandriva
advisories | CVE-2011-3256
MD5 | c097d846647592c3a428f9f0c2d950bb
inCommand Technologies Cross Site Scripting
Posted Oct 21, 2011
Authored by md.r00t

inCommand Technologies suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 053093abaad6f0bf0448a82132eae6c2
Radius Manager 3.9.0 SQL Injection
Posted Oct 21, 2011
Authored by Mehdi Boukazoula

Radius Manager version 3.9.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | e26efc8853865a854927ccc7d2c09133
Ubuntu Security Notice USN-1232-3
Posted Oct 21, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1232-3 - USN-1232-1 fixed vulnerabilities in the X.Org X server. A regression was found on Ubuntu 10.04 LTS that affected GLX support, and USN-1232-2 was released to temporarily disable the problematic security fix. This update includes a revised fix for CVE-2010-4818.

tags | advisory, vulnerability
systems | linux, ubuntu
advisories | CVE-2010-4818
MD5 | 1eaf72ffb8a8ba052f2bd96cff622d62
Oracle AutoVue 20.0.1 AutoVueX SaveViewStateToFile File Creation
Posted Oct 21, 2011
Authored by rgod | Site retrogod.altervista.org

Oracle AutoVue version 20.0.1 suffers from an AutoVueX Active-X Control SaveViewStateToFile remote file creation / overwrite vulnerability. Proof of concept code included.

tags | exploit, remote, activex, proof of concept
systems | linux
MD5 | f7e6c66133c2889b79bf0b92036a69e2
Oracle AutoVue 20.0.1 AutoVueX Export3DBom Code Execution
Posted Oct 21, 2011
Authored by rgod | Site retrogod.altervista.org

Oracle AutoVue version 20.0.1 suffers from an AutoVueX Active-X Control Export3DBom remote code execution vulnerability. Proof of concept code included.

tags | exploit, remote, code execution, activex, proof of concept
systems | linux
MD5 | a476abce69a258c9812ab1161a7621fb
Oracle AutoVue 20.0.1 AutoVueX ExportEdaBom Code Execution
Posted Oct 21, 2011
Authored by rgod | Site retrogod.altervista.org

Oracle AutoVue version 20.0.1 suffers from an AutoVueX Active-X Control ExportEdaBom remote code execution vulnerability. Proof of concept code included.

tags | exploit, remote, code execution, activex, proof of concept
systems | linux
MD5 | 6834ead3ed2a6b18b030e590d1c2d407
Secunia Security Advisory 46476
Posted Oct 21, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fedora has issued an update for ldns. This fixes a vulnerability, which can be exploited by malicious users to compromise an application using the library.

tags | advisory
systems | linux, fedora
MD5 | b5362a6e950fae0253335c9c3736de95
Secunia Security Advisory 46511
Posted Oct 21, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Sun Ray Server Software, which can be exploited by malicious people to disclose potentially sensitive information, manipulate certain data, and cause a DoS (Denial of Service).

tags | advisory, denial of service
MD5 | b534860d988234adacac62ecdf308b53
Secunia Security Advisory 46494
Posted Oct 21, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in Kerberos, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service, vulnerability
MD5 | 89b7767211422cba1fa7f8c15794bfe6
Secunia Security Advisory 46475
Posted Oct 21, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fedora has issued an update for quagga. This fixes multiple vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, denial of service, vulnerability
systems | linux, fedora
MD5 | 123e29f050f61c234cb26f80994e082b
Secunia Security Advisory 46479
Posted Oct 21, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - SUSE has issued an update for gimp. This fixes a vulnerability, which can be exploited by malicious people to potentially compromise a user's system.

tags | advisory
systems | linux, suse
MD5 | aded259b6fe82934c0d94f483a14dd22
Secunia Security Advisory 46472
Posted Oct 21, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Gentoo has issued an update for tor. This fixes a weakness and multiple vulnerabilities, which can be exploited by malicious, local users to disclose potentially sensitive information and by malicious people to cause a DoS (Denial of Service) and potentially compromise a user's system.

tags | advisory, denial of service, local, vulnerability
systems | linux, gentoo
MD5 | 66e5e35a50ead8ac3f1f293712e95048
Secunia Security Advisory 46465
Posted Oct 21, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue and a vulnerability have been reported in Cisco Show and Share, which can be exploited by malicious users to compromise a vulnerable system and by malicious people to bypass certain security restrictions.

tags | advisory
systems | cisco
MD5 | 2d24abb709a1c5d2f02ad3d3fb638fe0
Page 1 of 2
Back12Next

File Archive:

April 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    60 Files
  • 2
    Apr 2nd
    20 Files
  • 3
    Apr 3rd
    15 Files
  • 4
    Apr 4th
    5 Files
  • 5
    Apr 5th
    5 Files
  • 6
    Apr 6th
    27 Files
  • 7
    Apr 7th
    31 Files
  • 8
    Apr 8th
    18 Files
  • 9
    Apr 9th
    0 Files
  • 10
    Apr 10th
    0 Files
  • 11
    Apr 11th
    0 Files
  • 12
    Apr 12th
    0 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    0 Files
  • 16
    Apr 16th
    0 Files
  • 17
    Apr 17th
    0 Files
  • 18
    Apr 18th
    0 Files
  • 19
    Apr 19th
    0 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close