what you don't know can hurt you
Showing 1 - 25 of 53 RSS Feed

Files Date: 2011-11-02

Microsoft Excel 2007 SP2 Buffer Overwrite
Posted Nov 2, 2011
Authored by Abysssec | Site abysssec.com

A remote code execution vulnerability exists in the way that Microsoft Excel 2007 SP2 handles specially crafted Excel files. An attacker who successfully exploited this vulnerability could take complete control of an affected system. This is the same vulnerability that is referenced in MS11-021. Proof of concept exploit code included.

tags | exploit, remote, code execution, proof of concept
systems | linux
MD5 | cc208cfc08dd7208a5b7d9ac3134291a
Cisco Security Advisory 20111102-srp500
Posted Nov 2, 2011
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Cisco Small Business SRP500 Series Services Ready Platforms contain an operating system command injection vulnerability. The vulnerability can be exploited via a remote session to the Services Ready Platform Configuration Utility web interface. Cisco has released free software updates that address this vulnerability. Workarounds that mitigate this vulnerability are available.

tags | advisory, remote, web
systems | cisco
advisories | CVE-2011-4005
MD5 | 9216068afce3daba674c299f5e522c38
SetSeed CMS 5.8.20 SQL Injection
Posted Nov 2, 2011
Authored by LiquidWorm | Site zeroscience.mk

SetSeed CMS version 5.8.20 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements to the vulnerable script using the cookie input 'loggedInUser', which could allow the attacker to view, add, modify or delete information in the back-end database.

tags | exploit, remote, sql injection
MD5 | 8c96c57ab1674a5a7830221715da9383
Solaris 11 USB Hub Class Descriptor Kernel Stack Overflow
Posted Nov 2, 2011
Authored by Andy Davis | Site ngssecure.com

It was discovered that a local attacker can send a malformed USB hub class descriptor via a malicious USB device and trigger a kernel stack overflow in Solaris versions 8, 9, 10, and 11 Express.

tags | advisory, overflow, kernel, local
systems | solaris
MD5 | 2dfd7fe080a5502e934ad75a3a6b7405
Google Maps Open Redirect
Posted Nov 2, 2011
Authored by Sony

Google Maps suffers from an open redirect vulnerability.

tags | exploit
MD5 | 750ebb67f5f8c2e172f09ab509a1bb62
NATO Research And Technology Org Local File Inclusion
Posted Nov 2, 2011
Authored by Benjamin Kunz Mejri | Site vulnerability-lab.com

The NATO Research and Technology Organisation (RTO) service (Organisation pour la Recherche et la Technologie OTAN in French) suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
MD5 | 170bc0150031a568f11179954ce27c52
Citibank CitiDirect Online Banking Forced Use Of Vulnerable JRE
Posted Nov 2, 2011
Authored by Tomasz Tometzky Ostrowski

Citibank CitiDirect Online Banking software is forcing the use of a vulnerable version of the Java Runtime Environment, again.

tags | advisory, java
MD5 | 60dd3c56bdcdf8772bf869acb49f7db4
Multi Threaded TCP Port Scanner 3.0
Posted Nov 2, 2011
Authored by SecPoint | Site secpoint.com

This is a basic TCP SYN scanner that is multi-threaded.

Changes: Added host name resolution, various options, and more. Various improvements and bug fixes.
tags | tool, scanner, tcp
systems | unix
MD5 | 8629d18cbdc42ffeb55ba9dad3c20616
Efront 3.6.10 Build 11944 Cross Site Scripting / SQL Injection
Posted Nov 2, 2011
Authored by High-Tech Bridge SA | Site htbridge.com

Efront version 3.6.10 build 11944 suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
MD5 | 5a838fadf26dffbb275c507e559777df
Mandriva Linux Security Advisory 2011-164
Posted Nov 2, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-164 - This advisory updates wireshark to the latest version (1.6.3), fixing several security issues. An uninitialized variable in the CSN.1 dissector could cause a crash. Huzaifa Sidhpurwala of Red Hat Security Response Team discovered that the Infiniband dissector could dereference a NULL pointer. Huzaifa Sidhpurwala of Red Hat Security Response Team discovered a buffer overflow in the ERF file reader. The updated packages have been upgraded to the latest 1.6.x version which is not vulnerable to these issues.

tags | advisory, overflow
systems | linux, redhat, mandriva
advisories | CVE-2011-4100, CVE-2011-4101, CVE-2011-4102
MD5 | 9d2142fc8ed94be58ccee6dc092417b4
Mandriva Linux Security Advisory 2011-163
Posted Nov 2, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-163 - Multiple vulnerabilities was discovered and corrected in phpldapadmin. Input appended to the URL in cmd.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in the context of an affected site. Input passed to the orderby parameter in cmd.php is not properly sanitised in lib/functions.php before being used in a create_function() function call. This can be exploited to inject and execute arbitrary PHP code. The updated packages have been upgraded to the latest version which is not vulnerable to these issues.

tags | advisory, arbitrary, php, vulnerability
systems | linux, mandriva
advisories | CVE-2011-4074, CVE-2011-4075
MD5 | 0a4c41d5a98d7745e9df7d7e3fadf1ed
Apache ap_pregsub Integer Overflow
Posted Nov 2, 2011
Authored by halfdog

An exploitable integer overflow in Apache allows a remote attacker to crash the process or perform execution of arbitrary code as the user running Apache. To exploit the vulnerability, a crafted .htaccess file has to be placed on the server.

tags | advisory, remote, overflow, arbitrary
advisories | CVE-2011-3607
MD5 | f9466031332b63edd0d3f81bf7a3ff6f
phpMyAdmin Arbitrary File Read
Posted Nov 2, 2011
Authored by WooYun | Site wooyun.org

phpMyAdmin suffers from a remote arbitrary file reading vulnerability when using a simplexml_load_string function meant to read xml from user input.

tags | exploit, remote, arbitrary
MD5 | bc9944268f6ef1807f561da30c18dc53
BestShopPro SQL Injection / Cross Site Scripting
Posted Nov 2, 2011
Authored by CoBRa_21

BestShopPro suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
MD5 | 887a5a9c420cca5850b44175bfa77de8
Calibre E-Book Reader Local Root
Posted Nov 2, 2011
Authored by zx2c4

Calibre E-Book Reader local root exploit that leverages PATH manipulation and a suid mount helper.

tags | exploit, local, root
MD5 | 5856dee869f4b3b8329ee45b64343177
Secunia Security Advisory 46146
Posted Nov 2, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Luigi Auriemma has discovered two vulnerabilities in Sunway ForceControl and Sunway pNetPower, which can be exploited by malicious people to disclose system information and compromise a user's system.

tags | advisory, vulnerability
MD5 | 60f7db6d44784cfb2371a571e6639a32
Secunia Security Advisory 46058
Posted Nov 2, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue has been reported in Dolphin Browser HD for Android, which can be exploited by malicious people to bypass certain security features.

tags | advisory
MD5 | e6940daf4ec7e7283ea020a4c41ad640
Secunia Security Advisory 46107
Posted Nov 2, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue has been reported in PHP, which potentially can be exploited by malicious people to compromise a vulnerable system.

tags | advisory, php
MD5 | e5ca96f63a4666bebc92931a26a9dd24
Secunia Security Advisory 46182
Posted Nov 2, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fedora has issued an update for openldap. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions and cause a DoS (Denial of Service).

tags | advisory, denial of service, vulnerability
systems | linux, fedora
MD5 | 40fded195148a1ef117106605b5e754c
Secunia Security Advisory 46131
Posted Nov 2, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been discovered in JAKCMS, which can be exploited by malicious users to bypass certain security restrictions and compromise a vulnerable system.

tags | advisory, vulnerability
MD5 | 26f514f8daf3d8e75561e872504a7fb1
Secunia Security Advisory 46683
Posted Nov 2, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in HP OpenView Network Node Manager, which can be exploited by malicious people to compromise a vulnerable system.

tags | advisory, vulnerability
MD5 | b5bd669f36e42f4df97ffb5b4c31cb9b
Secunia Security Advisory 46644
Posted Nov 2, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in Wireshark, which can be exploited by malicious people to cause a DoS (Denial of Service) and compromise a vulnerable system.

tags | advisory, denial of service, vulnerability
MD5 | 82f64ccf47adbc725732189d00890760
Secunia Security Advisory 46676
Posted Nov 2, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Attachmate has acknowledged a vulnerability in Attachmate Reflection for the Web, which can be exploited by malicious people to cause a DoS (Denial of Service).

tags | advisory, web, denial of service
MD5 | 829142e91679e8ff61e412bf5d8da3d5
Secunia Security Advisory 46682
Posted Nov 2, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Oracle has acknowledged multiple vulnerabilities in Adobe Flash Player included in Solaris, which can be exploited by malicious people to conduct cross-site scripting attacks, disclose potentially sensitive information, and compromise a user's system.

tags | advisory, vulnerability, xss
systems | solaris
MD5 | a810bcf93547629fae73ae23427036a1
Secunia Security Advisory 46686
Posted Nov 2, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in VP-ASP, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, sql injection, asp
MD5 | 136cda02af0bcb0e0d8959fb90aaecb6
Page 1 of 3
Back123Next

File Archive:

June 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    1 Files
  • 2
    Jun 2nd
    2 Files
  • 3
    Jun 3rd
    19 Files
  • 4
    Jun 4th
    21 Files
  • 5
    Jun 5th
    15 Files
  • 6
    Jun 6th
    12 Files
  • 7
    Jun 7th
    11 Files
  • 8
    Jun 8th
    1 Files
  • 9
    Jun 9th
    1 Files
  • 10
    Jun 10th
    15 Files
  • 11
    Jun 11th
    15 Files
  • 12
    Jun 12th
    15 Files
  • 13
    Jun 13th
    8 Files
  • 14
    Jun 14th
    16 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    0 Files
  • 18
    Jun 18th
    0 Files
  • 19
    Jun 19th
    0 Files
  • 20
    Jun 20th
    0 Files
  • 21
    Jun 21st
    0 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close